urlscan.io logo urlscan.io
SecurityTrails logo

root-site.ru Open in urlscan Pro
2606:4700:3034::6815:5796  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hnelectric.vn/*#%20%2068747470733a2f2f73756d6d65722e636f6d2e74772f6469722f3030382f61474675655335745957686b6555...
Effective URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Submission: On April 13 via manual from AE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 14 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3034::6815:5796, located in United States and belongs to CLOUDFLARENET, US. The main domain is root-site.ru.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time root-site.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2 172.104.105.37 63949 (LINODE-AP...)
1 1 103.118.24.39 131626 (NSS-GROUP...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
7 185.14.58.212 202054 (S4N-AS)
2 2404:6800:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 20.190.141.33 8075 (MICROSOFT...)
16 2620:1ec:bdf::46 8068 (MICROSOFT...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
38 11
2    172.104.105.37 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-37.members.linode.com
hnelectric.vn
1    103.118.24.39 (Taiwan)

ASN131626 (NSS-GROUP-AS-TW NSS INTL CO., LTD., TW)
PTR: px6.coowo.com
summer.com.tw
3    2606:4700:3034::6815:5796 (United States)

ASN13335 (CLOUDFLARENET, US)
root-site.ru
7    185.14.58.212 (Spain)

ASN202054 (S4N-AS, ES)
PTR: vm341.dnspropio.com
bitronic.es
2    2404:6800:4004:826::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    20.190.141.33 (Osaka, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
16    2620:1ec:bdf::46 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
2    2606:4700:3031::ac43:9f0f (United States)

ASN13335 (CLOUDFLARENET, US)
api.statvoo.com
api-images.statvoo.com
1    2404:6800:4004:81f::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:81d::2004 (Australia)

ASN15169 (GOOGLE, US)
t0.gstatic.com
Apex Domain
Subdomains		 Transfer
16 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1420
255 KB
7 bitronic.es
bitronic.es
383 KB
3 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2388
53 KB
3 root-site.ru
root-site.ru
8 KB
2 statvoo.com
api.statvoo.com
api-images.statvoo.com
959 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 282
63 KB
2 hnelectric.vn
hnelectric.vn
1 KB
1 gstatic.com
t0.gstatic.com
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 4
377 B
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 26
131 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 647
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
28 KB
1 summer.com.tw
summer.com.tw
539 B
0 ibb.co Failed
i.ibb.co Failed
38 14
Domain Requested by
16 aadcdn.msauth.net login.microsoftonline.com
7 bitronic.es root-site.ru
3 stackpath.bootstrapcdn.com root-site.ru
3 root-site.ru hnelectric.vn
root-site.ru
2 ajax.googleapis.com root-site.ru
2 hnelectric.vn 1 redirects
1 t0.gstatic.com root-site.ru
1 www.google.com 1 redirects
1 api-images.statvoo.com 1 redirects
1 api.statvoo.com 1 redirects
1 login.microsoftonline.com root-site.ru
1 code.jquery.com root-site.ru
1 cdnjs.cloudflare.com root-site.ru
1 summer.com.tw 1 redirects
0 i.ibb.co Failed root-site.ru
38 15

This site contains no links.

Subject Issuer Validity Valid
hnelectric.vn
GoGetSSL RSA DV CA		 2022-02-12 -
2023-02-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
www.bitronic.es
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-01-10 -
2023-01-10		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2022-02-22 -
2023-02-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Frame ID: 28F6F59779F6145E03ABB9BF7F2AF771
Requests: 22 HTTP requests in this frame

Frame: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Frame ID: B14653B108B6BBB8FD502FE7AB84E257
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in

Page URL History Show full URLs

  1. https://hnelectric.vn/* HTTP 301
    https://hnelectric.vn/*/ Page URL
  2. https://summer.com.tw/dir/008/aGFueS5tYWhkeUBkaWIuYWU= HTTP 302
    https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

92 %
HTTPS

69 %
IPv6

14
Domains

15
Subdomains

11
IPs

6
Countries

955 kB
Transfer

2018 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hnelectric.vn/* HTTP 301
    https://hnelectric.vn/*/ Page URL
  2. https://summer.com.tw/dir/008/aGFueS5tYWhkeUBkaWIuYWU= HTTP 302
    https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://hnelectric.vn/* HTTP 301
  • https://hnelectric.vn/*/
Request Chain 30
  • https://api.statvoo.com/favicon/?url=dib.ae HTTP 302
  • https://api-images.statvoo.com/favicon/?domain=dib.ae HTTP 302
  • https://www.google.com/s2/favicons?sz=64&domain_url=dib.ae HTTP 301
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dib.ae&size=64

