kupkaguwienko.xyz Open in urlscan Pro
172.67.205.243  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response kupkaguwienko.xyz/k/	13 KB 6 KB	132ms 72ms	Document text/html	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c49ecd6b7382024877d1fc106ec66100433cbe409c4c21eec81f24b5be10fb8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e943c865e02b1d6-WAW content-encoding zstd content-type text/html; charset=UTF-8 date Wed, 27 Nov 2024 18:38:39 GMT last-modified Tue, 03 Sep 2024 00:32:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z3%2Bg%2BExkTC34QRd%2BcxyMZZp79wXe5sZJIvhf1TixD%2FezUK0vw1Xunrx5LEu2lYMxDYmt%2BPHMffzEItL%2BQd6nV9mxaABppYdI0BeYMoUGmcXCCWFyR5b7tTJ%2FVohHQkO4Px%2FhA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=46949&min_rtt=46716&rtt_var=17684&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4133&recv_bytes=4381&delivery_rate=59977&cwnd=12000&unsent_bytes=0&cid=696803650990c4d4&ts=85&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H2	200	telegram-web-app.js Show response telegram.org/js/	106 KB 22 KB	198ms 65ms	Script application/javascript	2001:67c:4e8:f004::9 Telegram Telegram...
General Check archive.org Show headers Download Go to Full URL https://telegram.org/js/telegram-web-app.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash 3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://kupkaguwienko.xyz/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=345600 content-encoding gzip etag W/"6739f222-1a916" expires Sun, 01 Dec 2024 18:38:39 GMT date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript last-modified Sun, 17 Nov 2024 13:39:46 GMT server nginx/1.18.0
GET H3	200	index-r2gGMmA-.js Show response kupkaguwienko.xyz/k/	132 KB 54 KB	205ms 205ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1746c15ef47c807840eb83ad1fcb4faa6435b4df13262d67f015ff541676dbf3 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer https://kupkaguwienko.xyz/k/ Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e69a-21176" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R08uFnLJyrP1TRbhvJSmYzbwC0OFpk4y7MguTwGwJUujSPfvrB%2BLqfqLCavdKuHjXFmwGjPG9Hn7xhmfJ0ZImqNtNtCMTSkuH78FUAgVGZzsSPptA%2BLbVbkaijoT8IGZC5%2BlJw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=57624&min_rtt=46678&rtt_var=17259&sent=30&recv=14&lost=0&retrans=0&sent_bytes=22403&recv_bytes=5318&delivery_rate=146278&cwnd=12000&unsent_bytes=0&cid=696803650990c4d4&ts=156&x=1", cfExtPri, cfHdrFlush;dur=44 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c86de8bb1d6-WAW server cloudflare
GET H3	200	index-8FqDkb1A.css kupkaguwienko.xyz/k/	461 KB 107 KB	63ms 62ms	Stylesheet text/css	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/index-8FqDkb1A.css Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d1045e13a292368cd50a37d8a01941add68658c3ec78a3b557388f8ff5695ad Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer https://kupkaguwienko.xyz/k/ Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e69a-73358" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCSwS3vPcLDDLzkoIplGubjTKOs%2BPeFEXxKGfSBWlvDx%2FZfnWF8cwAvvXo68Egz8Gu7zaCaIFFBLh3jAEwJuo5kjV4urQi8dnYhhnMRAMsiFEOQc%2BZ5Tw6vKzgdO8vT0PjO%2FAA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=57624&min_rtt=46678&rtt_var=17259&sent=20&recv=14&lost=0&retrans=0&sent_bytes=10431&recv_bytes=5318&delivery_rate=146278&cwnd=12000&unsent_bytes=0&cid=696803650990c4d4&ts=153&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type text/css last-modified Thu, 30 May 2024 02:38:18 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c86de8eb1d6-WAW server cloudflare
GET		mtproto.worker-CTze2s6m.js kupkaguwienko.xyz/k/	0 0
GET		crypto.worker-CfCshcpI.js kupkaguwienko.xyz/k/	0 0
GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/svg+xml
GET H3	200	crypto.worker-CfCshcpI.js Show response kupkaguwienko.xyz/k/	67 KB 27 KB	62ms 62ms	Fetch application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/crypto.worker-CfCshcpI.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://kupkaguwienko.xyz/k/ Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e698-10d02" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aG70F%2FJJgpCLgnOzZeyU1qHNenJxoRVI3f6UxI036f%2F7GY1mNOS%2FkDRC2uaefB5u6NXFGXBCoDRPjq0JYRw1fuUFdQI3cLUT8gEkyFMQhIy8HSb15f06LGld49Gdx0wprK1vRg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49941&min_rtt=46678&rtt_var=3083&sent=165&recv=68&lost=0&retrans=0&sent_bytes=179164&recv_bytes=8642&delivery_rate=590219&cwnd=111600&unsent_bytes=0&cid=696803650990c4d4&ts=460&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:16 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c88c866b1d6-WAW server cloudflare
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/avif
GET H3	200	favicon.ico kupkaguwienko.xyz/k/assets/img/	15 KB 4 KB	100ms 100ms	Other image/x-icon	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://kupkaguwienko.xyz/k/ Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e684-3aee" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VFZBRAtdwxTlBKoWiidB4Sw2ve59EmQy912%2FPhhb2bqMtwBvXSNFXJkGWsu6fJAFWC7kqnS3vm82HCee1aHvY9knr%2Fl8cIZC4WklqbGpLnRgdp0uRDtzVLAZtOOzV%2B0ZBmOY3w%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49941&min_rtt=46678&rtt_var=3083&sent=260&recv=71&lost=0&retrans=0&sent_bytes=290789&recv_bytes=9729&delivery_rate=590219&cwnd=111600&unsent_bytes=0&cid=696803650990c4d4&ts=471&x=1", cfExtPri, cfHdrFlush;dur=36 date Wed, 27 Nov 2024 18:38:39 GMT content-type image/x-icon last-modified Thu, 30 May 2024 02:37:56 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c88d870b1d6-WAW server cloudflare
GET H3	200	lang-BSGk-k5X.js Show response kupkaguwienko.xyz/k/	125 KB 43 KB	87ms 87ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/lang-BSGk-k5X.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba34d1b04d92c677489e0bfc89f2a6ae3423ac73713843457efc9f61e7a67949 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e69c-1f437" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kovOjD5Z7iyGpz6qes2y%2BFQZPR%2BpTT9ei0Es1xbe0ElCOaEfaoxOmP1QpCNPt8XSHti5rneGgYbsO7kMXZBuCliujWyVtquVpkmsJmjPE0Fczl8EH65WGsCC%2BeXpZxnYDCFVLw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49941&min_rtt=46678&rtt_var=3083&sent=260&recv=71&lost=0&retrans=0&sent_bytes=290789&recv_bytes=9729&delivery_rate=590219&cwnd=111600&unsent_bytes=0&cid=696803650990c4d4&ts=479&x=1", cfExtPri, cfHdrFlush;dur=28 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:20 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c88e87eb1d6-WAW server cloudflare
GET H3	200	langSign-CN-ja8rh.js Show response kupkaguwienko.xyz/k/	2 KB 2 KB	89ms 89ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/langSign-CN-ja8rh.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e69c-66e" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLGEuSiqH7JLt0LzmKZMadS10uBx8cxx6euPwRjqYKT6oILS3r%2FKjpggoPq4rGJwOwreNgiK0vyG1ZQBLi1F%2F0tcimeOthS9LpYnm9ed1OR0nhoYyG2BhIi51ZDggyIT7SXAsg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49941&min_rtt=46678&rtt_var=3083&sent=260&recv=71&lost=0&retrans=0&sent_bytes=290789&recv_bytes=9729&delivery_rate=590219&cwnd=111600&unsent_bytes=0&cid=696803650990c4d4&ts=481&x=1", cfExtPri, cfHdrFlush;dur=26 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:20 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c88e87fb1d6-WAW server cloudflare
GET H3	200	countries-CzeCvYH8.js Show response kupkaguwienko.xyz/k/	24 KB 5 KB	89ms 88ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/countries-CzeCvYH8.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e696-5e21" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bREbHmTx3VLdvMYy%2FNuksTgOFUzHVyeWJgFayCrMlfsamX5bg12LmS1RQKU59GdoAKOcWdEuxcuFvdKjvoJk0cwg3EIqwu5VY00uWI6sEStqHuG82%2Bc9XBnmojvd7Te6PZBmg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49941&min_rtt=46678&rtt_var=3083&sent=260&recv=71&lost=0&retrans=0&sent_bytes=290789&recv_bytes=9729&delivery_rate=590219&cwnd=111600&unsent_bytes=0&cid=696803650990c4d4&ts=480&x=1", cfExtPri, cfHdrFlush;dur=27 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:14 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c88e882b1d6-WAW server cloudflare
GET H3	200	pageSignIn-yNFHmbPt.js Show response kupkaguwienko.xyz/k/	4 KB 3 KB	58ms 57ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/pageSignIn-yNFHmbPt.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8eb7dca2e256f038430fbc300cffcc8ed5e341c6460a5c4e7409366026368e3 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e6a2-10ed" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nv6qMadO5mH8EP117x7DnmXHQF3z18qEpE4Kc1MuxAsDIOCswIb0hx2G5rtXqblZaIBqkAm6rI79CxAGzL2nVlcarepDra%2BIy2qU8%2B5WA3u994E1TYbMhcnEeHbDX0ofdUlgHA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=565&recv=121&lost=0&retrans=0&sent_bytes=648218&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=628&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:26 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d951b1d6-WAW server cloudflare
GET H3	200	putPreloader-9BKU5zUs.js Show response kupkaguwienko.xyz/k/	699 B 1 KB	62ms 62ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/putPreloader-9BKU5zUs.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c191fe4ac219d2a09094ec0aa8f14d4b6599e9ce84816b53f642d17e495a67e4 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e6a4-2bb" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8u1WmU0GaVr3NCm%2Fg%2BzUa3J9QwqE4VY6CS5eJmCXkmTlnyzmYVnCghnzOkTsXsOKsB%2FuvxJ1HkVEK5BQXGyUBL51yBVomERR6KhoN6mmsr5oYMfQGdgkRRKroOsctg%2F07NqdDw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=580&recv=121&lost=0&retrans=0&sent_bytes=663650&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=632&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:28 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d953b1d6-WAW server cloudflare
GET H3	200	page-De0hPReT.js Show response kupkaguwienko.xyz/k/	10 KB 5 KB	69ms 68ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/page-De0hPReT.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3197c3381a5bdedf950c9531f65e321c630f3befedc446ea6023cf18c8d8be6 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e6a0-290c" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2BAMKGkZUIG6SUkR2WnLxsALPOdx6kJG9Xfqmqg6rSEg%2Fo53iw86L9Yefx2s05abSuVTNUwbBw9mZJXR9dvXSMtahto8KKGgYett57zUqrubucL059Xc7WIPQc24kmo1L%2BbNLw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=643&recv=121&lost=0&retrans=0&sent_bytes=736733&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=640&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:24 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d954b1d6-WAW server cloudflare
GET H3	200	countryInputField-BWE-irbU.js Show response kupkaguwienko.xyz/k/	9 KB 4 KB	58ms 57ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/countryInputField-BWE-irbU.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90958c52be83aff43b324993ad2ea7d51d175c43d6e3bcdf2e3b1d42607751db Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e696-240d" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuKWgTAvZjvgyfPoFvkR%2Fh2FnCYyZNRvN8DMJCkdBVfOPyWwz%2F5r3Z%2BSW80imJfpiL%2F7gLRMHWsSTzpSE886tAAj1s3Im98UZHoKGaySnR0C1wdU4X6JWvH7w9ZBLDFkz8jvpg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=568&recv=121&lost=0&retrans=0&sent_bytes=651099&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=630&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:14 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d956b1d6-WAW server cloudflare
GET H3	200	button-DQpxWumM.js Show response kupkaguwienko.xyz/k/	9 KB 5 KB	60ms 59ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/button-DQpxWumM.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0190c5f963357f112c1b86fa2215c54281151930fb8b138f5b50ab07f48c757 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e694-2323" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYpEgDIMkKpe6GVn7BCwvi0uq895zzvvFVPWQow5swfgEP%2B%2FsOqUPmnGSDYW4G3uUu3%2FWz9DyQ%2Fv137I7nJyJMkK3NvHydY%2Fgnl77uLOFA1aqTiVyC6b6oMDUIlaqrITsjxz7Q%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=575&recv=121&lost=0&retrans=0&sent_bytes=658806&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=632&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:12 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d957b1d6-WAW server cloudflare
GET H3	200	wrapEmojiText-CLm7708U.js Show response kupkaguwienko.xyz/k/	181 KB 64 KB	64ms 63ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/wrapEmojiText-CLm7708U.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6eb62a2290164d0650dc0a8933e6657979632914f78019d45276a20189eb30e2 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e6ae-2d25e" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Jj7KllrP%2BVW4d6F8sed4hfnpYoO8rrWCDWBX%2BYrUfSx7iDipDEagyF9K7JMfS6iGdVqnjpbWa4PiHajvyMsBy3i%2BY5b%2FPIOGWXGR6P4sykdO0D1siFlPf44T6WoWugWIv%2BB1A%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=585&recv=121&lost=0&retrans=0&sent_bytes=668380&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=635&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:38 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d959b1d6-WAW server cloudflare
GET H3	200	scrollable-CwMIL7Lm.js Show response kupkaguwienko.xyz/k/	7 KB 3 KB	58ms 58ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/scrollable-CwMIL7Lm.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0bfdf0b79085c19e594839e4ed70f3a6a69feb36fffbf7a17185e3a5484f23e5 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e6a8-1b73" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LR6O5Ao0sQySY7A1JoPoNGAbPFfbyueECupXTzpcGDDZ%2B8I5rBaOJQUYhSa4MPZKgL4U6TXiiUWgSeQS2y7m9KVtaa6evZgJyr48rqGBQsviN8whpb0GcVFWh6rb9V%2FwHBMitw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=572&recv=121&lost=0&retrans=0&sent_bytes=655753&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=631&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:32 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d95bb1d6-WAW server cloudflare
GET H3	200	pageSignQR-CposOwEu.js Show response kupkaguwienko.xyz/k/	5 KB 3 KB	60ms 60ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/pageSignQR-CposOwEu.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1822f06cb50f6652daa8ef367e8ad3d55b2df008676e729ed193a9c4dff8eb41 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e6a2-15cc" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3bA55IdMjCekQ4OJ9PGtVfcBhpevNmjosPa7AVgrFOCU%2FTbheXTq5qrJBl1KbJ3PKwQu%2F3LnUaPQG9nlLViauhrflyNVo9f5xzAlxzhShgbJrhzfCVW9KEcKsZbAb3lcynWgA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=580&recv=121&lost=0&retrans=0&sent_bytes=663650&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=632&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:26 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d95cb1d6-WAW server cloudflare
GET H3	200	textToSvgURL-Cnw_Q8Rw.js Show response kupkaguwienko.xyz/k/	357 B 992 B	64ms 63ms	Script application/javascript	172.67.205.243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kupkaguwienko.xyz/k/textToSvgURL-Cnw_Q8Rw.js Requested by Host: kupkaguwienko.xyz URL: https://kupkaguwienko.xyz/k/index-r2gGMmA-.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://kupkaguwienko.xyz Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"6657e6aa-165" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhWJdLgjg1mAT3qTi88vIX73nQbuNAtjW3XCM57dAQFTpuB2Ha7CzbsYDQiCQWXgmuf6nLJmKUXxlWv4E%2FlJF%2FpLNrjn0S4lAc7bryW%2Fu5C1YNmHfUWpZ%2FOyNCJvBYQvk2hEEQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=49337&min_rtt=46678&rtt_var=824&sent=595&recv=121&lost=0&retrans=0&sent_bytes=680380&recv_bytes=14546&delivery_rate=4618181&cwnd=267600&unsent_bytes=0&cid=696803650990c4d4&ts=635&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 27 Nov 2024 18:38:39 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 30 May 2024 02:38:34 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e943c89d95db1d6-WAW server cloudflare
GET		947633b5-c5bd-4d3a-b19a-e6047ae7ac04 https://kupkaguwienko.xyz/	0 0
GET		e4c15eb9-a45b-4719-9198-2a93d8f4e1bc https://kupkaguwienko.xyz/	0 0
GET		2b135b5f-c74a-4e34-b33a-e8ac743fc355 https://kupkaguwienko.xyz/	0 0
GET		rlottie.worker--aUfWGB2.js kupkaguwienko.xyz/k/	0 0
GET		rlottie.worker--aUfWGB2.js kupkaguwienko.xyz/k/	0 0
GET		rlottie.worker--aUfWGB2.js kupkaguwienko.xyz/k/	0 0
GET		rlottie.worker--aUfWGB2.js kupkaguwienko.xyz/k/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

kupkaguwienko.xyz

URL

https://kupkaguwienko.xyz/k/mtproto.worker-CTze2s6m.js

Domain

kupkaguwienko.xyz

URL

https://kupkaguwienko.xyz/k/crypto.worker-CfCshcpI.js

Domain

kupkaguwienko.xyz

URL

blob:https://kupkaguwienko.xyz/947633b5-c5bd-4d3a-b19a-e6047ae7ac04

Domain

kupkaguwienko.xyz

URL

blob:https://kupkaguwienko.xyz/e4c15eb9-a45b-4719-9198-2a93d8f4e1bc

Domain

kupkaguwienko.xyz

URL

blob:https://kupkaguwienko.xyz/2b135b5f-c74a-4e34-b33a-e8ac743fc355

Domain

kupkaguwienko.xyz

URL

https://kupkaguwienko.xyz/k/rlottie.worker--aUfWGB2.js

Domain

kupkaguwienko.xyz

URL

https://kupkaguwienko.xyz/k/rlottie.worker--aUfWGB2.js

Domain

kupkaguwienko.xyz

URL

https://kupkaguwienko.xyz/k/rlottie.worker--aUfWGB2.js

Domain

kupkaguwienko.xyz

URL

https://kupkaguwienko.xyz/k/rlottie.worker--aUfWGB2.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| appNavigationController object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates function| putPreloader function| dispatchHeavyAnimationEvent object| pagesManager object| sequentialDom object| animationIntersector object| lottieLoader function| placeCaretAtEnd object| appDownloadManager function| getVisibleRect object| syncedPlayers object| emojiRenderers function| getCaretPos function| getRichValueWithCaret function| wrapRichText function| compareNodes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://kupkaguwienko.xyz/k/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A060610124280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kupkaguwienko.xyz
telegram.org
kupkaguwienko.xyz
172.67.205.243
2001:67c:4e8:f004::9
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
0bfdf0b79085c19e594839e4ed70f3a6a69feb36fffbf7a17185e3a5484f23e5
1746c15ef47c807840eb83ad1fcb4faa6435b4df13262d67f015ff541676dbf3
1822f06cb50f6652daa8ef367e8ad3d55b2df008676e729ed193a9c4dff8eb41
1c49ecd6b7382024877d1fc106ec66100433cbe409c4c21eec81f24b5be10fb8
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
6eb62a2290164d0650dc0a8933e6657979632914f78019d45276a20189eb30e2
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
8d1045e13a292368cd50a37d8a01941add68658c3ec78a3b557388f8ff5695ad
90958c52be83aff43b324993ad2ea7d51d175c43d6e3bcdf2e3b1d42607751db
a8eb7dca2e256f038430fbc300cffcc8ed5e341c6460a5c4e7409366026368e3
b0190c5f963357f112c1b86fa2215c54281151930fb8b138f5b50ab07f48c757
ba34d1b04d92c677489e0bfc89f2a6ae3423ac73713843457efc9f61e7a67949
c191fe4ac219d2a09094ec0aa8f14d4b6599e9ce84816b53f642d17e495a67e4
db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3197c3381a5bdedf950c9531f65e321c630f3befedc446ea6023cf18c8d8be6