cs2skinmony.monster Open in urlscan Pro
2606:4700:3032::ac43:83eb  Malicious Activity! Public Scan

URL: https://cs2skinmony.monster/auth.php
Submission: On May 01 via manual from IT — Scanned from IT

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3032::ac43:83eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is cs2skinmony.monster.
TLS certificate: Issued by E1 on May 1st 2023. Valid for: 3 months.
This is the only time cs2skinmony.monster was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
32 2606:4700:303... 13335 (CLOUDFLAR...)
33 3
Apex Domain
Subdomains
Transfer
32 9gjgnrfks.ru
9gjgnrfks.ru
621 KB
1 cs2skinmony.monster
cs2skinmony.monster
868 B
33 2
Domain Requested by
32 9gjgnrfks.ru cs2skinmony.monster
9gjgnrfks.ru
1 cs2skinmony.monster
33 2

This site contains no links.

Subject Issuer Validity Valid
cs2skinmony.monster
E1
2023-05-01 -
2023-07-30
3 months crt.sh
9gjgnrfks.ru
GTS CA 1P5
2023-04-25 -
2023-07-24
3 months crt.sh

This page contains 2 frames:

Primary Page: https://cs2skinmony.monster/auth.php
Frame ID: F7222A3AE361DE598329F2E5A67DF1B9
Requests: 1 HTTP requests in this frame

Frame: https://9gjgnrfks.ru/a38ab3cc8
Frame ID: 7DD369332EAB3CDE7F0A94CB73A2DCFD
Requests: 33 HTTP requests in this frame

Screenshot

Page Title

Steam Community

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

622 kB
Transfer

1446 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request auth.php
cs2skinmony.monster/
263 B
868 B
Document
General
Full URL
https://cs2skinmony.monster/auth.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:83eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.4
Resource Hash
26e788720ceef678ac7b48758dafd0f38e1b10667fc6c46aa4b0558b0df19d6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c07057c0a0c0e15-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 09:33:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTs8wYGNHhGWE7ztjUkzCczBkwI1h6OTVm3QxE%2FJoh5ruB6JW5YLCJFhInkau%2Fq%2B9OiZ7ceaGX8IJMYb3bNsSS7MGOjMNe3TQxv5InLvnB9eVgIe5lR5tCtX2%2B5WwW4s8Ai3EEmG7PCNkWXmbUqOlowX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
a38ab3cc8
9gjgnrfks.ru/ Frame 7DD3
282 KB
60 KB
Document
General
Full URL
https://9gjgnrfks.ru/a38ab3cc8
Requested by
Host: cs2skinmony.monster
URL: https://cs2skinmony.monster/auth.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8d6fd6dfe846243eaf066783882ae2507cd45d52e0cb6709d28ad2e9300e76

Request headers

Referer
https://cs2skinmony.monster/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c07057d7afbbb2b-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 09:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqshqldvVTWWwUDUbqYP%2BRgBShZ%2FegGZzM76NLeMtvB3xK2F8wIuI6waRXJjLBaBDTfKM4s8VmNODJAaD6pfa8kYT9ktIdJGUXKmNUBWQH4P0tWRjqQC3I%2BYgzwkrzcg0bsHiz95waMrOW0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery.min.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
88 KB
32 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/jquery.min.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsjGTfrKkpDHZK2yrp2M7oFNYMXomvPO%2BtXTWfuF%2FOYplEOxJhdqtGUzjVX8InLAYEKxwyuc7%2FnY69zINM6pbsRYNLRGMiVgcN7be0IspfausEZVDygHANXA11DU%2Fjiyb0vglUHwLXxRDww%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057ead5bbb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
motiva_sans.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
2 KB
861 B
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/motiva_sans.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73b5d041c61bb8970895bb5f9385bd2686c0a362acc0648150b6d25b4429c33