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hnelectric.vn/*/
Redirect Chain
  • https://hnelectric.vn/*
  • https://hnelectric.vn/*/
851 B
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hnelectric.vn/*/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.105.37 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1715-37.members.linode.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Apr 2022 11:59:31 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 13 Apr 2022 11:59:31 GMT
Location
https://hnelectric.vn/*/
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Primary Request sm97867656544545437767665545353s.html
root-site.ru/app/Listeners/
Redirect Chain
  • https://summer.com.tw/dir/008/aGFueS5tYWhkeUBkaWIuYWU=
  • https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Requested by
Host: hnelectric.vn
URL: https://hnelectric.vn/*/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5796 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961a95f97c07eb81061fd5160d25e6d8fe3085ee912128d878a950b4af08212d

Request headers

Referer
https://hnelectric.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fb40b6fa8418093-NRT
content-encoding
br
content-type
text/html
date
Wed, 13 Apr 2022 12:01:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 13 Apr 2022 09:57:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=da95xsEtE6We3t6TAZWhYVw%2Fm9%2BYxu9%2FDmI7JZrdF71L4N3ckseNuMSAAWYvcwe1IQ5%2FTQEWK21YqxnmjZfx5k3Wpi05DoOUHa6WmeRoKwUyNZcivCAaUxFwa3R0OroOVUykM8%2FlwXQJKoc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Apr 2022 12:00:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html#aGFueS5tYWhkeUBkaWIuYWU=
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.2.34 PleskLin
bootstrap.min.css
bitronic.es/wp-content/plugins/timer/008/ 		152 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitronic.es/wp-content/plugins/timer/008/bootstrap.min.css
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.58.212 , Spain, ASN202054 (S4N-AS, ES),
Reverse DNS
vm341.dnspropio.com
Software
nginx / PleskLin
Resource Hash
6861bf5d44797332a7fd57c5a0d5e868b02db67de9585a87dac2d8680f95d42c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:04 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 21:49:35 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f1c1ef-2606e"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
all.css
bitronic.es/wp-content/plugins/timer/008/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitronic.es/wp-content/plugins/timer/008/all.css
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.58.212 , Spain, ASN202054 (S4N-AS, ES),
Reverse DNS
vm341.dnspropio.com
Software
nginx / PleskLin
Resource Hash
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:04 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 21:49:35 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f1c1ef-d1ed"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
99.js
bitronic.es//wp-includes/ID3/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitronic.es//wp-includes/ID3/99.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.58.212 , Spain, ASN202054 (S4N-AS, ES),
Reverse DNS
vm341.dnspropio.com
Software
nginx / PleskLin
Resource Hash
c08d26c073bbebf518136b520b2646b04568fe2cd46183294cdf8efd84b0726f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:04 GMT
content-encoding
br
last-modified
Sun, 03 Apr 2022 15:02:08 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6249b6f0-2b61"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
max
root-site.ru/app/Listeners/ 		986 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://root-site.ru/app/Listeners/max
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5796 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuAZjLO1ujUPJeq3AwxlzT6fYkWMsuM6ad7Cm1m%2FNHQ%2B9qWjVd2UA0rPlfrQqcCei%2F9QbW8yADNnkay7uRl2Fwrb5sbclDpIe%2B6M4GQ4fP1Qga4R4WQLWn04pYNi9wRnhN1qhIdSB8st%2F5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
6fb40b77df9c8093-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
bitronic.es/wp-content/plugins/timer/008/ 		513 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitronic.es/wp-content/plugins/timer/008/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.58.212 , Spain, ASN202054 (S4N-AS, ES),
Reverse DNS
vm341.dnspropio.com
Software
nginx / PleskLin
Resource Hash
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:04 GMT
etag
"201-5d6832d7a3c34"
last-modified
Wed, 26 Jan 2022 21:49:35 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/svg+xml
x-accel-version
0.01
accept-ranges
bytes
content-length
513
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 08:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Apr 2023 08:41:53 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
27162557
cdn-cachedat
2021-06-02 21:48:42
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bf81630bcec2ab684b668c47cd26e7ed
cf-ray
6fb40b77f8482083-NRT
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
27162557
cdn-cachedat
2021-06-02 21:40:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
4c6a6a3c03ddcce7669ac8df5d985fc5
cf-ray
6fb40b77f8492083-NRT
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24745740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
cf-request-id
0b016f74b1000033f614b9c000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhKFZ5phLzmip89UcBeTTxAZhjqtPcy0CeNkUchOAYkb0LkMroWBe%2FOAOqGhCs8xxLFOZGvZVNcTQHC2FVg24AXVMuvD4O69kEoefH6MgToy2AxPpRs9pH3LuFLJNlzZ%2FbCxwvA69uKQxvQtif0gNpQG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fb40b77eb923469-NRT
expires
Mon, 03 Apr 2023 12:01:02 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 13:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Apr 2023 13:01:11 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
718, 718
age
27162554
cdn-cachedat
2021-06-02 21:38:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
54e664b5789a71e4c1e436717197d299
cf-ray
6fb40b77f84a2083-NRT
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jquery.session.min.js
bitronic.es/wp-content/plugins/timer/008/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bitronic.es/wp-content/plugins/timer/008/jquery.session.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.58.212 , Spain, ASN202054 (S4N-AS, ES),
Reverse DNS
vm341.dnspropio.com
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:03 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1649851263.dop209.pa1.t,1649851263.cds223.pa1.hn,1649851263.cds033.pa1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
08.js
bitronic.es//wp-includes/ID3/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitronic.es//wp-includes/ID3/08.js
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.58.212 , Spain, ASN202054 (S4N-AS, ES),
Reverse DNS
vm341.dnspropio.com
Software
nginx / PleskLin
Resource Hash
411f6c62035a290bcdd1df9401f080816c9d62064c53c8d1e98f111bfe90ad4f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:04 GMT
content-encoding
br
last-modified
Sat, 29 Jan 2022 23:52:40 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f5d348-248c"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
logout.srf
login.microsoftonline.com/ Frame B146 		464 KB
131 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.141.33 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e125dd381aae4b690833767b2a6011635e86aac9aef49692a849aa31ab8006d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://root-site.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
131491
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Apr 2022 12:01:02 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+osa"}]}
x-ms-ests-server
2.1.12570.16 - SEASLR1 ProdSlices
x-ms-request-id
ef0917d6-56b3-4c05-b5a6-eb5580645501
truncated
/ Frame B146 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-md5
5YqvyYBhSpzXeWvqe16o8A==
x-cache
TCP_HIT
content-length
987
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D76DB14
x-azure-ref
0f7tWYgAAAACpf/tEl33BSr7UacUkKctPVFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
01cfd031-b01e-002c-56ee-4e5259000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-md5
eRaolOvefSnCzCmyZ/Epnw==
x-cache
TCP_HIT
content-length
17453
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D775055
x-azure-ref
0f7tWYgAAAACYGoJIR4XtQ7GxmfKLE1q6VFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
afdfd05c-f01e-007c-62b3-4e316a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo.png
aadcdn.msauth.net/ests/2.1/content/images/ Frame B146 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-md5
7ZyesNzhfXUr7eprWs2m2Q==
x-cache
TCP_HIT
content-length
1057
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6410154FDA7D4
x-azure-ref
0f7tWYgAAAACpn4jZrAd4RoEFIIw8Q+U0VFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4a3c3756-401e-002b-22d8-4e8357000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-md5
GWPGsZJrdzmG9T+ETOTDLg==
x-cache
TCP_HIT
content-length
1487
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B837521207F
x-azure-ref
0f7tWYgAAAADZ36DEQf8QRZenx95b6SQUVFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6a510494-f01e-0038-6715-4f4e73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-md5
D3K1lQYA8k5/mmBLGG85RQ==
x-cache
TCP_HIT
content-length
1335
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373FBB9F9
x-azure-ref
0f7tWYgAAAABGbi7/i0WNR5h+9Ysi85otVFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4233b316-e01e-0031-51a6-4e3d60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-encoding
gzip
content-md5
gQeGSiXz86BaUj7ZBvfbVQ==
x-cache
TCP_HIT
content-length
19946
x-ms-lease-status
unlocked
last-modified
Wed, 15 Dec 2021 19:03:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9BFFD86C8E13C
x-azure-ref
0f7tWYgAAAAALhWgHA3m9SJSZSFEtwSiqVFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
191ba424-501e-0076-4bac-4e3f7f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 		0
40 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-encoding
gzip
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
x-cache
TCP_HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:12:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DA1D70FBDD97
x-azure-ref
0f7tWYgAAAAAnzPPyClTrTqt5ehoqKQFgVFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9242e494-c01e-0023-0422-4fdb46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
aad.login.min_ktc4wemsewhydsbdjhhsja2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 		0
44 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_ktc4wemsewhydsbdjhhsja2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:03 GMT
content-encoding
gzip
content-md5
IqYyUQLOcBKFAP3MWXO6ng==
x-cache
TCP_HIT
content-length
44753
x-ms-lease-status
unlocked
last-modified
Wed, 01 Sep 2021 19:08:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D96D7BDA203F38
x-azure-ref
0f7tWYgAAAABtNlz9SDmLQpgyO2ggAvPeVFlPMDFFREdFMjMxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9d7c5159-c01e-004b-5da2-4ec175000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
oppo
root-site.ru/app/Listeners/ 		986 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://root-site.ru/app/Listeners/oppo
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5796 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdgmdsi1PxHdc%2FeTGzgWt9yyZfShfDmpLtzMROhm%2Bp%2Fh5cZYj%2BiL9JjeOceCvOe25px1ztsBz3aFnQQcFcK2AAdZ62nnsfo7gxEjnW3XeUzgo29klyW7K6sF6GHF3tTTP9ekAPo5msJDtzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
6fb40b82ef0d1eb8-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
image.jpg
root-site.ru/app/Listeners/ 		0
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9abab0b217d4a65f16b3a0ecc5b0dd87595ef96fda07c4746f0dc5e52785060d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/jpeg
0.png
bitronic.es/wp-content/plugins/timer/008/ 		347 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitronic.es/wp-content/plugins/timer/008/0.png
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.58.212 , Spain, ASN202054 (S4N-AS, ES),
Reverse DNS
vm341.dnspropio.com
Software
nginx / PleskLin
Resource Hash
923f659e6f6b5fa356565d62014b14ff8838d1cd9312125f84f51ea51640d9d0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:04 GMT
last-modified
Wed, 26 Jan 2022 21:49:35 GMT
server
nginx
x-powered-by
PleskLin
etag
"61f1c1ef-56cca"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
355530
off.png
i.ibb.co/XJ3Zqnc/ 		0
0
faviconV2
t0.gstatic.com/
Redirect Chain
  • https://api.statvoo.com/favicon/?url=dib.ae
  • https://api-images.statvoo.com/favicon/?domain=dib.ae
  • https://www.google.com/s2/favicons?sz=64&domain_url=dib.ae
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dib.ae&size=64
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dib.ae&size=64
Requested by
Host: root-site.ru
URL: https://root-site.ru/app/Listeners/sm97867656544545437767665545353s.html
Protocol
H2
Server
2404:6800:4004:81d::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85c829a1eec91c04856baa11cc39d140fab6074b057367fd15a8cdb95846fa8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://root-site.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 12:01:06 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2790
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.dib.ae/Assets/images/favicon.ico
expires
Wed, 20 Apr 2022 12:01:06 GMT

