Submitted URL: http://lordsgift2.com/
Effective URL: https://tinylinks.ru/ow051
Submission: On October 18 via api from CZ — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::ac43:a186, located in United States and belongs to CLOUDFLARENET, US. The main domain is tinylinks.ru.
TLS certificate: Issued by WE1 on September 28th 2024. Valid for: 3 months.
This is the only time tinylinks.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2a00:f940:2:2... 197695 (AS-REG)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
25 6
Apex Domain
Subdomains
Transfer
12 lordsgift2.com
lordsgift2.com
995 KB
5 tinylinks.ru
tinylinks.ru
98 KB
3 gstatic.com
fonts.gstatic.com
54 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
25 5
Domain Requested by
12 lordsgift2.com lordsgift2.com
5 tinylinks.ru tinylinks.ru
3 fonts.gstatic.com fonts.googleapis.com
2 challenges.cloudflare.com tinylinks.ru
challenges.cloudflare.com
1 fonts.googleapis.com lordsgift2.com
25 5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
lordsgift2.com
R11
2024-09-12 -
2024-12-11
3 months crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
tinylinks.ru
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
challenges.cloudflare.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh

This page contains 2 frames:

Primary Page: https://tinylinks.ru/ow051
Frame ID: 756330E1948E55A6D63751852A42BB87
Requests: 22 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fabg4/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: BB77F1A52DEDE7F8CEC422C27167EF70
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://lordsgift2.com/ HTTP 307
    https://lordsgift2.com/ Page URL
  2. https://tinylinks.ru/ow051 Page URL

Page Statistics

25
Requests

92 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

1165 kB
Transfer

1375 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lordsgift2.com/ HTTP 307
    https://lordsgift2.com/ Page URL
  2. https://tinylinks.ru/ow051 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lordsgift2.com/ HTTP 307
  • https://lordsgift2.com/

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
lordsgift2.com/
Redirect Chain
  • http://lordsgift2.com/
  • https://lordsgift2.com/
14 KB
3 KB
Document
General
Full URL
https://lordsgift2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
7945d47baadacee6c1d1acd520cbe4a644cb64cefd04fbae2218f00ea79f16c8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 18 Oct 2024 01:24:29 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Location
https://lordsgift2.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 01:24:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 18 Oct 2024 01:09:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
d8be3dffa95602674dce.css
lordsgift2.com/
77 KB
14 KB
Stylesheet
General
Full URL
https://lordsgift2.com/d8be3dffa95602674dce.css
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
008b23fbab16667eeb1b154a25cc3031e62b37fb253ae49409542f5fe90402aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/

Response headers

cache-control
max-age=3888000
content-encoding
gzip
etag
W/"66e2c88a-134a8"
expires
Mon, 02 Dec 2024 01:24:30 GMT
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
text/css
last-modified
Thu, 12 Sep 2024 10:55:06 GMT
server
nginx
vary
Accept-Encoding
logo2.png
lordsgift2.com/img/
12 KB
12 KB
Image
General
Full URL
https://lordsgift2.com/img/logo2.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
4957259249252a016a96b273542412692bda72c4e02e930710c01569d5680ed1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/

Response headers

cache-control
max-age=3888000
etag
"66e2c89d-2e42"
expires
Mon, 02 Dec 2024 01:24:30 GMT
accept-ranges
bytes
content-length
11842
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
image/png
last-modified
Thu, 12 Sep 2024 10:55:25 GMT
server
nginx
green-effect.png
lordsgift2.com/img/
20 KB
20 KB
Image
General
Full URL
https://lordsgift2.com/img/green-effect.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
b1ec3a1d12ead3115f40a673c7b013f57c2fd15129002f4899f4b236cde006bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

cache-control
max-age=3888000
etag
"66e2c89d-4f50"
expires
Mon, 02 Dec 2024 01:24:30 GMT
accept-ranges
bytes
content-length
20304
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
image/png
last-modified
Thu, 12 Sep 2024 10:55:25 GMT
server
nginx
bulleft-left-bg.png
lordsgift2.com/img/
6 KB
6 KB
Image
General
Full URL
https://lordsgift2.com/img/bulleft-left-bg.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
21a3e558fded3897cda7e9e14f32f18844997694d8e439a0751e4cfed21c099b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

content-encoding
gzip
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
bullet-right-bg.png
lordsgift2.com/img/
6 KB
6 KB
Image
General
Full URL
https://lordsgift2.com/img/bullet-right-bg.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
21a3e558fded3897cda7e9e14f32f18844997694d8e439a0751e4cfed21c099b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

content-encoding
gzip
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
background-main.jpg
lordsgift2.com/img/
229 KB
230 KB
Image
General
Full URL
https://lordsgift2.com/img/background-main.jpg
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
6139ee105688d100bb75f22f79229698b4c398000343c960a562f7b0980bba2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

cache-control
max-age=3888000
etag
"66e2c89d-394b9"
expires
Mon, 02 Dec 2024 01:24:30 GMT
accept-ranges
bytes
content-length
234681
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
image/jpeg
last-modified
Thu, 12 Sep 2024 10:55:25 GMT
server
nginx
effects.png
lordsgift2.com/img/
433 KB
433 KB
Image
General
Full URL
https://lordsgift2.com/img/effects.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

cache-control
max-age=3888000
etag
"66e2c89d-6c2ce"
expires
Mon, 02 Dec 2024 01:24:30 GMT
accept-ranges
bytes
content-length
443086
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
image/png
last-modified
Thu, 12 Sep 2024 10:55:25 GMT
server
nginx
solders.png
lordsgift2.com/img/
256 KB
257 KB
Image
General
Full URL
https://lordsgift2.com/img/solders.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
f41f9a45f321626b9649088ebe05b23f21f5ecee9305e87761e8dec250159a65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

cache-control
max-age=3888000
etag
"66e2c89d-40170"
expires
Mon, 02 Dec 2024 01:24:30 GMT
accept-ranges
bytes
content-length
262512
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
image/png
last-modified
Thu, 12 Sep 2024 10:55:25 GMT
server
nginx
bullet-right.png
lordsgift2.com/img/
6 KB
6 KB
Image
General
Full URL
https://lordsgift2.com/img/bullet-right.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
21a3e558fded3897cda7e9e14f32f18844997694d8e439a0751e4cfed21c099b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

content-encoding
gzip
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
bullet-left.png
lordsgift2.com/img/
6 KB
6 KB
Image
General
Full URL
https://lordsgift2.com/img/bullet-left.png
Requested by
Host: lordsgift2.com
URL: https://lordsgift2.com/d8be3dffa95602674dce.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
21a3e558fded3897cda7e9e14f32f18844997694d8e439a0751e4cfed21c099b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/d8be3dffa95602674dce.css

Response headers

content-encoding
gzip
date
Fri, 18 Oct 2024 01:24:30 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lordsgift2.com
Referer
https://fonts.googleapis.com/

Response headers

age
183064
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 22:33:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 22:33:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lordsgift2.com
Referer
https://fonts.googleapis.com/

Response headers

age
185776
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 21:48:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 21:48:14 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lordsgift2.com
Referer
https://fonts.googleapis.com/

Response headers

age
183056
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 22:33:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 22:33:34 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
Primary Request ow051
tinylinks.ru/
12 KB
10 KB
Document
General
Full URL
https://tinylinks.ru/ow051
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d945be653321b00e9216e962ed87cd99fa84201606fe2b7c0817d7920e632b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://lordsgift2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
rHSRfj12PNvgWA/4ttyDwHJQmPFxUeaUWMhrFNvT3M1ZxIGXppyuAtvV9MgpLHr6TAjG5RzRDErFcKGzLyVWljvqOyL+GxASkRxKdh0Do7Ox0Nt54WXG+mKDpr7a7dKocnJcZ8k+ChXlC7XUxBo6Ag==$beRMhFKerh2A4nSmqF+1Og==
cf-mitigated
challenge
cf-ray
8d44bab11ecb4235-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 18 Oct 2024 01:24:31 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=picNd6%2BmACldLuMrH1cPgr94zc1XdXkOVHhM69vYFsoFBSUVh2gKvNFMfrAIsw8UR3EjTGMmB%2F9%2BXcHdr%2Bift%2BpUDoE5CIR%2FykolL%2FjiO1azXFXn0eIOTmKXWFvOGFVPruC652HxFlcHoL0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
favicon2.png
lordsgift2.com/img/
4 KB
4 KB
Other
General
Full URL
https://lordsgift2.com/img/favicon2.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:261 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lordsgift2.com/

Response headers

cache-control
max-age=3888000
etag
"66e2c89d-1065"
expires
Mon, 02 Dec 2024 01:24:31 GMT
accept-ranges
bytes
content-length
4197
date
Fri, 18 Oct 2024 01:24:31 GMT
content-type
image/png
last-modified
Thu, 12 Sep 2024 10:55:25 GMT
server
nginx
v1
tinylinks.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
151 KB
58 KB
Script
General
Full URL
https://tinylinks.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d44bab11ecb4235
Requested by
Host: tinylinks.ru
URL: https://tinylinks.ru/ow051
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c3d9d42a4bd813cd25a7ce2d2f132905a7d75f1a85a9ca6759116518e7e52b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tinylinks.ru/ow051?__cf_chl_rt_tk=sQccSbojekywvaKtHl_4yTT3dNiyVwoSjEMVm1NF6vQ-1729214671-1.0.1.1-GF_WTgnbyRwvvOstFgqKdooKauR9uUhsUUfp3CBKe6o

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91i6cHE9sCTqGH3fs92IyDwiygrMmzcCGFJIOy%2Bd41SEgYJ5AmQkDF5OZHcBbbVZ2FWFhRewV%2FDFca%2BSGVO1IxGABnbr0RLIMYDaXsHoWFnszRBfJCq5eXSURebmX6VBUAdV8acd4dP6rs0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d44bab20ff64235-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 01:24:31 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
5e558806-2bff-45eb-b6cf-e30994b6a1bf
https://tinylinks.ru/ Frame
0
0

api.js
challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/
46 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Requested by
Host: tinylinks.ru
URL: https://tinylinks.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d44bab11ecb4235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://tinylinks.ru
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d44bab39a445e79-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 01:24:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Oct 2024 14:19:56 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
tinylinks.ru/
9 KB
9 KB
Image
General
Full URL
https://tinylinks.ru/favicon.ico
Requested by
Host: tinylinks.ru
URL: https://tinylinks.ru/ow051
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e639862659dcd49ec1800706ffcf3a44430d03db187347ef8108de771b9c94eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tinylinks.ru/ow051

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QI1ng43WYsFTTDVWt2K9XiTh0ad1yJCUCGCpYmFCAnWDVplb8DYZ8vSImlwh7r4eruHNDnbkpeJ9ECVfrrg1QhlD7yFA3DXD1ixfJrdIg14%2Fr1n%2BVn%2FZLeQg8dGUUkAWuuBGXLlALaKm9LY%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-content-options
nosniff
date
Fri, 18 Oct 2024 01:24:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
ncHtoHr8IYdUlnQBxTkNdVG24Xw6mGpSqe57RE4JYQO6Q1+HqL48/P2kRWJ3pZeTgg+94qAYj4eABjRhH79KBgOeyvCsjNgOYTgX17xJP0EsgOQ4QtO5uafHxC+YHgQPLRYlF0ZvZAuGpbSsEkYhxw==$Um5IbZYr9Xc7/7Yp0H/qDQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d44bab2d8e24235-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
3c5c0f1ab1fac0d
tinylinks.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1999792557:1729213270:EMLF_XJiiq9WHOKAOaShjsKsuO_lzis4L-WLQ3wNk8w/8d44bab11ecb4235/
17 KB
13 KB
XHR
General
Full URL
https://tinylinks.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1999792557:1729213270:EMLF_XJiiq9WHOKAOaShjsKsuO_lzis4L-WLQ3wNk8w/8d44bab11ecb4235/3c5c0f1ab1fac0d
Requested by
Host: tinylinks.ru
URL: https://tinylinks.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d44bab11ecb4235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fdb21d660105502b03a2c6817e0f55761d79a9c2d5529f8854cc026b5edfb4e

Request headers

Referer
https://tinylinks.ru/ow051
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
3c5c0f1ab1fac0d

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZzz%2BB%2B%2FTvZbuUrs049KBL27reDNIejOpZpOGDt3Dsyched2pvP3vJTuqRmkpHe%2BfD%2FnbbHqzupZkQ4kFgXteXU5malhAsm0xSbVxO3wB2X55UVJTauph2TrJiepyXt81rjVX%2BNni4EWMsU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d44bab389ea4235-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 01:24:31 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
Qz82VaInk6Vu8Z6IYhxIa4/pJc0BT4tL2sveBU51aeF+qWX1uBOJWxL6DL/IVtlp/pIzTQEnFQ==$FUTseF0JAajovr9K
server
cloudflare
8375f293-219e-46ac-bc28-6da4bee58428
https://tinylinks.ru/ Frame
0
0

/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fabg4/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame BB77
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fabg4/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d44bab4c9cf43ff-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 01:24:32 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
favicon.ico
tinylinks.ru/
9 KB
8 KB
Other
General
Full URL
https://tinylinks.ru/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a807a37a9a5aa6b32b30e24ebb34756e1c151864afe9e3a62f86c2680363db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tinylinks.ru/ow051

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5CmuWHDbwQuIkuDzuqNzjBWSEXzycSmGNkX9gLyR46GYtp3wxNwIkVEc7jBlf7Vft7txgWbnC8ISynzUVTBOBOC37gAtwvH6UUhjDQNARtYYZWfxX9l9dhzip61E3%2B0gyn1mh%2FSMP93EFE%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-content-options
nosniff
date
Fri, 18 Oct 2024 01:24:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
/yI2/NfnMkh1LO7LyUMZDurBBsF3chq1lT8cOHFtsapk4WEaW90MXMYCsCLTUEnYkfZjiB/ag9MBmguOwM3jZzT5PonqtLseeHYsiM9dfB05ioUNnfQsdGl4JrYJ/l3KvICT6foI6iQvSiKdIF5sWw==$eFhd9GVbknNyXfD26kL8iQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d44bab5ecff4235-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tinylinks.ru
URL
blob:https://tinylinks.ru/5e558806-2bff-45eb-b6cf-e30994b6a1bf
Domain
tinylinks.ru
URL
blob:https://tinylinks.ru/8375f293-219e-46ac-bc28-6da4bee58428

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| DXjyL6 boolean| Pjghl3 function| jXVRZ7 function| ZcHV6 function| VBYM6 function| brdWQ0 function| HFmwV6 function| iHCC5 object| dSJo7 object| lajwG7 object| PZKL0 number| BuTN0 object| angular object| FnNf4 string| FUWvI4 object| turnstile boolean| qVQK0 boolean| YGymh1

0 Cookies

7 Console Messages

Source Level URL
Text
network error URL: https://lordsgift2.com/img/bullet-right-bg.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lordsgift2.com/img/bulleft-left-bg.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lordsgift2.com/img/bullet-left.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lordsgift2.com/img/bullet-right.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tinylinks.ru/ow051
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tinylinks.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tinylinks.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
lordsgift2.com
tinylinks.ru
tinylinks.ru
2606:4700:3037::ac43:a186
2606:4700::6812:5f29
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0c::5f
2a00:f940:2:2:1:1:0:261
008b23fbab16667eeb1b154a25cc3031e62b37fb253ae49409542f5fe90402aa
21a3e558fded3897cda7e9e14f32f18844997694d8e439a0751e4cfed21c099b
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611
31a807a37a9a5aa6b32b30e24ebb34756e1c151864afe9e3a62f86c2680363db
4957259249252a016a96b273542412692bda72c4e02e930710c01569d5680ed1
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
6139ee105688d100bb75f22f79229698b4c398000343c960a562f7b0980bba2e
7945d47baadacee6c1d1acd520cbe4a644cb64cefd04fbae2218f00ea79f16c8
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c3d9d42a4bd813cd25a7ce2d2f132905a7d75f1a85a9ca6759116518e7e52b8
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
8fdb21d660105502b03a2c6817e0f55761d79a9c2d5529f8854cc026b5edfb4e
a9d945be653321b00e9216e962ed87cd99fa84201606fe2b7c0817d7920e632b
b1ec3a1d12ead3115f40a673c7b013f57c2fd15129002f4899f4b236cde006bb
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e639862659dcd49ec1800706ffcf3a44430d03db187347ef8108de771b9c94eb
f41f9a45f321626b9649088ebe05b23f21f5ecee9305e87761e8dec250159a65