urlscan.io logo urlscan.io
SecurityTrails logo

win-browser.cf Open in urlscan Pro
2400:cb00:2048:1::681c:639  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://8t6.4992dk.us16.list-manage.com/track/click?u=qzikc7d9pdb4ur73f2cnhimso&id=tcx16d36c2&e=p8j8rqg8pt&bwj2=vmqja67wbyg66s&h0l0=pgrg...
Effective URL: http://win-browser.cf/
Submission: On January 03 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 29 HTTP transactions. The main IP is 2400:cb00:2048:1::681c:639, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is win-browser.cf.
This is the only time win-browser.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.108.53.172 16625 (AKAMAI-AS)
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 1 190.115.29.238 262254 (DANCOM LTD)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 80.93.179.62 49505 (SELECTEL)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 81.176.238.211 8342 (RTCOMM-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 81.176.238.213 8342 (RTCOMM-AS)
1 81.176.238.212 8342 (RTCOMM-AS)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 109.234.157.251 49505 (SELECTEL)
29 12
1    104.108.53.172 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-53-172.deploy.static.akamaitechnologies.com
8t6.4992dk.us16.list-manage.com
1    2400:cb00:2048:1::681b:8794 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
os-print.win
1    190.115.29.238 (Belize)

ASN262254 (DANCOM LTD, BZ)
PTR: ddos-guard.net
tatabiznes.net
3    2400:cb00:2048:1::681c:639 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
win-browser.cf
1    2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
7    80.93.179.62 (Russian Federation)

ASN49505 (SELECTEL, RU)
s.filesonload.ru
s.platformalp.ru
u8.filesonload.ru
2    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    81.176.238.211 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru
a.radikal.ru
1    2a00:1450:400c:c04::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:821::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    81.176.238.213 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru
c.radikal.ru
1    81.176.238.212 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru
b.radikal.ru
3    2400:cb00:2048:1::681c:739 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
win-browser.cf
2    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
5    109.234.157.251 (Russian Federation)

ASN49505 (SELECTEL, RU)
s.platformalp.ru
u8.filesonload.ru
Domain Requested by
6 u8.filesonload.ru win-browser.cf
6 win-browser.cf win-browser.cf
4 s.filesonload.ru win-browser.cf
3 a.radikal.ru win-browser.cf
2 s.platformalp.ru win-browser.cf
s.filesonload.ru
2 fonts.gstatic.com win-browser.cf
2 c.radikal.ru win-browser.cf
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 b.radikal.ru win-browser.cf
1 www.google.de win-browser.cf
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com win-browser.cf
1 tatabiznes.net 1 redirects
1 os-print.win 1 redirects
1 8t6.4992dk.us16.list-manage.com 1 redirects
29 16

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2017-11-29 -
2018-02-21		 3 months crt.sh
*.radikal.ru
RapidSSL TLS RSA CA G1		 2017-12-21 -
2018-12-21		 a year crt.sh
www.google.de
Google Internet Authority G3		 2017-12-13 -
2018-03-07		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-29 -
2018-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://win-browser.cf/
Frame ID: (AA4A1C72CDD7674F8B5FCDB4435D105F)
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://8t6.4992dk.us16.list-manage.com/track/click?u=qzikc7d9pdb4ur73f2cnhimso&id=tcx16d36c2&e=p8j8rqg8pt&bwj2=vmqj... HTTP 302
    http://os-print.win/w/gift HTTP 302
    http://tatabiznes.net/ughxy/ HTTP 302
    http://win-browser.cf/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Page Statistics

29
Requests

21 %
HTTPS

56 %
IPv6

13
Domains

16
Subdomains

12
IPs

5
Countries

0 kB
Transfer

3996 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://8t6.4992dk.us16.list-manage.com/track/click?u=qzikc7d9pdb4ur73f2cnhimso&id=tcx16d36c2&e=p8j8rqg8pt&bwj2=vmqja67wbyg66s&h0l0=pgrg45ei65&u=7e240037a637bb3d8e76f16c7&rzv=2j8ozy3iipxvp&id=f488504d18&2jr=7pbl3u2d&y86j=v2g3g28hshe&e=f0efa9a173&ohz9=6mtowso0c3t HTTP 302
    http://os-print.win/w/gift HTTP 302
    http://tatabiznes.net/ughxy/ HTTP 302
    http://win-browser.cf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1424788670&t=pageview&_s=1&dl=http%3A%2F%2Fwin-browser.cf%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=361903437&gjid=1520509451&cid=1323088426.1514961907&tid=UA-111242598-1&_gid=832680478.1514961907&_r=1&gtm=ube&z=1261762632 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_gid=832680478.1514961907&gjid=1520509451&_v=j66&z=1261762632 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_v=j66&z=1261762632 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_v=j66&z=1261762632&slf_rd=1&random=102561395

