URL: https://yjpcro.microsoftcult.com/
Submission Tags: @phishunt_io
Submission: On August 13 via api from ES

Summary

This website contacted 20 IPs in 4 countries across 20 domains to perform 26 HTTP transactions. The main IP is 213.159.209.166, located in Russian Federation and belongs to THEFIRST-AS, RU. The main domain is yjpcro.microsoftcult.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 10th 2020. Valid for: 3 months.
This is the only time yjpcro.microsoftcult.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 213.159.209.166 29182 (THEFIRST-AS)
2 209.197.3.15 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 81.19.72.56 24638 (RAMBLER-T...)
1 2a00:1450:400... 15169 (GOOGLE)
1 78.140.180.54 35415 (WEBZILLA)
4 5.254.23.224 3223 (VOXILITY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 89.108.90.34 43146 (AGAVA3)
1 82.202.190.240 209030 (KL-KDP)
1 46.235.191.61 34879 (CCT-AS NG...)
1 195.16.117.251 25159 (SONICDUO-AS)
2 2a03:90c0:999... 199524 (GCORE)
1 185.167.121.8 207056 (BONCH-IT)
1 94.198.52.40 56694 (DHUB)
2 5.254.23.119 3223 (VOXILITY)
1 5.254.23.210 3223 (VOXILITY)
1 193.106.92.239 48614 (ITSOFT-AS)
1 136.243.177.237 24940 (HETZNER-AS)
26 20
Domain Requested by
4 cdn.jpg.wtf yjpcro.microsoftcult.com
2 cdn.echo.msk.ru yjpcro.microsoftcult.com
2 stackpath.bootstrapcdn.com yjpcro.microsoftcult.com
1 s00.yaplakal.com yjpcro.microsoftcult.com
1 img.vz.ru yjpcro.microsoftcult.com
1 cdn21.img.ria.ru yjpcro.microsoftcult.com
1 aif-s3.aif.ru yjpcro.microsoftcult.com
1 i.doctorpiter.ru yjpcro.microsoftcult.com
1 im.kommersant.ru yjpcro.microsoftcult.com
1 cdnimg.rg.ru yjpcro.microsoftcult.com
1 rg.ru yjpcro.microsoftcult.com
1 static.life.ru yjpcro.microsoftcult.com
1 tass.ru yjpcro.microsoftcult.com
1 www.cnews.ru yjpcro.microsoftcult.com
1 cdn.fishki.net yjpcro.microsoftcult.com
1 d.searchengines.guru yjpcro.microsoftcult.com
1 lh3.googleusercontent.com yjpcro.microsoftcult.com
1 icdn.lenta.ru yjpcro.microsoftcult.com
1 fonts.googleapis.com yjpcro.microsoftcult.com
1 code.jquery.com yjpcro.microsoftcult.com
1 yjpcro.microsoftcult.com
26 21
Subject Issuer Validity Valid
iq2b.gwcraft.com
Let's Encrypt Authority X3
2020-08-10 -
2020-11-08
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.lenta.ru
RapidSSL RSA CA 2018
2018-10-29 -
2020-12-27
2 years crt.sh
*.googleusercontent.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.searchengines.guru
Sectigo ECC Domain Validation Secure Server CA
2020-03-04 -
2022-03-04
2 years crt.sh
cdn.jpg.wtf
Sectigo RSA Domain Validation Secure Server CA
2019-03-25 -
2021-04-05
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-08 -
2021-08-08
a year crt.sh
*.cnews.ru
GlobalSign RSA OV SSL CA 2018
2019-09-11 -
2021-09-11
2 years crt.sh
*.tass.ru
COMODO RSA Organization Validation Secure Server CA
2018-12-23 -
2021-01-21
2 years crt.sh
*.life.ru
AlphaSSL CA - SHA256 - G2
2019-08-14 -
2020-08-14
a year crt.sh
*.rg.ru
Sectigo RSA Domain Validation Secure Server CA
2019-05-15 -
2021-05-15
2 years crt.sh
im.kommersant.ru
Let's Encrypt Authority X3
2020-07-06 -
2020-10-04
3 months crt.sh
i.doctorpiter.ru
Let's Encrypt Authority X3
2020-07-03 -
2020-10-01
3 months crt.sh
*.aif.ru
GeoTrust RSA CA 2018
2019-11-19 -
2022-01-17
2 years crt.sh
cdn.echo.msk.ru
Let's Encrypt Authority X3
2020-07-21 -
2020-10-19
3 months crt.sh
cdn21.img.ria.ru
Let's Encrypt Authority X3
2020-07-21 -
2020-10-19
3 months crt.sh
img.vz.ru
Sectigo RSA Domain Validation Secure Server CA
2020-07-23 -
2021-07-30
a year crt.sh
s00.yaplakal.com
Let's Encrypt Authority X3
2020-07-10 -
2020-10-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://yjpcro.microsoftcult.com/
Frame ID: 94355E8E2B009515F4EC7B8F3BDF9C03
Requests: 26 HTTP requests in this frame

Screenshot


Page Statistics

26
Requests

100 %
HTTPS

25 %
IPv6

20
Domains

21
Subdomains

20
IPs

4
Countries

2212 kB
Transfer

2450 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
yjpcro.microsoftcult.com/
68 KB
69 KB
Document
General
Full URL
https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.159.209.166 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
monah.lo
Software
/
Resource Hash
9b1191df70c632fbb143ce242f8557ee8bbb06c14a802497a41424f8e6709339

Request headers

:method
GET
:authority
yjpcro.microsoftcult.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
date
Thu, 13 Aug 2020 05:55:52 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/
156 KB
23 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://yjpcro.microsoftcult.com/
Origin
https://yjpcro.microsoftcult.com

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:46 GMT
status
200
etag
"1574963566"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23681
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://yjpcro.microsoftcult.com/
Origin
https://yjpcro.microsoftcult.com

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
status
200
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1597298152.dop002.fr8.t,1597298152.cds277.fr8.hn,1597298152.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/
79 KB
22 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://yjpcro.microsoftcult.com/
Origin
https://yjpcro.microsoftcult.com

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:52 GMT
status
200
etag
"1574963572"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
22770
css
fonts.googleapis.com/
2 KB
674 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48387d8ce499219bcdf0339ea3b536610f5135ef8394d733b0b8e4d6d4494301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Aug 2020 04:38:08 GMT
server
ESF
date
Thu, 13 Aug 2020 05:55:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Aug 2020 05:55:52 GMT
share_c4838d36f4c49ad430f9584825fdf2a1.jpg
icdn.lenta.ru/images/2020/07/11/23/20200711234155933/
118 KB
118 KB
Image
General
Full URL
https://icdn.lenta.ru/images/2020/07/11/23/20200711234155933/share_c4838d36f4c49ad430f9584825fdf2a1.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.72.56 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
43b530f785640b6ef367324ee6c1e2e3b6c90cb374d066e25d8baede946c56c9

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 05:55:52 GMT
Last-Modified
Sat, 11 Jul 2020 21:01:03 GMT
Server
nginx/1.13.4
ETag
"5f0a288f-1d6ca"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120522
Expires
Thu, 31 Dec 2037 23:55:55 GMT
AdAqmbLwuDzv30u39DMeMGmSdBmIjp9uY-3A0XDgYMdrofcZ4qqgxX-Q_tCrdqXuQF8=s72-c-h450
lh3.googleusercontent.com/
121 KB
122 KB
Image
General
Full URL
https://lh3.googleusercontent.com/AdAqmbLwuDzv30u39DMeMGmSdBmIjp9uY-3A0XDgYMdrofcZ4qqgxX-Q_tCrdqXuQF8=s72-c-h450
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dc2b5ad3d250190423477123ba4f26803589d1d223b51bdcfd03fdc6e03f2a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 03:35:27 GMT
x-content-type-options
nosniff
age
8425
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124024
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 24 Jul 2020 03:41:00 GMT
medical-mask-market-slowdown-stock_1200x628__8c0feea6.jpg
d.searchengines.guru/20/53/
76 KB
76 KB
Image
General
Full URL
https://d.searchengines.guru/20/53/medical-mask-market-slowdown-stock_1200x628__8c0feea6.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.140.180.54 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ecc758df9caa4f798d2b1af1a8120c1f95af5caaa9504e5e6d6b5c0a299ef3c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:53 GMT
status
200
last-modified
Thu, 30 Jul 2020 06:14:06 GMT
server
nginx/1.18.0 (Ubuntu)
generate-time
327
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age 31536000, immutable
x-service
Searchengines.guru
accept-ranges
bytes
content-length
77765
expires
Tue, 01 Jan 2030 00:00:00 GMT
1586366735-75cb2715a5ccdd257aaf2f5fdd205e19.jpeg
cdn.jpg.wtf/futurico/75/cb/
7 KB
7 KB
Image
General
Full URL
https://cdn.jpg.wtf/futurico/75/cb/1586366735-75cb2715a5ccdd257aaf2f5fdd205e19.jpeg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.224 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
7d00aa3a87ba0abc1f90c544c41dbdcb3c33155d8337c61008529817df411cdd

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
last-modified
Wed, 08 Apr 2020 17:25:36 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
content-disposition
inline; filename=1586366735-75cb2715a5ccdd257aaf2f5fdd205e19.jpeg
accept-ranges
bytes
content-length
6823
9-1.png.jpeg
cdn.fishki.net/upload/post/2020/07/26/3379241/tn/
43 KB
43 KB
Image
General
Full URL
https://cdn.fishki.net/upload/post/2020/07/26/3379241/tn/9-1.png.jpeg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:4930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b2276ccaaeae2be2783c4f8c20a00c96be3f0ad559496b93eea4c1ab517d4a

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
cf-cache-status
HIT
age
1195701
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43600
cf-request-id
0487fcad5d000005ccd3af4200000001
last-modified
Sun, 26 Jul 2020 18:05:48 GMT
server
cloudflare
etag
"5f1dc5fc-aa50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5c20308ef84005cc-FRA
cf-bgj
h2pri
logocnews_f.png
www.cnews.ru/img/design2008/
18 KB
18 KB
Image
General
Full URL
https://www.cnews.ru/img/design2008/logocnews_f.png
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.90.34 Moscow, Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
cnews-vip.reg.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
0002039292e1271fbe1cdf5e8baed7cfc991346db9ddb4f7d953c1f9b2661dd8

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
last-modified
Thu, 24 Mar 2016 08:52:01 GMT
server
nginx/1.14.2
etag
"4671-52ec78f4b4e40"
content-type
image/png
status
200
accept-ranges
bytes
content-length
18033
tass_logo_share_ru.png
tass.ru/img/blocks/common/
368 KB
369 KB
Image
General
Full URL
https://tass.ru/img/blocks/common/tass_logo_share_ru.png
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.240 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
e61aeef922c3cc20d22088d8d801bf08826d2b482969dc2ac4f893957598793f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 05:55:52 GMT
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Mon, 10 Aug 2020 10:52:04 GMT
Server
nginx/1.15.7
ETag
"5f3126d4-5c181"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
admin.tass.ru
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
377217
X-XSS-Protection
1; mode=block, 1; mode=block
1591694180-62ebe6cc796792b1dfc415b87e33e873.jpeg
cdn.jpg.wtf/futurico/62/eb/
3 KB
3 KB
Image
General
Full URL
https://cdn.jpg.wtf/futurico/62/eb/1591694180-62ebe6cc796792b1dfc415b87e33e873.jpeg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.224 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
d6f09ae89d2876602cab924eccaae66cfdb7a8cd363215c31aab1f5e5320d653

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
last-modified
Tue, 09 Jun 2020 09:16:20 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
content-disposition
inline; filename=1591694180-62ebe6cc796792b1dfc415b87e33e873.jpeg
accept-ranges
bytes
content-length
3238
165216300041.60864.jpg
static.life.ru/publications/2020/7/2/
56 KB
58 KB
Image
General
Full URL
https://static.life.ru/publications/2020/7/2/165216300041.60864.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.191.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
d4eace250c472a7246e448d0751e3cd17fda40ba2ad1f5cdc737705fc6a390de
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'self'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-hcp-softwareversion
8.1.2.4
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'self'; frame-ancestors 'self';
x-hcp-replicated
false
x-hcp-ingesttime
1596400299
x-hcp-type
object
x-hcp-gid
x-hcp-versioncreatetimemilliseconds
1596400299111
x-hcp-domain
x-dns-prefetch-control
off
x-hcp-time
1597060611
x-hcp-retentionclass
status
200
date
Thu, 13 Aug 2020 05:55:53 GMT
x-hcp-retentionstring
Deletion Allowed
x-hcp-dpl
1
x-hcp-retentionhold
false
x-hcp-servicedbysystem
storage2.cloud.rt.ru
x-hcp-versionid
102169619143105
etag
"d95d817e909b8f21a239f0a235c4cc81"
x-frame-options
SAMEORIGIN
x-hcp-index
true
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
x-hcp-owner
it@newsmedia.ru_c63c4ec156
x-hcp-retention
0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
expires
Mon, 17 Aug 2020 11:56:51 GMT
x-hcp-shred
false
x-content-type-options
nosniff
x-requestid
6C3394B6B9506FC5
x-hcp-ingestprotocol
S3
x-hcp-size
57521
x-hcp-replicationcollision
false
x-hcp-custom-metadata
false
x-hcp-hash
SHA-256 D4EACE250C472A7246E448D0751E3CD17FDA40BA2AD1F5CDC737705FC6A390DE
x-hcp-custommetadataannotations
access-control-allow-methods
GET, POST, OPTIONS, PUT
content-length
57521
x-hcp-changetimestring
2020-08-02T23:31:39+0300
server
nginx
x-hcp-changetimemilliseconds
1596400299140.00
x-ngenix-cache
HIT
last-modified
Sun, 02 Aug 2020 20:31:39 GMT
x-hcp-acl
false
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
x-hcp-uid
x-xss-protection
1; mode=block
1580158494-ca7851ddb8d33bab1efafa1b6c1a9cec.jpeg
cdn.jpg.wtf/futurico/ca/78/
6 KB
6 KB
Image
General
Full URL
https://cdn.jpg.wtf/futurico/ca/78/1580158494-ca7851ddb8d33bab1efafa1b6c1a9cec.jpeg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.224 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
690014774971b57b069706579265519a12d545fc176346b024cc49ab862ca2f2

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
last-modified
Mon, 27 Jan 2020 20:54:54 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
content-disposition
inline; filename=1580158494-ca7851ddb8d33bab1efafa1b6c1a9cec.jpeg
accept-ranges
bytes
content-length
6365
iStock-1211385246_t_650x433.jpg
rg.ru//cdnimg.rg.ru/img/content/192/06/32/
5 B
209 B
Image
General
Full URL
https://rg.ru//cdnimg.rg.ru/img/content/192/06/32/iStock-1211385246_t_650x433.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.16.117.251 Moscow, Russian Federation, ASN25159 (SONICDUO-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
712f8db5082e713d3db71cf5207c34625f66f3d769b7f86882c127f2947f9afd

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Thu, 13 Aug 2020 05:55:52 GMT
server
nginx
content-type
text/html;charset=UTF-8
content-length
5
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
rg-substrate-650x360.jpg
cdnimg.rg.ru/res/images/logo/
46 KB
46 KB
Image
General
Full URL
https://cdnimg.rg.ru/res/images/logo/rg-substrate-650x360.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9999::9999 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
243af62cb2ad1c331da4ea44156b9d3a04405c5cb0eb1f06de7b1e66c1b82ac8

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
k12-up-a12
date
Thu, 13 Aug 2020 05:55:52 GMT
last-modified
Mon, 23 Mar 2020 14:46:11 GMT
server
nginx
etag
"5e78cbb3-b7d6"
status
200
x-cached-since
2020-08-13T05:17:37+00:00
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
content-length
47062
cache
HIT
expires
Mon, 23 Mar 2020 16:15:25 GMT
4424656_26_0_1383786899
im.kommersant.ru/SocialPics/
50 KB
50 KB
Image
General
Full URL
https://im.kommersant.ru/SocialPics/4424656_26_0_1383786899
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9999::9999 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
56f9b02f38f465e3238eaee91d69763ff5602ac6635f85adeb574e88665bfc80

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
m9p-up-gc14, k12-up-gc13
date
Thu, 13 Aug 2020 05:55:52 GMT
x-server-name
ic
x-aspnet-version
4.0.30319
x-cached-since
2020-08-10T20:05:20+00:00, 2020-08-11T09:21:14+00:00
status
200
x-shard
k12-prod-sh1_443
content-length
50897
x-aspnetmvc-version
5.2
server
nginx
vary
Accept
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
cache
HIT, HIT
accept-ranges
bytes
resize_20200805_64othdwddfyp7cjzcxg0.jpg
i.doctorpiter.ru/photos/2020/08/
42 KB
43 KB
Image
General
Full URL
https://i.doctorpiter.ru/photos/2020/08/resize_20200805_64othdwddfyp7cjzcxg0.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.167.121.8 , Russian Federation, ASN207056 (BONCH-IT, RU),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
c46637f100cb2a1a1be995a7697917cc1e8b54217f6f79b677e76c9d5f6317f3

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 05:55:52 GMT
Last-Modified
Wed, 05 Aug 2020 15:25:32 GMT
Server
nginx/1.10.3
ETag
"5f2acf6c-a967"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43367
a6e3535b25b303a39eef05bf49a49f8c.jpg
aif-s3.aif.ru/images/020/871/
30 KB
30 KB
Image
General
Full URL
https://aif-s3.aif.ru/images/020/871/a6e3535b25b303a39eef05bf49a49f8c.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.198.52.40 , Russian Federation, ASN56694 (DHUB, RU),
Reverse DNS
Software
nginx /
Resource Hash
0fec86ae10ff039ab69f784d5fd5e1a7ccfed136a615a5d6f690d2ac7134a5dd

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
last-modified
Fri, 31 Jul 2020 12:02:19 GMT
server
nginx
etag
"5f24084b-769b"
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
30363
expires
Thu, 31 Dec 2037 23:55:55 GMT
1597041473-e0a0b808676bc108a664aa401cf466b7.jpeg
cdn.jpg.wtf/futurico/e0/a0/
54 KB
54 KB
Image
General
Full URL
https://cdn.jpg.wtf/futurico/e0/a0/1597041473-e0a0b808676bc108a664aa401cf466b7.jpeg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.224 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
6122db22b6e956127a7c9ebcc14338953a1b983c155fb499494b9e493796fbef

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:52 GMT
last-modified
Mon, 10 Aug 2020 06:37:54 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
content-disposition
inline; filename=1597041473-e0a0b808676bc108a664aa401cf466b7.jpeg
accept-ranges
bytes
content-length
55338
3292311.jpg
cdn.echo.msk.ru/files/
88 KB
89 KB
Image
General
Full URL
https://cdn.echo.msk.ru/files/3292311.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.119 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
f8da4c2da2d6bf2efef5a681c3df1de13a674faf0d781741710b43b02f8c0ff7

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:53 GMT
x-firewall-port
80, 80
last-modified
Fri, 24 Jul 2020 13:10:25 GMT
server
nginx
etag
"5f1addc1-1611e"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3628800
accept-ranges
bytes
content-length
90398
expires
Fri, 04 Sep 2020 13:11:00 GMT
1575284142.jpg
cdn21.img.ria.ru/images/sharing/article/
517 KB
517 KB
Image
General
Full URL
https://cdn21.img.ria.ru/images/sharing/article/1575284142.jpg?15752629911596412199
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.210 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
db6c5f739c3c66c3e98b2f5ac49ff03f48732cb068f58d41b9cb570f4f91088b

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:53 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
soc_1049915.jpg
img.vz.ru/upimg/soc/
36 KB
36 KB
Image
General
Full URL
https://img.vz.ru/upimg/soc/soc_1049915.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.106.92.239 Dzerzhinskiy, Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
mail.mebelglobal.ru
Software
nginx/1.14.2 /
Resource Hash
8afc71bed0df6f143b669c4f706e35a5d44ae2aad84fad26a1a08790d5a0589f

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 05:55:53 GMT
Last-Modified
Tue, 14 Jul 2020 12:06:13 GMT
Server
nginx/1.14.2
ETag
"5f0d9fb5-8ea0"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36512
Expires
Thu, 20 Aug 2020 05:55:53 GMT
14612729.png
s00.yaplakal.com/pics/pics_original/9/2/7/
358 KB
358 KB
Image
General
Full URL
https://s00.yaplakal.com/pics/pics_original/9/2/7/14612729.png
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
136.243.177.237 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.237.177.243.136.clients.your-server.de
Software
ATS/7.1.6 /
Resource Hash
dbaf78680b53d385c1b17b97c0bfab4d6522768369fd1eaac80041997fcf20d7

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 07:00:11 GMT
last-modified
Thu, 06 Aug 2020 06:59:20 GMT
server
ATS/7.1.6
age
600942
etag
"5f2baa48-59878"
content-type
image/png
status
200
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
366712
expires
Thu, 31 Dec 2037 23:55:55 GMT
3293913.jpg
cdn.echo.msk.ru/files/
23 KB
23 KB
Image
General
Full URL
https://cdn.echo.msk.ru/files/3293913.jpg
Requested by
Host: yjpcro.microsoftcult.com
URL: https://yjpcro.microsoftcult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.119 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
4a096c2ae9a06d0c1a4f7e6a5a4ee31e64189adc6ef1060b0c8b545323e41fa5

Request headers

Referer
https://yjpcro.microsoftcult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:55:53 GMT
x-firewall-port
80, 80
last-modified
Wed, 29 Jul 2020 12:39:30 GMT
server
nginx
etag
"5f216e02-5afb"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3628800
accept-ranges
bytes
content-length
23291
expires
Wed, 09 Sep 2020 12:39:56 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aif-s3.aif.ru
cdn.echo.msk.ru
cdn.fishki.net
cdn.jpg.wtf
cdn21.img.ria.ru
cdnimg.rg.ru
code.jquery.com
d.searchengines.guru
fonts.googleapis.com
i.doctorpiter.ru
icdn.lenta.ru
im.kommersant.ru
img.vz.ru
lh3.googleusercontent.com
rg.ru
s00.yaplakal.com
stackpath.bootstrapcdn.com
static.life.ru
tass.ru
www.cnews.ru
yjpcro.microsoftcult.com
136.243.177.237
185.167.121.8
193.106.92.239
195.16.117.251
2001:4de0:ac19::1:b:1b
209.197.3.15
213.159.209.166
2606:4700:20::ac43:4930
2a00:1450:4001:809::2001
2a00:1450:4001:819::200a
2a03:90c0:9999::9999
46.235.191.61
5.254.23.119
5.254.23.210
5.254.23.224
78.140.180.54
81.19.72.56
82.202.190.240
89.108.90.34
94.198.52.40
0002039292e1271fbe1cdf5e8baed7cfc991346db9ddb4f7d953c1f9b2661dd8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fec86ae10ff039ab69f784d5fd5e1a7ccfed136a615a5d6f690d2ac7134a5dd
243af62cb2ad1c331da4ea44156b9d3a04405c5cb0eb1f06de7b1e66c1b82ac8
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
32b2276ccaaeae2be2783c4f8c20a00c96be3f0ad559496b93eea4c1ab517d4a
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
43b530f785640b6ef367324ee6c1e2e3b6c90cb374d066e25d8baede946c56c9
48387d8ce499219bcdf0339ea3b536610f5135ef8394d733b0b8e4d6d4494301
4a096c2ae9a06d0c1a4f7e6a5a4ee31e64189adc6ef1060b0c8b545323e41fa5
56f9b02f38f465e3238eaee91d69763ff5602ac6635f85adeb574e88665bfc80
6122db22b6e956127a7c9ebcc14338953a1b983c155fb499494b9e493796fbef
690014774971b57b069706579265519a12d545fc176346b024cc49ab862ca2f2
712f8db5082e713d3db71cf5207c34625f66f3d769b7f86882c127f2947f9afd
7d00aa3a87ba0abc1f90c544c41dbdcb3c33155d8337c61008529817df411cdd
8afc71bed0df6f143b669c4f706e35a5d44ae2aad84fad26a1a08790d5a0589f
9b1191df70c632fbb143ce242f8557ee8bbb06c14a802497a41424f8e6709339
c46637f100cb2a1a1be995a7697917cc1e8b54217f6f79b677e76c9d5f6317f3
d4eace250c472a7246e448d0751e3cd17fda40ba2ad1f5cdc737705fc6a390de
d6f09ae89d2876602cab924eccaae66cfdb7a8cd363215c31aab1f5e5320d653
db6c5f739c3c66c3e98b2f5ac49ff03f48732cb068f58d41b9cb570f4f91088b
dbaf78680b53d385c1b17b97c0bfab4d6522768369fd1eaac80041997fcf20d7
dc2b5ad3d250190423477123ba4f26803589d1d223b51bdcfd03fdc6e03f2a54
e61aeef922c3cc20d22088d8d801bf08826d2b482969dc2ac4f893957598793f
ecc758df9caa4f798d2b1af1a8120c1f95af5caaa9504e5e6d6b5c0a299ef3c3
f8da4c2da2d6bf2efef5a681c3df1de13a674faf0d781741710b43b02f8c0ff7