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plnxNWrinLuk%2F3OKMQu6u1%2B1Q91vQE7LvLwC82djQHaVGn6luHnsDBgBfQRpOjsBLS95HWV67LyS5Dxfr1M7KO3RD1SLjk39pkhQBib8o8EO60jZRMt9YrJFLjvV87slUUPnQ3JThSfwXfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead4abb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
buttons.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
32 KB
4 KB
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/buttons.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f43098ba277c6f8c471bebe20c01e5a870674a7d79d99763b5c4f67ae03e45c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sX9Pk7KYch3o2iM3TEB0S4HcnZWuWpQifhWrb1NdCHd33aKVjtJh8oNBIvkYUNPEiB7YOLOib3p%2B2hbKSyezqnT8H5UvS4xZKRxZjzK%2FW6syVZonXsahT6%2FobL%2Frsvzx%2F1Pxu%2BbNFEQWG58%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead4dbb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
shared_global.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
77 KB
20 KB
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/shared_global.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3aae49a24418ed059ce6cddd8e1a9c0aa1d57bad04c614aa89662453cfb4ca

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2F0p7erCyUsgcBK0Kr6Xps7gtvRuiMKI9%2Boi7%2FAg%2B6SCYiIzRm5%2Br0WIeRtf17r5KuTcfosQHFMlFVbhHYj5%2F0Wb5xenV4b9AEddSgiZZIY%2F4mIgM4%2FVbxnuQVRVQNI4ekT6eAkdOIUdSV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead4ebb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
home.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
13 KB
3 KB
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/home.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db257f2433d0483f5b0b95b49e63a11d4a474399ea1caaa6e065cdf9d381b4b1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZH81mNb5dT9e2GWiADf7n3r7OAnMlL7qgunzvHheexGVgknmSPR0L6uvxbzoamz6GP6Pb7vGDey5Cj1wDfqTcbHxRh36I1q7VuZ3sEDnYfOyLfcfwhtFCi0d2NetPFEA41LscEqS9cxyjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead4fbb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
16 KB
4 KB
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/login.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3b3c43bbc2758c9d023ec004ea6559166869edc822780c540070ee1f9b445e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mhl0kie6Y4ZyqKDDXAAR4xiSnVCkKHVDtO%2FLMEly1Gk7Uee9rG5CIraQ57FrEAbo9YiuLIITzTKG1TGkibeJC5RsnTVYPvIwZAA1%2BX2FtKp64EVFbfP1Cs7SD3GmQwljeriP2p5rdTIRE%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead50bb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
openid.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
44 KB
15 KB
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/openid.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2916dc51dcb237287f420c1d90f44facd7a71fcee15871bd462acfe9bafc2eb

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsVyCT%2FO0mS9n9uuYY3sQ%2B%2BIN6vJ2AXqk%2Ba4SMHbqx6jBfqzU6H4N%2BYMVqEN82kVAuXekngIrcGbyP7nXIPIbdX9Ip2Mrz8GJypoca6I2HaiC%2FQvlpYYy7M752zbpXWdzfvUp%2BhforpF4UY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead53bb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
shared_responsive.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
17 KB
6 KB
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/shared_responsive.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f9647baacf0260788531f89db1499738729b513892cc6c7793ca9dabb1cd92

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHBx3qiNcZrpETJh8znrA%2Fd8%2F479MLUW2u89zvXl2Dm0aGnw55ola%2FFgr9KAQGgjbucc4zm5%2FV9Wza69d5dxz%2BlOTFdO%2BSrJpG1POg0i8xJr7WFf7ZXNOnYPrLLUWHmCSa2E4OabynXEZeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead56bb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
header.css
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
12 KB
4 KB
Stylesheet
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/header.css
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0198bd0131b9317f4cd88ead0838f5ccbc190f2064f6f9431b77e75017a9cafc