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
win-browser.cf/
Redirect Chain
  • http://8t6.4992dk.us16.list-manage.com/track/click?u=qzikc7d9pdb4ur73f2cnhimso&id=tcx16d36c2&e=p8j8rqg8pt&bwj2=vmqja67wbyg66s&h0l0=pgrg45ei65&u=7e240037a637bb3d8e76f16c7&rzv=2j8ozy3iipxvp&id=f48850...
  • http://os-print.win/w/gift
  • http://tatabiznes.net/ughxy/
  • http://win-browser.cf/
89 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://win-browser.cf/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681c:639 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c9d8155b01413faed66b407cf5de91a743796ec4752ed6cbcfc5258c3c59f7

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
win-browser.cf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jan 2018 01:21:29 GMT
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/html
Set-Cookie
__cfduid=d366d7bdd1358876413fa772266f91a201514961907; expires=Thu, 03-Jan-19 06:45:07 GMT; path=/; domain=.win-browser.cf; HttpOnly
Connection
keep-alive
CF-RAY
3d73fe50207163a3-FRA

Redirect headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Location
http://win-browser.cf/
Set-Cookie
PHPSESSID=db68ja0gg2nlspd0kg2gujs1o0; path=/ cookieID=35522; expires=Fri, 02-Feb-2018 06:45:07 GMT; path=/
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		55 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111242598-1
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
fc6aceba0fa4fb0606bda1ca883c5fd9c6430bbbbd09bd7391ae33d19217b884
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/gtag/js?id=UA-111242598-1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagmanager.com
referer
http://win-browser.cf/
:scheme
https
:method
GET
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 03 Jan 2018 06:45:07 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
19423
x-xss-protection
1; mode=block
expires
Wed, 03 Jan 2018 06:45:07 GMT
default.css
s.filesonload.ru/assets/3.1/ 		903 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://s.filesonload.ru/assets/3.1/default.css
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
80.93.179.62 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
ee5f8a4d7e4c9ecb88781f55d418c3ced584a8917aaccb45426ba99108f8d8e1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Dec 2017 05:18:24 GMT
Server
nginx
ETag
"5a3c95a0-1fe01"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Fri, 22 Dec 2017 07:05:40 GMT
Cache-Control
max-age=3600
X-Request-Time
0.000
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
130561
X-Proxy-Cache
HIT
analytics.js
www.google-analytics.com/ 		35 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111242598-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://win-browser.cf/
:scheme
https
:method
GET
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
2992
date
Wed, 03 Jan 2018 05:55:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14597
expires
Wed, 03 Jan 2018 07:55:15 GMT
Cookie set 2d98992e507c.gif
a.radikal.ru/a18/1712/8d/ 		236 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.radikal.ru/a18/1712/8d/2d98992e507c.gif
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
81.176.238.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
radikal.ru
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
a29fcedbf4cc0ed8eca891101838c1c98669b6dd41e7fbf60bd2ebf8d1f11ae3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
a.radikal.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Mon, 25 Dec 2017 08:38:18 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
ETag
"1f68c8b65b7dd31:0"
Content-Type
image/gif
Set-Cookie
__RADVUID=9aefa5a974b911a9; expires=Mon, 03-Jan-2033 00:45:07 GMT; path=/; domain=.radikal.ru
Connection
close
Accept-Ranges
bytes
Content-Length
241931
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1424788670&t=pageview&_s=1&dl=http%3A%2F%2Fwin-browser.cf%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=3619...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_gid=832680478.1514961907&gjid=1520509451&_v=j66&z=1261762632
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_v=j66&z=1261762632
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_v=j66&z=1261762632&slf_rd=1&random=102561395
42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_v=j66&z=1261762632&slf_rd=1&random=102561395
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_v=j66&z=1261762632&slf_rd=1&random=102561395
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.de
referer
http://win-browser.cf/
:scheme
https
:method
GET
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2018 06:45:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Jan 2018 06:45:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111242598-1&cid=1323088426.1514961907&jid=361903437&_v=j66&z=1261762632&slf_rd=1&random=102561395
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
206f566a5c0c.gif
c.radikal.ru/c16/1712/8c/ 		539 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.radikal.ru/c16/1712/8c/206f566a5c0c.gif
