malw.ru Open in urlscan Pro
2a00:b6e0:1:20:7::1  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request da Show response malw.ru/pages/	16 KB 17 KB	125ms 25ms	Document text/html	2a00:b6e0:1:20:7::1 ALWAYSDATA
General Check archive.org Show headers Download Go to Full URL https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:b6e0:1:20:7::1 , France, ASN60362 (ALWAYSDATA, FR), Reverse DNS Software waitress / Resource Hash 4d84b365d70846a542803cda7ae550d26dd5e0302e341b4154f8a56e0d7e5948 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-length 16876 content-type text/html; charset=utf-8 date Thu, 14 Nov 2024 17:58:22 GMT server waitress via 2.0 alproxy
GET H2	200	pages.css malw.ru/static/	7 KB 7 KB	74ms 23ms	Stylesheet text/css	2a00:b6e0:1:20:7::1 ALWAYSDATA
General Check archive.org Show headers Download Go to Full URL https://malw.ru/static/pages.css Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:b6e0:1:20:7::1 , France, ASN60362 (ALWAYSDATA, FR), Reverse DNS Software waitress / Resource Hash f73475b6e7992311607786d3058f1c78e7d71b4370cd7b97651337050b6d6bff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/pages/da Response headers cache-control no-cache etag "1729170170.685765-6712-3510832250" via 2.0 alproxy content-length 6712 date Thu, 14 Nov 2024 17:58:22 GMT content-disposition inline; filename=pages.css content-type text/css; charset=utf-8 server waitress last-modified Thu, 17 Oct 2024 13:02:50 GMT
GET H2	200	iconify-icon.min.js Show response code.iconify.design/iconify-icon/1.0.7/	21 KB 9 KB	144ms 41ms	Script application/javascript	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 851bed7af266f96a0be3edf9918daab48d8da4ce17c46040511bae450caf3dd6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers x-fastly-request-id d171e4a87a24045cf2d3893225ac1f7c3e11d7b6 content-encoding gzip cf-cache-status HIT etag W/"672f14d3-55f3" age 137 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2BW54g8tPuvG%2BG5GtJaYtN4xkepWJZC%2FRqHa2I3khqSzDNF0j4t4dmz%2BCYnVgyvOLTHncdzZAeS0roL3%2FTTmchvUpM4EKTIbUubbBtbA4LEqbE3MBVuY%2FhrSXXrCMgh8csDjhmh6PUacedbWV3wdqlc%3D"}],"group":"cf-nel","max_age":604800} x-github-request-id D43B:3754A2:3EC8050:4055B00:672F15B0 expires Sat, 09 Nov 2024 08:06:34 GMT x-proxy-cache MISS server-timing cfL4;desc="?proto=TCP&rtt=22956&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4054&recv_bytes=2233&delivery_rate=168201&cwnd=252&unsent_bytes=0&cid=379f190e9062ec46&ts=51&x=0" x-cache HIT date Thu, 14 Nov 2024 17:58:22 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 09 Nov 2024 07:52:51 GMT x-served-by cache-mad2200087-MAD x-cache-hits 0 vary Accept-Encoding cache-control max-age=172800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-timer S1731139372.334046,VS0,VE2 via 1.1 varnish cf-ray 8e28e3a61e063cf9-CDG accept-ranges bytes access-control-allow-origin * content-length 8141 server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	322 KB 108 KB	113ms 47ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8GF6GE4B3H Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d328ba3256e16d26c8484f318b04c3b5075f23af133b00c3eb4c89f55e22d511 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 14 Nov 2024 17:58:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 17:58:22 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109520 x-xss-protection 0 server Google Tag Manager
GET H2	200	night-owl.min.css cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.7.0/build/styles/	1 KB 572 B	137ms 50ms	Stylesheet text/css	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.7.0/build/styles/night-owl.min.css Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d8dfd126e376afbeadd941be47bc4ee88df1a82ccad09a25d03b3fc68d7d6a2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-expose-headers * content-encoding br etag W/"58d-PMuePhLSMeahbZBaU5pyobizI7M" age 1932538 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 14 Nov 2024 17:58:22 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230052-FRA, cache-lcy-eglc8600039-LCY vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 434 x-jsd-version 11.7.0
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	147ms 39ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%20Mono Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e1cdca53812fd7d4c46fe45c8962753477e8e63d0847036bad477eb3e0893c7b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 14 Nov 2024 17:58:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 17:58:22 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 14 Nov 2024 16:31:40 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	highlight.min.js Show response cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.7.0/build/	118 KB 42 KB	105ms 33ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.7.0/build/highlight.min.js Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9f19cebc1d4441ae1f0ffc696a42628b9f865fe5d99deda1f1e8cd5bec878888 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-expose-headers * content-encoding br etag W/"1d7ba-48/pHbxUxfsz6Y/k+3uhaM7AlFw" age 1075573 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Thu, 14 Nov 2024 17:58:22 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220045-FRA, cache-lcy-eglc8600039-LCY vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 42668 x-jsd-version 11.7.0
GET H3	200	highlightjs-line-numbers.min.js Show response cdnjs.cloudflare.com/ajax/libs/highlightjs-line-numbers.js/2.8.0/	3 KB 2 KB	132ms 72ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/highlightjs-line-numbers.js/2.8.0/highlightjs-line-numbers.min.js Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7be69b9a969b88d88d227f03c711f0b956d603753eeb45a001d7d5868db3443 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5ed2a60e-c7d" age 772127 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoetClZW7cCSGBhoi22%2F7RGHD%2BtfCF1123rura5sAnY2WyfbBp2xhfkokX%2BSr%2FqlnNgKgJMv5Z93uFu0DVojG2%2F1hi5PkUETXjz%2F1zD%2FokKHZjJUStwf42zK2Fud797hDf0RxBVD"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Tue, 04 Nov 2025 17:58:22 GMT alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 17:58:22 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 30 May 2020 18:29:34 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e28e3a5f8040401-CDG accept-ranges bytes access-control-allow-origin * content-length 1296 server cloudflare
GET H2	429	38dvXDF.png i.imgur.com/	0 241 B	125ms 24ms	Image text/plain	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/38dvXDF.png Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=300 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 retry-after 0 x-timer S1731607102.443484,VS0,VE0 access-control-allow-methods GET, OPTIONS accept-ranges bytes access-control-allow-origin * x-cache MISS content-length 0 date Thu, 14 Nov 2024 17:58:22 GMT x-served-by cache-lcy-eglc8600039-LCY x-cache-hits 0 server cat factory 1.0
GET H2	200	css2 fonts.googleapis.com/	2 KB 651 B	68ms 39ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Raleway Requested by Host: malw.ru URL: https://malw.ru/static/pages.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 139681a94faa2bc84b1493a573777c22280c12f293b42c3f2d3940dab9467d9d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 14 Nov 2024 17:58:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 17:58:22 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 14 Nov 2024 17:31:31 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	429	Siak4NQ.png i.imgur.com/	0 52 B	66ms 25ms	Image text/plain	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Siak4NQ.png Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=300 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 retry-after 0 x-timer S1731607102.443124,VS0,VE0 access-control-allow-methods GET, OPTIONS accept-ranges bytes access-control-allow-origin * x-cache MISS content-length 0 date Thu, 14 Nov 2024 17:58:22 GMT x-served-by cache-lcy-eglc8600039-LCY x-cache-hits 0 server cat factory 1.0
GET H2	429	LXibpYB.png i.imgur.com/	0 51 B	20ms 19ms	Image text/plain	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/LXibpYB.png Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=300 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 retry-after 0 x-timer S1731607102.466397,VS0,VE0 access-control-allow-methods GET, OPTIONS accept-ranges bytes access-control-allow-origin * x-cache MISS content-length 0 date Thu, 14 Nov 2024 17:58:22 GMT x-served-by cache-lcy-eglc8600039-LCY x-cache-hits 0 server cat factory 1.0
GET H2	429	9PNt5ZU.png i.imgur.com/	0 51 B	22ms 21ms	Image text/plain	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/9PNt5ZU.png Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=300 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 retry-after 0 x-timer S1731607102.466394,VS0,VE0 access-control-allow-methods GET, OPTIONS accept-ranges bytes access-control-allow-origin * x-cache MISS content-length 0 date Thu, 14 Nov 2024 17:58:22 GMT x-served-by cache-lcy-eglc8600039-LCY x-cache-hits 0 server cat factory 1.0
GET H2	429	HpZKGtI.png i.imgur.com/	0 51 B	20ms 18ms	Image text/plain	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/HpZKGtI.png Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=300 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 retry-after 0 x-timer S1731607102.470150,VS0,VE0 access-control-allow-methods GET, OPTIONS accept-ranges bytes access-control-allow-origin * x-cache MISS content-length 0 date Thu, 14 Nov 2024 17:58:22 GMT x-served-by cache-lcy-eglc8600039-LCY x-cache-hits 0 server cat factory 1.0
GET H2	200	telegram-widget.js Show response telegram.org/js/	20 KB 6 KB	84ms 25ms	Script application/javascript	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://telegram.org/js/telegram-widget.js?21 Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash 0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=345600 content-encoding gzip etag W/"642abc84-4ff5" expires Mon, 18 Nov 2024 17:58:22 GMT date Thu, 14 Nov 2024 17:58:22 GMT content-type application/javascript last-modified Mon, 03 Apr 2023 11:46:12 GMT server nginx/1.18.0
GET H2	429	6Huwb2r.png i.imgur.com/	0 51 B	20ms 19ms	Image text/plain	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/6Huwb2r.png Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=300 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 retry-after 0 x-timer S1731607102.470450,VS0,VE0 access-control-allow-methods GET, OPTIONS accept-ranges bytes access-control-allow-origin * x-cache MISS content-length 0 date Thu, 14 Nov 2024 17:58:22 GMT x-served-by cache-lcy-eglc8600039-LCY x-cache-hits 0 server cat factory 1.0
GET H2	200	pages.js Show response malw.ru/static/	1 KB 2 KB	27ms 25ms	Script application/javascript	2a00:b6e0:1:20:7::1 ALWAYSDATA
General Check archive.org Show headers Download Go to Full URL https://malw.ru/static/pages.js Requested by Host: malw.ru URL: https://malw.ru/pages/da Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:b6e0:1:20:7::1 , France, ASN60362 (ALWAYSDATA, FR), Reverse DNS Software waitress / Resource Hash 083be4c02989aa1b210675652c2af706d7bbf2e8deacc8407ba07a3d810033cb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/pages/da Response headers cache-control no-cache etag "1729170166.8658245-1524-3302427662" via 2.0 alproxy content-length 1524 date Thu, 14 Nov 2024 17:58:22 GMT content-disposition inline; filename=pages.js content-type application/javascript; charset=utf-8 server waitress last-modified Thu, 17 Oct 2024 13:02:46 GMT
GET H3	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrEHJA.woff2 fonts.gstatic.com/s/raleway/v34/	12 KB 12 KB	79ms 33ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrEHJA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Raleway Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash 22bacf8cec58f5dbae016dfe4a25a69bf15035ea17069dd6c78c30e8844f5ebd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://malw.ru Referer https://fonts.googleapis.com/ Response headers age 95180 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 13 Nov 2025 15:32:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 15:32:02 GMT last-modified Wed, 01 May 2024 20:31:52 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 12732 x-xss-protection 0 server sffe
GET H3	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 fonts.gstatic.com/s/raleway/v34/	22 KB 22 KB	77ms 32ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Raleway Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash 3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://malw.ru Referer https://fonts.googleapis.com/ Response headers age 116311 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 13 Nov 2025 09:39:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 09:39:51 GMT last-modified Wed, 01 May 2024 20:31:54 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 22432 x-xss-protection 0 server sffe
GET DATA	200 OK	truncated /	149 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e9706d8545bc919565ca2bb73d5130347e7858e455979e8888a4de2f8d823761 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2 fonts.gstatic.com/s/robotomono/v23/	12 KB 12 KB	72ms 46ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%20Mono Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash 32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://malw.ru Referer https://fonts.googleapis.com/ Response headers age 94850 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 13 Nov 2025 15:37:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 15:37:32 GMT last-modified Thu, 14 Sep 2023 01:16:46 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 12764 x-xss-protection 0 server sffe
GET H3	200	L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_QOW4Ep0.woff2 fonts.gstatic.com/s/robotomono/v23/	7 KB 7 KB	68ms 42ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_QOW4Ep0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%20Mono Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash 52f28cb4d065b4adfa78df4f9559c639f9cbcec14cc81f2a0b88dddbf706b6e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://malw.ru Referer https://fonts.googleapis.com/ Response headers age 95593 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 13 Nov 2025 15:25:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 15:25:09 GMT last-modified Wed, 13 Sep 2023 23:26:36 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7392 x-xss-protection 0 server sffe
GET		listen.ogg cast.malw.ru/	0 0
GET H2	200	line-md.json Show response api.iconify.design/	661 B 700 B	146ms 55ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/line-md.json?icons=menu Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ffe58413a6d8a47bb72eed59ba4ec199cf029104afade966198b6de6f98a83a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CA2QHNZ6Gte2s%2BgsxmMwNZFAJKRplycRJdisVBDv69VZzYJgwsKKqW4bmpo2w60GU6fDSd5KDWirv90lA0zd5MO1BcMJrO6C50sMvMzcDanF8WR9VUy3ELkoiSOAAuiELzl%2FYVlNsVWmzzSesvo4Q%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e6ad70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=16&recv=20&lost=0&retrans=0&sent_bytes=7528&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=87&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	mdi.json Show response api.iconify.design/	5 KB 3 KB	141ms 59ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/mdi.json?icons=android%2Carrow-left%2Ccontacts%2Cfolder%2Cformat-letter-case%2Cgift%2Chome%2Ckey%2Clan-connect%2Cmicrosoft-office%2Cmicrosoft-windows%2Cnotifications%2Cscript%2Cspotify%2Cweather-night Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 746785e9b63e20cd52d75bb1a9181b2c9b67667ded1b4d3458ac86ee714a45a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7d77WRDpvy4izxh3nNgk%2F0Nb0OLUHoM%2FQIQwJbEppdhZGh8mVXPxHSZUlcoRZBLpbhw4b4jtFNufz4wyeJkGtNrMrksOWtolgn1zDmwYrTs%2F23qiXjErKkHYX4dN5yA%2FUQ2J0grJk%2FOxGpGtvDQsmA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e6dd70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=29&recv=20&lost=0&retrans=0&sent_bytes=11960&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=91&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	mingcute.json Show response api.iconify.design/	1 KB 1 KB	139ms 57ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/mingcute.json?icons=telegram-fill Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fdf075ab147c8c8b627338e05a8eb94c98668b3a99c8f4848e46f0bdc734ef5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8az9wEJpULK4RuEXqAEEbPd18Svu1o9ZDkhFkJNbgqNtnH4EhlBas2FOOkns2%2BLnC2ELM39CSZ0AYspBEi%2B6%2BVRUbbQ%2FFE2y5EReIDgr5U6S19hZWkxWYomBalhTkow36PVaNRu7LWzkeuye7Dtmw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e6ed70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=20&recv=20&lost=0&retrans=0&sent_bytes=8316&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=89&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	ic.json Show response api.iconify.design/	1 KB 968 B	140ms 59ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/ic.json?icons=baseline-discord Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02f74bc5e0b7bea2ad86d831af36125efebac91f76736ce969088d8eedeba97b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i25dODcYMlOZ79B67xjRhKc9eTH16vW49fM9pwDm%2FBL9D%2FysJzn1HnNiQmROHt7Dv%2BBW%2FejpgEzOGN16mL%2BW46VtFTZhSEfZPPyROMTu9ak9370L8ash3rS9oulvenm0rErXg9vZj1Tvoy2H7ajtyg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e70d70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=26&recv=20&lost=0&retrans=0&sent_bytes=10926&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=91&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	ri.json Show response api.iconify.design/	2 KB 1 KB	139ms 58ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/ri.json?icons=gemini-fill%2Copenai-fill Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0e29628e361bb2ca1c88c21c633cb52caf871b57467676b9f03786be6f2c096 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vXfUZYohLfdVlmR5d0iogBHgI0XuKquZJgCNIWBD9HwFsoSKcc4O5ICEMNtBZSYIZEPCoue3u25QnqD%2FaUZxVrqWxmNy0kvBEtm%2Be5zDU%2B37MAGjMLTdG%2F%2Fyt5f%2BTl%2Foqy3WxgOTz6JX06tfJAX6g%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e72d70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=23&recv=20&lost=0&retrans=0&sent_bytes=9407&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=90&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	simple-icons.json Show response api.iconify.design/	6 KB 3 KB	135ms 54ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/simple-icons.json?icons=anydesk%2Cgooglegemini%2Cimgur%2Cvk Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc514195bc016841f2ced628bf47c169c51c49c7352c17714bf0d9890ba78211 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHEWVVplvnu6TZdPec4THEqvbnic%2FhhM7tljVNngfInvyto1NYKrRt4QjHHMxhzi3nLNa4lh%2F3z74DLpoaoQ3E4UUwfxbiKJ8K9haraIYWFg1jog7KlQvzQ8SX5BwtXxS%2FrcyrSCVNopEsPc1kPRqQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e74d70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=10&recv=20&lost=0&retrans=0&sent_bytes=4054&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=86&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	material-symbols.json Show response api.iconify.design/	1 KB 1 KB	144ms 63ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/material-symbols.json?icons=article%2Cdownload%2Csearch%2Cspeed-outline Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e642fdcbf201bce9e9c1840b7016bc9106f8717f1e5e12114175fc973ced29e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQmi38ruAwh7VWskOgEugXhm3bTD1pxTwq%2FOWqOs%2BMcCSfv5mJmRRQs4EFoRju82bMRGLekcPDKp2ErWoldyNX1dxM5Q0EU6HNsg6xnPokT1XOKcq%2FyqJeeuobEltg8mn0nzJeiqXqg7XeaG1xkmxA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e79d70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=37&recv=20&lost=0&retrans=0&sent_bytes=16437&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=94&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	fluent.json Show response api.iconify.design/	2 KB 2 KB	144ms 64ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/fluent.json?icons=apps-16-regular%2Cbot-sparkle-20-filled Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8c5020fb50e044a60b855f0b0a64e07b85a34b9defe796518373e7eed4c7c49 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWpuoFmH5dosgo%2FyUIhxtrYf4HHrlD%2F00vMgL1oskyCr74W3ZuP1pLrOERWFpwJ5aprKTj94%2FuA%2FxO4vbzZbOHYgtERwkVJGkIM%2B19TPuxjtywgZpWyhIAtLVz9ipBgf4aLwmKlaTFWPJzCjI3K6mA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a88e78d70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=34&recv=20&lost=0&retrans=0&sent_bytes=14725&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=94&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	carbon.json Show response api.iconify.design/	309 B 625 B	151ms 71ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/carbon.json?icons=usb Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3828e8ae2dd4f2d94744910986616376d48041975e430f8bf7d04d119bea5c55 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQlG12xh%2BC138ktlXYhP8bTlHjLQ28UGX4eD3w0%2FYqhttlh7flhsJiMrCoYUoxPVKFpY983GvWD4FFixmbpRlwyLa7v%2Ba2%2Fo1QwLQi8UH40QkQJv87e%2B9fDEg6yqXDgoRM7Nv3F2PF3ggcW9MmFiMA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a8aea4d70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=46&recv=20&lost=0&retrans=0&sent_bytes=19186&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=104&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	cib.json Show response api.iconify.design/	739 B 855 B	151ms 71ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/cib.json?icons=js Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fb984b75a65b1955f0e7e170caf04198e322aeb722f46d82296b3fb09d57c9f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRbhMsvAN2bj2FsJgCzjZLzDXcCz6OEbtCXiPHB9f4tYWHEiQHUsiEzPKsG7iB%2FE5WRoYA9th8Mkiahc2Puz90O3Jw1F3A20YMQhqrspUsPxdusGKiMeT63TA%2FTN2A4uyACWqFuOxnwyQnGuPEog6g%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a8ae9fd70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=43&recv=20&lost=0&retrans=0&sent_bytes=18265&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=101&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	mdi.json Show response api.iconify.design/	266 B 611 B	143ms 67ms	Fetch application/json	2606:4700:20::681a:ccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.iconify.design/mdi.json?icons=content-copy Requested by Host: code.iconify.design URL: https://code.iconify.design/iconify-icon/1.0.7/iconify-icon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ee51f7c9a8db99e965edb55628b01c15f4cc6e09e9696e695dacdd5e80da47b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers access-control-max-age 86400 cache-control public, max-age=604800, min-refresh=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC cross-origin-resource-policy cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LghJIh3SrDCiW98ghljkFRTr724w9scAnCFGQ830Z%2BlaoIQN71VTPQbj%2FYNXXzCD6lcy90pq7PQKZ8Vi1GhwO3ZIL05AVLChQAqhi34NLrBm3bZrH3ogH4Fv7n4QT4qqo69GQVTufUsoqMs6PqkC9w%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS cf-ray 8e28e3a8ae9bd70e-CDG access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=23088&sent=40&recv=20&lost=0&retrans=0&sent_bytes=17588&recv_bytes=3187&delivery_rate=167621&cwnd=254&unsent_bytes=0&cid=cd106ae1b27043d4&ts=100&x=0" date Thu, 14 Nov 2024 17:58:22 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
GET H2	200	embed t.me/share/ Frame 7BAC	0 0	126ms 43ms	Document text/html	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://t.me/share/embed?origin=https%3A%2F%2Fmalw.ru&telegram-share-url=https%3A%2F%2Fmalw.ru%2Fpages%2Fda&size=large Requested by Host: telegram.org URL: https://telegram.org/js/telegram-widget.js?21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=35768000 Request headers Referer https://malw.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cache-control no-store content-encoding gzip content-length 1189 content-type text/html; charset=utf-8 date Thu, 14 Nov 2024 17:58:22 GMT pragma no-cache server nginx/1.18.0 strict-transport-security max-age=35768000
GET H2	200	25 t.me/malwru/ Frame 79EC	0 0	149ms 68ms	Document text/html	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://t.me/malwru/25?embed=1&discussion=1&comments_limit=15&color=212121&colorful=1&dark=0 Requested by Host: telegram.org URL: https://telegram.org/js/telegram-widget.js?21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=35768000 Request headers Referer https://malw.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cache-control no-store content-encoding gzip content-length 3161 content-type text/html; charset=utf-8 date Thu, 14 Nov 2024 17:58:22 GMT pragma no-cache server nginx/1.18.0 strict-transport-security max-age=35768000
POST H2	204	collect region1.google-analytics.com/g/	0 0	90ms 30ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-8GF6GE4B3H&gtm=45je4bc0v9168943083za200&_p=1731607102458&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102077855&cid=158214760.1731607103&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731607102&sct=1&seg=0&dl=https%3A%2F%2Fmalw.ru%2Fpages%2Fda&dt=%D0%A3%D0%B2%D0%B5%D0%B4%D0%BE%D0%BC%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BE%20%D0%B4%D0%BE%D0%BD%D0%B0%D1%82%D0%B0%D1%85%20DonationAlerts%20%D0%B2%20Telegram%20-%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20malw.ru&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=690 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8GF6GE4B3H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://malw.ru cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 17:58:22 GMT content-type text/plain server Golfe2
GET H2	200	favicon.ico malw.ru/static/	15 KB 15 KB	25ms 25ms	Other image/vnd.microsoft.icon	2a00:b6e0:1:20:7::1 ALWAYSDATA
General Check archive.org Show headers Download Go to Full URL https://malw.ru/static/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:b6e0:1:20:7::1 , France, ASN60362 (ALWAYSDATA, FR), Reverse DNS Software waitress / Resource Hash 3e5bcd218dd3ea27830549b7bceba734447b78c72609b3666a24f50a92a7e665 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://malw.ru/pages/da Response headers cache-control no-cache etag "1719323572.9592679-15406-3955232066" via 2.0 alproxy content-length 15406 date Thu, 14 Nov 2024 17:58:23 GMT content-disposition inline; filename=favicon.ico content-type image/vnd.microsoft.icon server waitress last-modified Tue, 25 Jun 2024 13:52:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cast.malw.ru

URL

https://cast.malw.ru/listen.ogg

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| gtag object| dataLayer object| hljs object| script function| formatTimePart function| copy function| __parseFunction object| Telegram object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.malw.ru/	1970-01-21 10:36:07	Name: _ga_8GF6GE4B3H Value: GS1.1.1731607102.1.0.1731607102.0.0.0
			.malw.ru/	1970-01-21 10:36:07	Name: _ga Value: GA1.1.158214760.1731607103
			t.me/	1970-01-21 09:50:46	Name: stel_on Value: 1
			t.me/	1970-01-21 09:45:43	Name: stel_dt Value: -60
			t.me/	1970-01-21 01:01:33	Name: stel_ssid Value: 263879cb3146db2eb9_7792575498669953351

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.imgur.com/38dvXDF.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/Siak4NQ.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/LXibpYB.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/9PNt5ZU.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/HpZKGtI.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/6Huwb2r.png Message: Failed to load resource: the server responded with a status of 429 ()
javascript	error	URL: https://malw.ru/pages/da Message: Access to fetch at 'https://cast.malw.ru/listen.ogg' from origin 'https://malw.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://cast.malw.ru/listen.ogg Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.iconify.design
cast.malw.ru
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.iconify.design
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
malw.ru
region1.google-analytics.com
t.me
telegram.org
www.googletagmanager.com
cast.malw.ru
104.17.25.14
172.217.18.3
199.232.192.193
2001:4860:4802:32::36
2001:67c:4e8:f004::9
2606:4700:20::681a:ccc
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200a
2a00:b6e0:1:20:7::1
2a04:4e42:600::485
02f74bc5e0b7bea2ad86d831af36125efebac91f76736ce969088d8eedeba97b
083be4c02989aa1b210675652c2af706d7bbf2e8deacc8407ba07a3d810033cb
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
0fb984b75a65b1955f0e7e170caf04198e322aeb722f46d82296b3fb09d57c9f
139681a94faa2bc84b1493a573777c22280c12f293b42c3f2d3940dab9467d9d
22bacf8cec58f5dbae016dfe4a25a69bf15035ea17069dd6c78c30e8844f5ebd
32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba
3828e8ae2dd4f2d94744910986616376d48041975e430f8bf7d04d119bea5c55
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
3e5bcd218dd3ea27830549b7bceba734447b78c72609b3666a24f50a92a7e665
3fdf075ab147c8c8b627338e05a8eb94c98668b3a99c8f4848e46f0bdc734ef5
4d84b365d70846a542803cda7ae550d26dd5e0302e341b4154f8a56e0d7e5948
4ffe58413a6d8a47bb72eed59ba4ec199cf029104afade966198b6de6f98a83a
52f28cb4d065b4adfa78df4f9559c639f9cbcec14cc81f2a0b88dddbf706b6e0
746785e9b63e20cd52d75bb1a9181b2c9b67667ded1b4d3458ac86ee714a45a0
7e642fdcbf201bce9e9c1840b7016bc9106f8717f1e5e12114175fc973ced29e
851bed7af266f96a0be3edf9918daab48d8da4ce17c46040511bae450caf3dd6
8ee51f7c9a8db99e965edb55628b01c15f4cc6e09e9696e695dacdd5e80da47b
9f19cebc1d4441ae1f0ffc696a42628b9f865fe5d99deda1f1e8cd5bec878888
cc514195bc016841f2ced628bf47c169c51c49c7352c17714bf0d9890ba78211
d0e29628e361bb2ca1c88c21c633cb52caf871b57467676b9f03786be6f2c096
d328ba3256e16d26c8484f318b04c3b5075f23af133b00c3eb4c89f55e22d511
d8dfd126e376afbeadd941be47bc4ee88df1a82ccad09a25d03b3fc68d7d6a2e
e1cdca53812fd7d4c46fe45c8962753477e8e63d0847036bad477eb3e0893c7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7be69b9a969b88d88d227f03c711f0b956d603753eeb45a001d7d5868db3443
e8c5020fb50e044a60b855f0b0a64e07b85a34b9defe796518373e7eed4c7c49
e9706d8545bc919565ca2bb73d5130347e7858e455979e8888a4de2f8d823761
f73475b6e7992311607786d3058f1c78e7d71b4370cd7b97651337050b6d6bff