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3169
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxWDkVFVtp%2BvwZ6VCxp1lAQQToyrHHaNX4EP0aE5mQklMIrFJ5hq2NnjDAGH4x7LfTMIpD8SAmirKBq2DVquR1JN44jjRIr4tvyv3yXxKr%2FGRGnsJHKFyxL08RlJmvXyRTtg7OFbcrq98%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c07057ead59bb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_combined.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
70 KB
19 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/_combined.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886cf3523cea9de24f91bc8bbe89efff4a0dbc107759aa86bc6923e9c6b8be58

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DK9C%2Fqe7KJDffobXEWGMh7EyH20mmRMq5iOz7t4GLadPvxsjUg0g0IXgmw8gg%2FtdeKMP3RLv0gsqtRcJkU3EbMNjYxQR8iH64M2eSWPgIDok9mnuQQYWbMjn26iuqKU5nc6MdtUFQtspW5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9a359cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tool.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
271 KB
92 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/tool.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a3d6182786a8eb03749bfcd9f0ca6f72017758643b9b9a1e5d1a650c571dfe

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kf7jDnyBMnN1RTR3002I8xxiBFFZ4cnJymyde9%2BZxZQisYFzemxeE6HV0gp2Py8DxEQsUXBrNHNngSAckaI4PKwI2e4vtfOVJR9ZD%2Fhqu6IxZBxhJVOrWvqnj0U%2FtLGIGBIqdOmrKlDznT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9a959cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.1.min.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
94 KB
34 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/jquery-1.11.1.min.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMLDVtf%2Be2ohj0YZSctX2BQzflzMAxU2Rz02ItjvbRqRRzNJWxJseo%2FgU%2Fv7F3MiRhTpVGQkGSyCuJbfB3ZbSUYyNbjdY3g1Q1APNdfSHnYbKslVVinhUid4kSx9SlWtF3dBNJ%2FR3GkzDIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9ac59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tooltip.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
7 KB
3 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/tooltip.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f891697b1b70ea37798b640358b24f6163c6d27e57eebec458aa40879b076d8f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZegiTCERxf8lSrFq2UDoghBxYnqgmhCG6DxPw09ba3sz898diZvD4t%2BquI2zmeO1Mjpq5zecZmla26XyrCUhwSGBtxZg%2B6I0yMbQVEFdxT7uNEbbRAmhe11VMKYHMpFNMZ7KZPbjdamM%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9ae59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
shared_global.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
80 KB
23 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/shared_global.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05acf32055c1a5fff640835a6fd67ff14a02d00e5b636672f3f49f98429f5cf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmFouE%2FZXRr2SB4XVz11jDabSbaMncKugVFc0KbJU0Y%2Bd8GVgXCAFGDYV4Ej9zOQOh4PLwt3XadgeX9lxWswJ9qpEz4arqQrDYwdf1N0MOQsp39kV1rLkVwErZcqgBK72%2BrO2Bazz5wquUg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9b059cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logins.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
46 KB
9 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/logins.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a5c4c834e53551df9f37d51ff1fa022b70f63f46fa538e6d992578f64dbaaf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQJesiIYC%2BWmz2VjFF1HUI7vwIBbZao%2F6iX9hG4wJZRvxABdzRr%2FTdLpfifXD9mfmSfgeDRBhkWi9TU0wFIhOAmIlOi7b3vKnJSl9Pnwk3KDFpCKtJL63cnzYQDhIwadFpfwsdVoaLoXXWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9b259cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
modalv2.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
2 KB
1 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/modalv2.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4840bbc3612c4efb77e9353d3f67493c5ea49519d0d8eca8b630e758eaaf30c7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op2CIynGE6H5syYGyNkxv3%2B2EYkX6FGa5mMELiajdSIlrb2E7006FKWj8dMFwkOHX2GYsxsoqqR9sTyTTnDkFyOjitKp75kRnUPckh5qjoLq9MOOSDhHll4O9%2B3W1QO5L7mZZa1wjcRuq%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9b359cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
shared_responsive_adapter.js
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
12 KB
4 KB
Script
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/shared_responsive_adapter.js
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55cd6f63141dddd3a145ec703028c532a4a16d604b74c50ecf876023a2b7ecc