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
81.176.238.213 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
radikal.ru
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
6efe9bf705e15affa3876e5f6ab7b92d4d0199bbdd6850281d96508727e98e2c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
c.radikal.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 10:11:48 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
ETag
"5ba07b47d7bd31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
551638
88fe36ab5eb5.gif
c.radikal.ru/c20/1712/44/ 		238 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.radikal.ru/c20/1712/44/88fe36ab5eb5.gif
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
81.176.238.213 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
radikal.ru
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
507538dbcb73cad7021313ae65476d501b5a72843c978c82ce608d47d6bd429e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
c.radikal.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 10:12:33 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
ETag
"21121762d7bd31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
243909
Cookie set 0b664360c33e.gif
a.radikal.ru/a42/1712/2e/ 		212 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a.radikal.ru/a42/1712/2e/0b664360c33e.gif
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
81.176.238.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
radikal.ru
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
05063a3dca091884ae5db5d6016b86d46bd9e069f5c76cca819b9ad95cde47f3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
a.radikal.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 10:10:23 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
ETag
"a91ab914d7bd31:0"
Content-Type
image/gif
Set-Cookie
__RADVUID=b583cdc8d5d2ded6; expires=Mon, 03-Jan-2033 00:45:07 GMT; path=/; domain=.radikal.ru
Connection
close
Accept-Ranges
bytes
Content-Length
216871
Cookie set 9558cf2ec675.gif
b.radikal.ru/b39/1712/ca/ 		297 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.radikal.ru/b39/1712/ca/9558cf2ec675.gif
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
81.176.238.212 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
radikal.ru
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
4f1243a89037499f73134b5aed45c71a3a2a30d56257b0d1376e63fb63ad4a4a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
b.radikal.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 10:13:12 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
ETag
"98476279d7bd31:0"
Content-Type
image/gif
Set-Cookie
__RADVUID=98a9fb699b894e26; expires=Mon, 03-Jan-2033 00:45:07 GMT; path=/; domain=.radikal.ru
Connection
close
Accept-Ranges
bytes
Content-Length
303861
Cookie set cb333a36c2cb.gif
a.radikal.ru/a42/1712/2d/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a.radikal.ru/a42/1712/2d/cb333a36c2cb.gif
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
81.176.238.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
radikal.ru
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
06e7bb1b1b0253144a863c0cef51944cc2197847b2b76a1d192daa0e65e56d1a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
a.radikal.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 10:22:44 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
ETag
"c9b03bcee7bd31:0"
Content-Type
image/gif
Set-Cookie
__RADVUID=713015f9af3be8fa; expires=Mon, 03-Jan-2033 00:45:07 GMT; path=/; domain=.radikal.ru
Connection
close
Accept-Ranges
bytes
Content-Length
43153
email-decode.min.js
win-browser.cf/cdn-cgi/scripts/af2821b0/cloudflare-static/ 		878 B
0 		Script
General
Check archive.org
Download Go to
Full URL
http://win-browser.cf/cdn-cgi/scripts/af2821b0/cloudflare-static/email-decode.min.js
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681c:639 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
6b7e633fbafa358db332434b8c2924acd19bff3ec6d65f9615bbee668423d44a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
win-browser.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://win-browser.cf/
Cookie
__cfduid=d366d7bdd1358876413fa772266f91a201514961907; _ga=GA1.2.1323088426.1514961907; _gid=GA1.2.832680478.1514961907; _gat_gtag_UA_111242598_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2017 16:43:46 GMT
Server
cloudflare-nginx
ETag
W/"5a3a9342-36e"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=172800 public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3d73fe53414363a3-FRA
Expires
Fri, 05 Jan 2018 06:45:07 GMT
default.js
s.filesonload.ru/assets/3.1/ 		308 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://s.filesonload.ru/assets/3.1/default.js
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
80.93.179.62 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e7b807b2ad180da197a23e0f9379a08917cb0f056c39c7d59ab39a007d617703

