winner.com-official.org Open in urlscan Pro
2606:4700:3033::ac43:982b  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response winner.com-official.org/16bde578d869e2a/	24 KB 6 KB	129ms 84ms	Document text/html	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7190089586c3d4d23821d9f5e7aa1d34baa00054885bdbb4991da9a74e3db644 Request headers :method GET :authority winner.com-official.org :scheme https :path /16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 16 Nov 2020 13:00:38 GMT content-type text/html set-cookie __cfduid=d79f49d3d1ab53d4543a9fc4fcb88febc1605531638; expires=Wed, 16-Dec-20 13:00:38 GMT; path=/; domain=.com-official.org; HttpOnly; SameSite=Lax last-modified Thu, 03 Sep 2020 00:33:39 GMT cf-cache-status DYNAMIC cf-request-id 0672bdb45800001f3581a62000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i%2FmHxwnZMZDPlOm4o8%2BoGnXTU0MpiPns0HEJwCuNh5F99VFYmMj289faW5bTOXpKUzXSq0poPhOKYVmkJzmFeBfOMDgeAyyNrzRMrPddd1pAmDuIXQbF%2FvfCwQU%2Bl%2BvD05amGg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f316566ff971f35-FRA content-encoding br
GET H2	200	bootstrap.min.css winner.com-official.org/16bde578d869e2a/	113 KB 18 KB	146ms 145ms	Stylesheet text/css	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winner.com-official.org/16bde578d869e2a/bootstrap.min.css Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f812b9c5e14034ce0e171f2c88dc12411cf06be8d06f8888b03d3c99db96d238 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT content-encoding br cf-cache-status MISS last-modified Fri, 28 Aug 2020 08:30:23 GMT server cloudflare etag W/"5f48c09f-1c23c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NMfl6%2BGl2VzdFo9M6%2FrLxg244xIMWNTihntfmUaMQ16DXVnbhb%2BlojCcGzTmoT4yTHbx2mfOZ99WfnNkb1uGJ%2F48O%2FDga%2B6JpmQ7z5zYe7d1rfcL5tonWv0c22DUrAOKCxbapA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f316567891c1f35-FRA cf-request-id 0672bdb4b400001f35541be000000001
GET H2	200	stylei11.css winner.com-official.org/16bde578d869e2a/	6 KB 2 KB	69ms 68ms	Stylesheet text/css	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winner.com-official.org/16bde578d869e2a/stylei11.css Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b23220a939d51797f587b1777ae4b40a399e45117d782ad8b57ed5cf7596d3ed Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT content-encoding br cf-cache-status MISS last-modified Fri, 28 Aug 2020 08:30:45 GMT server cloudflare etag W/"5f48c0b5-16df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6avmOvo7Hziu0hnb55E%2FONMZmIHjVofAozO9GtkgAdV1TycpIfBJOcJLbHV2f62hGSC39VudLEJf0mlYF%2BXCtH0fxldxGtM6I7H8sXm7jsDlUGaQoPXL8%2BExJJXMkpqLzhQbg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f316567891d1f35-FRA cf-request-id 0672bdb4b400001f35478b2000000001
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	26ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:38 GMT content-encoding gzip last-modified Wed, 01 May 2019 21:14:27 GMT server nginx status 200 etag W/"5cca0c33-15851" vary Accept-Encoding x-hw 1605531638.dop220.fr8.t,1605531638.cds220.fr8.hn,1605531638.cds236.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30638
GET H2	200	jquery.eraser.js Show response winner.com-official.org/16bde578d869e2a/	5 KB 2 KB	64ms 64ms	Script application/javascript	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winner.com-official.org/16bde578d869e2a/jquery.eraser.js Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2a8e2f4f8bbff1ea8fb0c903a4e4ff891878728d8e82ed062372218e657032e Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT content-encoding br cf-cache-status MISS last-modified Fri, 28 Aug 2020 08:30:33 GMT server cloudflare etag W/"5f48c0a9-12be" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hXEfOcvJw6npsmhuCbG5bC3KpYBZTjZEWwvgZ%2FRHTxRknKrVl05qqYVBjAGWHOtMbnG685hDm626c1YqZVhMWijygAwzqWJp%2FdOw2pmTS5x9kSaqlTuZ6rRdoOV6%2FNzxF2ehPQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f316567891f1f35-FRA cf-request-id 0672bdb4b500001f359784b000000001
GET H2	200	main.js Show response winner.com-official.org/16bde578d869e2a/	3 KB 2 KB	97ms 97ms	Script application/javascript	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winner.com-official.org/16bde578d869e2a/main.js Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10a393023097e1733f956f208bcdf5f71333744a91ae8735065660b97cc65800 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT content-encoding br cf-cache-status MISS last-modified Fri, 28 Aug 2020 08:30:38 GMT server cloudflare etag W/"5f48c0ae-d33" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q1v2HZ5ApAMRyTaUi6AiVtZPadFh%2BEL373kx%2Bx54yDrTuLtkkLTPjWpdDRfGGqln1taHARurUrY2xhCBzCTfoFgeoRhZ1zGLgyq9y3nMgdvlkZqBIBBNRtwWgkV2fHT%2Bl2U3YQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f31656789231f35-FRA cf-request-id 0672bdb4b500001f355d3ce000000001
GET H2	200	logo.png winner.com-official.org/16bde578d869e2a/	1 KB 2 KB	63ms 61ms	Image image/png	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/logo.png Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb33bc9abe208ec4b4c79d5a550fa46b47b8c0fcb1ce7f94eecf28cd2e5bb77e Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 1464 cf-request-id 0672bdb55500001f35b0b60000000001 last-modified Fri, 28 Aug 2020 08:30:37 GMT server cloudflare etag "5f48c0ad-5b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X33cgj2rXI1tpjMg2zI5f9H4AccqK3jhr7ObhDrwL5pC8ukzv6e0b0CPlXKKQuv0%2BkWl6QPDf8OkVthk8uMK5hRP8QPfOi6VGVt0sEAfHDFCGawTdU4Sm0%2BzJcOLJhaB3a8gVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688b961f35-FRA
GET H2	200	menu_mob.png winner.com-official.org/16bde578d869e2a/	125 B 455 B	70ms 68ms	Image image/png	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/menu_mob.png Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37a2a1ba4f7e5f8d078a4096675db0e6dee26e13f6c04d63046a757bc0371c82 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 125 cf-request-id 0672bdb55500001f35a12bc000000001 last-modified Fri, 28 Aug 2020 08:30:41 GMT server cloudflare etag "5f48c0b1-7d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NpC5FhonqsV6gTs8iIhPU2NdomVhNLmfmyqka7J5rgONIlQpw9Jqpc%2BTNjPrazcJOezP11sxuG7Mt6aZ39bJQfefbKvlXwOknIDD81WvstUz09GDobWWgg0%2FQ0uCYbNQAIcyYA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688b981f35-FRA
GET H2	200	user_mob.png winner.com-official.org/16bde578d869e2a/	471 B 808 B	65ms 63ms	Image image/png	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/user_mob.png Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69b575ba9c21c1ac9460aa72106ee8b5308bc160a037208e90ce4122fcd31159 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 471 cf-request-id 0672bdb55600001f359dbb4000000001 last-modified Fri, 28 Aug 2020 08:30:46 GMT server cloudflare etag "5f48c0b6-1d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G8jIzV3ZRcVBk%2BxnY1zcdpCZHSiTMImxrQA86I6k2TkA4Aed%2Fup2W0Ct%2Fn1eKmulqsCKp%2FHWj0OWUxIhH4bM3mh0w%2BOlV4jYDDsXpajzlLmx002GmMe1PlDDXxgjmv1Ry8kfrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688b9a1f35-FRA
GET H2	200	phone-shape.png winner.com-official.org/16bde578d869e2a/	4 KB 4 KB	66ms 65ms	Image image/png	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/phone-shape.png Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b6fa4182f499832335987280a138fd565ed615859e7236f888189851569a925 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 3810 cf-request-id 0672bdb55600001f354f049000000001 last-modified Fri, 28 Aug 2020 08:30:43 GMT server cloudflare etag "5f48c0b3-ee2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OcLIftTDO15qkyOpVqsX1OVjBMyddDjQhqvrxapZxDtDsjtXhoVQi1%2BzeoLORJE3sW48vEmVapzPiXU2ll%2Bf%2BrpBAUCn%2FQfRZ97bGinXAMUP%2Ba%2FJamtt2QtBKsbyMcoAFwRXWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688b9c1f35-FRA
GET H2	200	shape-color.png winner.com-official.org/16bde578d869e2a/	3 KB 3 KB	67ms 66ms	Image image/png	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/shape-color.png Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 617ef51b5c019a324c5e2fbc19beb671c24fb1813fd009a9a44f2042311ffc50 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 3141 cf-request-id 0672bdb55600001f3577ab7000000001 last-modified Fri, 28 Aug 2020 08:30:44 GMT server cloudflare etag "5f48c0b4-c45" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5h4xNMB3UiOfkcLJxAIPCF2ocYdHaNHprKjyKx%2FtMjVh8crS%2B7uSgTo8Mvh%2BHXrUwP01iZBW7zg6GOkFnP1xbJGXlbIKj02pphNkV0Z8hvgIR0BEgDbtxjTqsyrk9RaFm65qPA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688b9e1f35-FRA
GET H2	200	userPrize1i11p.jpg winner.com-official.org/16bde578d869e2a/	21 KB 22 KB	89ms 88ms	Image image/jpeg	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/userPrize1i11p.jpg Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f280b20e756215c63d1ee8ae2a4023ec7befb9fe6b442d325067233c87bd3b75 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 21803 cf-request-id 0672bdb55600001f35a90e4000000001 last-modified Fri, 28 Aug 2020 08:30:53 GMT server cloudflare etag "5f48c0bd-552b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qq0XFG7GhmqobzXuB1I%2F7spB0yVutdK1OdyWACuv4AbyUZWcQlSit5pBasTkz0GJKctfD7tY74KZGI%2BvhtR%2BvRqqLzi3jdmULh%2FMAqlYaYGpX8tGDwLIO8M5GFP1xP3RTJ5kBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688b9f1f35-FRA
GET H2	200	like-fb.png winner.com-official.org/16bde578d869e2a/	420 B 818 B	64ms 63ms	Image image/png	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/like-fb.png Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b902f0a3a4fdf4f82d4970a1d148aab70ebb11e54ca26349162f8010b08859be Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 420 cf-request-id 0672bdb55700001f35421b8000000001 last-modified Fri, 28 Aug 2020 08:30:35 GMT server cloudflare etag "5f48c0ab-1a4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6F6WYaInvXCEDw125j%2BMXRxP64wVY4jJLlsMSNf5X3gqoQBixmNkkIhRMWDxYZDWp8czr52d0TKUCkC%2Bg32hDPr1XQK1JlckKyID3SYGTBopgZFParIs8Q%2Bp5Y%2FxJpVOEv6sGA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688ba01f35-FRA
GET H2	200	userPrize2i11p.jpg winner.com-official.org/16bde578d869e2a/	16 KB 16 KB	90ms 89ms	Image image/jpeg	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/userPrize2i11p.jpg Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de87dac907402023b58a53edeb58d93647927ba1412852ed4a4a945c7fe0764e Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 16388 cf-request-id 0672bdb55700001f3586959000000001 last-modified Fri, 28 Aug 2020 08:30:56 GMT server cloudflare etag "5f48c0c0-4004" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SQUddTcYjUm1XK0bfEQMjig%2Fp2b8x10wvy%2By%2FxfIPfloN9FlLM0qKoKoEL1OnSDuDg61j99ahP1VIciH9qmkeDzx4FuhLT6OcUblfl2t7dgRUqnyQWA9IlKi5IQ1U91cCMiShg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688ba31f35-FRA
GET H2	200	bootstrap.js Show response winner.com-official.org/16bde578d869e2a/	35 KB 9 KB	88ms 88ms	Script application/javascript	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winner.com-official.org/16bde578d869e2a/bootstrap.js Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 843c65c2ca11e356611fa35d67f99e9e74b8e063420b66493bd14faa69016d14 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT content-encoding br cf-cache-status MISS last-modified Fri, 28 Aug 2020 08:30:18 GMT server cloudflare etag W/"5f48c09a-8b65" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TMzWRgwI8KWtaI2%2FIj8TIFpArYRV%2BypIpVZtWXZqWfyhHYis5VthahbaYtbclsrNSMne%2BO0%2BGb88i9GTjHOwRAba1FAAoMEd05NSXigje6iv7I9l0V0JLg05PhRYNmziEOvuhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f3165682abb1f35-FRA cf-request-id 0672bdb51600001f35448dc000000001
GET H2	200	jquery4.2.js Show response winner.com-official.org/	2 KB 1007 B	68ms 68ms	Script application/javascript	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winner.com-official.org/jquery4.2.js Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e4eecfa75ccdf02bf1ac94ce129e59eeecf98f65f33e9a39367234bf7c95d3e Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT content-encoding br cf-cache-status MISS last-modified Tue, 21 Apr 2020 08:49:04 GMT server cloudflare etag W/"5e9eb380-8c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bjr8f56itE8OVCWvocZG6jvpsE9p6dZ9joFxgSE8oo8nB%2B1h5HwWUJqWJYrYobBDxQyOQcUTiNQA4LnKco70n6CdS2Z9LVSXSeT3Mi4jEy6kDgpsT5anYK2JgUj2RGdaf6Ef2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f3165686b621f35-FRA cf-request-id 0672bdb54500001f3575138000000001
GET H2	200	avatar2-sprites.jpg winner.com-official.org/16bde578d869e2a/	28 KB 29 KB	85ms 84ms	Image image/jpeg	2606:4700:3033::ac43:982b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winner.com-official.org/16bde578d869e2a/avatar2-sprites.jpg Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:982b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91f628e666b170116bc4195a86d74e2b75d1f2e26f4085e39697bb4fae280b57 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 29093 cf-request-id 0672bdb55800001f357192a000000001 last-modified Fri, 28 Aug 2020 08:30:16 GMT server cloudflare etag "5f48c098-71a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fK2iMV%2BLufXH7ztErndjZXAVTNa1Er2829DO0FdYnstJV4vY4eEB%2BPBTn%2F9TWXtLkl3MRUYBwrMaLhqIOEw5GMcwEm9UuqLI10J9d4DZhKq8ZTV6xwqfXgS2looJ227ce1Ejng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 5f3165688ba61f35-FRA
GET H2	200	click.php secure-me.top/	0 613 B	199ms 73ms	Image text/html	2606:4700:3036::681c:14f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://secure-me.top/click.php?event9=0 Requested by Host: winner.com-official.org URL: https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:14f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:39 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15768000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ueLhs9I%2BlTSmlJKaLOhCbG%2FNUPJkWMTnjT3eHd%2BEwADXMc6kbItUvHXg9eXdUQNvSfDpBmqQnxf8%2Ff0rXRmSks09rv0nmmNNmo46b5Y9MViPDWJaxrCba9OC"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 status 200 cf-ray 5f316569ac6764af-FRA cf-request-id 0672bdb60e000064af07a0c000000001
GET H2	200	click.php secure-me.top/	0 415 B	62ms 62ms	Image text/html	2606:4700:3036::681c:14f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://secure-me.top/click.php?event7=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:14f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://winner.com-official.org/16bde578d869e2a/?bb=1&cpid=802&uclick=nt46uo3v&uclickhash=nt46uo3v-nt46uo3v-fvi4-h93z-52q5-gxfywj-2t8ri4-f6da11 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 13:00:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15768000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UPIgJAcT%2FRsd17f2zJUy5DS8v6qxl5TSf9ou4aOUv5niapGGAoBqb9Y3z9WBOq%2FoXOhC61qu5MD7dfbAiIl%2F6LHHyN2Y3UBgou2Qokm4dQ1poYR27hkyh%2BlB"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 status 200 cf-ray 5f3165a76aff64af-FRA cf-request-id 0672bddc9e000064af0fb70000000001

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| App object| item function| getParameterByName object| _0xc2e7 function| _0x5cb6 string| _0x17359c object| _0xdb235f object| _0x47d3b3 number| _0xd55f46 function| _0x449000 number| _0x8e22b9 number| _0x2fda77

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://winner.com-official.org/jquery4.2.js(Line 1) Message: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
secure-me.top
winner.com-official.org
2001:4de0:ac19::1:b:2b
2606:4700:3033::ac43:982b
2606:4700:3036::681c:14f4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e4eecfa75ccdf02bf1ac94ce129e59eeecf98f65f33e9a39367234bf7c95d3e
10a393023097e1733f956f208bcdf5f71333744a91ae8735065660b97cc65800
1b6fa4182f499832335987280a138fd565ed615859e7236f888189851569a925
37a2a1ba4f7e5f8d078a4096675db0e6dee26e13f6c04d63046a757bc0371c82
617ef51b5c019a324c5e2fbc19beb671c24fb1813fd009a9a44f2042311ffc50
69b575ba9c21c1ac9460aa72106ee8b5308bc160a037208e90ce4122fcd31159
7190089586c3d4d23821d9f5e7aa1d34baa00054885bdbb4991da9a74e3db644
843c65c2ca11e356611fa35d67f99e9e74b8e063420b66493bd14faa69016d14
91f628e666b170116bc4195a86d74e2b75d1f2e26f4085e39697bb4fae280b57
b23220a939d51797f587b1777ae4b40a399e45117d782ad8b57ed5cf7596d3ed
b2a8e2f4f8bbff1ea8fb0c903a4e4ff891878728d8e82ed062372218e657032e
b902f0a3a4fdf4f82d4970a1d148aab70ebb11e54ca26349162f8010b08859be
de87dac907402023b58a53edeb58d93647927ba1412852ed4a4a945c7fe0764e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f280b20e756215c63d1ee8ae2a4023ec7befb9fe6b442d325067233c87bd3b75
f812b9c5e14034ce0e171f2c88dc12411cf06be8d06f8888b03d3c99db96d238
fb33bc9abe208ec4b4c79d5a550fa46b47b8c0fcb1ce7f94eecf28cd2e5bb77e