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XOXaPrQ4DxdEAxPhWv0%2FC1tHsaIJtX55nxd%2FV3JGDOZ4LMKAcsKofChYGJZ2EXEMnGdL2wHCXP2Tuw%2FfyUf%2B7S%2FhP6qp1cDlwLquM3YFAkNnIk2xuiFfk4saiuBHe2tbxxNqEI5X6JG81U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7c07057fa9b459cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo_valve_footer.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
2 KB
2 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/logo_valve_footer.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNYNDOYpUPtyjhbJuAtoXSoThEMb%2Fl%2FUO%2FWngwydjXkM2OgNJV7P565q1vpvxOQW4FgOXJqfqHs%2B6ss372mvmgZufAvBIxvWwhjg9Fn9YwsiPwDBO1ggUO%2Ffd8WejLXAlgGZBWI9cNQtaZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b1859cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
header_menu_hamburger.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
4 KB
4 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/header_menu_hamburger.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AA4KAuSfm730GVWY%2FL0AzGBXT0SDDl%2BGQVedfIYjCyRMtRBL3GZzzKEnSz8%2Fxpgsps7bq4WN0MuMphujcq2ZNKw0qASlv4cPUADp7tX3SXigxdFey6jh7hIf5kqAiFf3AVRb52eXwghMac%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b1a59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
header_logo.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
11 KB
11 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/header_logo.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyJwdmSsval8sb8qe2fWTaceUc7uMjryxbkvWaYZQfKxmaqCycjrtZC5O9tunqkBv8zu6ZcxUyrIJw%2F%2FbC1S%2FsTL%2FeftVjU1iK%2Bngd4WUmdcNfuYpHswz%2BIVPvZ7Ece2rpjHx3En7EqWriw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b1e59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
globalheader_logo.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
6 KB
7 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/globalheader_logo.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5438b6377ef91265bc90d9ee9c75cf703514d03f0ff9a51bed3bb4ab5a3bb699

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2916
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5qM9O3%2BzQhyEtIpcvvqdEHtavWzEv2GqZfI5hLcvyvZ1Bl3dRXnL8WMuKGlU31L7bBWX5oYjEk0XIu%2BSQTO4frELdajFW9RXnJMoVRU%2FbeGqcsjOq3OBmMjYysEEHZaJ2EqmtiQyWKFNmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b1f59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sits_landing.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
5 KB
6 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/sits_landing.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2916
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzVQaeGB2uZy8plAU9IB%2FD5aTpp3%2B0hXptEaiDRc9tM9Svfr6fc5sJXNqDKiN%2FtDQg0Yu3agbyQ4%2F1AX1d90b35ftgc4ZiWp8WOdqKV%2BYVdV5pu4Hv%2FQ5FSgIdVYsTGnQj9I6B99nfKTh0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b2059cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon_info.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
3 KB
4 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/icon_info.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad9ddd2543a22ec2270326fb195c2bb6fb1b46186e89e885a83ae24386176f2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FO%2Bx8tP5MZ13TZGqKTPHJGXjPxRlgf7rszk%2BQ2JLv6neZHIIJzLMtRc%2BBtHHWv%2FoHrWLgtniqKwkxnQ0SOPr3iXpIMaaCv5v4%2B11%2BcpP9UDfyCy2JTs2R60DIumtSDpz4BvJ8DNs%2F5buvEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b2159cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
blue_refresh_icon.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
500 B
964 B
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/blue_refresh_icon.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b179c7e553d74ed86b7663fa0722b76854f0ef2398fe6fbadd98f2d0c1cdfa

