www.maps4heroes.com
Open in
urlscan Pro
157.90.2.157
Public Scan
Effective URL: https://www.maps4heroes.com/
Submission: On October 29 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.
This is the only time www.maps4heroes.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 26 | 157.90.2.157 157.90.2.157 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2002 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:82b::2004 | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:812::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:81c::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 185.71.78.222 185.71.78.222 | 43247 (YOOMONEY-AS) (YOOMONEY-AS) | |
4 14 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 109.235.165.77 109.235.165.77 | 43247 (YOOMONEY-AS) (YOOMONEY-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2001 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
63 | 13 |
ASN24940 (HETZNER-AS, DE)
PTR: static.157.2.90.157.clients.your-server.de
www.maps4heroes.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN43247 (YOOMONEY-AS, RU)
PTR: ip-185-71-78-222.yoomoney.ru
yoomoney.ru |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN43247 (YOOMONEY-AS, RU)
PTR: ip-109-235-165-77.yoomoney.ru
static.yoomoney.ru |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
maps4heroes.com
1 redirects
www.maps4heroes.com |
87 KB |
11 |
google.com
www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 apis.google.com — Cisco Umbrella Rank: 112 |
272 KB |
10 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 8755 |
7 KB |
8 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
602 KB |
4 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4034 |
207 KB |
4 |
yoomoney.ru
yoomoney.ru — Cisco Umbrella Rank: 196931 static.yoomoney.ru — Cisco Umbrella Rank: 262993 |
82 KB |
2 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 |
185 KB |
1 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 49 |
5 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
4 KB |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 |
5 KB |
63 | 10 |
Domain | Requested by | |
---|---|---|
26 | www.maps4heroes.com |
1 redirects
www.maps4heroes.com
|
10 | mc.yandex.com |
3 redirects
www.maps4heroes.com
mc.yandex.ru yoomoney.ru |
6 | fundingchoicesmessages.google.com |
www.maps4heroes.com
pagead2.googlesyndication.com |
4 | fonts.gstatic.com |
www.maps4heroes.com
fonts.googleapis.com www.google.com |
4 | mc.yandex.ru |
1 redirects
www.maps4heroes.com
yoomoney.ru |
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
3 | www.google.com |
www.maps4heroes.com
www.gstatic.com www.google.com |
2 | static.yoomoney.ru |
yoomoney.ru
|
2 | yoomoney.ru |
www.maps4heroes.com
|
2 | apis.google.com |
www.maps4heroes.com
apis.google.com |
2 | pagead2.googlesyndication.com |
www.maps4heroes.com
pagead2.googlesyndication.com |
1 | lh3.googleusercontent.com |
www.maps4heroes.com
|
1 | fonts.googleapis.com | |
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
63 | 14 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.maps4heroes.com R3 |
2023-10-12 - 2024-01-10 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.apis.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.yoomoney.ru GlobalSign RSA OV SSL CA 2018 |
2022-11-15 - 2023-12-17 |
a year | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-08-14 - 2024-01-24 |
5 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.maps4heroes.com/
Frame ID: F2C5E9E0BFE91A468BED4B9FA536B761
Requests: 45 HTTP requests in this frame
Frame:
https://yoomoney.ru/quickpay/fundraise/button?billNumber=w5ypPQIhBbk.230318&
Frame ID: E128B39EFC5DC9423543D30DEE4B4CB6
Requests: 5 HTTP requests in this frame
Frame:
https://yoomoney.ru/quickpay/fundraise/button?billNumber=w5ypPQIhBbk.230318&
Frame ID: D19B24B388A26F7909FEE60AE786B1CB
Requests: 5 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: F1538FA7BFBE301144814E2303988F17
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LelwqcUAAAAAImd-GXv5W1588PuvTtV_sj5X0xa&co=aHR0cHM6Ly93d3cubWFwczRoZXJvZXMuY29tOjQ0Mw..&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=5tz96ies7hqx
Frame ID: F67AA2983E7A437F980C4166163B1A93
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Heroes 7(VII). Heroes 6(VI). Heroes 5(V). Heroes 4(IV). Heroes 3(III). Heroes maps. All about Heroes of Might and MagicPage URL History Show full URLs
-
http://www.maps4heroes.com/
HTTP 301
https://www.maps4heroes.com/ Page URL
Detected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Plus (Widgets) Expand
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe to our Telegram Channel "maps4heroes.com" to be the first to receive NEW Maps and News for Heroes of Might & Magic 7, 6, 5, 4, 3, 2!
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.maps4heroes.com/
HTTP 301
https://www.maps4heroes.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 51- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10171.lxTAllJyuccOJnIAfSD3QJ3yFMXWc9t1jSRmiEl9bbXBpPu4Q-8FUh-k9jFMqcF0.tciJtfHOdfwgAiLcjNo9IsjIUPg%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10171.foLYFaBwGbtvc7ZdlT3N2OYgL_Gc8NBvmfhIa6UZRq_OQEV32vsO9h5rRFD1q0Tn_hnEkm1W1X_dkAc9wuyVeu3zvM_Vy2olSa0cqNFhrWcuT0QggrB6aI_ikTdV88POBYpALHZP-lTI5JQe1AWHYfTP1lUpGLG0djr2hkzPF6oEzoR4kXNQgg3McQX8kFeo8x5Wh9XSCuSTXQm4EifDPD_g1tZPe1PQ39OvGO47eV4%2C.A38uh4t0iluyr87GIOaKkcmRrRc%2C
- https://mc.yandex.com/watch/11859880?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3Dw5ypPQIhBbk.230318%26&page-ref=https%3A%2F%2Fwww.maps4heroes.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A1693471904627%3Ahid%3A64501592%3Az%3A60%3Ai%3A20231029203029%3Aet%3A1698607830%3Ac%3A1%3Arn%3A827873140%3Arqn%3A1%3Au%3A1698607830835585774%3Aw%3A200x50%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C203%2C332%2C2%2C1%2C0%2C%2C14%2C0%2C%2C%2C%2C607%3Aco%3A0%3Acpf%3A1%3Ans%3A1698607828602%3Arqnl%3A1%3Ast%3A1698607830%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/11859880/1?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3Dw5ypPQIhBbk.230318%26&page-ref=https%3A%2F%2Fwww.maps4heroes.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A1693471904627%3Ahid%3A64501592%3Az%3A60%3Ai%3A20231029203029%3Aet%3A1698607830%3Ac%3A1%3Arn%3A827873140%3Arqn%3A1%3Au%3A1698607830835585774%3Aw%3A200x50%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C203%2C332%2C2%2C1%2C0%2C%2C14%2C0%2C%2C%2C%2C607%3Aco%3A0%3Acpf%3A1%3Ans%3A1698607828602%3Arqnl%3A1%3Ast%3A1698607830%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
- https://mc.yandex.com/watch/11859880?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3Dw5ypPQIhBbk.230318%26&page-ref=https%3A%2F%2Fwww.maps4heroes.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A1693471904627%3Ahid%3A1071940467%3Az%3A60%3Ai%3A20231029203030%3Aet%3A1698607830%3Ac%3A1%3Arn%3A873924933%3Arqn%3A2%3Au%3A1698607830835585774%3Aw%3A160x50%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C405%2C1%2C1%2C0%2C%2C22%2C1%2C%2C%2C%2C690%3Aco%3A0%3Acpf%3A1%3Ans%3A1698607828599%3Anp%3AV2luMzI%3D%3Arqnl%3A1%3Ast%3A1698607830%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/11859880/1?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Ffundraise%2Fbutton%3FbillNumber%3Dw5ypPQIhBbk.230318%26&page-ref=https%3A%2F%2Fwww.maps4heroes.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A1693471904627%3Ahid%3A1071940467%3Az%3A60%3Ai%3A20231029203030%3Aet%3A1698607830%3Ac%3A1%3Arn%3A873924933%3Arqn%3A2%3Au%3A1698607830835585774%3Aw%3A160x50%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C405%2C1%2C1%2C0%2C%2C22%2C1%2C%2C%2C%2C690%3Aco%3A0%3Acpf%3A1%3Ans%3A1698607828599%3Anp%3AV2luMzI%3D%3Arqnl%3A1%3Ast%3A1698607830%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.maps4heroes.com/ Redirect Chain
|
64 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heroes.css
www.maps4heroes.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
145 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-1075585756732166
fundingchoicesmessages.google.com/i/ |
160 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top_line_left_corner.gif
www.maps4heroes.com/img_design/ |
948 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top_line_left_img.gif
www.maps4heroes.com/img_design/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top_line_right_corner.gif
www.maps4heroes.com/img_design/ |
883 B 996 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
left_line_img.gif
www.maps4heroes.com/img_design/ |
524 B 637 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tlc.gif
www.maps4heroes.com/img_design/ |
184 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.gif
www.maps4heroes.com/img_design/ |
43 B 155 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trc.gif
www.maps4heroes.com/img_design/ |
184 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram.png
www.maps4heroes.com/img_design/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram_qr_code_200.jpg
www.maps4heroes.com/img_design/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blc.gif
www.maps4heroes.com/img_design/ |
183 B 296 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brc.gif
www.maps4heroes.com/img_design/ |
184 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
right_line_img.gif
www.maps4heroes.com/img_design/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottom_line_left_corner.gif
www.maps4heroes.com/img_design/ |
884 B 997 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottom_line_img.gif
www.maps4heroes.com/img_design/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottom_line_right_corner.gif
www.maps4heroes.com/img_design/ |
520 B 633 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plusone.js
apis.google.com/js/ |
56 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ |
464 KB 186 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button
yoomoney.ru/quickpay/fundraise/ Frame E128 |
40 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button
yoomoney.ru/quickpay/fundraise/ Frame D19B |
40 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top_line_bg.gif
www.maps4heroes.com/img_design/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
left_line_bg.gif
www.maps4heroes.com/img_design/ |
11 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tbg.gif
www.maps4heroes.com/img_design/ |
65 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lbg.gif
www.maps4heroes.com/img_design/ |
90 B 202 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rbg.gif
www.maps4heroes.com/img_design/ |
65 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bbg.gif
www.maps4heroes.com/img_design/ |
65 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
right_line_bg.gif
www.maps4heroes.com/img_design/ |
9 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottom_line_bg.gif
www.maps4heroes.com/img_design/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ |
157 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
199 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-1075585756732166
fundingchoicesmessages.google.com/b/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ |
395 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame F153 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxV7hrVOZhCIGj5Prm4qmnTHTpwX_QMf_4DTScEGTrKtAyRoFOh_EP7wtpcboKWq8-CU5RrcihxsJBDOfQuCD1Jrtg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxUJMI7vCjXA5ayPYww3Y9_8MYW5J1z5Po-sl8zi1z7VclkjHvk7s3oYq4zWLoheWifSFbHKZUj8IisiUbSyRe8GSPjQPsyize5TIxF1t1sAtN0PWQp0spp7PuBO9YW7hVTh-LqgGw==
fundingchoicesmessages.google.com/f/ |
306 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-1075585756732166
fundingchoicesmessages.google.com/i/ |
160 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ Frame D19B |
199 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
factor-io-regular.woff2
static.yoomoney.ru/files-front/fonts/ Frame D19B |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
69 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bz77aFdiFIlMnl47_FHdaHKuZRhA6Iuxk5WxwIkof9ZRXN4BBrRfewFeM525oDXp0xCRMa0Wt1TGbxSQ_K--VQGQKuZyRUBE7CvUCkOcXCOO_wJofuA=h60
lh3.googleusercontent.com/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ |
125 KB 126 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUSa-iY65KlGCwGRw8YRkqAMs4tNfHYbwEfjs118rmhwt4xvbE6ieETw8i4Pvjq_dSiOff2J7A_uhOqX89sOq77KrUwB7-44d5MgdoXYp3RwV9y0T92W6IpkjBfzaCl6KGSzVy0Ww==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ Frame E128 |
199 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
factor-io-regular.woff2
static.yoomoney.ru/files-front/fonts/ Frame E128 |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame F67A |
58 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame F67A |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame F67A |
464 KB 186 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 715 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 477 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F67A |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F67A |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F67A |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame F67A |
102 B 135 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ Frame D19B |
43 B 543 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/11859880/ Frame D19B Redirect Chain
|
438 B 603 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ Frame E128 |
43 B 515 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/11859880/ Frame E128 Redirect Chain
|
430 B 517 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23391022
mc.yandex.com/watch/ |
439 B 497 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| adsbygoogle object| gapi object| ___jsl function| ym function| __h82AlnkH6D91__ object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| __p4qa8r1lb17__ string| cHViLTEwNzU1ODU3NTY3MzIxNjY= object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZWI4MzY0YTM4ZDM0MTdmY2xvYWRlcl9qcw== string| ZWI4MzY0YTM4ZDM0MTdmY2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| google_sa_impl boolean| adsbygoogle_ama_fc_has_run object| recaptcha object| closure_lm_684796 object| Ya object| yaCounter2339102221 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 511=lq3GUfTco-78PKKuu4XD6yUEMu3tuT1XN3MERtf4AeFqsoSO2KtNaUI1U_s-0yfuWPaTI06RWtyYk0D8sLOy-b_DSbHo84L8hTrui2e5nHx51Y5NumYDB5FxGXWpe_k4EDm92qvj-MTCRc3YxicCYaiTOqO6-GV4VSQAbXEuAR8 |
|
.yandex.ru/ | Name: i Value: xKoCvwYZfk5lMKscRFYi4UE+Ddp1NrgoyknCxyOothC4qEanRg6PkGvBseEqip9VfJzcgpKbcxkWyq6gav3z/Nanvxk= |
|
.yandex.ru/ | Name: yandexuid Value: 8415425981698607828 |
|
yoomoney.ru/ | Name: yoouid Value: 3472155081698607828 |
|
.maps4heroes.com/ | Name: _ym_uid Value: 1698607829495125197 |
|
.maps4heroes.com/ | Name: _ym_d Value: 1698607829 |
|
.yoomoney.ru/ | Name: _ym_uid Value: 1698607830835585774 |
|
.yoomoney.ru/ | Name: _ym_d Value: 1698607830 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 3988959655fake |
|
.maps4heroes.com/ | Name: _ym_isad Value: 2 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
|
.yoomoney.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 4294915947fake |
|
mc.yandex.com/ | Name: yabs-sid Value: 1723046201698607830 |
|
.yandex.com/ | Name: yandexuid Value: 8415425981698607828 |
|
.yandex.com/ | Name: yuidss Value: 8415425981698607828 |
|
.yandex.com/ | Name: i Value: xKoCvwYZfk5lMKscRFYi4UE+Ddp1NrgoyknCxyOothC4qEanRg6PkGvBseEqip9VfJzcgpKbcxkWyq6gav3z/Nanvxk= |
|
.yandex.com/ | Name: yp Value: 1698694230.yu.1562681301698607829 |
|
.yandex.com/ | Name: ymex Value: 1701199830.oyu.1562681301698607829#1730143829.yrts.1698607829#1730143829.yrtsi.1698607829 |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
.maps4heroes.com/ | Name: _ym_visorc Value: w |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apis.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
static.yoomoney.ru
www.google.com
www.gstatic.com
www.maps4heroes.com
yoomoney.ru
109.235.165.77
157.90.2.157
185.71.78.222
2a00:1450:4001:801::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200e
2a02:6b8::1:119
02942387200eaf32c8c4c515750daea7f29113248cf5c3956ba972bbfb868216
0df64eb162d56f64f5f54922dbfd749b5a94b337496e40f008acf579b14015dd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cae4a4f79eeeb8a5cadb856c5b65038441aa54f5b9d8f3b5b497137309f6e18
26c3d9d8d38bfbc02d7d05c0f6650b697f31f9dd64dc2926681b6789cef4957c
2927ce9eed451f80673b179c1ded46c94c8aa661d5923ce83b4ba5444713ab24
2a60cd3e2659fe891cef58c57724ffa533b64a6a7413802949e289b7e9352fb2
2c508b0a02c5ba8bc33a84decfedef3618ed674977e6a3f774fb411db5958d0e
30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578
31fec95d04abb9e3560a723ff59fb4e687577a9dc187d30db55d272cba1b33d2
3ca46f6e7c45781723e751540874e01a57faae3021e2a3f3c49b91bb19708ce3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41bc242b21d8a983e19269eb47e45419b04d328e7d0d5543cd425dab44aead1f
443fd44c33e73c09a324686e2a7efc10b47f9f7b037f744eda753e4a586c624e
4e75ba0de782cfaa5acf1185fef225d852659ee84e7768fe3b01310d51978929
4e9a4eef538d78554dd8e8443a303f5bc2021b0c138272eac2022baa360701d5
53f03951da0c7c455594c5b547baa6d0bcb985b9b46f224020f2cdb0634cc64c
54893ce798be880e027b24551773ae4c6dd04c2d2716bdb0a548f10a665e8157
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56170d5dc5e437edf605f64d0effd274f3e628db747d75fc412bb95637092e22
564635572d0c370083b5a3263215100f8135459e2ad316c88671ea4a2cca4710
59907fe001b41dc093ef064fde2c512b8a592f85f2820f7086b6d1cb32ead83d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d2d7c864a4197304fca3e8903523c754a064a7ce297175951421f0411cea06e
60c450796b8e444ed6ecf193de9a90832ac42f5426e732d0c6251c98a05dd951
61758cc9e67a55c87f1ce2e1a4472dcfe75a21ccd0900c50f05680416fa04a7e
62d67f9180059d4d2bd125b74a348480f524d2cb0af223b3a0c49cd17f51d24c
64844b73051dbf8441588d1dbfb127c0dd4ded578aa3ff50fa19e4caaa519fae
6fdb92ef3da33d0034259aa156da1c7eb1899a2cbd0b5d30bf8adf134a050e6d
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7cdd80cd6e41321e9a2f52fbb5c7396003d564ffe0dc33769e068d501ce1914a
801b97d153879531171156b6083985595d55c9fab6f34f3353ebe8e47b22eb6f
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d2a04eb1982842f6cca395a178ce451fda3ab077d083139158cf47b74c7d16f
ac9e097b46aceffe4ff31caaef5921e39ce4f2ce2b3a8e7225fda2550c7050dc
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b09306857f9e57cf9e3e48a2e60bd8fb233796856e4f718346b91d546dc621c0
ba78d21f5e45401029c6f0ae3a86fa7b0040ec2042d8068fdf637123cd51d7f1
c101d371bb37c9e0dadbb185ca55d0b8227b8298b69e9b6648a8f97d99bcc8bb
c6d2e183145064cbbbfd3224b04fdf52495e1bf7ae49b899a0199a512596e69c
cc48a28bc884cbc6801d297e8846e73e1fec995ce07f4015a08cb9a32413c075
d24bca2a32eff2894956f8356b32fd2c1cefa37073d3c6876f7f5c179f71ffff
d69fa87de83c132de15cab2b57cfafd6149100cee4f32f3357c1da8673f471e6
da61757e0f9184f4c8beadf69089a1c01fae8e891a2d0aa00aca9cd0fdfb346f
dcc2b9a4b0126d2a08c4106fafd23f61d622e126fa5cac9f0263053a122a7145
e0e86934939a41db98bcc56e3f2caa005464a0ff9d050203de12bbbfccb94106
e1a47b5d58651760c1a91ebded6f99a996aa8c2fa2c6867dfacda26e8aefe380
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec637095e3063f025bdf802c1a115403e28c326682088b5fd4e503eabf8e5215
ef6294f3e43c00e4e5c42a2eaf52f52404bfdd10b9d89407ca08ed1da22c5cc3
f383f169fe15be764922acca2ef2acb25116599b24215ce1d8b78ad7a9112cb9
f417b2dee269d4eb2f1acff6e6eac59de41d570285eca9295a28831e13072369