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Dec 2017 05:18:24 GMT
Server
nginx
ETag
"5a3c95a0-180ec"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Expires
Fri, 22 Dec 2017 07:05:40 GMT
Cache-Control
max-age=3600
X-Request-Time
0.000
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
98540
X-Proxy-Cache
HIT
style.css
win-browser.cf/css/ 		36 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://win-browser.cf/css/style.css
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681c:639 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
53dfffa8b972ef6087b239895a1083043607dd24b2f335a2dd1d53f7cce524d9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
win-browser.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://win-browser.cf/
Cookie
__cfduid=d366d7bdd1358876413fa772266f91a201514961907; _ga=GA1.2.1323088426.1514961907; _gid=GA1.2.832680478.1514961907; _gat_gtag_UA_111242598_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 03 Jan 2018 01:21:02 GMT
Server
cloudflare
ETag
"3008ce-24-561d507542e80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
3d73fe51a0d463a3-FRA
Content-Length
36
Expires
Wed, 03 Jan 2018 10:45:07 GMT
storage.min.js
win-browser.cf/js/ 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://win-browser.cf/js/storage.min.js
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681c:739 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a6b63eb657b0f56d5ac5c190a3929c0bb6da943f81712f28507f714c4bec34

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
win-browser.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://win-browser.cf/
Cookie
__cfduid=d366d7bdd1358876413fa772266f91a201514961907; _ga=GA1.2.1323088426.1514961907; _gid=GA1.2.832680478.1514961907; _gat_gtag_UA_111242598_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 03 Jan 2018 01:21:02 GMT
Server
cloudflare
ETag
W/"3008da-5cdc-561d507543650"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3d73fe53471d2678-FRA
Expires
Wed, 03 Jan 2018 10:45:07 GMT
utils.js
win-browser.cf/js/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://win-browser.cf/js/utils.js
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681c:739 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d920ddd97623764f0ac86d1c1d96109ddcd0ec77340367e90e446d88a5f029a4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
win-browser.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://win-browser.cf/
Cookie
__cfduid=d366d7bdd1358876413fa772266f91a201514961907; _ga=GA1.2.1323088426.1514961907; _gid=GA1.2.832680478.1514961907; _gat_gtag_UA_111242598_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 03 Jan 2018 01:21:02 GMT
Server
cloudflare
ETag
W/"3008d2-4e6-561d507542e80"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3d73fe53442163d3-FRA
Expires
Wed, 03 Jan 2018 10:45:07 GMT
index.js
win-browser.cf/js/ 		347 B
0 		Script
General
Check archive.org
Download Go to
Full URL
http://win-browser.cf/js/index.js
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681c:739 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55808c84874dcaf1ed950ac176a2e8d19462d7ec437ff7729d134be0a6b1e1bb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
win-browser.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://win-browser.cf/
Cookie
__cfduid=d366d7bdd1358876413fa772266f91a201514961907; _ga=GA1.2.1323088426.1514961907; _gid=GA1.2.832680478.1514961907; _gat_gtag_UA_111242598_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 03 Jan 2018 01:21:02 GMT
Server
cloudflare
ETag
W/"3008d6-15b-561d507543268"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3d73fe5341152360-FRA
Expires
Wed, 03 Jan 2018 10:45:07 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
truncated
/ 		88 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
562adef1fbe0bc0b2e473fd32a74c1af42c0ea38997c5ee57d1f5b8db0454f7a

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
DugPdSljmOTocZOR2CItOgcuEIXEaFWBWXA4NoGd_Oo.woff
fonts.gstatic.com/s/firasans/v6/ 		19 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v6/DugPdSljmOTocZOR2CItOgcuEIXEaFWBWXA4NoGd_Oo.woff
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a5fbe57aff6fe453120033a5e9a352ecf033127464d6263de2212ee6de2cbb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/firasans/v6/DugPdSljmOTocZOR2CItOgcuEIXEaFWBWXA4NoGd_Oo.woff
pragma
no-cache
origin
http://win-browser.cf
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
http://s.filesonload.ru/assets/3.1/default.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://s.filesonload.ru/assets/3.1/default.css
Origin
http://win-browser.cf

