urlscan.io logo urlscan.io
SecurityTrails logo

wit2a.kulichki.com Open in urlscan Pro
95.211.224.153  Public Scan

Go To Rescan Add Verdict Report
URL: http://wit2a.kulichki.com/
Submission Tags: ku lich ki ru sub l4ing Search All
Submission: On February 13 via manual from UA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 14 domains to perform 36 HTTP transactions. The main IP is 95.211.224.153, located in Huizen, Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is wit2a.kulichki.com.
This is the only time wit2a.kulichki.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 95.211.224.153 60781 (LEASEWEB-...)
1 1 81.19.89.16 24638 (RAMBLER-T...)
1 81.19.89.17 24638 (RAMBLER-T...)
7 209.190.165.162 17054 (AS17054)
1 2 209.190.163.46 17054 (AS17054)
1 2 2a02:6b8:a::a 208722 (GLOBAL_DC)
2 18.208.5.78 14618 (AMAZON-AES)
4 95.211.224.157 60781 (LEASEWEB-...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 95.163.52.67 47764 (VK-AS)
2 2 195.209.108.35 52007 (ADRIVER-AS)
2 4 195.209.108.51 52007 (ADRIVER-AS)
1 2 62.122.170.171 50245 (SERVEREL-AS)
36 12
10    95.211.224.153 (Huizen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: anet2.kulichki.com
wit2a.kulichki.com
www.kulichki.com
1    81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
counter.rambler.ru
1    81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
counter.rambler.ru
7    209.190.165.162 (Cranston, United States)

ASN17054 (AS17054, US)
PTR: pushline.com
phonecards.kulichki.com
www.pushline.com
2    209.190.163.46 (Cranston, United States)

ASN17054 (AS17054, US)
www.russianamerica.com
2    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
www.yandex.ru
2    18.208.5.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-5-78.compute-1.amazonaws.com
extreme-dm.com
4    95.211.224.157 (Huizen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: l2.kulichki.com
rotabanner.kulichki.com
rotabanner.kulichki.net
4    2606:4700:3036::6815:2ebf (United States)

ASN13335 (CLOUDFLARENET, US)
mg.marketgid.com
3    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top.list.ru
top-fwz1.mail.ru
2    195.209.108.35 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
4    195.209.108.51 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
2    62.122.170.171 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 62.122.170.171.serverel.net
www.business.lbn.ru
Apex Domain
Subdomains		 Transfer
14 kulichki.com
wit2a.kulichki.com
phonecards.kulichki.com
www.kulichki.com
rotabanner.kulichki.com
79 KB
6 adriver.ru
ad.adriver.ru — Cisco Umbrella Rank: 14022
2 KB
6 pushline.com
www.pushline.com
2 KB
4 marketgid.com
mg.marketgid.com
3 KB
2 lbn.ru
www.business.lbn.ru
238 B
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 5782
2 KB
2 extreme-dm.com
extreme-dm.com — Cisco Umbrella Rank: 104304
1 KB
2 yandex.ru
www.yandex.ru — Cisco Umbrella Rank: 35346
4 KB
2 russianamerica.com
www.russianamerica.com
6 KB
2 rambler.ru
counter.rambler.ru — Cisco Umbrella Rank: 81569
1 KB
1 list.ru
top.list.ru — Cisco Umbrella Rank: 364275
949 B
1 kulichki.net
rotabanner.kulichki.net
412 B
0 newsxxl.ru Failed
www.newsxxl.ru Failed
0 spylog.com Failed
u1136.39.spylog.com Failed
36 14
Domain Requested by
9 wit2a.kulichki.com wit2a.kulichki.com
6 ad.adriver.ru 4 redirects wit2a.kulichki.com
6 www.pushline.com wit2a.kulichki.com
4 mg.marketgid.com wit2a.kulichki.com
rotabanner.kulichki.net
rotabanner.kulichki.com
3 rotabanner.kulichki.com wit2a.kulichki.com
rotabanner.kulichki.com
2 www.business.lbn.ru 1 redirects wit2a.kulichki.com
2 top-fwz1.mail.ru 1 redirects wit2a.kulichki.com
2 extreme-dm.com wit2a.kulichki.com
2 www.yandex.ru 1 redirects wit2a.kulichki.com
2 www.russianamerica.com 1 redirects wit2a.kulichki.com
2 counter.rambler.ru 1 redirects wit2a.kulichki.com
1 top.list.ru 1 redirects
1 rotabanner.kulichki.net wit2a.kulichki.com
1 www.kulichki.com wit2a.kulichki.com
1 phonecards.kulichki.com wit2a.kulichki.com
0 www.newsxxl.ru Failed wit2a.kulichki.com
0 u1136.39.spylog.com Failed wit2a.kulichki.com
36 17
Subject Issuer Validity Valid
pushline.com
R3		 2022-12-24 -
2023-03-24		 3 months crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-05 -
2023-04-05		 a year crt.sh

This page contains 11 frames:

Primary Page: http://wit2a.kulichki.com/
Frame ID: 37CC0B5A9C53EA06E4D30E31CC20DFD3
Requests: 25 HTTP requests in this frame

Frame: http://rotabanner.kulichki.com/cgi-bin/iframe/kulichki_234_1?31246
Frame ID: 5801FA6F073DD7EDBAEDABCF9BAB5282
Requests: 2 HTTP requests in this frame

Frame: http://rotabanner.kulichki.net/cgi-bin/iframe/kulichki_top?37980
Frame ID: 3CC51C32E38DA4D01E473CC9ABD0C1EF
Requests: 1 HTTP requests in this frame

Frame: http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657038.html
Frame ID: 76E89DE632031E4F1C6890A5E5A418F4
Requests: 1 HTTP requests in this frame

Frame: http://rotabanner.kulichki.com/cgi-bin/iframe/kulichki_middle?52815
Frame ID: 70252B23BAA81270D7470D7BAEC06F41
Requests: 1 HTTP requests in this frame

Frame: http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657039.html
Frame ID: 829219079CA5E2DDBD5FDC4660057503
Requests: 1 HTTP requests in this frame

Frame: http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657039.html
Frame ID: 2E357DC2BADC2BBCD6462CBD6B5A4798
Requests: 1 HTTP requests in this frame

Frame: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850&tuid=-5356418468
Frame ID: F45D089711E184098D24369E33F47086
Requests: 1 HTTP requests in this frame

Frame: http://www.business.lbn.ru/
Frame ID: A71CCFDCC50F32571C41FB68D645590E
Requests: 1 HTTP requests in this frame

Frame: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277&tuid=-4842468315
Frame ID: 7EBEFA4DC39C656583B4799797535D65
Requests: 1 HTTP requests in this frame

Frame: http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657038.html
Frame ID: 262A5D69CBAF4737C661AE69F65415E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Чертовы Кулички : информационно-развлекательный портал

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Page Statistics

36
Requests

22 %
HTTPS

15 %
IPv6

14
Domains

17
Subdomains

12
IPs

3
Countries

96 kB
Transfer

86 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://counter.rambler.ru/top100.cnt?181960 HTTP 307
  • https://counter.rambler.ru/top100.cnt?181960
Request Chain 8
  • http://www.russianamerica.com/top/logo/index.php?id=1060 HTTP 302
  • http://www.russianamerica.com/images/banner/top_ani.gif
Request Chain 9
  • http://www.yandex.ru/cycounter?www.kulichki.com HTTP 302
  • https://www.yandex.ru/cycounter?www.kulichki.com
Request Chain 25
  • http://top.list.ru/counter?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24 HTTP 302
  • https://top-fwz1.mail.ru/counter?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24;ver=20 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24;ver=20
Request Chain 31
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850 HTTP 301
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850 HTTP 302
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850&tuid=-5356418468
Request Chain 32
  • http://www.business.lbn.ru/cgi-bin/iframe/old-kulichki?84775&options=F%27 HTTP 302
  • http://www.business.lbn.ru/
Request Chain 33
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277 HTTP 301
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277 HTTP 302
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277&tuid=-4842468315

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wit2a.kulichki.com/ 		27 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
655d83f67307cedc4522a5a86c6c0e6cd3b59c6d3e5fea004f738c1ac8dc7727

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
27148
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Tue, 14 Dec 2021 18:31:26 GMT
Server
nginx/1.0.10
style.css
wit2a.kulichki.com/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wit2a.kulichki.com/style.css
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
da58bf4969599dd1f69a879833932c9655d33f70d20930018db633ef68f6254f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Mon, 20 Jul 2020 07:38:58 GMT
Server
nginx/1.0.10
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2027
Expires
Wed, 15 Mar 2023 13:12:25 GMT
top100.cnt
counter.rambler.ru/
Redirect Chain
  • http://counter.rambler.ru/top100.cnt?181960
  • https://counter.rambler.ru/top100.cnt?181960
43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.rambler.ru/top100.cnt?181960
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 13:12:28 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
x-srv
1kraken-prod0002.ad.rambler.tech
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif, image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Mon, 13 Feb 2023 13:12:28 GMT
Server
nginx/1.19.4
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
https://counter.rambler.ru/top100.cnt?181960
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
171
frontnew4.jpg
wit2a.kulichki.com/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wit2a.kulichki.com/images/frontnew4.jpg
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
527ad8e42c629b6f22875086a6ee16135ac8a905e206e4c292f42919798a2b2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Mon, 20 Jul 2020 07:38:54 GMT
Server
nginx/1.0.10
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17804
Expires
Wed, 15 Mar 2023 13:12:25 GMT
knop_LL.jpg
wit2a.kulichki.com/stolitsa/knopki/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wit2a.kulichki.com/stolitsa/knopki/knop_LL.jpg
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
95a2d3beec0d4dcb347222a66bb0bfebb21fffa8e5a4b2798b67bef3901c1e96

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Tue, 14 Dec 2021 18:31:21 GMT
Server
nginx/1.0.10
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1480
Expires
Wed, 15 Mar 2023 13:12:25 GMT
i-ru,ua,by,md,il,us
phonecards.kulichki.com/export_rate.php/ 		2 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
http://phonecards.kulichki.com/export_rate.php/i-ru,ua,by,md,il,us?style=1
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
209.190.165.162 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
pushline.com
Software
nginx /
Resource Hash
92e44ea6db79303a875673deb22369146ad42b6d6e9802e040ffbe20f9a6512b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
none
Date
Mon, 13 Feb 2023 13:12:28 GMT
Content-Encoding
gzip
Server
nginx
ETag
"3567710693-541577557-gzip"
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
public
Connection
keep-alive
Content-Length
462
Expires
Mon, 13 Feb 2023 14:12:28 GMT
top.jpg
wit2a.kulichki.com/stolitsa/knopki/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wit2a.kulichki.com/stolitsa/knopki/top.jpg
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
a8e001a0a6036c8d1f3bf57de395ded5ff0a2c2d29b8f64d6d80d9d711ad4ed9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Tue, 14 Dec 2021 18:31:21 GMT
Server
nginx/1.0.10
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5236
Expires
Wed, 15 Mar 2023 13:12:25 GMT
knop_zhiteli.gif
wit2a.kulichki.com/stolitsa/knopki/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wit2a.kulichki.com/stolitsa/knopki/knop_zhiteli.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
7cfaceb5c407a98c6e2cb8cb812d78a447138e1d1d9973552e64be47b02b0037

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Tue, 14 Dec 2021 18:31:21 GMT
Server
nginx/1.0.10
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1478
Expires
Wed, 15 Mar 2023 13:12:25 GMT
knop_rambler.gif
www.kulichki.com/stolitsa/knopki/ 		281 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.kulichki.com/stolitsa/knopki/knop_rambler.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
797bd648cc4a7398325582727422e7b1fac1be5dbba5fdc408c18c1b5c18b296

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Tue, 14 Dec 2021 18:31:21 GMT
Server
nginx/1.0.10
ETag
"4dff21f-119-61b8e2f9"
Content-Type
image/gif
Cache-Control
public, must-revalidate, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
281
Expires
Mon, 13 Feb 2023 14:12:25 GMT
top_ani.gif
www.russianamerica.com/images/banner/
Redirect Chain
  • http://www.russianamerica.com/top/logo/index.php?id=1060
  • http://www.russianamerica.com/images/banner/top_ani.gif
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.russianamerica.com/images/banner/top_ani.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
209.190.163.46 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
Software
nginx/0.7.61 /
Resource Hash
8002dbe1be5b281b265074d997b4c5524ac2339ab4fe91f98f476b5603e85716

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:28 GMT
Last-Modified
Mon, 01 Jul 2002 10:12:28 GMT
Server
nginx/0.7.61
ETag
"6b72f0f9-146e-3a4b418d7db00"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
5230

Redirect headers

Date
Mon, 13 Feb 2023 13:12:28 GMT
Server
nginx/0.7.61
X-Powered-By
PHP/5.2.13
Content-Type
text/html; charset=windows-1251
location
/images/banner/top_ani.gif
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
3
cycounter
www.yandex.ru/
Redirect Chain
  • http://www.yandex.ru/cycounter?www.kulichki.com
  • https://www.yandex.ru/cycounter?www.kulichki.com
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yandex.ru/cycounter?www.kulichki.com
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e7b1e7776eab53cf643b29d14e3b2fda3b013bf6be9d915f4f9b8e961c627a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Thu, 09 Feb 2023 14:48:20 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id
1676293948555504-9575619200429253539-vla1-5154-vla-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/png
x-xss-protection
1; mode=block
expires
Thu, 23 Feb 2023 14:48:20 GMT

Redirect headers

X-Content-Type-Options
nosniff
NEL
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
Accept-CH
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
X-Yandex-Req-Id
1676293948306671-18061944940701462389-vla0-8793-3ba-vla-l7-balancer-8080-BAL
Report-To
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
Location
https://www.yandex.ru/cycounter?www.kulichki.com
Content-Length
0
X-XSS-Protection
1; mode=block
/
extreme-dm.com/i/ 		1004 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://extreme-dm.com/i/
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-5-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5aadfd697417ac1e5e545943d8cb8ee9e8e9ed3fa9ed9b3f65bff9fb329dac01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:28 GMT
Last-Modified
Tue, 29 Jan 2002 12:59:45 GMT
Server
nginx
ETag
"3c569cc1-3ec"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1004
knop_kurier.gif
wit2a.kulichki.com/stolitsa/knopki/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wit2a.kulichki.com/stolitsa/knopki/knop_kurier.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
b4f05c859ef90cb6d9808e76d9f80e5635aa3e8a194241f337aee94f78fb5101

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Tue, 14 Dec 2021 18:31:21 GMT
Server
nginx/1.0.10
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2315
Expires
Wed, 15 Mar 2023 13:12:25 GMT
knop_moldova.gif
wit2a.kulichki.com/stolitsa/knopki/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wit2a.kulichki.com/stolitsa/knopki/knop_moldova.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
17095988cd22bc1ab4957fb76db6c34f98fd2baf35622bd3ddb30451ea552f7a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Tue, 14 Dec 2021 18:31:21 GMT
Server
nginx/1.0.10
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2735
Expires
Wed, 15 Mar 2023 13:12:25 GMT
rss.gif
wit2a.kulichki.com/images/ 		666 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wit2a.kulichki.com/images/rss.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.153 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
anet2.kulichki.com
Software
nginx/1.0.10 /
Resource Hash
c5251a4a1ea277be98eb7aa283cddb17cc9fe8da347c7cc91517f49f0925f576

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:25 GMT
Last-Modified
Mon, 20 Jul 2020 07:38:54 GMT
Server
nginx/1.0.10
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
666
Expires
Wed, 15 Mar 2023 13:12:25 GMT
kulichki_234_1
rotabanner.kulichki.com/cgi-bin/iframe/ Frame 5801 		333 B
589 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rotabanner.kulichki.com/cgi-bin/iframe/kulichki_234_1?31246
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.157 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
l2.kulichki.com
Software
nginx/1.0.11 /
Resource Hash
20c7b126869866af72b57ef374a59dd83634be94e5e899e822be9775af38ddfb

Request headers

Referer
http://wit2a.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=windows-1251
Content-length
333
Date
Mon, 13 Feb 2023 13:12:26 GMT
Keep-Alive
timeout=20
Server
nginx/1.0.11
kulichki_top
rotabanner.kulichki.net/cgi-bin/iframe/ Frame 3CC5 		156 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rotabanner.kulichki.net/cgi-bin/iframe/kulichki_top?37980
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.157 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
l2.kulichki.com
Software
nginx/1.0.11 /
Resource Hash
e9a6a53257a7665f73bc64caef582bbb887f6d1908b6bfb83a261f6b23424aac

Request headers

Referer
http://wit2a.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=windows-1251
Content-length
156
Date
Mon, 13 Feb 2023 13:12:26 GMT
Keep-Alive
timeout=20
Server
nginx/1.0.11
football.kulichki.net.657038.html
mg.marketgid.com/mghtml/framehtml/c/f/o/ Frame 76E8 		3 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657038.html
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:2ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b

Request headers

Referer
http://wit2a.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
798dd0d8ad35bbb5-FRA
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:12:28 GMT
Last-Modified
Mon, 11 Apr 2022 16:10:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5auNpvKnsoz%2BugIjyH6igNxXGhmh3HF%2BlN67wQ6HsNy9uA2V1nfLtp7BIZXkP%2FHzetIK4D4wIa1eGp178BWo0C%2F%2B1uLKHTyQ0e6Uuo4INYwk9SVUMuaCqMN6xsmP6CkYMAPbxSSEppPvff669XW"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Cache-Status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
null
15
rotabanner.kulichki.com/cgi-bin/banner/ Frame 5801 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rotabanner.kulichki.com/cgi-bin/banner/15?31246&login=kulichki_234_1&referer=http%3A%2F%2Fwit2a.kulichki.com%2F
Requested by
Host: rotabanner.kulichki.com
URL: http://rotabanner.kulichki.com/cgi-bin/iframe/kulichki_234_1?31246
Protocol
HTTP/1.1
Server
95.211.224.157 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
l2.kulichki.com
Software
nginx/1.0.11 /
Resource Hash
a6a3467cb65023273749902a845f91c896210f9f768247ce430af3f422506204

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rotabanner.kulichki.com/cgi-bin/iframe/kulichki_234_1?31246
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 13:12:26 GMT
Server
nginx/1.0.11
Connection
keep-alive
Keep-Alive
timeout=20
Content-length
14278
Content-Type
image/gif
ru.gif
www.pushline.com/cg/flags/ 		155 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pushline.com/cg/flags/ru.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.190.165.162 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
pushline.com
Software
nginx /
Resource Hash
1f8831b70f58c4839579b0e0b4325c46bc20eb4fc644d07d461fb57998627f1d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:12:28 GMT
last-modified
Thu, 25 Jul 2019 10:31:00 GMT
server
nginx
etag
"5d3984e4-9b"
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
155
ua.gif
www.pushline.com/cg/flags/ 		140 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pushline.com/cg/flags/ua.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.190.165.162 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
pushline.com
Software
nginx /
Resource Hash
9d7b82cf08521c97ae9dba53d94e05778c61fd0dd09c7a05f28d90645cad73ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:12:28 GMT
last-modified
Thu, 25 Jul 2019 10:31:00 GMT
server
nginx
etag
"5d3984e4-8c"
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
140
by.gif
www.pushline.com/cg/flags/ 		191 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pushline.com/cg/flags/by.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.190.165.162 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
pushline.com
Software
nginx /
Resource Hash
b9ea78eda889d32926a079f16bbad0dea15d33f439e593f864afe73bbddd969d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:12:28 GMT
last-modified
Thu, 25 Jul 2019 10:31:00 GMT
server
nginx
etag
"5d3984e4-bf"
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
191
md.gif
www.pushline.com/cg/flags/ 		297 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pushline.com/cg/flags/md.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.190.165.162 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
pushline.com
Software
nginx /
Resource Hash
46de6d5e2b86846cd99c53b3fcf84dff80d10978fcbdbb5708d83776262c89fc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:12:28 GMT
last-modified
Thu, 25 Jul 2019 10:31:00 GMT
server
nginx
etag
"5d3984e4-129"
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
297
il.gif
www.pushline.com/cg/flags/ 		161 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pushline.com/cg/flags/il.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.190.165.162 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
pushline.com
Software
nginx /
Resource Hash
7bd8ba8c1493f3672efe47bc0b05506f1d27989d6ba53c277078c40144448882
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:12:28 GMT
last-modified
Thu, 25 Jul 2019 10:31:00 GMT
server
nginx
etag
"5d3984e4-a1"
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
161
us.gif
www.pushline.com/cg/flags/ 		185 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pushline.com/cg/flags/us.gif
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.190.165.162 Cranston, United States, ASN17054 (AS17054, US),
Reverse DNS
pushline.com
Software
nginx /
Resource Hash
bb8b51e12113235fe13ae3e9ba67d8aad5054bf15609253dd4c4dfa474075b57
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:12:28 GMT
last-modified
Thu, 25 Jul 2019 10:31:00 GMT
server
nginx
etag
"5d3984e4-b9"
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
content-length
185
cnt
u1136.39.spylog.com/ 		0
0
counter2
top-fwz1.mail.ru/
Redirect Chain
  • http://top.list.ru/counter?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24
  • https://top-fwz1.mail.ru/counter?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24;ver=20
  • https://top-fwz1.mail.ru/counter2?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24;ver=20
467 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24;ver=20
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
e5ef58568814aa10ca49f677ae4608f04ada2d805c8da900da912602693d3822
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:12:28 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
467
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Mon, 13 Feb 2023 13:12:28 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime
86400
location
https://top-fwz1.mail.ru/counter2?id=27690;t=55;js=13;r=;j=false;s=1600*1200;d=24;ver=20
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
/
extreme-dm.com/z/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://extreme-dm.com/z/?tag=kulichki&j=y&srw=1600&srb=24&rs=41&l=
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-5-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 13:12:28 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private,no-cache,no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 28 Sep 1970 06:00:00 GMT
kulichki_middle
rotabanner.kulichki.com/cgi-bin/iframe/ Frame 7025 		156 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rotabanner.kulichki.com/cgi-bin/iframe/kulichki_middle?52815
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
95.211.224.157 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
l2.kulichki.com
Software
nginx/1.0.11 /
Resource Hash
e9a6a53257a7665f73bc64caef582bbb887f6d1908b6bfb83a261f6b23424aac

Request headers

Referer
http://wit2a.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=windows-1251
Content-length
156
Date
Mon, 13 Feb 2023 13:12:26 GMT
Keep-Alive
timeout=20
Server
nginx/1.0.11
newsbox.js
www.newsxxl.ru/tools/newsbox/ 		0
0
football.kulichki.net.657039.html
mg.marketgid.com/mghtml/framehtml/c/f/o/ Frame 8292 		3 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657039.html
Requested by
Host: rotabanner.kulichki.net
URL: http://rotabanner.kulichki.net/cgi-bin/iframe/kulichki_top?37980
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:2ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b

Request headers

Referer
http://rotabanner.kulichki.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
798dd0da6832bbb5-FRA
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:12:28 GMT
Last-Modified
Mon, 11 Apr 2022 16:10:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ize6fgJhyvNZrHNvzGQsIHzvnG4exDF5Jm7vGJis9gqTVs4RDQ%2BoVuptLbMHtIWLsWMmlIG29qMQp0FKMUZH%2FvmWUX9iUh0cClLO5W%2BgOIkJfWJxhJ2029nH%2FNM35YpAs93fAA1n77pIJzsrNGU"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Cache-Status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
null
football.kulichki.net.657039.html
mg.marketgid.com/mghtml/framehtml/c/f/o/ Frame 2E35 		3 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657039.html
Requested by
Host: rotabanner.kulichki.com
URL: http://rotabanner.kulichki.com/cgi-bin/iframe/kulichki_middle?52815
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:2ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b

Request headers

Referer
http://rotabanner.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
798dd0daa89abbb5-FRA
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:12:28 GMT
Last-Modified
Mon, 11 Apr 2022 16:10:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wtyra1MwzRX4uGPoq%2BX8fAfu9Fi%2Fh61Y940WUj2JBM5Sam1MfhkEOzEw9w8Ca17zSOghmCFRRMok5NQarpWWYPKvN8NCnyWIJkHGm7jTCdXuOmI7lS%2FbpLMm5cZTpqFs7LdF1fWRzU%2FsRG6KcSvs"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Cache-Status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
null
erle.cgi
ad.adriver.ru/cgi-bin/ Frame F45D
Redirect Chain
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850&tuid=-5356418468
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850&tuid=-5356418468
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://wit2a.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-control
no-cache, max-age=0, must-revalidate, no-store
Connection
keep-alive
Date
Mon, 13 Feb 2023 13:12:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache;

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:12:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
/cgi-bin/erle.cgi?sid=6441&bn=1&target=top&bt=2&pz=0&rnd=5062850&tuid=-5356418468
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Pragma
no-cache
Transfer-Encoding
chunked
/
www.business.lbn.ru/ Frame A71C
Redirect Chain
  • http://www.business.lbn.ru/cgi-bin/iframe/old-kulichki?84775&options=F%27
  • http://www.business.lbn.ru/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.business.lbn.ru/
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
62.122.170.171 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS
62.122.170.171.serverel.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wit2a.kulichki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location
http://www.business.lbn.ru/
Date
Mon, 13 Feb 2023 13:12:30 GMT
Server
nginx/1.14.1
Connection
keep-alive
X-Powered-By
PHP/7.2.24
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
erle.cgi
ad.adriver.ru/cgi-bin/ Frame 7EBE
Redirect Chain
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277&tuid=-4842468315
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277&tuid=-4842468315
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://wit2a.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-control
no-cache, max-age=0, must-revalidate, no-store
Connection
keep-alive
Date
Mon, 13 Feb 2023 13:12:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache;

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:12:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
/cgi-bin/erle.cgi?sid=6441&bn=2&target=top&bt=2&pz=0&rnd=648914277&tuid=-4842468315
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Pragma
no-cache
Transfer-Encoding
chunked
football.kulichki.net.657038.html
mg.marketgid.com/mghtml/framehtml/c/f/o/ Frame 262A 		3 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mg.marketgid.com/mghtml/framehtml/c/f/o/football.kulichki.net.657038.html
Requested by
Host: wit2a.kulichki.com
URL: http://wit2a.kulichki.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:2ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b

Request headers

Referer
http://wit2a.kulichki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
798dd0e79bd6bbb5-FRA
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:12:30 GMT
Last-Modified
Mon, 11 Apr 2022 16:10:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1AnlIcVyEM%2BGAGUDuAcQSq0D4eBfW2h%2F1qlY7iXMLdxyAs2%2BW9O7vWhdooFdJKviyo5zb9j7J6CkkjKN1Vtc%2FH%2BrHCaLQbNhJgBPNrxbM5t8ZuWzbK7X%2B74EF40YNK%2FKznxcV1eApEi7cz4jiVc"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Cache-Status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
null

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
u1136.39.spylog.com
URL
http://u1136.39.spylog.com/cnt?p=0&rn=0.7691039937276039&c=1&wh=1600x1200&px=24&j=N&sl=1.3&r=&fr=0&pg=http%3A//wit2a.kulichki.com/
Domain
www.newsxxl.ru
URL
http://www.newsxxl.ru/tools/newsbox/newsbox.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless object| oncontentvisibilityautostatechange string| rb1_login number| rb1_random string| u object| d object| nv string| na number| p string| j number| c number| bv number| n number| rn string| z number| fr string| sl string| pl object| s number| px string| y number| js string| a function| pr string| an number| srb number| srw number| r object| NewsBox number| RndNum4NoCash string| blbn_login string| blbn_options number| blbn_random function| blbn_getbanner object| doc

12 Cookies

Domain/Path Name / Value
wit2a.kulichki.com/ Name: test
Value: http://korolev.msk.ru/
www.kulichki.com/ Name: test
Value: http://korolev.msk.ru/
rotabanner.kulichki.com/ Name: test
Value: http://korolev.msk.ru/
phonecards.kulichki.com/ Name: PHPSESSID
Value: 3cvio6jv94lg4a13kch3af0qq5
wit2a.kulichki.com/ Name: b
Value: b
.rambler.ru/ Name: ruid
Value: 1CIAADw36mN1jT2qAU6zvgB=
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CKWxOxC4pgEYAQ==
.yandex.ru/ Name: i
Value: WtRvOaMdhCgOh9c3Yoxmnc/ldr5qhOUR/to1qyR1K1bZWD+R4NNK+DCtlWraKhFfZwnAoxolu8du8j+7wQ2QfnppbPg=
.yandex.ru/ Name: yashr
Value: 4760887851676293948
.mail.ru/ Name: VID
Value: 2NjjlY38BFoF00000o1aP4IF:::0-0-0-9048ffc:CAASEOXgLiNWt_lpi2E-eV-mmi4aYAXqF1cEvMdYYW7q1l3TtminNLm1wWpdmDCEPoQLY4r5TltUJs5jDpGPpKtGcE_gVixGmuhHeyR0yAh1Uw6d8ACtccQO73nMhnrnqGt00k4pVAig9SrnuAz1btQfrWA3Eg
.adriver.ru/ Name: cid
Value: -4842468315

4 Console Messages

Source Level URL
Text
javascript warning URL: http://wit2a.kulichki.com/(Line 416)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.newsxxl.ru/tools/newsbox/newsbox.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://wit2a.kulichki.com/(Line 416)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.newsxxl.ru/tools/newsbox/newsbox.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://u1136.39.spylog.com/cnt?p=0&rn=0.7691039937276039&c=1&wh=1600x1200&px=24&j=N&sl=1.3&r=&fr=0&pg=http%3A//wit2a.kulichki.com/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.newsxxl.ru/tools/newsbox/newsbox.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
counter.rambler.ru
extreme-dm.com
mg.marketgid.com
phonecards.kulichki.com
rotabanner.kulichki.com
rotabanner.kulichki.net
top-fwz1.mail.ru
top.list.ru
u1136.39.spylog.com
wit2a.kulichki.com
www.business.lbn.ru
www.kulichki.com
www.newsxxl.ru
www.pushline.com
www.russianamerica.com
www.yandex.ru
u1136.39.spylog.com
www.newsxxl.ru
18.208.5.78
195.209.108.35
195.209.108.51
209.190.163.46
209.190.165.162
2606:4700:3036::6815:2ebf
2a02:6b8:a::a
62.122.170.171
81.19.89.16
81.19.89.17
95.163.52.67
95.211.224.153
95.211.224.157
17095988cd22bc1ab4957fb76db6c34f98fd2baf35622bd3ddb30451ea552f7a
1f8831b70f58c4839579b0e0b4325c46bc20eb4fc644d07d461fb57998627f1d
20c7b126869866af72b57ef374a59dd83634be94e5e899e822be9775af38ddfb
46de6d5e2b86846cd99c53b3fcf84dff80d10978fcbdbb5708d83776262c89fc
527ad8e42c629b6f22875086a6ee16135ac8a905e206e4c292f42919798a2b2e
5aadfd697417ac1e5e545943d8cb8ee9e8e9ed3fa9ed9b3f65bff9fb329dac01
655d83f67307cedc4522a5a86c6c0e6cd3b59c6d3e5fea004f738c1ac8dc7727
797bd648cc4a7398325582727422e7b1fac1be5dbba5fdc408c18c1b5c18b296
7bd8ba8c1493f3672efe47bc0b05506f1d27989d6ba53c277078c40144448882
7cfaceb5c407a98c6e2cb8cb812d78a447138e1d1d9973552e64be47b02b0037
8002dbe1be5b281b265074d997b4c5524ac2339ab4fe91f98f476b5603e85716
92e44ea6db79303a875673deb22369146ad42b6d6e9802e040ffbe20f9a6512b
95a2d3beec0d4dcb347222a66bb0bfebb21fffa8e5a4b2798b67bef3901c1e96
9d7b82cf08521c97ae9dba53d94e05778c61fd0dd09c7a05f28d90645cad73ce
a6a3467cb65023273749902a845f91c896210f9f768247ce430af3f422506204
a8e001a0a6036c8d1f3bf57de395ded5ff0a2c2d29b8f64d6d80d9d711ad4ed9
b4f05c859ef90cb6d9808e76d9f80e5635aa3e8a194241f337aee94f78fb5101
b9ea78eda889d32926a079f16bbad0dea15d33f439e593f864afe73bbddd969d
bb8b51e12113235fe13ae3e9ba67d8aad5054bf15609253dd4c4dfa474075b57
c5251a4a1ea277be98eb7aa283cddb17cc9fe8da347c7cc91517f49f0925f576
ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
da58bf4969599dd1f69a879833932c9655d33f70d20930018db633ef68f6254f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ef58568814aa10ca49f677ae4608f04ada2d805c8da900da912602693d3822
e7b1e7776eab53cf643b29d14e3b2fda3b013bf6be9d915f4f9b8e961c627a90
e9a6a53257a7665f73bc64caef582bbb887f6d1908b6bfb83a261f6b23424aac