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alIaVPyyZ0hyMtvbH40Qxx7gP6UaqoYbxIjFtsDSyj52hO%2BtUJ7BvQZ%2Fw4NKE61Y%2FQ4asgOrLPmaRrHZ1Poft9Nf3agwyrUuC%2FqthVAllK8zqFBaA6XCUvBYgNufz0MdzznWO%2BPVjDQlIRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b2259cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
throbber.gif
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
3 KB
4 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/throbber.gif
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2916
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIfu8vbeYmObgHvqYBSBW%2FG2oACq4A4fXlbdBtp4YW3HUvp4Ac3BY7nkDfdXPK3nmN8UIWvQKd07S309uk569N82Wc%2Bzdyapw6ADYiY2c%2Bj0UwFwLymqBznCCBWCb87XNJNesjCKNyl6s0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
7c0705808b2459cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
footerLogo_valve.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
4 KB
4 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/footerLogo_valve.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/a38ab3cc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/a38ab3cc8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5R9bveeLQIQwKWWtcPLeiJLchF10MSte8GaJ2IF5m3FPfP1FBNLQcC0pemwmkkGSH%2ByVizucZv2nYWfb1DIDEnvpPLoqDn6GTkES5VOJrkxMYYXiBbX6mqo37ikRs25WAfw%2B1fQZ%2FdBbW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b2559cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
btn_header_installsteam_download.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
291 B
753 B
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/btn_header_installsteam_download.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/b3df27444/a3ec1/shared_global.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/b3df27444/a3ec1/shared_global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1aCkGG4tbtsJc%2F89RnEG10Dzk%2FvxTlhTgETQZSaxui0JYklcN7isc8cAOmuSAT%2Fnty2fEDfirI5uZtr1IKtz%2FbfZpgLTo%2Bc%2B09K9s1Ttv3CJww6dZD2ciYQzMtqd4ILNIheZjVBPREgx7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c0705808b2b59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 7DD3
61 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
MotivaSans-Thin.ttf
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
116 KB
116 KB
Font
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/MotivaSans-Thin.ttf
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/b3df27444/a3ec1/motiva_sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

Request headers

Referer
https://9gjgnrfks.ru/b3df27444/a3ec1/motiva_sans.css
Origin
https://9gjgnrfks.ru
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BozWw0UBsB%2BMYM5j%2BDsOssHNuhHZkd3uWAjlu%2BHm%2BTomuOHVKIEc0J8PvTPTNF06l1t%2FdpeYhVk4S4wZAjwsk%2FBgN0A1H5F2i1nSDuo7rfVVpPBZax4F%2BdiA7JmzHGu912TmhZGVfTTjFU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=14400
cf-ray
7c0705809b3259cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MotivaSans-Regular.ttf
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
120 KB
120 KB
Font
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/MotivaSans-Regular.ttf
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/b3df27444/a3ec1/motiva_sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

Referer
https://9gjgnrfks.ru/b3df27444/a3ec1/motiva_sans.css
Origin
https://9gjgnrfks.ru
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPnktEPg76zR7wMBYYoFGHfR7qOmSFCOOljtcm%2BB3Dat4Gipjiek7RQWzM9F2T8wDL1H0xos7gHn3h0iq12Hq%2BewMdP8oZ6rH0RjuEIxzkCenxbx4D8JwwBcELac%2FiawH0KP689Q2xXBm%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=14400
cf-ray
7c0705809b3359cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
emailauth_icons2.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
4 KB
5 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/emailauth_icons2.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/b3df27444/a3ec1/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9152d0aecc3dfc17e3265cc54fc3b21dc6c5ea1b472aa90da440ae96552a2ac8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/b3df27444/a3ec1/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0oTqTWIOP%2BErKTsmVussaabHIH8RDlBRTcDcPJ9EfdXDuPEgfPFRshVpS56By7cmRyKmCHHrt%2FKAo2hYZVMu8JVpkzHpp0PnEvOlycEeo7WoPv93UjkNpIF3Mp4Z2gI09LDpPlvvJ22Efs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c070580bb6e59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
code_box.png
9gjgnrfks.ru/b3df27444/a3ec1/ Frame 7DD3
3 KB
4 KB
Image
General
Full URL
https://9gjgnrfks.ru/b3df27444/a3ec1/code_box.png
Requested by
Host: 9gjgnrfks.ru
URL: https://9gjgnrfks.ru/b3df27444/a3ec1/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24e4e2eb63ba954b29ceef24b0275c146bb401038970b7ed1a84740347a2017

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://9gjgnrfks.ru/b3df27444/a3ec1/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 09:33:11 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 08:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2915
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PRp06DlsqRmGeZw58ITGTsxudZ%2BRr3CJgJ8ONzkKYQTKXzkfGBpA9FtkJ8WkQRfBMOqnUQO%2BySMOiSGlnhzE5uFrIkZEpxIt6G3YuKP6%2BDy%2FDH%2FUyGukUsN0XY5FqbzcaA5lyJVgsADic4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7c070580bb6f59cb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

2 Cookies

Domain/Path Name / Value
.cs2skinmony.monster/ Name: __ddg1_
Value: BMs2S2zZxngwIwBkgfXe
cs2skinmony.monster/ Name: PHPSESSID
Value: 7ab4c074cb574e3a21e437c40357ae59

2 Console Messages

Source Level URL
Text
security error URL: https://9gjgnrfks.ru/a38ab3cc8(Line 7743)
Message:
Blocked autofocusing on a <input> element in a cross-origin subframe.
security error URL: https://9gjgnrfks.ru/a38ab3cc8(Line 7857)
Message:
Blocked autofocusing on a <input> element in a cross-origin subframe.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9gjgnrfks.ru
cs2skinmony.monster
2606:4700:3032::ac43:83eb
2606:4700:3036::ac43:b361
0198bd0131b9317f4cd88ead0838f5ccbc190f2064f6f9431b77e75017a9cafc
04f9647baacf0260788531f89db1499738729b513892cc6c7793ca9dabb1cd92
0ad9ddd2543a22ec2270326fb195c2bb6fb1b46186e89e885a83ae24386176f2
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
26e788720ceef678ac7b48758dafd0f38e1b10667fc6c46aa4b0558b0df19d6f
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
47a3d6182786a8eb03749bfcd9f0ca6f72017758643b9b9a1e5d1a650c571dfe
483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c
4840bbc3612c4efb77e9353d3f67493c5ea49519d0d8eca8b630e758eaaf30c7
4d8d6fd6dfe846243eaf066783882ae2507cd45d52e0cb6709d28ad2e9300e76
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5438b6377ef91265bc90d9ee9c75cf703514d03f0ff9a51bed3bb4ab5a3bb699
6c3b3c43bbc2758c9d023ec004ea6559166869edc822780c540070ee1f9b445e
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
6f43098ba277c6f8c471bebe20c01e5a870674a7d79d99763b5c4f67ae03e45c
7d3aae49a24418ed059ce6cddd8e1a9c0aa1d57bad04c614aa89662453cfb4ca
886cf3523cea9de24f91bc8bbe89efff4a0dbc107759aa86bc6923e9c6b8be58
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
9152d0aecc3dfc17e3265cc54fc3b21dc6c5ea1b472aa90da440ae96552a2ac8
97b179c7e553d74ed86b7663fa0722b76854f0ef2398fe6fbadd98f2d0c1cdfa
a24e4e2eb63ba954b29ceef24b0275c146bb401038970b7ed1a84740347a2017
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
b55cd6f63141dddd3a145ec703028c532a4a16d604b74c50ecf876023a2b7ecc
c73b5d041c61bb8970895bb5f9385bd2686c0a362acc0648150b6d25b4429c33
db257f2433d0483f5b0b95b49e63a11d4a474399ea1caaa6e065cdf9d381b4b1
e05acf32055c1a5fff640835a6fd67ff14a02d00e5b636672f3f49f98429f5cf
e1a5c4c834e53551df9f37d51ff1fa022b70f63f46fa538e6d992578f64dbaaf
f2916dc51dcb237287f420c1d90f44facd7a71fcee15871bd462acfe9bafc2eb
f891697b1b70ea37798b640358b24f6163c6d27e57eebec458aa40879b076d8f
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa