urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
2606:4700::6813:d359  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.nightlynewslink.com/u/click?_t=df0aacecd28541058bd5e6bb87a9bf72&_m=d5d4d46afce442a3b9932b2cf1183aed&_e=l4T2bcoAeM_KD...
Effective URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_c...
Submission: On July 16 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700::6813:d359, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 49429.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2023. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.219.81.88 14618 (AMAZON-AES)
11 2606:4700::68... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
28 3
Apex Domain
Subdomains		 Transfer
11 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5263
253 KB
11 winred.com
secure.winred.com — Cisco Umbrella Rank: 49429
158 KB
1 nightlynewslink.com
links.nightlynewslink.com
2 KB
28 3
Domain Requested by
11 challenges.cloudflare.com secure.winred.com
challenges.cloudflare.com
11 secure.winred.com secure.winred.com
1 links.nightlynewslink.com 1 redirects
28 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
secure.winred.com
Cloudflare Inc ECC CA-3		 2023-02-21 -
2024-02-21		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Frame ID: DCB9C90C794507CCE25E3E9095F25956
Requests: 17 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 709589F0CA5FF0584DBAFFAE8881D95E
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xc60v/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 2DDC29F0B108F8213BC1EC7CFFD8A1B1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://links.nightlynewslink.com/u/click?_t=df0aacecd28541058bd5e6bb87a9bf72&_m=d5d4d46afce442a3b9932b2cf1183... HTTP 303
    https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&u... Page URL
  2. https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&u... Page URL

Page Statistics

28
Requests

79 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

410 kB
Transfer

1065 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.nightlynewslink.com/u/click?_t=df0aacecd28541058bd5e6bb87a9bf72&_m=d5d4d46afce442a3b9932b2cf1183aed&_e=l4T2bcoAeM_KDCSKD9mzpc8Y7R7wbODLmt1lGXhsaU6oK0odWmwClX9uDPZSbHtWVvGUXWhhCstc-7xZUIWc67psgcwGEIKhKPOsE6-nnJddmzco8GfI_JfdCl2K_f1eY2wZqTr5mVhu_s0o0-Lk__hx6TaAol5MXncaoCw3HwV4jav1KyP2Vd35xPYFk3XezdA9paWOyZVqR87aekjYUOVJN9mDSJ5LrIiweA_ULS-fs0bTxELYuVDalSVcmudM30ktosGOY5_pzDNzVaSaYOBFMCzYzYmFdPCKqQm2tZA6i576Y4Wlj4DOPuOPz7avMvaNYjxn562gm8w5Hyoxx21wsoT0RXDLdYa5DTtG92o0ATIK7qn_TiXdMupvZjd4yfyyMT_ddjJix3INEA3FeVhheybDezz1dRk-JQSEgHw%3D HTTP 303
    https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012 Page URL
  2. https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://links.nightlynewslink.com/u/click?_t=df0aacecd28541058bd5e6bb87a9bf72&_m=d5d4d46afce442a3b9932b2cf1183aed&_e=l4T2bcoAeM_KDCSKD9mzpc8Y7R7wbODLmt1lGXhsaU6oK0odWmwClX9uDPZSbHtWVvGUXWhhCstc-7xZUIWc67psgcwGEIKhKPOsE6-nnJddmzco8GfI_JfdCl2K_f1eY2wZqTr5mVhu_s0o0-Lk__hx6TaAol5MXncaoCw3HwV4jav1KyP2Vd35xPYFk3XezdA9paWOyZVqR87aekjYUOVJN9mDSJ5LrIiweA_ULS-fs0bTxELYuVDalSVcmudM30ktosGOY5_pzDNzVaSaYOBFMCzYzYmFdPCKqQm2tZA6i576Y4Wlj4DOPuOPz7avMvaNYjxn562gm8w5Hyoxx21wsoT0RXDLdYa5DTtG92o0ATIK7qn_TiXdMupvZjd4yfyyMT_ddjJix3INEA3FeVhheybDezz1dRk-JQSEgHw%3D HTTP 303
  • https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
secure.winred.com/annapaulinaluna/em29550aea2ea5b426/
Redirect Chain
  • http://links.nightlynewslink.com/u/click?_t=df0aacecd28541058bd5e6bb87a9bf72&_m=d5d4d46afce442a3b9932b2cf1183aed&_e=l4T2bcoAeM_KDCSKD9mzpc8Y7R7wbODLmt1lGXhsaU6oK0odWmwClX9uDPZSbHtWVvGUXWhhCstc-7xZU...
  • https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1002625501bd15d5f9ae7a50f72a50022b3d42ad7ee7ff8bcb1aaf6e273a84e3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7e7d66a03ca1bbb6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 16 Jul 2023 21:39:58 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Security-Policy
base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
Date
Sun, 16 Jul 2023 21:39:57 GMT
Location
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Request-Time
1
Server
iterable-links b20d
Vary
Origin
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
challenges.css
secure.winred.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/styles/challenges.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 16:27:41 GMT
server
cloudflare
etag
W/"64ad82fd-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7e7d66a07cf9bbb6-FRA
expires
Sun, 16 Jul 2023 23:39:58 GMT
v1
secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		164 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66a03ca1bbb6
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bacc8c7c30308bfdd1e605e69706fead38e61e9e66efff04b326b72a8182f3e1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012&__cf_chl_rt_tk=oAosfJQuzSkCU4rEX24hAcYqsQ3P5U7yggjP5S4ry94-1689543598-0-gaNycGzNDFA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:39:58 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7e7d66a09d20bbb6-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/556d0c9f/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=UseFQ6&render=explicit
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66a03ca1bbb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1

Request headers

Referer
Origin
https://secure.winred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:39:58 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7e7d66a16b689b5d-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
secure.winred.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/favicon.ico
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e094e140f9b6110bb9725bd210d00b3061d725e9e1549f6d846b09a6c89be3b3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:39:58 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7e7d66a11eda921a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
ce602083-41aa-4039-a52e-ecc0309b3144
https://secure.winred.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://secure.winred.com/ce602083-41aa-4039-a52e-ecc0309b3144
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
84f897943c24230
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/232238139:1689542454:q6YBg8rfkiW-6Pf6bHR-PgoH96-jIRf0I-l51CITEhE/7e7d66a03ca1bbb6/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/232238139:1689542454:q6YBg8rfkiW-6Pf6bHR-PgoH96-jIRf0I-l51CITEhE/7e7d66a03ca1bbb6/84f897943c24230
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66a03ca1bbb6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e0b63af38a8ef70491e3cb89117e2b6bcde27712e4da317a9232054ec4306da
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
84f897943c24230
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 16 Jul 2023 21:39:58 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7e7d66a1cfa2921a-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
5EDt+1jqW+VXBg5s5WHCJ7wKkRDGqRF1U24ODqf+y1vVOnFY/1XSc9e6b0PC2YDe$KRyjUAKUpvYg46jGta0gJA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 7095 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=UseFQ6&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea407d3b23b920eedcc6358e36d912eff04dd4dc9befa07af562fbf1cecc6237
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7e7d66a24a6d9134-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 21:39:58 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 7095 		174 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e7d66a24a6d9134
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0681159f66f20804c704e3e70f6307697dc18b281d7a5d4c9b4deec736481117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:39:58 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7e7d66a2bad19134-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
812f407a-e004-4755-ac31-d88720f172ea
https://challenges.cloudflare.com/ Frame 7095 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/812f407a-e004-4755-ac31-d88720f172ea
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
c9ceaa739698069
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/439109655:1689542528:-t1bNzzAFiaY6Nk4tYzUp_MCPcSoAbgPQcy1ZuWPpMY/7e7d66a24a6d9134/ Frame 7095 		134 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/439109655:1689542528:-t1bNzzAFiaY6Nk4tYzUp_MCPcSoAbgPQcy1ZuWPpMY/7e7d66a24a6d9134/c9ceaa739698069
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e7d66a24a6d9134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a317fa491c6fb6f1d9fe2fa255c59ffcc5853c24553cc5680e7993f0554ed9

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
c9ceaa739698069
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
N5FZdzYq70dSOgjlDyv93nYlJTgLv88yOrwFVAbXEVZbXFjQcTW8VnvtX+v7ejOYowoUoL30svHSFW5AN+5Oy2bio/pGJv64k73NsrxJWIFaZObL3mOci5XjAQAMaKVTa1CsSxrWqE9cfxbPldOWkulJR4qux0k0JUTPchn4cAAWBmu07VMa27cn5CLBCtePp78tyEC5PJT6XuKNYvICvtJhg26yB4y5ozu5/3tMV/v7Fg31EbTeHjeNsXo/pM9OggPPShdnEqQ8BwqG2XBxH1qELcKs+dukrjugq7zb2GFyXX5R1AnqnthlZDw5UCsjL8bmEIjGgeVPzpaBLDB//RuJ+UjMcts79Rq33+jBdCTAfdvsJ+2elyYwrkTDlsMwGj60leY2fIHP5Kx/3CgdBHlQ/oRzqa1ZeqepPl5dJN6sltF1eedUj8TUCLZcd5c8vSTFsNxeHrfCGgMFJJgpj39gnH+nMB4EDwAZROEVe0Q=$RHCmNgNe/dp2xiYW17z4iA==
date
Sun, 16 Jul 2023 21:39:58 GMT
content-encoding
br
server
cloudflare
cf-ray
7e7d66a3ec4f9134-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
ttgbG8kUOd9tkyA
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e7d66a24a6d9134/1689543598714/2810643225eb929373eed188cbb44f775ba293239efa036887834c708d45d1e3/ Frame 7095 		1 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e7d66a24a6d9134/1689543598714/2810643225eb929373eed188cbb44f775ba293239efa036887834c708d45d1e3/ttgbG8kUOd9tkyA
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e7d66a24a6d9134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:39:59 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gKBBkMiXrkpNz7tGIy7RPd1uikyOe-gNoh4NMcI1F0eMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAud1722XPCRhYoOIgf36fG5iXSHxfxHUZKz73wnLpMfitU52MrdnNWcrUVkTbnKzyTm0Eu_xxsnRjrrlfx2IsTXnr-s9e4Pcc4HcvRmkMrw3XF39qe1KQIdVCNdNafkz1J0NrctkXi1FQqBHTVhXwGwC9x1OMaJtOuArK5reikVOEOgLbWuDDVKss9TLXqQd0QKZ3UYgzMOidVGZVWwLRZPtrpaduttH1XIUQsUYGRSQt1IHvLpdLLtAA_pm8eFdjSqYgDy2JHY6bJpQgMP2umteUDyWEme_zpnYdR3fNYKWlOYCDaqI0yUEt8n1t3xi5BDAJ6Negpkd6impWYjHWQQIDAQAB, max-age=20
server
cloudflare
cf-ray
7e7d66a6af3f9134-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
_T17QVWX_tr-cWU
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e7d66a24a6d9134/1689543598716/ Frame 7095 		61 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e7d66a24a6d9134/1689543598716/_T17QVWX_tr-cWU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fa668582800b626b1faa3981c219a28b51b2b0bcc937e671baf822955e7083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:39:59 GMT
server
cloudflare
cf-ray
7e7d66a70f889134-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
be792187-1f3e-4cac-b0cd-7b64a7858034
https://challenges.cloudflare.com/ Frame 7095 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/be792187-1f3e-4cac-b0cd-7b64a7858034
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
b4f72b73-95e7-4123-9299-61df4cd8464a
https://challenges.cloudflare.com/ Frame 7095 		99 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/b4f72b73-95e7-4123-9299-61df4cd8464a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
c9ceaa739698069
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/439109655:1689542528:-t1bNzzAFiaY6Nk4tYzUp_MCPcSoAbgPQcy1ZuWPpMY/7e7d66a24a6d9134/ Frame 7095 		800 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/439109655:1689542528:-t1bNzzAFiaY6Nk4tYzUp_MCPcSoAbgPQcy1ZuWPpMY/7e7d66a24a6d9134/c9ceaa739698069
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e7d66a24a6d9134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f870613f48c54773b71d16daaa22c70440fd7e1239297c266012ed51fd40972

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/hrnrt/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
c9ceaa739698069
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
+SAsGcQWc8ylARrMkNuAsCJR9ezxuNPXOvw//B74sPHDSKKiyg4H3AGmNq2ZxHKeXXBF7RFEDz4RMvI7QszRZ4eDuF2QfY2TN0AhJgDRAKU=$NLdUSdVb4NtriCBUou0oVg==
cf-chl-out-s
Nsgi95kpBWHlCtl02TC4VVYTKMc3J62QdY8W7XR8T6Zh1Vi8RCaOwiH7aYea7cgEmDvT5hFYuvskveyYSqJVbEcAOIqRSrB1+1eS6nHXj9G16V1ktyzwklJ6T1lEDwrtRU9UqSjlc7V7EQ1GiIv2LXjx3LxPS38LJHYxXmBltjbq9G3eNOi5UVq8cJ0JNeJ3bNlepm79J92JcHoBB5MV7hr7y6UtjeIWMQ+lL1ZTJKp/GeV+qL9PjntRZE/yIbTqNnTi1bOA5jTBVAgXMm0i9bObMtxBYXd+qiAEQBoebbUYrdgzucphE7VRSu+NENybwl81nuYKlQuApl0JT30qCAB8xrZQNZBEOZrZf3+uVnp8RTrQK6cBC/3xWN8m6J8J+O2uNM7NzEBVNXIKgp0shXkRCSQWPFnmvFMTYipjQ+eZ2FiQCPYlsZpHVd4H9nt2IcxFVKT1bxdM/mLhCwualnTh+LUfQJvsap90udYITWs=$XfIVrHL5nH50lgCl6Lp2Uw==
date
Sun, 16 Jul 2023 21:39:59 GMT
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7e7d66a9aa849134-FRA
alt-svc
h3=":443"; ma=86400
84f897943c24230
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/232238139:1689542454:q6YBg8rfkiW-6Pf6bHR-PgoH96-jIRf0I-l51CITEhE/7e7d66a03ca1bbb6/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/232238139:1689542454:q6YBg8rfkiW-6Pf6bHR-PgoH96-jIRf0I-l51CITEhE/7e7d66a03ca1bbb6/84f897943c24230
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66a03ca1bbb6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c2257bbf74133ac538c1cce64111d38bb74ab020da958fe5314ce379b62c81
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
84f897943c24230
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
aCoitt4fWNnDm5CvUKeMqQQws4Sb5gX8wsspvbtHBvi1unYRDu+gCddmmWhc8kFHpKXg6GTIBte/9UL1i2CJgCrTS7lzZMe4NKET3+V6XN0=$qoWwagnOqHGPyEx4leK15A==
cf-chl-out-s
cgIFYC323UYGYiFMNY2ZLsgxNJhrs7/v3C/D6zh3/gHm0O8XiS5vo01gicEJb2ulQGwc5wfWo4xb01/QWEZHhw==$8W82JZijZyKgqjd+F2NOPw==
date
Sun, 16 Jul 2023 21:39:59 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7e7d66aa3fd6921a-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
secure.winred.com/annapaulinaluna/em29550aea2ea5b426/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66a03ca1bbb6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b7323d0d364d6561976cb4d8982e8d38342b5f8f5db6eedb9e99bb6aa16b54
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7e7d66b6fdfc921a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 16 Jul 2023 21:40:01 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
challenges.css
secure.winred.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/styles/challenges.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 16:27:41 GMT
server
cloudflare
etag
W/"64ad82fd-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7e7d66b73e28921a-FRA
expires
Sun, 16 Jul 2023 23:40:01 GMT
v1
secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66b6fdfc921a
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3333a7beb909fd8dd51abe615ba1155a19b5f5fc7507ddc021398162cad252
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012&__cf_chl_rt_tk=QtWBMfLS8aoK96WJ7z2wOWjx.ir2ckF8J5M.VwuY5XQ-1689543601-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:40:01 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7e7d66b76e51921a-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/556d0c9f/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=UseFQ6&render=explicit
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66b6fdfc921a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1

