urlscan.io logo urlscan.io
SecurityTrails logo

1win-win1.buzz Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://1win-win1.buzz/
Submission: On June 06 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 1win-win1.buzz.
TLS certificate: Issued by E1 on May 23rd 2024. Valid for: 3 months.
This is the only time 1win-win1.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 172.67.208.50 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
18 5
Apex Domain
Subdomains		 Transfer
8 dcpcdn.top
dcpcdn.top
198 KB
6 gstatic.com
fonts.gstatic.com
68 KB
3 1win-win1.buzz
1win-win1.buzz
200 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
1 KB
18 4
Domain Requested by
8 dcpcdn.top 1win-win1.buzz
6 fonts.gstatic.com fonts.googleapis.com
3 1win-win1.buzz
1 fonts.googleapis.com 1win-win1.buzz
18 4

This site contains no links.

Subject Issuer Validity Valid
1win-win1.buzz
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
dcpcdn.top
E1		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://1win-win1.buzz/
Frame ID: F72C5897F76BE1368303EE2798555254
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win официальный сайт - рабочее зеркало сайта 1вин на сегодня

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

466 kB
Transfer

709 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1win-win1.buzz/ 		34 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b612f7931322e4a8957272a67e8ecb922582044fe914d22b3757517881a82b7f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f5c8c14aac4d91-FRA
content-encoding
br
content-type
text/html
date
Thu, 06 Jun 2024 04:50:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4K%2FcMkcVEc8aS1M47M9w%2FzEx5IDXIWKvZqlgnqty0DjT84w8%2BrzCKfg%2FlO0D5c1ivPI0vdzq1A2mf0CYSw4DLFZE4co4VCZsuxCGArxTI004GO4ZHgusQlvUnXF51dcVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a520e2acd9bad54cad306a79efc5c9829177359a2702b12da499d46bed6083b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jun 2024 04:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 04:50:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jun 2024 04:50:54 GMT
style.css
dcpcdn.top/core-assets/1win/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcpcdn.top/core-assets/1win/css/style.css?v=1.2
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba70ff0f4dfb584cf4febf9381452e06f55c604cd49b0ccff7fe8faff629499

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6501260
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 29 Nov 2022 03:10:24 GMT
server
cloudflare
etag
W/"63857820-78f2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EO4A2gpI8ntwPHL4XGc3j7VS3zPwvUbiS%2Bnc220x38yHOZFGPIiU42bXTuDVfrPTv69NKh2vHrOEHbKwLgKizpsFr2qMlNucX2VOL6UnwSsEu3%2FCK3PwCY3T6L8a"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
cf-ray
88f5c8c29b9f5d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
medium_image_285e167856.webp
dcpcdn.top/api-uploads/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcpcdn.top/api-uploads/medium_image_285e167856.webp
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d19adca344846a95e0326567cef354dc6b55223977aeb66c85cf96fe9b1a92e2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
308591
alt-svc
h3=":443"; ma=86400
content-length
31522
last-modified
Thu, 01 Dec 2022 08:48:34 GMT
server
cloudflare
etag
"63886a62-7b22"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAeEfK1hW6T%2BdYWIL7gDHWOdbBsActqoLQi7Cjf4zRGRA9VCTjkwoVaQ58jsSNgBncEoa4kjCOrdFHPA3988WtZ0ceV1hadTyRRH%2BMiRFQXW5amXIY4f7wIANOlf"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88f5c8c29ba05d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
medium_image_17e1de2334.webp
dcpcdn.top/api-uploads/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcpcdn.top/api-uploads/medium_image_17e1de2334.webp
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6682c13a17859e9aa8fab6076b6509cf977250dc7c12791f099d3264e29943b7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
26728
last-modified
Thu, 01 Dec 2022 08:48:34 GMT
server
cloudflare
etag
"63886a62-6868"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BY%2F0rAbSVmDJ1v%2FHmr2R3Tubcyqt6b4r4TrQN4rM9KTm2n5fJEzecFlTF3sYoQCDydk5X%2Fz6GitoPdpB5CyYZ7zxe1CcKVc3UKHJOMuj5pK3v6l5iXKfgCneT7zk"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88f5c8c29ba15d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
medium_image_c70036b7f2.webp
dcpcdn.top/api-uploads/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcpcdn.top/api-uploads/medium_image_c70036b7f2.webp
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f4da569ad9a8c058e5bf84615b5038b3bad4956c8f1daa0a93ece03f0d34fa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
308591
alt-svc
h3=":443"; ma=86400
content-length
5256
last-modified
Thu, 01 Dec 2022 08:48:34 GMT
server
cloudflare
etag
"63886a62-1488"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XX2oRpHDyMK0nMXJKTJ4zKfkav8aI7FDMwlkP0gBjmGC7d0Rr7bCoDiNWL3jp4gT3PERuVgR9zA7mA4ckxkOowPeJ10G8%2Bznemik49cXNyGAAJCKdJrAjy1yRkwB"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88f5c8c29b9b5d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
medium_image_28483b6399.webp
dcpcdn.top/api-uploads/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcpcdn.top/api-uploads/medium_image_28483b6399.webp
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683ebb3e4a5bd0c38158399e2a4033a210368de8910cc6a7901597b120512039

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
308591
alt-svc
h3=":443"; ma=86400
content-length
48384
last-modified
Thu, 01 Dec 2022 08:48:35 GMT
server
cloudflare
etag
"63886a63-bd00"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wy9upDDMYl57tTSzldwWcucNc13httnozX89bbLiFDlXYJbi27aHkLKkrCn%2FHjzdl7x8ZYuboNttHdOi3m%2Btinovg5dG3YsL3gfm4bs%2FhrxPA1ZRSVB%2FC3rmOjRQ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88f5c8c29ba25d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
medium_image_46a8670dff.webp
dcpcdn.top/api-uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcpcdn.top/api-uploads/medium_image_46a8670dff.webp
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a451522c4110788eb0777414a2a49aa97fd1a8605e68e224b0a52cf20d3123

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
8754
last-modified
Thu, 01 Dec 2022 08:48:34 GMT
server
cloudflare
etag
"63886a62-2232"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrTjQNTxi7yMi4QhTCNhbexmnXXeE%2BGat4N06Bsm8vYX7%2Fi5C3CogWVFmvkzvH6hxR3Yxaaas9D1%2FVMGFKAId1k%2BhiMIbBQTq%2FOePNX5dv7D%2BcSS3pa87dRzAo%2Fe"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88f5c8c29ba45d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
medium_image_fab702ec35.webp
dcpcdn.top/api-uploads/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcpcdn.top/api-uploads/medium_image_fab702ec35.webp
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072aa13fb9d9f456acaf55249feefd735409648fecaac46a74ee640967886274

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
308591
alt-svc
h3=":443"; ma=86400
content-length
52938
last-modified
Thu, 01 Dec 2022 08:48:35 GMT
server
cloudflare
etag
"63886a63-ceca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLYcICv3tsDN3xGQsxa2miHB3SOrltb6Ak5%2BMhjXA7BzW95fRJVN20GuFBQASj7EcjEdPwTO6IXYJGUQk8FvydB2Is%2B%2Fjax8KVRq8pw%2BUqYtjdXiLMBmEuGEByDk"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88f5c8c2cbc15d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
medium_image_18a61f1ab7.webp
dcpcdn.top/api-uploads/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcpcdn.top/api-uploads/medium_image_18a61f1ab7.webp
Requested by
Host: 1win-win1.buzz
URL: https://1win-win1.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8809618a08405ccc592c809088507ca073d3fbfa072c10af819fdcdc0c872923

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18370
last-modified
Thu, 01 Dec 2022 08:48:34 GMT
server
cloudflare
etag
"63886a62-47c2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YG%2BSEn4oTwFbYaPIO54HsZ7IBJsChA3BgSDqUgIAN48iuQIqH8pIRZxeJfdUeytdgDj5grhSN8Awg7ZlNg4rDofhI3ruMcDaqEdU%2FGNFR37QrVBOcISbpSlFXqHF"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88f5c8c2cbc25d42-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		648 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca9d680e31f9da02ff03ff04139e501897ce7ac1a9f22f23655f089c89103612

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		648 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40da0eaed0e235c835b36d881ebafee41d30496140a3dc263430ef4a223460c7

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		651 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ac6f8fb74357aacb7fb1d7f7c72ad2225659f25d1223f2fe7173e5295e5852f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		800 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd6537c01ba5fdc252bcc3460e84db9cfce75545b8fe5b579211d386b434143

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d640af9ec30ae65aba049c233d670625c74e1a9ff8bc38ad2be974e19bcdb9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://1win-win1.buzz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:19:26 GMT
x-content-type-options
nosniff
age
138688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7968
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:19:26 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://1win-win1.buzz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:07:35 GMT
x-content-type-options
nosniff
age
139399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:07:35 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://1win-win1.buzz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:14:21 GMT
x-content-type-options
nosniff
age
138993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:14:21 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://1win-win1.buzz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:10:16 GMT
x-content-type-options
nosniff
age
139238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:10:16 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://1win-win1.buzz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:31:56 GMT
x-content-type-options
nosniff
age
137938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7972
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:31:56 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://1win-win1.buzz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:32 GMT
x-content-type-options
nosniff
age
139342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7860
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:08:32 GMT
1win.png
1win-win1.buzz/ 		189 KB
189 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1win-win1.buzz/1win.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00901af62673e541367d581ff13629f83bf513764af957df553d0120882e254e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 11:47:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"664f2cc0-2f396"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGKsVZKGKQn362mYK21D3mare5vYoE4qd7I7IyMa5nLavkHy4wxepEiQWe568mh%2F72lqsJcB78dZZ6x4B3t2W%2FVpUpXyBdJRw5OCtHMscQskrTHoXjoJ0953mDLTgJyrLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88f5c8c3fcea4d91-FRA
alt-svc
h3=":443"; ma=86400
content-length
193430
1win.png
1win-win1.buzz/ 		189 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1win-win1.buzz/1win.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00901af62673e541367d581ff13629f83bf513764af957df553d0120882e254e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1win-win1.buzz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:50:54 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 11:47:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"664f2cc0-2f396"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGKsVZKGKQn362mYK21D3mare5vYoE4qd7I7IyMa5nLavkHy4wxepEiQWe568mh%2F72lqsJcB78dZZ6x4B3t2W%2FVpUpXyBdJRw5OCtHMscQskrTHoXjoJ0953mDLTgJyrLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88f5c8c3fcea4d91-FRA
alt-svc
h3=":443"; ma=86400
content-length
193430

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-win1.buzz
dcpcdn.top
fonts.googleapis.com
fonts.gstatic.com
172.67.208.50
188.114.96.3
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
00901af62673e541367d581ff13629f83bf513764af957df553d0120882e254e
00a451522c4110788eb0777414a2a49aa97fd1a8605e68e224b0a52cf20d3123
072aa13fb9d9f456acaf55249feefd735409648fecaac46a74ee640967886274
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5
37f4da569ad9a8c058e5bf84615b5038b3bad4956c8f1daa0a93ece03f0d34fa
3ac6f8fb74357aacb7fb1d7f7c72ad2225659f25d1223f2fe7173e5295e5852f
40da0eaed0e235c835b36d881ebafee41d30496140a3dc263430ef4a223460c7
4ba70ff0f4dfb584cf4febf9381452e06f55c604cd49b0ccff7fe8faff629499
6682c13a17859e9aa8fab6076b6509cf977250dc7c12791f099d3264e29943b7
683ebb3e4a5bd0c38158399e2a4033a210368de8910cc6a7901597b120512039
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d640af9ec30ae65aba049c233d670625c74e1a9ff8bc38ad2be974e19bcdb9f
8809618a08405ccc592c809088507ca073d3fbfa072c10af819fdcdc0c872923
9cd6537c01ba5fdc252bcc3460e84db9cfce75545b8fe5b579211d386b434143
a520e2acd9bad54cad306a79efc5c9829177359a2702b12da499d46bed6083b9
b612f7931322e4a8957272a67e8ecb922582044fe914d22b3757517881a82b7f
c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca9d680e31f9da02ff03ff04139e501897ce7ac1a9f22f23655f089c89103612
d19adca344846a95e0326567cef354dc6b55223977aeb66c85cf96fe9b1a92e2