urlscan.io logo urlscan.io
SecurityTrails logo

s70560yr.beget.tech Open in urlscan Pro
185.50.25.11  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://s70560yr.beget.tech/
Submission: On April 07 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 34 HTTP transactions. The main IP is 185.50.25.11, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is s70560yr.beget.tech.
This is the only time s70560yr.beget.tech was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 185.50.25.11 198610 (BEGET-AS)
32 104.18.25.217 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
34 3
Apex Domain
Subdomains		 Transfer
32 steamstatic.com
store.cloudflare.steamstatic.com — Cisco Umbrella Rank: 27993
570 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 beget.tech
s70560yr.beget.tech
7 KB
34 3
Domain Requested by
32 store.cloudflare.steamstatic.com s70560yr.beget.tech
store.cloudflare.steamstatic.com
1 www.google-analytics.com s70560yr.beget.tech
1 s70560yr.beget.tech
34 3
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh

This page contains 1 frames:

Primary Page: http://s70560yr.beget.tech/
Frame ID: 1CA277C827A2A49EDA91B605B8BFF2FB
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Войти

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

596 kB
Transfer

1327 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
s70560yr.beget.tech/ 		26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://s70560yr.beget.tech/
Protocol
HTTP/1.1
Server
185.50.25.11 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
m2.free13.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
2383c8042b8d3cc249934213f02a77b36f4123a446446e054e0d7df8e7c457b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 07 Apr 2022 13:28:13 GMT
ETag
W/"68f3-5dbfeb530cae8"
Keep-Alive
timeout=30
Last-Modified
Wed, 06 Apr 2022 16:18:11 GMT
Server
nginx-reuseport/1.21.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
motiva_sans.css
store.cloudflare.steamstatic.com/public/shared/css/ 		3 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb487cb0927509900a94f5fe65e9fa66c264a1524d21dd7afaa4c75386e2dd2
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6240750
x-cache
MISS
content-length
633
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"2C1Oh9QFVTyK"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aeddcbc906c-FRA
expires
Wed, 06 Jul 2022 02:34:54 GMT
shared_global.css
store.cloudflare.steamstatic.com/public/shared/css/ 		82 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=xy2aKl1gYto9&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cecc3807be3773062bb46009b2efdc7b310e29a350b81499c541b86baf16206c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
655630
x-cache
MISS
content-length
20044
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"xy2aKl1gYto9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aeddcbe906c-FRA
expires
Mon, 26 Sep 2022 23:21:02 GMT
buttons.css
store.cloudflare.steamstatic.com/public/shared/css/ 		33 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=hFJKQ6HV7IKT&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8163d25cb71da281079b36fcde6d9f6846ff1e9d70112bbe328cae5ffb05f2bc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6240750
x-cache
MISS
content-length
3533
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"hFJKQ6HV7IKT"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aeddcc1906c-FRA
expires
Sun, 20 Feb 2022 01:37:05 GMT
store.css
store.cloudflare.steamstatic.com/public/css/v6/ 		121 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/css/v6/store.css?v=1dksWFQXQxNo&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cfc5fb577119ddf8018702989e2d495e5401b5e7f32bed4de6ee23bdfe55091
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
x-cache
MISS
content-length
28435
last-modified
Wed, 25 Mar 1970 05:25:08 GMT
server
cloudflare
etag
"C57Ffrq5nPv4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
cf-ray
6f831aeddcc4906c-FRA
expires
Sun, 09 Sep 2001 01:46:40 GMT
cart.css
store.cloudflare.steamstatic.com/public/css/v6/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/css/v6/cart.css?v=-voN2ZanCZk6&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b9cc5d82a85c2f906813f798be7fd39de80f9e4b57e8b341c94a3131e060fd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
3758498
x-cache
HIT
content-length
11730
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"-voN2ZanCZk6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aeddcc5906c-FRA
expires
Mon, 22 Aug 2022 01:23:18 GMT
browse.css
store.cloudflare.steamstatic.com/public/css/v6/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/css/v6/browse.css?v=TxaXogKG2Npu&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb95765bfe5f5f834014c183375d3dcf55c806fecf49c72de8467f9e072097ea
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6240746
x-cache
MISS
content-length
2672
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"TxaXogKG2Npu"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aeddcc8906c-FRA
expires
Tue, 14 Jun 2022 22:34:38 GMT
login.css
store.cloudflare.steamstatic.com/public/shared/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/css/login.css?v=ZZvmD2iD2zDi&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908beecc0015b12b6a99fa0735fb2e7090313cefdc04fe76455aaf3d57db5a5a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6240559
x-cache
MISS
content-length
3850
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"ZZvmD2iD2zDi"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aeddccc906c-FRA
expires
Sun, 24 Jul 2022 07:57:26 GMT
shared_responsive.css
store.cloudflare.steamstatic.com/public/shared/css/ 		17 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=mx3zakmFPU5T&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce976c8967e0f8b4a94586096fef06f535581c1b2505b89c3fe7dd7f2a1504ff
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6240750
x-cache
MISS
content-length
5562
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"mx3zakmFPU5T"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aeddcca906c-FRA
expires
Sat, 23 Jul 2022 06:26:10 GMT
jquery-1.8.3.min.js
store.cloudflare.steamstatic.com/public/shared/javascript/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6240780
x-cache
MISS
content-length
33382
last-modified
Fri, 05 Jan 2018 22:31:56 GMT
server
cloudflare
etag
".TZ2NKhB-nliU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aedecf7906c-FRA
expires
Sun, 24 Jul 2022 07:57:15 GMT
tooltip.js
store.cloudflare.steamstatic.com/public/shared/javascript/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
1346565
x-cache
HIT
content-length
4229
last-modified
Tue, 22 Mar 2022 23:23:46 GMT
server
cloudflare
etag
".zYHOpI1L3Rt0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aedecfc906c-FRA
expires
Sun, 18 Sep 2022 23:25:24 GMT
shared_global.js
store.cloudflare.steamstatic.com/public/shared/javascript/ 		149 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=q19KJPZ9HBms&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c1053a775515a24a2aa07fee7741a09c84b25488ac826492615ff348801c8b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
1346553
x-cache
MISS
content-length
37019
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"q19KJPZ9HBms"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aedecfb906c-FRA
expires
Sun, 18 Sep 2022 23:25:27 GMT
main.js
store.cloudflare.steamstatic.com/public/javascript/ 		79 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/javascript/main.js?v=mY6-89ycJjgK&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa523d0a7582770d3eac41e3c594152f1a15d191a8c0396db4e39adb79911190
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6178743
x-cache
HIT
content-length
18594
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"mY6-89ycJjgK"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aedecf9906c-FRA
expires
Mon, 25 Jul 2022 01:09:25 GMT
dynamicstore.js
store.cloudflare.steamstatic.com/public/javascript/ 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/javascript/dynamicstore.js?v=PA6cfnT8Gv34&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a822a8d0620eec00e1e4ba9332e3bfa47fbf95c620dd4601bba3c6049d797525
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
655620
x-cache
MISS
content-length
20046
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"PA6cfnT8Gv34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aedecf6906c-FRA
expires
Mon, 26 Sep 2022 23:21:08 GMT
login.js
store.cloudflare.steamstatic.com/public/shared/javascript/ 		79 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/javascript/login.js?v=AGPfUk3TIeAx&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6acb3af6c8ada650de787bd423f44b175e62e1eb2bda6b400115c89f0ef93295
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
6175529
x-cache
HIT
content-length
12104
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"AGPfUk3TIeAx"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aedecf0906c-FRA
expires
Tue, 22 Feb 2022 22:27:20 GMT
shared_responsive_adapter.js
store.cloudflare.steamstatic.com/public/shared/javascript/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=jmdOHfcQwOk1&l=russian&_cdn=cloudflare
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2a76e7bf76b5036c185dd08c2a60de1a5d33708237af9eb66fcbe8af74c05b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
3870837
x-cache
MISS
content-length
6301
last-modified
Sun, 09 Sep 2001 01:46:40 GMT
server
cloudflare
etag
"jmdOHfcQwOk1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=15552000
accept-ranges
bytes
cf-ray
6f831aedecf5906c-FRA
expires
Sat, 20 Aug 2022 18:14:13 GMT
logo_valve_footer.png
store.cloudflare.steamstatic.com/public/shared/images/responsive/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2018 22:31:56 GMT
server
cloudflare
age
3665
etag
"5a4ffcdc-736"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aee4d83906c-FRA
content-length
1846
header_menu_hamburger.png
store.cloudflare.steamstatic.com/public/shared/images/responsive/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2018 22:31:56 GMT
server
cloudflare
age
2025
etag
"5a4ffcdc-ec1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aee7de1906c-FRA
content-length
3777
header_logo.png
store.cloudflare.steamstatic.com/public/shared/images/responsive/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2018 22:31:56 GMT
server
cloudflare
age
5359
etag
"5a4ffcdc-2a6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aeeae2b906c-FRA
content-length
10863
logo_steam.svg
store.cloudflare.steamstatic.com/public/shared/images/header/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Nov 2020 23:33:19 GMT
server
cloudflare
age
5929
etag
W/"5fb45dbf-e64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
6f831aeece77906c-FRA
blank.gif
store.cloudflare.steamstatic.com/public/images/ 		807 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/images/blank.gif
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f73ef54efc672061f69ca881fe318dccc6dd67d993cbb8e76e53e52c84ee493
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2018 22:32:01 GMT
server
cloudflare
age
4515
etag
"5a4ffce1-327"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/gif
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aef1ef4906c-FRA
content-length
807
join_pc.png
store.cloudflare.steamstatic.com/public/shared/images/login/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/login/join_pc.png?v=1
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Oct 2020 23:36:13 GMT
server
cloudflare
age
6373
etag
"5f8f746d-823a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aef4f3c906c-FRA
content-length
33338
logo_steam_footer.png
store.cloudflare.steamstatic.com/public/images/v6/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/images/v6/logo_steam_footer.png
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399f74c4e69eac8b59b149293f9a573955fef0a62b242cfa70346070013e0966
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:13 GMT
cf-cache-status
HIT
last-modified
Thu, 18 Jun 2020 23:12:51 GMT
server
cloudflare
age
1541
etag
"5eebf4f3-b1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aef6f78906c-FRA
content-length
2843
footerLogo_valve_new.png
store.cloudflare.steamstatic.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/images/footerLogo_valve_new.png
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Feb 2020 17:48:31 GMT
server
cloudflare
age
1542
etag
"5e5017ef-a18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aefafd5906c-FRA
content-length
2584
ico_facebook.gif
store.cloudflare.steamstatic.com/public/images/ico/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/images/ico/ico_facebook.gif
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f97cfe4186b827737324c19df2fa7f98bb465e6e0893092c683c4ad76d9495b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2018 22:32:01 GMT
server
cloudflare
age
5883
etag
"5a4ffce1-493"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/gif
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aefc80b906c-FRA
content-length
1171
ico_twitter.gif
store.cloudflare.steamstatic.com/public/images/ico/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/images/ico/ico_twitter.gif
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dfbda507ea5fb1ed6c358bcc2e595c170ed4293ccb135545f05be3e30f7a0c0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2018 22:32:01 GMT
server
cloudflare
age
1162
etag
"5a4ffce1-58b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/gif
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831aefe858906c-FRA
content-length
1419
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s70560yr.beget.tech
URL: http://s70560yr.beget.tech/
Protocol
H2
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5008
date
Thu, 07 Apr 2022 12:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 07 Apr 2022 14:04:46 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
acct_creation_bg.jpg
store.cloudflare.steamstatic.com/public/shared/images/joinsteam/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/joinsteam/acct_creation_bg.jpg
Requested by
Host: store.cloudflare.steamstatic.com
URL: https://store.cloudflare.steamstatic.com/public/shared/css/login.css?v=ZZvmD2iD2zDi&l=russian&_cdn=cloudflare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d347144f3c2a396a44bfc7bbf231fa2185d3e536489811fc6dca3600dce3597
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://store.cloudflare.steamstatic.com/public/shared/css/login.css?v=ZZvmD2iD2zDi&l=russian&_cdn=cloudflare
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Sep 2020 23:09:25 GMT
server
cloudflare
age
5841
etag
"5f6a8425-d9c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831af018aa906c-FRA
content-length
55753
cf-bgj
h2pri
MotivaSans-Thin.ttf
store.cloudflare.steamstatic.com/public/shared/fonts/ 		116 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Thin.ttf?v=4.015
Requested by
Host: store.cloudflare.steamstatic.com
URL: https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

Request headers

Referer
https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
Origin
http://s70560yr.beget.tech
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 23:16:24 GMT
server
cloudflare
age
3638
etag
"5f20b1c8-1cfd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
6f831af04d529b5b-FRA
content-length
118736
MotivaSans-Regular.ttf
store.cloudflare.steamstatic.com/public/shared/fonts/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
Requested by
Host: store.cloudflare.steamstatic.com
URL: https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

Referer
https://store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=russian&_cdn=cloudflare
Origin
http://s70560yr.beget.tech
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 23:16:24 GMT
server
cloudflare
age
3638
etag
"5f20b1c8-1df3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
6f831af05d539b5b-FRA
content-length
122684
btn_header_installsteam_download.png
store.cloudflare.steamstatic.com/public/shared/images/header/ 		291 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1
Requested by
Host: store.cloudflare.steamstatic.com
URL: https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=xy2aKl1gYto9&l=russian&_cdn=cloudflare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=xy2aKl1gYto9&l=russian&_cdn=cloudflare
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Mar 2018 23:42:19 GMT
server
cloudflare
age
3303
etag
"5ab19c5b-123"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831af048e3906c-FRA
content-length
291
btn_arrow_down_padded.png
store.cloudflare.steamstatic.com/public/shared/images/popups/ 		161 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.cloudflare.steamstatic.com/public/shared/images/popups/btn_arrow_down_padded.png
Requested by
Host: store.cloudflare.steamstatic.com
URL: https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=xy2aKl1gYto9&l=russian&_cdn=cloudflare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=xy2aKl1gYto9&l=russian&_cdn=cloudflare
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2018 22:31:55 GMT
server
cloudflare
age
5373
etag
"5a4ffcdb-a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
strict-transport-security
max-age=300
accept-ranges
bytes
cf-ray
6f831af048e6906c-FRA
content-length
161
jsbn.js
store.cloudflare.steamstatic.com/public/shared/javascript/crypto/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/javascript/crypto/jsbn.js
Requested by
Host: store.cloudflare.steamstatic.com
URL: https://store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2adad654a0e37c791418e897592d6213b0cbeb73b35c1de6ca82085c4e79ce9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
293
x-cache
HIT
edge-control
!no-store,!bypass-cache,max-age=636
content-length
11528
server
cloudflare
etag
"P5-v3JwM3dJd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=636,must-revalidate
accept-ranges
bytes
cf-ray
6f831af06915906c-FRA
expires
Thu, 07 Apr 2022 13:26:00 GMT
rsa.js
store.cloudflare.steamstatic.com/public/shared/javascript/crypto/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.cloudflare.steamstatic.com/public/shared/javascript/crypto/rsa.js
Requested by
Host: store.cloudflare.steamstatic.com
URL: https://store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7173a15a85c666c409667810a53ed83fe73505988ff8496ee65c8ee03d683a6a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://s70560yr.beget.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 13:28:14 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
293
x-cache
EXPIRED
content-length
996
last-modified
Fri, 05 Jan 2018 22:31:56 GMT
server
cloudflare
etag
".2DapVp3yyevw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=641,must-revalidate
accept-ranges
bytes
cf-ray
6f831af0691a906c-FRA
expires
Thu, 07 Apr 2022 13:26:25 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

395 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery function| $J string| VALVE_PUBLIC_PATH function| OpenFriendChat function| OpenFriendChatInWebChat function| OpenGroupChat function| PromptContinueToWebChat function| $JFromIDOrElement function| ShowConfirmDialog function| ShowAlertDialog function| ShowDialog function| ShowPromptDialog function| ShowPromptWithTextAreaDialog function| ShowEditablePrompt function| ShowBlockingWaitDialog function| _BindOnEnterKeyPressForDialog function| _BuildDialog function| _BuildDialogButton function| CModal function| GetDefaultCommunityAJAXParams number| MINIPROFILE_ANIM_SPEED number| MINIPROFILE_DELAY_BEFORE_AJAX number| MINIPROFILE_DELAY_BEFORE_SHOW function| CDelayedAJAXData number| COOKIE_PREFERENCES_POPUP_DELAY function| InitCookiePreferencesPopup function| InitMiniprofileHovers function| _RegisterAJAXHoverHideFunction function| HideAJAXHovers function| BindAJAXHovers function| PositionMiniprofileHover function| CEmoticonDelayedAJAXData function| InitEmoticonHovers function| V_EscapeRegExp function| V_EscapeHTML function| v_trim function| V_ParseJSON function| V_ToJSON function| V_IsJSON function| V_GetCookie function| V_GetDecodedCookie function| V_SetCookie function| _GetStorageFromCookie function| BInsideIFrame function| SetValueLocalStorage function| UnsetValueLocalStorage function| GetValueLocalStorage function| DynamicLink_PlayYouTubeVideoInline function| DynamicLink_PlayVimeoVideoInline function| DynamicLink_ShowSketchfabModelInline function| ReplaceDynamicLink function| ShowBannedDynamicLink function| CScrollOffsetWatcher function| LoadImageGroupOnScroll function| LoadDelayedImages function| v_numberformat function| v_shuffle function| UpdateFormattedNumber function| RateAnnouncement function| GetResponsiveHeaderFixedOffsetAdjustment function| ScrollToIfNotInView function| CAjaxInfiniteScrollingControls function| CAjaxPagingControls function| CSlider function| CScrollSlider function| IsValidEmailAddress function| SearchFieldWithText function| CWebAPI function| RegisterPopupDismissal function| UnregisterPopupDismissal function| ShowMenu function| HideMenu function| HideMenuFast function| RegisterFlyout function| FlyoutMenu function| HideFlyoutMenu function| AlignMenu function| BindAutoFlyoutEvents function| PollOnUserActionAfterInterval number| DELAY_BETWEEN_NOTIFICATION_COUNT_POLLS_MS function| EnableNotificationCountPolling function| UpdateNotificationCounts function| PostToURLWithSession function| ShowWithFade function| HideWithFade function| LaunchWebChat function| ShowSupportAlerts function| UnlockFamilyView function| LockFamilyView function| setTimezoneCookies function| FlushStyleChanges number| k_EScrollbarDirectionVertical number| k_EScrollbarDirectionHorizontal function| InitAutoComplete function| CAutoComplete function| GetCurrentScrollPercentage function| FixedElementOnScrollWrapper function| CTextInputSuggest function| CIndexedInputSuggest function| InitBBCodeVideos function| CAjaxSubPageController function| SetupAnimateOnHoverImages function| BindTooltips function| ShowTooltipMenuAsPopup object| g_TooltipMutationObserver boolean| g_bTooltipMutationObserverDisabled function| SetupTooltips function| DisableTooltipMutationObserver function| ViewTitlesWithDescriptors function| CAppearMonitor object| g_rgQueuedGamepadCommands object| g_rgOnReadyCallbacks boolean| g_bGamepadNavReady function| RunWhenGamepadNavReady function| InstrumentFocusElements function| ForceUpdateFocusElements function| GPNavFocusChild function| GPOnShowingModalWindow function| GPShowVirtualKeyboard function| GPNavUpdateActionDescriptions object| Steam object| WebStorage function| VScrollbar function| GotFlashPopup object| tabStart object| tabMax object| tabTransition function| PageTab function| TabCompletionClosure function| RollTab function| TabScrollFinishClosure function| TabUpdateCounts function| RowHeightForTab function| TabSelect function| TabSelectStealth function| GetDefaultTabSelection function| SetDefaultTabSelection function| InitTabDefaults function| ScrollSmallCaps function| ScrollStaticSmallCaps function| ScrollCarouselSmallCaps function| UpdateSmallCapControl object| g_HoverState function| GetHoverState function| GameHover function| HideGameHover function| ShowGameHover function| UpdateWishlistCount function| AddToWishlist function| RemoveFromWishlist function| AddToWishlistButton function| IgnoreButton function| RecommendGame function| HideRecommendation object| g_OnWebPanelShownHandlers function| SteamOnWebPanelShown function| RegisterSteamOnWebPanelShownHandler object| g_OnWebPanelHiddenHandlers function| SteamOnWebPanelHidden function| RegisterSteamOnWebPanelHiddenHandler function| ExtractSNR function| ReplaceSNR function| ModifyLinkSNR function| InstrumentLinks function| InstrumentLink function| InstrumentedLinkOnClick function| MakeNavCookie function| MakeOutcomeCookie function| GetNavCookie number| g_iActiveSpotlight function| AnimateSpotlightTransition function| NextSpotlight function| expandTXItem function| PrevSpotlight function| UpdateSpotlightControls function| InitDailyDealTimer object| CCountdownManager function| Countdown function| GraphicalCountdown undefined| g_oSuggestParams number| g_nMobileSearchTermTimer number| k_nStartSearchTimeoutMS number| k_nSearchKeypressTimeoutExtensionMS function| MobileApp_ShowSearchResults function| MobileApp_UpdateSearchSuggestions function| InitializeSearchSuggestionParams function| EnableSearchSuggestions function| SearchTimeout function| ShowSuggestionsAsNecessary function| SearchSuggestOnKeyDown function| SearchSuggestOnMouseOver function| SearchSuggestClearDefaultSearchText function| SearchSuggestClearFixStyles function| SearchSuggestSetDefaultSearchText function| SearchSuggestSetFixStyles function| SearchSuggestCheckTerm function| EnsureStoreMenuTagsLoaded function| AddFreeLicense function| AddFreeBundle function| ChangeLanguage function| Logout function| getBestAvailNavData function| addToCart function| qtyBoxInputChanged function| updateQtyCart function| addBundleToCart function| addAllDlcToCart function| removeFromCart function| GamePurchaseDropdownSelectOption function| GamePurchaseDropdownAddToCart function| ShowGamePurchaseDropdown function| AgeGateClear function| InitHorizontalAutoSliders function| PreloadImages function| CGenericCarousel function| CreateFadingCarousel function| RegisterAutoSaveForm function| RecordAJAXPageView function| FollowCuratorWithCallback function| IgnoreCuratorWithCallback function| GetElemSNR function| JoinImpressionsUpToLimit object| GDynamicStoreHelpers function| OnDynamicStorePageException object| g_rgAppPriorityLists object| g_rgAppPriorityListMaps function| InitAppPriorityLists function| GetAppPriorityListMap function| ItemKey function| SortItemListByPriorityList function| DEBUG_LogItemList function| ShowHowDoDiscoveryQueuesWorkDialog function| GetAvatarURL function| GetScreenshotURL function| UpdatePricesForAdditionalCartDiscount function| UpdateStoreBannerForAdditionalCartDiscount function| UpdateStoreBannerForPromotionalDiscount object| GDynamicStore object| GStoreItemData object| GDynamicStorePage function| CLoginPromptManager object| g_interval function| receiveAuthCode function| Responsive_InitForTablet function| Responsive_InitMenuSwipes function| Responsive_InitTouchDetection function| Responsive_InitTabSelect function| Responsive_InitFixOnScroll function| Responsive_BuildChangeLanguageOption function| Responsive_RequestDesktopView function| Responsive_RequestMobileView function| Responsive_UpdateResponsivePrefs function| Responsive_InitResponsiveToggleEvents function| Responsive_ReparentItemsInMobileMode function| Responsive_ReparentItemsInTabletMode function| Responsive_ReparentItemsInResponsiveMode function| _Responsive_ReparentItems function| Responsive_InitJQPlotHooks boolean| g_fnActivateLocalMenu function| Responsive_ToggleLocalMenu function| UseTouchFriendlyMode function| UseSmallScreenMode function| UseMobileScreenMode function| SupportTabletScreenMode function| UseTabletScreenMode object| jQuery183014455334377604134 function| RSAPublicKey object| Base64 object| Hex object| RSA number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
s70560yr.beget.tech/ Name: timezoneOffset
Value: 0,0
.beget.tech/ Name: _ga
Value: GA1.2.2043935017.1649338094
.beget.tech/ Name: _gid
Value: GA1.2.1591127218.1649338094

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s70560yr.beget.tech
store.cloudflare.steamstatic.com
www.google-analytics.com
104.18.25.217
185.50.25.11
2a00:1450:4001:831::200e
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6
0f2a76e7bf76b5036c185dd08c2a60de1a5d33708237af9eb66fcbe8af74c05b
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
2383c8042b8d3cc249934213f02a77b36f4123a446446e054e0d7df8e7c457b9
399f74c4e69eac8b59b149293f9a573955fef0a62b242cfa70346070013e0966
3dfbda507ea5fb1ed6c358bcc2e595c170ed4293ccb135545f05be3e30f7a0c0
5f97cfe4186b827737324c19df2fa7f98bb465e6e0893092c683c4ad76d9495b
6acb3af6c8ada650de787bd423f44b175e62e1eb2bda6b400115c89f0ef93295
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
7173a15a85c666c409667810a53ed83fe73505988ff8496ee65c8ee03d683a6a
8163d25cb71da281079b36fcde6d9f6846ff1e9d70112bbe328cae5ffb05f2bc
8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
8f73ef54efc672061f69ca881fe318dccc6dd67d993cbb8e76e53e52c84ee493
908beecc0015b12b6a99fa0735fb2e7090313cefdc04fe76455aaf3d57db5a5a
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
9cfc5fb577119ddf8018702989e2d495e5401b5e7f32bed4de6ee23bdfe55091
9d347144f3c2a396a44bfc7bbf231fa2185d3e536489811fc6dca3600dce3597
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2adad654a0e37c791418e897592d6213b0cbeb73b35c1de6ca82085c4e79ce9
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
a822a8d0620eec00e1e4ba9332e3bfa47fbf95c620dd4601bba3c6049d797525
aa523d0a7582770d3eac41e3c594152f1a15d191a8c0396db4e39adb79911190
afb487cb0927509900a94f5fe65e9fa66c264a1524d21dd7afaa4c75386e2dd2
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
ce976c8967e0f8b4a94586096fef06f535581c1b2505b89c3fe7dd7f2a1504ff
cecc3807be3773062bb46009b2efdc7b310e29a350b81499c541b86baf16206c
d8bbe461137d50211568449468a1981ef189248200eadd48c3141a9df0b8f7fc
e0b9cc5d82a85c2f906813f798be7fd39de80f9e4b57e8b341c94a3131e060fd
e2d4e0e1d3e162fdc815f16dfff9ae9b0a967949f0f3ae371f947d730a3f0661
e6c1053a775515a24a2aa07fee7741a09c84b25488ac826492615ff348801c8b
fb95765bfe5f5f834014c183375d3dcf55c806fecf49c72de8467f9e072097ea
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa