stalin.memo.ru
Open in
urlscan Pro
20.113.179.77
Public Scan
Summary
TLS certificate: Issued by R3 on November 25th 2022. Valid for: 3 months.
This is the only time stalin.memo.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 20.113.179.77 20.113.179.77 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:e2:... 2606:4700:e2::ac40:850f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700:20:... 2606:4700:20::681a:acb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 12 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
27 | 9 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
stalin.memo.ru |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
memo.ru
1 redirects
stalin.memo.ru |
776 KB |
9 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 7498 |
3 KB |
3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 1851 |
73 KB |
2 |
gstatic.com
fonts.gstatic.com |
52 KB |
2 |
npmcdn.com
1 redirects
npmcdn.com — Cisco Umbrella Rank: 40766 |
2 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488 |
19 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356 |
13 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 943 |
79 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1620 |
11 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127 |
1 KB |
27 | 10 |
Domain | Requested by | |
---|---|---|
11 | stalin.memo.ru |
1 redirects
stalin.memo.ru
|
9 | mc.yandex.com |
3 redirects
stalin.memo.ru
mc.yandex.ru |
3 | mc.yandex.ru |
2 redirects
stalin.memo.ru
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | npmcdn.com |
1 redirects
stalin.memo.ru
|
2 | cdn.jsdelivr.net |
stalin.memo.ru
|
2 | cdnjs.cloudflare.com |
stalin.memo.ru
|
1 | code.jquery.com |
stalin.memo.ru
|
1 | use.fontawesome.com |
stalin.memo.ru
|
1 | fonts.googleapis.com |
stalin.memo.ru
|
27 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
donate.memo.ru |
ru.itpp.dev |
Subject Issuer | Validity | Valid | |
---|---|---|---|
stalin.memo.ru R3 |
2022-11-25 - 2023-02-23 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2022-10-18 - 2023-03-30 |
5 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://stalin.memo.ru/
Frame ID: B05BC5CCC99255780F7F89A0AD23A86A
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://stalin.memo.ru/
HTTP 301
https://stalin.memo.ru/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: donate.memo.ru
Search URL Search Domain Scan URL
Title: Айти‑Проджектс Лабс
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://stalin.memo.ru/
HTTP 301
https://stalin.memo.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://npmcdn.com/flatpickr/dist/l10n/ru.js HTTP 302
- https://npmcdn.com/flatpickr@4.6.13/dist/l10n/ru.js
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9872.YJ4Ek3UXRwuVY3b5HInUgOcvpeg3N84fKbdpDxpBk_qs6o1AtlKQ4fXWoGlfhIgg.Z6eC0--_jwD5ums1HE8Wk6SoXGs%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9872.EgplrRWM4oJMupvO1Roro10HYTJ22FaZu0Gd0BU9ByvI5xSevRlNOuiqtMS4ftJ__Nj4CywyI0e6b_VoMXpa7guiUJrpzX4PfxVSxK61J6A%2C.VpxkTMwLFWpsk0MEZl8we4Pqspg%2C
- https://mc.yandex.com/watch/73286227?wmode=7&page-url=https%3A%2F%2Fstalin.memo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A263%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A373260931711%3Ahid%3A445468176%3Az%3A0%3Ai%3A20230104002805%3Aet%3A1672792085%3Ac%3A1%3Arn%3A794371575%3Arqn%3A1%3Au%3A1672792085315199054%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C21%2C9%2C1%2C86%2C0%2C%2C124%2C1%2C%2C%2C%2C242%3Aco%3A0%3Acpf%3A1%3Ans%3A1672792084891%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672792086%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/73286227/1?wmode=7&page-url=https%3A%2F%2Fstalin.memo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A263%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A373260931711%3Ahid%3A445468176%3Az%3A0%3Ai%3A20230104002805%3Aet%3A1672792085%3Ac%3A1%3Arn%3A794371575%3Arqn%3A1%3Au%3A1672792085315199054%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C21%2C9%2C1%2C86%2C0%2C%2C124%2C1%2C%2C%2C%2C242%3Aco%3A0%3Acpf%3A1%3Ans%3A1672792084891%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672792086%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
- https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9872.OHcMVBmEMHAypQbcdNvXnET_1AGio3QHwG6cMX56TrjLLsfS0y-5olLcChsE0hqk.cInTAEv_OHvivJnjSG9npcACnwk%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9872.iYynysvkrsEtZbK0hFS2qpbUvqZQ3v9ESCmRDNAVwKHodGYZ2G-BwVvRHKMvY30TkpsEyiBE3N_BvcIp0jDeI0W4K3N5Xqt4ekoNCdSuWaM%2C.QUDhQNsOIskW4gxn4QbkRRKFGQs%2C
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
stalin.memo.ru/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
stalin.memo.ru/css/ |
33 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.2.0/css/ |
46 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js
code.jquery.com/ |
265 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/ |
2 KB 909 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tiny-slider.js
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lists.js
stalin.memo.ru/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.js
stalin.memo.ru/js/ |
38 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flatpickr
cdn.jsdelivr.net/npm/ |
49 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ru.js
npmcdn.com/flatpickr@4.6.13/dist/l10n/ Redirect Chain
|
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memo.svg
stalin.memo.ru/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
211 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-bg-clear.png
stalin.memo.ru/img/ |
223 KB 223 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-pic3.png
stalin.memo.ru/img/ |
337 KB 338 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-pic1.png
stalin.memo.ru/img/ |
79 KB 80 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-pic2.png
stalin.memo.ru/img/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-logo.svg
stalin.memo.ru/img/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/73286227/ Redirect Chain
|
435 B 517 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide_secondary
mc.yandex.com/ Redirect Chain
|
43 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
73286227
mc.yandex.com/webvisor/ |
43 B 145 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
73286227
mc.yandex.com/webvisor/ |
43 B 97 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery function| tns function| load_image function| on_all_images_loaded function| search_init function| flatpickr object| ru function| ym object| Ya object| yaCounter7328622711 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.memo.ru/ | Name: _ym_uid Value: 1672792085315199054 |
|
.memo.ru/ | Name: _ym_d Value: 1672792085 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 1762513694fake |
|
.memo.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2480189851fake |
|
mc.yandex.com/ | Name: yabs-sid Value: 1560699281672792085 |
|
.yandex.com/ | Name: i Value: HydK3i4bEnGzV03ay3CTgTqDE6weXk06cCmQ/0aGUOLjw/IX9bttIO3mpIksoZ5He/+hvyimn9vnbb2JINXn+vzzGDg= |
|
.yandex.com/ | Name: yandexuid Value: 6274812651672792085 |
|
.yandex.com/ | Name: yuidss Value: 6274812651672792085 |
|
.yandex.com/ | Name: ymex Value: 1704328085.yc.1672792085#1704328085.yrts.1672792085#1704328085.yrtsi.1672792085 |
|
.memo.ru/ | Name: _ym_visorc Value: w |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
npmcdn.com
stalin.memo.ru
use.fontawesome.com
20.113.179.77
2001:4de0:ac18::1:a:2a
2606:4700:20::681a:acb
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700:e2::ac40:850f
2a00:1450:4001:829::2003
2a00:1450:4001:831::200a
2a02:6b8::1:119
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
124e439c7755cb7819c56d1ec64fb18415a1177a59792562f247a3d27fe2f1bc
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
24813671a5da18c45ebd88d3682b36c609406381b7f5c9561ab746e8eb357dcd
45dc975bf75b2fb20bacc9d9535f673ce6fb70e4b5fba18f72344efa340a9465
4cdb487eb66852cc2718c567a20b0a40a841b7d6adda26866036155cf1a644a5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57b46898a86b66dcbd700b08953f4cb61b111f0d42767d3fe687c1fd7ca38efe
6170dea16d573b1544690af977a3950b92f8c1bd30b1a79be9d29398e66486c0
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
92e5bccca8adf5953e22728e4493f9003be4220f6836ff9a1866b37ebf4e36e2
98f1f2a80120a8cb4837be75755aff9290f78a00a27e0b86549b85f6618341ce
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b3202514e1acf82bfe9bd821da39192f96f3708a00284f7b78064b3f990cfe74
b469b6f0144bfd29d22eec0e7ff3a1b6bcfcbe19e6810480e71ea5f41acda525
c5c36cf016a927bf46ca4694c136b9e74a60c1764e7d02921d51b180a6161f43
d2f3020e2e0890f47e50879efb524d80d3f58a018ff9206bb6c2099eb3f2cd0f
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e1043834bf163481f328858bd4b39cb267e276a2a285d076790799047b014f9d
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423