urlscan.io logo urlscan.io
SecurityTrails logo

winratesakti.pro Open in urlscan Pro
162.0.229.232  Public Scan

Go To Rescan Add Verdict Report
URL: https://winratesakti.pro/
Submission: On April 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 162.0.229.232, located in United States and belongs to NAMECHEAP-NET, US. The main domain is winratesakti.pro.
TLS certificate: Issued by winratesakti.pro on December 2nd 2023. Valid for: a year.
This is the only time winratesakti.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.0.229.232 22612 (NAMECHEAP...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
1 104.19.129.105 13335 (CLOUDFLAR...)
1 3 169.197.85.95 26548 (PUREVOLTA...)
20 8
1    162.0.229.232 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium125-3.web-hosting.com
winratesakti.pro
6    2606:4700:10::6816:4951 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn01.jotfor.ms
cdn.jotfor.ms
3    2606:4700:10::6816:4851 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn02.jotfor.ms
6    2606:4700:10::ac43:76b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn03.jotfor.ms
1    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:21dd:ec00:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)
ik.imagekit.io
1    104.19.129.105 (None, )

ASN13335 (CLOUDFLARENET, US)
events.jotform.com
3    169.197.85.95 (United States)

ASN26548 (PUREVOLTAGE-INC, US)
i.ibb.co
Apex Domain
Subdomains		 Transfer
15 jotfor.ms
cdn01.jotfor.ms — Cisco Umbrella Rank: 24847
cdn02.jotfor.ms — Cisco Umbrella Rank: 25227
cdn03.jotfor.ms — Cisco Umbrella Rank: 25783
cdn.jotfor.ms — Cisco Umbrella Rank: 21216
300 KB
3 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11763
119 KB
1 jotform.com
events.jotform.com — Cisco Umbrella Rank: 24441
266 B
1 imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 22190
578 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 winratesakti.pro
winratesakti.pro
11 KB
20 6
Domain Requested by
6 cdn03.jotfor.ms 1 redirects winratesakti.pro
cdn03.jotfor.ms
3 i.ibb.co 1 redirects winratesakti.pro
3 cdn.jotfor.ms winratesakti.pro
cdn.jotfor.ms
3 cdn02.jotfor.ms winratesakti.pro
3 cdn01.jotfor.ms winratesakti.pro
1 events.jotform.com winratesakti.pro
1 ik.imagekit.io winratesakti.pro
1 fonts.googleapis.com winratesakti.pro
1 winratesakti.pro
20 9

This site contains links to these domains. Also see Links.

Domain
rb.gy
Subject Issuer Validity Valid
winratesakti.pro
winratesakti.pro		 2023-12-02 -
2024-12-01		 a year crt.sh
jotfor.ms
Cloudflare Inc ECC CA-3		 2024-01-11 -
2024-12-31		 a year crt.sh
*.imagekit.io
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-09 -
2024-05-08		 a year crt.sh
ibb.co
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://winratesakti.pro/
Frame ID: 34DD85F656DF856E2EA7FFB55E9E093C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SAKTIWIN CHEAT JACKPOT SLOT

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Page Statistics

20
Requests

80 %
HTTPS

63 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

431 kB
Transfer

1191 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cdn03.jotfor.ms/stylebuilder/donationBox.css?v=3.3.46707 HTTP 301
  • https://cdn03.jotfor.ms/stylebuilder/static/donationBox.css
Request Chain 17
  • https://i.ibb.co/Pwxt2rB/SaktiWin.png=1680152875168%22 HTTP 301
  • https://i.ibb.co/Pwxt2rB/SaktiWin.png

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winratesakti.pro/ 		56 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.232 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium125-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
185f6725f6fecdb891a339b7d7dfd81a61c4adae1b7b86347e5672f6aec3c62f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
br
content-length
10709
content-type
text/html
date
Tue, 02 Apr 2024 13:43:58 GMT
last-modified
Sat, 02 Dec 2023 15:38:01 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
formCss.css
cdn01.jotfor.ms/static/ 		59 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/static/formCss.css?3.3.46707
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55dcb6fc40f955dce2e5f17d302c982104e154188b13141fcbe73505fb4206a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Sun, 31 Mar 2024 04:51:11 GMT
server
cloudflare
etag
W/"6608ebbf-eb0d"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
86e14043ea0974a4-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
form-common.css
cdn02.jotfor.ms/themes/CSS/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/themes/CSS/form-common.css?v=abbe53d
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4e193083a57ffd9e7ce23b7347a2dd1f63f8d36961301e48f74b52889599c1c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
BYPASS
last-modified
Tue, 02 Apr 2024 13:43:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache
jf-trace-id
8e4e10157a757187
x-form-cache
MISS-APP
cf-ray
86e14043e9d631e4-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
nova.css
cdn03.jotfor.ms/css/styles/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46707
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e355c50a24dd11c0e0ac78f5418469797e5319eb34012d1a922e9daffb2ee4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 27 Feb 2024 08:18:10 GMT
server
cloudflare
etag
W/"65dd9ac2-979a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
86e14043ed8f0a02-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
cdn.jotfor.ms/fonts/ 		530 B
402 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf86250b6730f80c6ebf26da28cddac808c18679d4e21df3c2a5e670f36755a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 13:43:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
86e14043e81e6c88-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
566a91c2977cdfcd478b4567.css
cdn01.jotfor.ms/themes/CSS/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?v=3.3.46707&themeRevisionID=642aed92326239083fe53f08
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfefadd6a7f0a685795f5daade87e5f2651525c003fa73122c24a635abf763f1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
BYPASS
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
jf-trace-id
7238471cadd65a19
pragma
no-cache
last-modified
Mon, 03 Apr 2023 15:15:30 GMT
server
cloudflare
etag
W/"125dd41f77e22ec823bbff2570bb2e79"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
86e14043ea0b74a4-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
payment_feature.css
cdn02.jotfor.ms/css/styles/payment/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/css/styles/payment/payment_feature.css?3.3.46707
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada4d0a561ddcd8909fa775bb11e32327c27d1b688c7251f46bb3304acf43f7b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Fri, 09 Feb 2024 07:54:16 GMT
server
cloudflare
etag
W/"65c5da28-5941"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
86e14043e9dc31e4-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
donationBox.css
cdn03.jotfor.ms/stylebuilder/static/
Redirect Chain
  • https://cdn03.jotfor.ms/stylebuilder/donationBox.css?v=3.3.46707
  • https://cdn03.jotfor.ms/stylebuilder/static/donationBox.css
8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/stylebuilder/static/donationBox.css
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf05ad1cf918cafd97e73aae45107559d024437ce62b71f7d4c00e9d02ac8d84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://winratesakti.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
age
183
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
c699090b450ba6b5
last-modified
Thu, 21 Mar 2024 14:53:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
86e14044ce990a02-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

date
Tue, 02 Apr 2024 13:43:59 GMT
via
1.1 google
cf-cache-status
MISS
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
a59f9bb6aa47274c
pragma
no-cache
last-modified
Tue, 02 Apr 2024 13:43:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
/stylebuilder/static/donationBox.css
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
86e14043ed910a02-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Dancing+Script:400,700
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a72048023c53de663af5d9e5b09ab96a7320afab0ab5603493d8d8da8001027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Tue, 02 Apr 2024 13:43:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 02 Apr 2024 13:43:59 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 02 Apr 2024 13:43:59 GMT
prototype.forms.js
cdn01.jotfor.ms/static/ 		127 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46707
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fface13ae112a253e99fb74eb69fb02cf6698eee1d8ef55f03fae545680b128e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Sun, 31 Mar 2024 16:27:13 GMT
server
cloudflare
etag
W/"66098ee1-1fb04"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=315360000
cf-ray
86e14043fa0c74a4-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jotform.forms.js
cdn02.jotfor.ms/static/ 		631 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.46707
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab31dc366a03fa2097611bc79091a8c8286217649a01ffb595a461634a2aa07

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 08:30:24 GMT
server
cloudflare
etag
W/"660bc220-9dda7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=315360000
cf-ray
86e14043e9de31e4-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
validategateways.js
cdn03.jotfor.ms/js/payments/ 		2 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/js/payments/validategateways.js?v=3.3.46707
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a4f54883416a6344a768b3b87765295850a11d7bbaa8cc4da4f883436804ff2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 07:50:13 GMT
server
cloudflare
etag
W/"6583ee35-8e4"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
86e14043ed920a02-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
control_appointment.css
cdn03.jotfor.ms/stylebuilder/static/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/stylebuilder/static/control_appointment.css
Requested by
Host: cdn03.jotfor.ms
URL: https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9870d83b0e2674390aff31eb1491eba8ccf9bf2be7d349b4c5bf08d1e829f66b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46707
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
age
121
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
1ba2790aeee62ff3
last-modified
Thu, 21 Mar 2024 14:53:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
86e140449e6d0a02-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
control_inline.css
cdn03.jotfor.ms/stylebuilder/static/ 		37 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/stylebuilder/static/control_inline.css
Requested by
Host: cdn03.jotfor.ms
URL: https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e83d72d90b300e4d57e0ce772db11785add986f15252c4d308ecc41eef1cbe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn03.jotfor.ms/css/styles/nova.css?3.3.46707
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
age
75
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
jf-trace-id
610ada11386fc329
last-modified
Thu, 21 Mar 2024 14:53:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=86400
x-form-cache
MISS-APP
cf-ray
86e140449e710a02-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
aa0f6dea70649d495a64cd7741a4f445_u2pW_-ufq.jpg
ik.imagekit.io/di8d13lt8/ 		9 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/di8d13lt8/aa0f6dea70649d495a64cd7741a4f445_u2pW_-ufq.jpg?updatedAt=1699774444557
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:ec00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:44:00 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9
x-request-id
76083c35-24eb-4f53-b1d2-70f5303e231d
pragma
no-cache
ik-error
ENOENT - Resource not found at any upstream origin
etag
W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache,no-store
x-server
ImageKit.io
timing-allow-origin
*
access-control-allow-headers
*
x-amz-cf-id
miUyBU8WXmceJBjgbtl-CMdFvcLdnXflVXm1NSGDUno85PvRyBMtwg==
Coda-ExtraBold.woff2
cdn.jotfor.ms/fonts/Coda/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/fonts/Coda/fonts/Coda-ExtraBold.woff2
Requested by
Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1918c68d7dfa0efcf188f5169c09578a4fde6a293b773f5875ffae92fbe1fcb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Origin
https://winratesakti.pro
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 14 Mar 2024 07:54:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
86e14045db5f9ac3-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Coda-Regular.woff2
cdn.jotfor.ms/fonts/Coda/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/fonts/Coda/fonts/Coda-Regular.woff2
Requested by
Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4704066d29e3d616c2e202a0d44f99df71879352b441da1bc588d80f7f733221

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn.jotfor.ms/fonts/?family=Coda|Coda|Coda
Origin
https://winratesakti.pro
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:43:59 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 14 Mar 2024 07:54:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
86e14045eb619ac3-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
events.jotform.com/form/232892976923170/ 		0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.jotform.com/form/232892976923170/?ref=&res=800x600&eventID=1712065439560_232892976923170_LRr1ZFa&loc=https%253A%252F%252Fwinratesakti.pro%252F
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.129.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Apr 2024 13:43:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Apr 2024 09:43:59 GMT
server
cloudflare
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
86e140476fb10a1e-MIA
access-control-allow-headers
origin, content-type, accept
alt-svc
h3=":443"; ma=86400
expires
Thu, 1 Jan 1970 00:00:00 GMT
SaktiWin.png
i.ibb.co/Pwxt2rB/
Redirect Chain
  • https://i.ibb.co/Pwxt2rB/SaktiWin.png=1680152875168%22
  • https://i.ibb.co/Pwxt2rB/SaktiWin.png
69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/Pwxt2rB/SaktiWin.png
Requested by
Host: winratesakti.pro
URL: https://winratesakti.pro/
Protocol
H2
Server
169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
a0598afb0d8073048146ac66f32cbfc73336b2b17753e3156ed84ba682f4f936

Request headers

accept-language
en-US,en;q=0.9
Referer
https://winratesakti.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Apr 2024 13:44:00 GMT
last-modified
Sat, 02 Dec 2023 09:56:26 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
70205
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://i.ibb.co/Pwxt2rB/SaktiWin.png
date
Tue, 02 Apr 2024 13:43:59 GMT
server
nginx
content-length
162
content-type
text/html
Rock-Star.png
i.ibb.co/DQ4fgm9/ 		50 KB
50 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i.ibb.co/DQ4fgm9/Rock-Star.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
9255b6062ef887bc6bed5ef13faa77454d1177c5063146a95a3c1248ac14764d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://winratesakti.pro/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:44:00 GMT
last-modified
Sat, 02 Dec 2023 13:36:51 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
50750
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| favicon boolean| isDarkMode object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ undefined| Sizzle function| Selector object| __result function| _alert function| rand object| JotForm function| getMD5 function| getQuerystring function| onProductImageClicked function| createNewComponent function| isIframeEmbedForm function| isIframeEmbedFormPure function| callIframeHeightCaller function| newDefaultThemeHandler function| setEncryptedValue function| IsValidJsonString function| hasExludedEncryptWidgets function| getFieldsToEncrypt function| setUnencryptedValueToForm function| createHiddenInputElement function| appendHiddenInput function| trackExecution function| trackSubmitSource function| unencryptPaymentField function| shouldSubmitFormAfterEncrypt function| addEncryptionKeyToForm function| attachScrollToCaptcha function| generateUUID function| Calendar function| handlePopupUI function| requestAnimFrame object| Protoplus function| calculateTimeToSubmit function| testSubmitFunction function| fbAsyncInit object| _popupCalendar object| ValidatePaymentGateways number| __pushInitDataTries number| __pushInitDataInterval

3 Cookies

Domain/Path Name / Value
.jotfor.ms/ Name: userReferer
Value: https%3A%2F%2Fwinratesakti.pro%2F
.jotfor.ms/ Name: JOTFORM_SESSION
Value: a95ecf42-3619-4c2e-c899-a4153fab
.jotfor.ms/ Name: guest
Value: guest_f92e94a9f93376db

23 Console Messages

Source Level URL
Text
security warning URL: https://winratesakti.pro/(Line 65)
Message:
Mixed Content: The page at 'https://winratesakti.pro/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Dancing+Script:400,700'. This content should also be served over HTTPS.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winratesakti.pro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46707(Line 326)
Message:
Mixed Content: The page at 'https://winratesakti.pro/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2'. This content should also be served over HTTPS.
security warning URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46707(Line 326)
Message:
Mixed Content: The page at 'https://winratesakti.pro/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2'. This content should also be served over HTTPS.
security warning URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46707(Line 326)
Message:
Mixed Content: The page at 'https://winratesakti.pro/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2'. This content should also be served over HTTPS.
security warning URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46707(Line 326)
Message:
Mixed Content: The page at 'https://winratesakti.pro/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2'. This content should also be served over HTTPS.
security warning URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46707(Line 326)
Message:
Mixed Content: The page at 'https://winratesakti.pro/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2'. This content should also be served over HTTPS.
security warning URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.46707(Line 326)
Message:
Mixed Content: The page at 'https://winratesakti.pro/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2'. This content should also be served over HTTPS.
network error URL: https://ik.imagekit.io/di8d13lt8/aa0f6dea70649d495a64cd7741a4f445_u2pW_-ufq.jpg?updatedAt=1699774444557
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
events.jotform.com
fonts.googleapis.com
i.ibb.co
ik.imagekit.io
winratesakti.pro
104.19.129.105
162.0.229.232
169.197.85.95
2600:9000:21dd:ec00:15:c281:3500:93a1
2606:4700:10::6816:4851
2606:4700:10::6816:4951
2606:4700:10::ac43:76b
2607:f8b0:4006:80d::200a
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
185f6725f6fecdb891a339b7d7dfd81a61c4adae1b7b86347e5672f6aec3c62f
4704066d29e3d616c2e202a0d44f99df71879352b441da1bc588d80f7f733221
55dcb6fc40f955dce2e5f17d302c982104e154188b13141fcbe73505fb4206a0
5a72048023c53de663af5d9e5b09ab96a7320afab0ab5603493d8d8da8001027
78e355c50a24dd11c0e0ac78f5418469797e5319eb34012d1a922e9daffb2ee4
7a4f54883416a6344a768b3b87765295850a11d7bbaa8cc4da4f883436804ff2
9255b6062ef887bc6bed5ef13faa77454d1177c5063146a95a3c1248ac14764d
9870d83b0e2674390aff31eb1491eba8ccf9bf2be7d349b4c5bf08d1e829f66b
9ab31dc366a03fa2097611bc79091a8c8286217649a01ffb595a461634a2aa07
9cf86250b6730f80c6ebf26da28cddac808c18679d4e21df3c2a5e670f36755a
a0598afb0d8073048146ac66f32cbfc73336b2b17753e3156ed84ba682f4f936
ada4d0a561ddcd8909fa775bb11e32327c27d1b688c7251f46bb3304acf43f7b
bf05ad1cf918cafd97e73aae45107559d024437ce62b71f7d4c00e9d02ac8d84
bfefadd6a7f0a685795f5daade87e5f2651525c003fa73122c24a635abf763f1
d4e193083a57ffd9e7ce23b7347a2dd1f63f8d36961301e48f74b52889599c1c
e0e83d72d90b300e4d57e0ce772db11785add986f15252c4d308ecc41eef1cbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1918c68d7dfa0efcf188f5169c09578a4fde6a293b773f5875ffae92fbe1fcb
fface13ae112a253e99fb74eb69fb02cf6698eee1d8ef55f03fae545680b128e