Response headers

date
Mon, 11 Dec 2017 14:27:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 May 2016 01:56:37 GMT
server
sffe
age
1959462
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
19776
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 14:27:25 GMT
T3abUOg4YgfjOby2l-QudrO3LdcAZYWl9Si6vvxL-qU.woff
fonts.gstatic.com/s/firasans/v6/ 		19 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v6/T3abUOg4YgfjOby2l-QudrO3LdcAZYWl9Si6vvxL-qU.woff
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6ad14207d2ad55f24c4d5ea04616a3afa0eda7a1d33087e9f03e3075f7480f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/firasans/v6/T3abUOg4YgfjOby2l-QudrO3LdcAZYWl9Si6vvxL-qU.woff
pragma
no-cache
origin
http://win-browser.cf
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
http://s.filesonload.ru/assets/3.1/default.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://s.filesonload.ru/assets/3.1/default.css
Origin
http://win-browser.cf

Response headers

date
Mon, 11 Dec 2017 09:34:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 May 2016 01:57:35 GMT
server
sffe
age
1977019
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
19352
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 09:34:48 GMT
fontawesome-webfont.woff2
s.platformalp.ru/fonts/ 		70 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
http://s.platformalp.ru/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
80.93.179.62 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma
no-cache
Origin
http://win-browser.cf
Accept-Encoding
gzip, deflate
Host
s.platformalp.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://s.filesonload.ru/assets/3.1/default.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://s.filesonload.ru/assets/3.1/default.css
Origin
http://win-browser.cf

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Wed, 27 Jul 2016 06:56:27 GMT
Server
nginx
ETag
"57985b1b-118d8"
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Expires
Fri, 01 Sep 2017 16:20:43 GMT
Cache-Control
max-age=3600
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
71896
X-Proxy-Cache
HIT
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d83d6ffeb54705c36524f7d189511051439579615f4599284067d19be1dfe632

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
248ecde9a0057f9758eb5cae59b0636e61f0ec88f999cb20b26522e458d4b91c

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
overlay.png
s.platformalp.ru/colorbox/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.platformalp.ru/colorbox/overlay.png
Requested by
Host: s.filesonload.ru
URL: http://s.filesonload.ru/assets/3.1/default.js
Protocol
HTTP/1.1
Server
109.234.157.251 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
ab2ef76dffeae79cf8924b6e69368c855af10f35510888e098143971b3a62ed1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.platformalp.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s.filesonload.ru/assets/3.1/default.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s.filesonload.ru/assets/3.1/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Sat, 27 Feb 2016 16:34:44 GMT
Server
nginx
ETag
"56d1d024-b6"
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Thu, 31 Aug 2017 18:38:47 GMT
Cache-Control
max-age=3600
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
182
X-Proxy-Cache
HIT
12.png
s.filesonload.ru/img/icons-round-commerce/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.filesonload.ru/img/icons-round-commerce/12.png
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
80.93.179.62 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
0922a450e7b4c17be283ac2569b4f1ef19a20c8454e4f673cf112f35b7ef79ca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Sat, 27 Feb 2016 16:37:19 GMT
Server
nginx
ETag
"56d1d0bf-4d24"
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Wed, 20 Dec 2017 18:01:26 GMT
Cache-Control
max-age=3600
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
19748
X-Proxy-Cache
HIT
265a6583ca567a811af03847f505350f.jpg
u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/ 		282 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/265a6583ca567a811af03847f505350f.jpg
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
109.234.157.251 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
bcfa62fb24e2d975a20b9d5e4d5982f160f83262f943f74a49d663125412548e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u8.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 18:45:11 GMT
Server
nginx
ETag
"5a3d52b7-469c2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Expires
Sat, 29 Dec 2018 09:46:50 GMT
Cache-Control
max-age=31536000
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
289218
X-Proxy-Cache
HIT
532474dce3e78b10368a713763ac3d71.jpg
u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/ 		53 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/532474dce3e78b10368a713763ac3d71.jpg
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
109.234.157.251 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
dbcdb136519c13db400e217e007ca6662dd9f3f88f34f1e7bbb7f3a0ca94f759