Request headers

Referer
Origin
https://secure.winred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:40:01 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7e7d66b7fd249b5d-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
secure.winred.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/favicon.ico
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70dae8cf5e4c28ce7430eac83f364e4e155ef70efa60fa4ad4f7cced63dc47d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:40:01 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7e7d66b80efe921a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
5f7eb843-a408-4476-a246-028e20fb7605
https://secure.winred.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://secure.winred.com/5f7eb843-a408-4476-a246-028e20fb7605
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
462b779c70065af
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/400827636:1689542503:nq2KAqjLcfsfy0ETXpe7vzdjjUVd-7C6nUx-tKS1XUk/7e7d66b6fdfc921a/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/400827636:1689542503:nq2KAqjLcfsfy0ETXpe7vzdjjUVd-7C6nUx-tKS1XUk/7e7d66b6fdfc921a/462b779c70065af
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e7d66b6fdfc921a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5f1c734f4529ead75583c11cd9ed6e8ef73dcd9473175b10f05af4183f5412
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
462b779c70065af
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 16 Jul 2023 21:40:02 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7e7d66b8cfdb921a-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
Zfh6Wz6phtUpyBjfMYXXY9E6XIcUAFfQOq0xQrXYPMeS2uOBGj9jT9j3Webg5n4/$p8FPC7u4vMyyODRbUkU6Mg==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xc60v/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 2DDC 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xc60v/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=UseFQ6&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51bcd0e7fc8f8a91f9fa498e9b70461f51d45a37415afc48dd63def635c68893
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7e7d66b96bb19134-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 21:40:02 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 2DDC 		174 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e7d66b96bb19134
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xc60v/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79b9aadd2667cd89f7fd539b9fd7fb8dae16063cf73bb4373d419e1f295c03c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xc60v/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 21:40:02 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7e7d66b9dc979134-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
28250b91-e348-495a-a8ca-c4f4cfe8dcb7
https://challenges.cloudflare.com/ Frame 2DDC 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/28250b91-e348-495a-a8ca-c4f4cfe8dcb7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xc60v/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
e4bb674b8194bc5
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2031626075:1689542485:vN7WMZ8zGuG79ENCu9lib-IskajEOC24lVI_cIQ2f8I/7e7d66b96bb19134/ Frame 2DDC 		107 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2031626075:1689542485:vN7WMZ8zGuG79ENCu9lib-IskajEOC24lVI_cIQ2f8I/7e7d66b96bb19134/e4bb674b8194bc5
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e7d66b96bb19134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xc60v/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
e4bb674b8194bc5
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
QgFlr9BKVD5tj91nvBmz9ObuhTtYBFabRX/BQYdvgmeP4lRlg9m0FqV/XqD3qnnoSjxjSLtA29ZzmKYuvKuYEsX/+ltRInB/N+v2e/Byx04JZMaDcpdWH4Qa1nXllck6wsq7rZvdu0OPdnTc7q8GgiEUfKQMI0vGFhhiprC1+un04NSfj2iVR+O94GHaoZYVdUk19q4NLmNUI/TaYTU5PrBtLDprQgAMhnZEAYuZSa/MGb2NWsTDZr/oosRS22KBN4sFqsNxEspdVG1v8mwD3yAc77aGj81elVkpFs5M2+Cnc61pqXBuCGIZti/yCCnhhefnXiE6jW8pSOIOKz6XFXGMOvCP35fGsrjI6CvGmAb2UkSOI7s+pGhx1CzGrd6kVYMOADrXnu+yt70s4tqHKFzqJcN4zdha5LffIlI6kjJXCb3p03mvS4O97pJMBCCl0fh/saUtlrwnSC1G8C7+2F3PBj/NGhCm+8kZDE3zjV9KoFY461BH78Bvab0ZMH4W7+Jgbcrhb6xrtD8ASQWs1OuzolpjRMeogiY4zxiWqp/0YYlD2N7bKU0GX8ghxc0Ojp5ieoAWIz9OZeLFqAwNGg==$KIRhXYFyxLuvCDe3P4Tb4w==
date
Sun, 16 Jul 2023 21:40:02 GMT
content-encoding
br
server
cloudflare
cf-ray
7e7d66bafdaf9134-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf_chl_opt function| UseFQ6 boolean| rmMp1 function| JfAjEs9 function| bNGTC0 function| fBWLL5 function| CUk8 object| XJbjq5 function| SHA256 function| adCGfsXIJi object| EChdZ8 object| turnstile boolean| ktDXZB4 string| GW6

8 Cookies

Domain/Path Name / Value
.nightlynewslink.com/ Name: iterableEmailCampaignId
Value: 7129630
.nightlynewslink.com/ Name: iterableTemplateId
Value: 9517162
.nightlynewslink.com/ Name: iterableMessageId
Value: d5d4d46afce442a3b9932b2cf1183aed
.nightlynewslink.com/ Name: iterableEndUserId
Value: designschoen%40gmail.com
links.nightlynewslink.com/ Name: XSRF-TOKEN
Value: 1d5a48564371d57e1f5d2c9beaf23ccd5173037b-1689543597973-22b5a25a9aeef5264ac9ef45
.secure.winred.com/ Name: __cf_bm
Value: HhKwpc6yjM4ViMMBFeWQa645dbx.C3MGBbiVqLRhtjE-1689543598-0-ATmRLuLcywSOQOeD3+g+Arw/MMJbtnA71LB99m8BRYyDNqz6vAUG5X7nqVuSU+7FVBsuQS1u7McnhEInsKJGm34=
secure.winred.com/ Name: cf_chl_rc_ni
Value: 1
secure.winred.com/ Name: cf_chl_2
Value: 462b779c70065af

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.winred.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e7d66a24a6d9134/1689543598714/2810643225eb929373eed188cbb44f775ba293239efa036887834c708d45d1e3/ttgbG8kUOd9tkyA
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://secure.winred.com/annapaulinaluna/em29550aea2ea5b426/?utm_campaign=20230623&utm_medium=email&utm_source=CI_B&utm_content=79&utm_term=db-apl-em05-012&source_code=db-apl-em05-012
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.winred.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
links.nightlynewslink.com
secure.winred.com
2606:4700::6811:2b8
2606:4700::6813:d359
3.219.81.88
0681159f66f20804c704e3e70f6307697dc18b281d7a5d4c9b4deec736481117
0e0b63af38a8ef70491e3cb89117e2b6bcde27712e4da317a9232054ec4306da
1002625501bd15d5f9ae7a50f72a50022b3d42ad7ee7ff8bcb1aaf6e273a84e3
14fa668582800b626b1faa3981c219a28b51b2b0bcc937e671baf822955e7083
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
3a3333a7beb909fd8dd51abe615ba1155a19b5f5fc7507ddc021398162cad252
51bcd0e7fc8f8a91f9fa498e9b70461f51d45a37415afc48dd63def635c68893
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7f870613f48c54773b71d16daaa22c70440fd7e1239297c266012ed51fd40972
87b7323d0d364d6561976cb4d8982e8d38342b5f8f5db6eedb9e99bb6aa16b54
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1
bacc8c7c30308bfdd1e605e69706fead38e61e9e66efff04b326b72a8182f3e1
c1c2257bbf74133ac538c1cce64111d38bb74ab020da958fe5314ce379b62c81
c79b9aadd2667cd89f7fd539b9fd7fb8dae16063cf73bb4373d419e1f295c03c
dd5f1c734f4529ead75583c11cd9ed6e8ef73dcd9473175b10f05af4183f5412
e094e140f9b6110bb9725bd210d00b3061d725e9e1549f6d846b09a6c89be3b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
e70dae8cf5e4c28ce7430eac83f364e4e155ef70efa60fa4ad4f7cced63dc47d
ea407d3b23b920eedcc6358e36d912eff04dd4dc9befa07af562fbf1cecc6237
f5a317fa491c6fb6f1d9fe2fa255c59ffcc5853c24553cc5680e7993f0554ed9
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa