URL: https://roblxwin.com/
Submission Tags: phishingrod
Submission: On August 28 via api from DE — Scanned from NL

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is roblxwin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 27th 2023. Valid for: a year.
This is the only time roblxwin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 188.114.97.3 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
24 5
Apex Domain
Subdomains
Transfer
16 roblxwin.com
roblxwin.com
1 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
3 youtube.com
img.youtube.com — Cisco Umbrella Rank: 2424
106 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
179 KB
24 4
Domain Requested by
16 roblxwin.com roblxwin.com
3 img.youtube.com roblxwin.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com roblxwin.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
24 5

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
Subject Issuer Validity Valid
roblxwin.com
Cloudflare Inc ECC CA-3
2023-12-27 -
2024-12-26
a year crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://roblxwin.com/
Frame ID: 9D1D243D20EDDB0ABE2A4A4D3690CD9F
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Roblox for Windows 🎮 Download Roblox for Free for Windows 10/7 PC, Install & Play

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1577 kB
Transfer

2009 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
roblxwin.com/
30 KB
7 KB
Document
General
Full URL
https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcebdda309fe157b24ed4a4b21f8544a6d601980f7e1ca129e722df406c15b82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ba0e80ccb19d354-FRA
content-encoding
br
content-type
text/html
date
Wed, 28 Aug 2024 02:35:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMxjy0WMs9XsQWVRk59ZHuPDPvHVbuxbUvHIwZIRvLF%2FOMvZuNSRGcW8lNc94ccJIPyP7aTDC%2FHZml%2BErexnsvLnXBQ3F1Hwmc027gri83UJZMCEtu8Po0alTB3TV8o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-edge
edge
main.css
roblxwin.com/css-theme/
12 KB
3 KB
Stylesheet
General
Full URL
https://roblxwin.com/css-theme/main.css?v=1637909234
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a282bdb3417faab7235062e15a69a7e24270ae2a115e9199917f4f2c9e4afb5

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"657fef53-2f38"
x-cache-status
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqHnZ0V7mJQe23rtiWL1YdWFwtucI%2BQDpD2sRA7avUfI%2B6GVgYrEwvKlihvET6RkWNTjZNcodkh%2FyRC%2Fw1iiidJ7lU0c59HDNhzHH1TVJwIgPQhhAfkeGb5bkP9PPeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-edge
edge
cache-control
max-age=14400
cf-ray
8ba0e80d1bbdd354-FRA
alt-svc
h3=":443"; ma=86400
logo-axqaa.png
roblxwin.com/images/uploads/2022-09-21/
6 KB
7 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/logo-axqaa.png
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ef65f6519f821e69f856e12a1b35633bd34927afdaac55b78587c884a2cab4

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6429
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-191d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMMcbscPUSnAyKrtR2zDCVD4H4X74pYJIgcK26hUe68%2FsOI0ByjzmXucSKymyCLcqM9%2FlMaMMFAcE1vLfTN5b%2FoTz2QO3bB%2FbZzAcvUwPfeMTsYMOxgRwfI0FFymjsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d1bbed354-FRA
product-hevdx.png
roblxwin.com/images/uploads/2022-09-21/
20 KB
20 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/product-hevdx.png
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4f6c659b186b74ea9f17f455360cf10cfca96404d73390fb4761eb925d16dd

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
20082
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-4e72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2F36%2BcDeP5JMxM%2BnUWNlAtCaWGvvZKU%2FVdrRqzKKKcDt7%2FGxiuHDlk2cB5nYT6m%2Ffi%2F8VoAdCfYh3FFDK%2Bg%2BoIwNSiSgToVqAK96MVdedHhGHtufaMefSLiAXS2p8S8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d1bc0d354-FRA
stars2.png
roblxwin.com/img/
2 KB
2 KB
Image
General
Full URL
https://roblxwin.com/img/stars2.png
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
254b89ae7388c1fd8023e967a13345d48619db5e26338e9868b6b3f176978da8

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
1912
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-778"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsK9DLR0kgaMW0ZGpC15Of4fvwAPe5N0endT7lqeeJ27PGDNggaJevIxzf%2FK6Xxj8k9QnRGt2XJ4swUVmHSV%2Fyq04GFaDls%2FLfZ2xHTOxieKR072oViFSgPG7NMDMcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c5ed354-FRA
screenshot3-j3oac.jpeg
roblxwin.com/images/uploads/2022-09-21/
92 KB
92 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/screenshot3-j3oac.jpeg
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee713ed1cca1dc5f8c81876e907f3124590d06c9fc343239f560a816fdf52eb6

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
93737
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-16e29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEQWn44N0AvQlTh3OQo3w8BWFgJ4CF34wJfXxflu3dLsvPE%2FG%2FTT1oYdKdqD5jnhdE56E6SAVoNKiDkTCfXHkQ3P570wRTg3whVp6FO7ZXkrv16wC4vJD9l5ss7Ij6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c62d354-FRA
screenshot2-t7e70.jpeg
roblxwin.com/images/uploads/2022-09-21/
135 KB
135 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/screenshot2-t7e70.jpeg
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
311cdb0fa807ddd9506ab6d8f5805eca4030f500cc13853e4c5a132acbdaed69

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
137756
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-21a1c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZc7iyIh18PZoilrYvhVFix4Bm1wbyBaV4H%2FkV%2BQRuB65putVQyLbG7ZmR8DpK4vBgqSkoYEpXgmtysjLQ9ERCICwfdO0xn51VNyJkKy192DpTAlv4J59%2FFsnTQsMOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c66d354-FRA
roblox.jpg
roblxwin.com/images/uploads/blog/Hes-july-2022/
180 KB
181 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/blog/Hes-july-2022/roblox.jpg?1663766469922
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fedaee86cea3230b5a44f74d2b1c803642131efd5ef83cd39039fd84d7287108

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
184507
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-2d0bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skiYQLYOMIlm52Oy0Kb2JfEax5ZNLZ4CpQ0OtOzdC8hMSCPWQ%2FpBj10CPRU%2Fa9HZt90SitgSrbh%2Fp6mA4bT73v9L50qZppF7hxdRx9L6kvxL5MmZjdy2qXipxVImQsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c69d354-FRA
roblox-game.jpg
roblxwin.com/images/uploads/blog/Hes-july-2022/
147 KB
147 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/blog/Hes-july-2022/roblox-game.jpg?1663766508885
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74f4d73214629409f776fbb34f76fffb6e3df0562b75b2ee0bb06400e4ff7ce

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
150431
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-24b9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67rVarmXJoG8VhOz3v2%2Bfu0xkkI58TtO%2BJunAW2QgA%2FUf5BUAo7U2HwhL%2BXQdnNMemxtZSoHTYzGAQB7SC00BcGdIsWAyZK%2BIYfiJ2hVqoCvUhVNGaCy4ZE%2FkIHP%2BHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c73d354-FRA
hqdefault.jpg
img.youtube.com/vi/1ugE92y1gZI/
41 KB
42 KB
Image
General
Full URL
https://img.youtube.com/vi/1ugE92y1gZI/hqdefault.jpg
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59a0a071ba2c24981a4c61c5b480daacb43cdcbd455e2d5b7999244d6d435f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42487
x-xss-protection
0
server
sffe
etag
"1663726664"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 28 Aug 2024 04:35:10 GMT
hqdefault.jpg
img.youtube.com/vi/RR28V87_8yQ/
35 KB
35 KB
Image
General
Full URL
https://img.youtube.com/vi/RR28V87_8yQ/hqdefault.jpg
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717e4acce577bf9575bad45c2961fb2d67bad46744d257f977a991731970bdd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36245
x-xss-protection
0
server
sffe
etag
"1663636772"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 28 Aug 2024 04:35:10 GMT
hqdefault.jpg
img.youtube.com/vi/Xe9Gap9XjZU/
29 KB
29 KB
Image
General
Full URL
https://img.youtube.com/vi/Xe9Gap9XjZU/hqdefault.jpg
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e70f7b09c796e4c9a955a0aac52b6fd7f8dd03cb4bcbfef924320dd5dde3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29607
x-xss-protection
0
server
sffe
etag
"1663595053"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 28 Aug 2024 04:35:10 GMT
news-tpebn-rs-wX-282-hX-259.jpeg
roblxwin.com/images/uploads/blog/2022-09-21/
25 KB
26 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/blog/2022-09-21/news-tpebn-rs-wX-282-hX-259.jpeg
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1ac6c0d61e355e735e81129fd333857de55fa45d450eec165642072d3ed7ea6

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
25988
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-6584"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uagE%2FHJLT5wekC7tLmKjNRThcRYWYlPFNK4b6GFKs2%2F%2BwNmd16rfBxHR9ZjQW036EFpkHgzU53KQHkukoI8lPsTbqVXpdepGZh9np0xd44XXyWM8YGdlw1pbe83FwWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c75d354-FRA
upd-cprba-rs-wX-282-hX-259.jpeg
roblxwin.com/images/uploads/blog/2022-09-21/
24 KB
24 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/blog/2022-09-21/upd-cprba-rs-wX-282-hX-259.jpeg
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a1e68214e0a985bedf0559b123bb19a956e11a2d0a3cf9d3c23d0d5073a190

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
24182
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-5e76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x26tUKsMf2Tk33%2BlL0HIciSYgALF32XcxRG649wz286N3Y6aZ3H9Kk65UxwihrvzV6lu8uiQ15ABLU0jPcxafjEgeBan1OrIIDxkvhyMFuenKrgK49RA6NPpGDGI25w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c78d354-FRA
logo-okogt.png
roblxwin.com/images/uploads/2022-09-21/
6 KB
7 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/logo-okogt.png
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ef65f6519f821e69f856e12a1b35633bd34927afdaac55b78587c884a2cab4

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6429
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-191d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTcIJr06bV%2FopLVMgP86dpgBjJra2jXZKtAmE0sqFFQzUVs0xot3EtLlkKon57Scw%2FPKblewVCsyDzq5YSUIwz2YrFnLyiRRi9M40tcMkhPQ73Y%2FKDEpP%2B4bRdQxD%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d5c79d354-FRA
gtm.js
www.googletagmanager.com/
215 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQXPKZP
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cea05aa81dde5f156586dce805a1c72c61c9c104b3bd3c039785467c3320b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78205
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 00:52:49 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Aug 2024 02:35:10 GMT
product-hevdx.png
roblxwin.com/images/uploads/2022-09-21/
20 KB
0
Image
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/product-hevdx.png
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4f6c659b186b74ea9f17f455360cf10cfca96404d73390fb4761eb925d16dd

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
20082
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-4e72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2F36%2BcDeP5JMxM%2BnUWNlAtCaWGvvZKU%2FVdrRqzKKKcDt7%2FGxiuHDlk2cB5nYT6m%2Ffi%2F8VoAdCfYh3FFDK%2Bg%2BoIwNSiSgToVqAK96MVdedHhGHtufaMefSLiAXS2p8S8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d1bc0d354-FRA
bg-5igsk.png
roblxwin.com/images/uploads/2022-09-21/
513 KB
513 KB
Image
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/bg-5igsk.png
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65a7e4d330808a6f41347ae14e05ba3b5523d0fbd010e280b533334f31c9022

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
525115
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
server
cloudflare
etag
"657fef53-8033b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BiZdDwJgV8Ek9yQG%2Bg8IvOWxqzVcd3Zry7V7Uc9kMXf%2ByQU1EWkGzX82FFYQWpdyxbXbPr6bMZzxyQTGa3Vk9FhFk0rQgUk6pTVfrV6ep3IZjL7LN3N2FVsemnuJww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80d8ca9d354-FRA
OpenSans-Bold.ttf
roblxwin.com/css-theme/
102 KB
102 KB
Font
General
Full URL
https://roblxwin.com/css-theme/OpenSans-Bold.ttf
Requested by
Host: roblxwin.com
URL: https://roblxwin.com/css-theme/main.css?v=1637909234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8

Request headers

Referer
https://roblxwin.com/css-theme/main.css?v=1637909234
Origin
https://roblxwin.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"657fef53-196b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJgb6t1xqGdQdsUw1Z3nEDKd%2BiDf19%2B5hzLKapMpPFqKoNSbH03KuJIAHZgsc%2BBgXdgtzt%2BXQEihc0H61lfCyR3PPE47PajASNX%2FdTRNZR%2FbPeb0wFGgU6x7qL6KWZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
x-edge
edge
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ba0e80daccad354-FRA
alt-svc
h3=":443"; ma=86400
content-length
104120
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MCG6FWD54B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQXPKZP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df0b10ad2902e68b46a0d1b1ab2e742834a6741de638af8422e3b90ecad293bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104503
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Aug 2024 02:35:10 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQXPKZP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Aug 2024 00:40:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6870
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Aug 2024 02:40:40 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MCG6FWD54B&gtm=45je48q0v9121299367z8833158752za200zb833158752&_p=1724812510279&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=415423535.1724812511&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724812510&sct=1&seg=0&dl=https%3A%2F%2Froblxwin.com%2F&dt=Roblox%20for%20Windows%20%F0%9F%8E%AE%20Download%20Roblox%20for%20Free%20for%20Windows%2010%2F7%20PC%2C%20Install%20%26%20Play&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=447
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MCG6FWD54B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:35:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://roblxwin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=834678320&t=pageview&_s=1&dl=https%3A%2F%2Froblxwin.com%2F&ul=nl-nl&de=UTF-8&dt=Roblox%20for%20Windows%20%F0%9F%8E%AE%20Download%20Roblox%20for%20Free%20for%20Windows%2010%2F7%20PC%2C%20Install%20%26%20Play&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1442940333&gjid=300924908&cid=415423535.1724812511&tid=UA-180493214-1&_gid=960501783.1724812511&_r=1&_slc=1&gtm=45He48q0n81MQXPKZPv833158752za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=775853132
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 02:35:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://roblxwin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon-7im9k.ico
roblxwin.com/images/uploads/2022-09-21/
17 KB
4 KB
Other
General
Full URL
https://roblxwin.com/images/uploads/2022-09-21/favicon-7im9k.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f22351989aa02c4857e882f6477aeb7be6108a080673cab5090478ffc7ec42

Request headers

Referer
https://roblxwin.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 02:35:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 07:05:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"657fef53-423e"
x-cache-status
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2BK0e%2FOh28rquaBiaPGRWA89%2BvdWUZS%2FOs8mm7kDORSl3lSRy%2FEep%2FlK4HUxnSiNDKxC%2F4%2BD1nDQBkqhZobGKEuOubxz9I%2B5BeNOoBHYg91%2FRtc0NQQlRdoe%2Fm3NEKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
x-edge
edge
cache-control
max-age=14400
cf-ray
8ba0e80f6fbcd354-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.roblxwin.com/ Name: _ga_MCG6FWD54B
Value: GS1.1.1724812510.1.0.1724812510.0.0.0
.roblxwin.com/ Name: _ga
Value: GA1.2.415423535.1724812511
.roblxwin.com/ Name: _gid
Value: GA1.2.960501783.1724812511
.roblxwin.com/ Name: _gat_UA-180493214-1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.youtube.com
region1.google-analytics.com
roblxwin.com
www.google-analytics.com
www.googletagmanager.com
188.114.97.3
2001:4860:4802:32::36
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82f::200e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
254b89ae7388c1fd8023e967a13345d48619db5e26338e9868b6b3f176978da8
311cdb0fa807ddd9506ab6d8f5805eca4030f500cc13853e4c5a132acbdaed69
36f22351989aa02c4857e882f6477aeb7be6108a080673cab5090478ffc7ec42
42ef65f6519f821e69f856e12a1b35633bd34927afdaac55b78587c884a2cab4
4a282bdb3417faab7235062e15a69a7e24270ae2a115e9199917f4f2c9e4afb5
4b4f6c659b186b74ea9f17f455360cf10cfca96404d73390fb4761eb925d16dd
59a0a071ba2c24981a4c61c5b480daacb43cdcbd455e2d5b7999244d6d435f33
717e4acce577bf9575bad45c2961fb2d67bad46744d257f977a991731970bdd8
9cea05aa81dde5f156586dce805a1c72c61c9c104b3bd3c039785467c3320b35
b2a1e68214e0a985bedf0559b123bb19a956e11a2d0a3cf9d3c23d0d5073a190
c65a7e4d330808a6f41347ae14e05ba3b5523d0fbd010e280b533334f31c9022
d1ac6c0d61e355e735e81129fd333857de55fa45d450eec165642072d3ed7ea6
d74f4d73214629409f776fbb34f76fffb6e3df0562b75b2ee0bb06400e4ff7ce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0b10ad2902e68b46a0d1b1ab2e742834a6741de638af8422e3b90ecad293bd
ee713ed1cca1dc5f8c81876e907f3124590d06c9fc343239f560a816fdf52eb6
f1e70f7b09c796e4c9a955a0aac52b6fd7f8dd03cb4bcbfef924320dd5dde3b4
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
fcebdda309fe157b24ed4a4b21f8544a6d601980f7e1ca129e722df406c15b82
fedaee86cea3230b5a44f74d2b1c803642131efd5ef83cd39039fd84d7287108