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u8.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 18:45:17 GMT
Server
nginx
ETag
"5a3d52bd-d33a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Expires
Sat, 29 Dec 2018 09:46:50 GMT
Cache-Control
max-age=31536000
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
54074
X-Proxy-Cache
HIT
97fd0f3559e385b7e249a83da5fbdc2f.jpg
u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/ 		160 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/97fd0f3559e385b7e249a83da5fbdc2f.jpg
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
109.234.157.251 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
dd1275b4a92511e980811214cc28f0db5909c72efb0fdd277d1dceb55847de02

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u8.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 18:45:23 GMT
Server
nginx
ETag
"5a3d52c3-2810f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Expires
Sat, 29 Dec 2018 09:46:50 GMT
Cache-Control
max-age=31536000
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
164111
X-Proxy-Cache
HIT
c76ebdf70ba5cb6b59f4f1b6252b1a12.gif
u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/ 		175 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/c76ebdf70ba5cb6b59f4f1b6252b1a12.gif
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
80.93.179.62 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
34d9eb24b0a6aea89e3dc638efd68b24be8f799ab478deca449942d1e1935696

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u8.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 29 Dec 2017 18:10:50 GMT
Server
nginx
ETag
"5a46852a-2bd33"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Expires
Sat, 29 Dec 2018 18:16:31 GMT
Cache-Control
max-age=31536000
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
179507
X-Proxy-Cache
HIT
3ecd823cb93283067a19621620e5eebe.png
u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u8.filesonload.ru/59b1be1f6d7f547c81bea790119f2887/3ecd823cb93283067a19621620e5eebe.png
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
80.93.179.62 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e2d313b74dd1680da5c7df014c5d20e326546dfbd473c6bdb0ae5562083cebbd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u8.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Fri, 22 Dec 2017 13:30:02 GMT
Server
nginx
ETag
"5a3d08da-4f7e"
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Sat, 29 Dec 2018 11:04:13 GMT
Cache-Control
max-age=31536000
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20350
X-Proxy-Cache
HIT
bb5a2c851c4514f11098a1a2c821e942.png
u8.filesonload.ru/63d3a6c9689d0a310bdb33ba48a9f341/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u8.filesonload.ru/63d3a6c9689d0a310bdb33ba48a9f341/bb5a2c851c4514f11098a1a2c821e942.png
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
109.234.157.251 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
014a9a93fd733f0d24ddc91496f0a19cba2f20630d8884f145769fad977f0faa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u8.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:07 GMT
Last-Modified
Sat, 24 Dec 2016 13:27:30 GMT
Server
nginx
ETag
"585e77c2-2f97"
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Thu, 20 Dec 2018 14:13:57 GMT
Cache-Control
max-age=31536000
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12183
X-Proxy-Cache
HIT
4.png
s.filesonload.ru/img/garland/ 		185 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.filesonload.ru/img/garland/4.png
Requested by
Host: win-browser.cf
URL: http://win-browser.cf/
Protocol
HTTP/1.1
Server
80.93.179.62 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
52481247f6f49b9587ba8bcaa5e33f0087a2ef64d12f36eb6c85dc79e9e4b723

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.filesonload.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://win-browser.cf/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://win-browser.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 03 Jan 2018 06:45:08 GMT
Last-Modified
Sat, 27 Feb 2016 16:37:19 GMT
Server
nginx
ETag
"56d1d0bf-2e528"
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Wed, 20 Dec 2017 13:06:15 GMT
Cache-Control
max-age=3600
X-Request-Time
0.000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
189736
X-Proxy-Cache
HIT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint function| gtag object| dataLayer object| plp number| plp_page_id number| plp_content_id string| plp_lang function| error_handler object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _trackJs function| onYouTubeIframeAPIReady object| ytp function| $ function| jQuery function| _ object| Modernizr function| WOW object| store function| sweetAlertInitialize function| swal function| sweetAlert function| Snowfall undefined| storage undefined| userData object| Storages function| rand function| arand function| array_shuffle function| randomEmail object| jQuery111009341516301824986 object| goodshare

4 Cookies

Domain/Path Name / Value
.win-browser.cf/ Name: _gat_gtag_UA_111242598_1
Value: 1
.win-browser.cf/ Name: _gid
Value: GA1.2.832680478.1514961907
.win-browser.cf/ Name: _ga
Value: GA1.2.1323088426.1514961907
.win-browser.cf/ Name: __cfduid
Value: d366d7bdd1358876413fa772266f91a201514961907

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8t6.4992dk.us16.list-manage.com
a.radikal.ru
b.radikal.ru
c.radikal.ru
fonts.gstatic.com
os-print.win
s.filesonload.ru
s.platformalp.ru
stats.g.doubleclick.net
tatabiznes.net
u8.filesonload.ru
win-browser.cf
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.108.53.172
109.234.157.251
190.115.29.238
2400:cb00:2048:1::681b:8794
2400:cb00:2048:1::681c:639
2400:cb00:2048:1::681c:739
2a00:1450:4001:81a::2003
2a00:1450:4001:821::2003
2a00:1450:4001:821::2004
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c04::9d
80.93.179.62
81.176.238.211
81.176.238.212
81.176.238.213
014a9a93fd733f0d24ddc91496f0a19cba2f20630d8884f145769fad977f0faa
05063a3dca091884ae5db5d6016b86d46bd9e069f5c76cca819b9ad95cde47f3
06e7bb1b1b0253144a863c0cef51944cc2197847b2b76a1d192daa0e65e56d1a
0922a450e7b4c17be283ac2569b4f1ef19a20c8454e4f673cf112f35b7ef79ca
248ecde9a0057f9758eb5cae59b0636e61f0ec88f999cb20b26522e458d4b91c
34d9eb24b0a6aea89e3dc638efd68b24be8f799ab478deca449942d1e1935696
4f1243a89037499f73134b5aed45c71a3a2a30d56257b0d1376e63fb63ad4a4a
507538dbcb73cad7021313ae65476d501b5a72843c978c82ce608d47d6bd429e
52481247f6f49b9587ba8bcaa5e33f0087a2ef64d12f36eb6c85dc79e9e4b723
53dfffa8b972ef6087b239895a1083043607dd24b2f335a2dd1d53f7cce524d9
55808c84874dcaf1ed950ac176a2e8d19462d7ec437ff7729d134be0a6b1e1bb
562adef1fbe0bc0b2e473fd32a74c1af42c0ea38997c5ee57d1f5b8db0454f7a
6ad14207d2ad55f24c4d5ea04616a3afa0eda7a1d33087e9f03e3075f7480f7c
6b7e633fbafa358db332434b8c2924acd19bff3ec6d65f9615bbee668423d44a
6efe9bf705e15affa3876e5f6ab7b92d4d0199bbdd6850281d96508727e98e2c
78c9d8155b01413faed66b407cf5de91a743796ec4752ed6cbcfc5258c3c59f7
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
95a6b63eb657b0f56d5ac5c190a3929c0bb6da943f81712f28507f714c4bec34
a29fcedbf4cc0ed8eca891101838c1c98669b6dd41e7fbf60bd2ebf8d1f11ae3
a5fbe57aff6fe453120033a5e9a352ecf033127464d6263de2212ee6de2cbb36
ab2ef76dffeae79cf8924b6e69368c855af10f35510888e098143971b3a62ed1
bcfa62fb24e2d975a20b9d5e4d5982f160f83262f943f74a49d663125412548e
d83d6ffeb54705c36524f7d189511051439579615f4599284067d19be1dfe632
d920ddd97623764f0ac86d1c1d96109ddcd0ec77340367e90e446d88a5f029a4
dbcdb136519c13db400e217e007ca6662dd9f3f88f34f1e7bbb7f3a0ca94f759
dd1275b4a92511e980811214cc28f0db5909c72efb0fdd277d1dceb55847de02
e2d313b74dd1680da5c7df014c5d20e326546dfbd473c6bdb0ae5562083cebbd
e7b807b2ad180da197a23e0f9379a08917cb0f056c39c7d59ab39a007d617703
ee5f8a4d7e4c9ecb88781f55d418c3ced584a8917aaccb45426ba99108f8d8e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fc6aceba0fa4fb0606bda1ca883c5fd9c6430bbbbd09bd7391ae33d19217b884