Redirect headers

date
Wed, 13 Apr 2022 12:01:06 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dib.ae&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Wed, 13 Apr 2022 12:31:06 GMT
2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 		987 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
x-azure-ref-originshield
08PhKYgAAAAASLTUagJPkS4oOSI2OW8jZVFlPMDFFREdFMjQxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
5YqvyYBhSpzXeWvqe16o8A==
x-cache
TCP_HIT
content-length
987
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D76DB14
x-azure-ref
0hLtWYgAAAABIRgA8lI71TaLZwsPCr7nWVFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
33cbd92f-f01e-0038-06d7-474e73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_7916a894ebde7d29c2cc29b267f1299f.jpg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ Frame B146 		17 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
x-azure-ref-originshield
0gYlWYgAAAAABxvSwyv3zT5IrvOEQE90NVFlPMDFFREdFMjQyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
eRaolOvefSnCzCmyZ/Epnw==
x-cache
TCP_HIT
content-length
17453
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D775055
x-azure-ref
0hLtWYgAAAAD/JYSAEcjcS51FZgblsEiEVFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
6ad66904-401e-003b-1ab6-4e3375000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo.png
aadcdn.msauth.net/ests/2.1/content/images/ Frame B146 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
x-azure-ref-originshield
0u8dTYgAAAABH7UW6dQ/gRoJ89bH6hzYCVFlPMDFFREdFMjMwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
7ZyesNzhfXUr7eprWs2m2Q==
x-cache
TCP_HIT
content-length
1057
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6410154FDA7D4
x-azure-ref
0hLtWYgAAAABa4Iphp/VGSoG2bBqw4DQtVFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3294831a-901e-0012-616b-4dd155000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
work_account_1963c6b1926b773986f53f844ce4c32e.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
x-azure-ref-originshield
0ogBVYgAAAACuAD2DVJwoQJByfehxrQZMVFlPMDFFREdFMjMxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
GWPGsZJrdzmG9T+ETOTDLg==
x-cache
TCP_HIT
content-length
1487
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B837521207F
x-azure-ref
0hLtWYgAAAAD9tvcv7XnwTIXdZZykTtVnVFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
87df2168-701e-001c-2450-4d7348000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
personal_account_0f72b5950600f24e7f9a604b186f3945.png
aadcdn.msauth.net/shared/1.0/content/images/ Frame B146 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b874f4ccfac9ff5264f1f7c29c4c016fde7e4e032512bac1bb43d145a44ea40

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
x-azure-ref-originshield
0J4NWYgAAAABAhBuDfKJLSIpls26JUlScVFlPMDFFREdFMjQxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
D3K1lQYA8k5/mmBLGG85RQ==
x-cache
TCP_HIT
content-length
1335
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373FBB9F9
x-azure-ref
0hLtWYgAAAACXonBV/uqrQZ82z6XIcYJsVFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
fc72110a-d01e-002a-570c-4fa855000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 		108 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b110c35df6ba7923eb2b80869f047fe3102e2f41ddc767627cb977f44e2ae75

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
content-encoding
gzip
x-azure-ref-originshield
0MaNKYgAAAAAsimV6NemkTrClNICRNjAIVFlPMDFFREdFMjQwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
gQeGSiXz86BaUj7ZBvfbVQ==
x-cache
TCP_HIT
content-length
19946
x-ms-lease-status
unlocked
last-modified
Wed, 15 Dec 2021 19:03:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9BFFD86C8E13C
x-azure-ref
0hLtWYgAAAAB8Q4fTop9sTo2Hm9Wc6lN0VFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7bd0cbe0-201e-0011-2d9c-45ac53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 		117 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
content-encoding
gzip
x-azure-ref-originshield
0hlxKYgAAAACTNwlu8c7bRK0VBCaL8PdzVFlPMDFFREdFMjMxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
x-cache
TCP_HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:12:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DA1D70FBDD97
x-azure-ref
0hLtWYgAAAAAwhhSs2izNSaTbMcf6tmD0VFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4586ff3d-d01e-0052-44ce-470244000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
aad.login.min_ktc4wemsewhydsbdjhhsja2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ Frame B146 		178 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/aad.login.min_ktc4wemsewhydsbdjhhsja2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e71767cbe60f5a22ad67720e2a06f279ab9d80afa3bf9d546d13bead3a83650e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Apr 2022 12:01:07 GMT
content-encoding
gzip
x-azure-ref-originshield
0eA9TYgAAAABjjYhhG7QgRo8OS6Qv2SQeVFlPMDFFREdFMjMxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5
IqYyUQLOcBKFAP3MWXO6ng==
x-cache
TCP_HIT
content-length
44753
x-ms-lease-status
unlocked
last-modified
Wed, 01 Sep 2021 19:08:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D96D7BDA203F38
x-azure-ref
0hLtWYgAAAAANPfCoun1PTYSdK5RHS3eCVFlPMDFFREdFMjUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bca7fc93-f01e-0038-60aa-4c4e73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
root-site.ru
URL
https://root-site.ru/app/Listeners/image.jpg
Domain
i.ibb.co
URL
https://i.ibb.co/XJ3Zqnc/off.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| bootstrap object| jQuery112409904939590127564 string| ear string| pop string| urp string| man string| earth string| uri string| key string| bml object| max function| closeBox function| redirectCU function| redirectKK string| email object| PASS object| PASSX object| PASSY object| displayName object| Tombol1 object| Tombol3

15 Cookies

Domain/Path Name / Value
summer.com.tw/ Name: PHPSESSID
Value: r6tfh390e56i6ii8fso3k2efif
.login.microsoftonline.com/ Name: SignInStateCookie
Value: CAgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P8GgfM5UD_9pVtat_-4Hf5Ts2wesrBDT3d1wvxBiQoy1R_1dN0WBNJvI74KHLzKuvppQQwJN5gJCQ
login.microsoftonline.com/ Name: ESTSSSOTILES
Value: 1
login.microsoftonline.com/ Name: AADSSOTILES
Value: 1
.login.microsoftonline.com/ Name: ESTSAUTHPERSISTENT
Value: AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P97wBkFhMob3OmkUxZ13-1jLHn4B7WtAhXKz_Hnr0P5lEQprUS8rJt8H24vWIQnbK3bbhx9IO8CXg
.login.microsoftonline.com/ Name: ESTSAUTH
Value: AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-88v5qMBQLTlu2I5azEKOU_Q8mwHYjkWkjgyYcPXBCSC6MUJ74X2V8FEwBWekVvaTajJ73E8poyQ
login.microsoftonline.com/ Name: ESTSAUTHLIGHT
Value: +
.login.microsoftonline.com/ Name: ch
Value: xuKhKNAZs3f9aKvsK585kpt3o3hrsT-z-tA5_dM3l68
login.microsoftonline.com/ Name: ESTSSC
Value: 00
login.microsoftonline.com/ Name: buid
Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrMxN1Npgivf7liexHofLw9Kq6MEh3Mw0GC4bHxM-WDv2G5TSttzZbgh04G4_GtJyuR9-SzHX03pQX4rRA0a0ZnnR8hVft9okZ8uCLKzK9390gAA
login.microsoftonline.com/ Name: fpc
Value: Akx1TOi4TVJOn95yHN4jqAI
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrkXf21Eg2V_Uy3CQqKqEPFEWFQROt49hKRz7lY441ZxXmn1EDgLH1KR6TV1FGHUgyOC_Tqry5o2Jv_zW8krmLu6iYAVT1cMAJ_EGOTD2pfyYvX_wMFX4yxAqffSjx428Wttsacp_UbxbL_BTNde5PwkfWryMFfgyyqNpi-C2q42YgAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: clrc
Value: {%2219096%22%3a[%22EMpsNPTF%22%2c%22kcWZ4OQW%22%2c%22yZSSS9v8%22%2c%22Wjn1sBrL%22%2c%22yuxjVS3Y%22%2c%22EaDIOExo%22%2c%22lNl2d2sZ%22%2c%22qLLY5Mo7%22]}

1 Console Messages

Source Level URL
Text
network error URL: https://bitronic.es/wp-content/plugins/timer/008/jquery.session.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
ajax.googleapis.com
api-images.statvoo.com
api.statvoo.com
bitronic.es
cdnjs.cloudflare.com
code.jquery.com
hnelectric.vn
i.ibb.co
login.microsoftonline.com
root-site.ru
stackpath.bootstrapcdn.com
summer.com.tw
t0.gstatic.com
www.google.com
i.ibb.co
root-site.ru
103.118.24.39
172.104.105.37
185.14.58.212
20.190.141.33
2001:4de0:ac18::1:a:2b
2404:6800:4004:81d::2004
2404:6800:4004:81f::2004
2404:6800:4004:826::200a
2606:4700:3031::ac43:9f0f
2606:4700:3034::6815:5796
2606:4700::6811:190e
2606:4700::6812:acf
2620:1ec:bdf::46
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b110c35df6ba7923eb2b80869f047fe3102e2f41ddc767627cb977f44e2ae75
0b874f4ccfac9ff5264f1f7c29c4c016fde7e4e032512bac1bb43d145a44ea40
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
411f6c62035a290bcdd1df9401f080816c9d62064c53c8d1e98f111bfe90ad4f
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6861bf5d44797332a7fd57c5a0d5e868b02db67de9585a87dac2d8680f95d42c
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
85c829a1eec91c04856baa11cc39d140fab6074b057367fd15a8cdb95846fa8a
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
923f659e6f6b5fa356565d62014b14ff8838d1cd9312125f84f51ea51640d9d0
961a95f97c07eb81061fd5160d25e6d8fe3085ee912128d878a950b4af08212d
9abab0b217d4a65f16b3a0ecc5b0dd87595ef96fda07c4746f0dc5e52785060d
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e
c08d26c073bbebf518136b520b2646b04568fe2cd46183294cdf8efd84b0726f
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e125dd381aae4b690833767b2a6011635e86aac9aef49692a849aa31ab8006d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71767cbe60f5a22ad67720e2a06f279ab9d80afa3bf9d546d13bead3a83650e
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c