twitter.dnevnikonline.ru
Open in
urlscan Pro
85.119.149.99
Public Scan
URL:
https://twitter.dnevnikonline.ru/
Submission Tags: @phishunt_io
Submission: On August 21 via api from ES
Submission Tags: @phishunt_io
Submission: On August 21 via api from ES
Summary
This website contacted 13 IPs
in 2 countries
across 14 domains to perform 44 HTTP transactions.
The main IP is 85.119.149.99, located in
Russian Federation and
belongs to SELECTEL, RU.
The main domain is twitter.dnevnikonline.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 20th 2020. Valid for: 3 months.
This is the only time twitter.dnevnikonline.ru was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on August 20th 2020. Valid for: 3 months.
This is the only time twitter.dnevnikonline.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 85.119.149.99 85.119.149.99 | 49505 (SELECTEL) (SELECTEL) | |
| 7 | 80.93.179.62 80.93.179.62 | 50340 (SELECTEL-MSK) (SELECTEL-MSK) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE) | |
| 14 | 2a00:1450:400... 2a00:1450:4001:801::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
| 7 | 2a00:1450:400... 2a00:1450:4001:81a::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 159.69.144.179 159.69.144.179 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:802::200e | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 87.240.190.72 87.240.190.72 | 47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com) | |
| 1 | 80.93.179.58 80.93.179.58 | 50340 (SELECTEL-MSK) (SELECTEL-MSK) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81c::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 44 | 13 |
1
2a00:1450:4001:820::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
14
2a00:1450:4001:801::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com | |
| adservice.google.de | |
| adservice.google.com | |
| googleads.g.doubleclick.net | |
| www.googletagservices.com |
1
159.69.144.179
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.179.144.69.159.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.179.144.69.159.clients.your-server.de
| fortrader.org |
2
2a00:1450:4001:802::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
87.240.190.72
(Russian Federation)
ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv72-190-240-87.vk.com
ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv72-190-240-87.vk.com
| vk.com |
2
2a00:1450:4001:81c::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
plpstatic.ru
s.plpstatic.ru u20.plpstatic.ru |
356 KB |
| 7 |
gstatic.com
fonts.gstatic.com |
120 KB |
| 7 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
142 KB |
| 6 |
doubleclick.net
googleads.g.doubleclick.net |
|
| 4 |
yandex.ru
1 redirects
mc.yandex.ru |
45 KB |
| 3 |
vk.com
vk.com |
24 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
18 KB |
| 2 |
dnevnikonline.ru
twitter.dnevnikonline.ru |
25 KB |
| 1 |
googletagservices.com
www.googletagservices.com |
27 KB |
| 1 |
google.com
adservice.google.com |
316 B |
| 1 |
google.de
adservice.google.de |
168 B |
| 1 |
fortrader.org
fortrader.org |
|
| 1 |
googleapis.com
fonts.googleapis.com |
642 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
35 KB |
| 44 | 14 |
| Domain | Requested by | |
|---|---|---|
| 7 | fonts.gstatic.com |
s.plpstatic.ru
fonts.googleapis.com |
| 7 | s.plpstatic.ru |
twitter.dnevnikonline.ru
s.plpstatic.ru |
| 6 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 5 | pagead2.googlesyndication.com |
twitter.dnevnikonline.ru
pagead2.googlesyndication.com |
| 4 | mc.yandex.ru |
1 redirects
twitter.dnevnikonline.ru
|
| 3 | vk.com |
s.plpstatic.ru
twitter.dnevnikonline.ru vk.com |
| 2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
twitter.dnevnikonline.ru |
| 2 | twitter.dnevnikonline.ru |
twitter.dnevnikonline.ru
|
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | u20.plpstatic.ru |
twitter.dnevnikonline.ru
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | fortrader.org |
twitter.dnevnikonline.ru
|
| 1 | fonts.googleapis.com |
twitter.dnevnikonline.ru
|
| 1 | www.googletagmanager.com |
twitter.dnevnikonline.ru
|
| 44 | 16 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| facebook.dnevnikonline.ru |
| instagram.dnevnikonline.ru |
| pinterest.dnevnikonline.ru |
| xn--80ahnahceodec3ba.xn--e1aafnbodhpvjk3gg.xn--p1ai |
| vkontakte.dnevnikonline.ru |
| twitter.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| twitter.dnevnikonline.ru Let's Encrypt Authority X3 |
2020-08-20 - 2020-11-18 |
3 months | crt.sh |
| plpstatic.ru Let's Encrypt Authority X3 |
2020-06-05 - 2020-09-03 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
| fortrader.org Let's Encrypt Authority X3 |
2020-08-02 - 2020-10-31 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
| *.vk.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-06-09 - 2022-06-10 |
2 years | crt.sh |
This page contains 10 frames:
Primary Page:
https://twitter.dnevnikonline.ru/
Frame ID: 03E0F1F7C77486F017CC08830997BEEF
Requests: 41 HTTP requests in this frame
Frame:
https://fortrader.org/informers/getInformer?st=33&cat=11&showGetBtn=0&w=0&from=21&to=11111&amount=1
Frame ID: 2D575908629238C470E5C5D541186D68
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20200818/r20190131/zrt_lookup.html
Frame ID: 9AD0A7CE3BF8376278BFE94387C746E3
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4083554475376428&output=html&h=280&slotname=3877548295&adk=2831126782&adf=218587551&w=1130&fwrn=4&fwrnh=100&lmt=1598025370&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1130x280&url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1598025370397&bpp=190&bdt=637&idt=441&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7861896934774&frm=20&pv=2&ga_vid=1587963727.1598025371&ga_sid=1598025371&ga_hid=1448941843&ga_fc=0&iag=0&icsg=8563328&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=235&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125%2C44723322%2C21066647%2C21066532%2C21066392&oid=3&pvsid=2735821462566588&pem=500&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MgTONYD28R&p=https%3A//twitter.dnevnikonline.ru&dtd=475
Frame ID: 7E22811B01CBE2F13DED78ABEDA727EC
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4083554475376428&output=html&h=280&slotname=3877548295&adk=1975148284&adf=1410669963&w=545&fwrn=4&fwrnh=100&lmt=1598025370&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=545x280&url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1598025370587&bpp=4&bdt=828&idt=301&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280&correlator=7861896934774&frm=20&pv=1&ga_vid=1587963727.1598025371&ga_sid=1598025371&ga_hid=1448941843&ga_fc=0&iag=0&icsg=545434240&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125%2C44723322%2C21066647%2C21066532%2C21066392&oid=3&pvsid=2735821462566588&pem=500&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cuBcjjALsy&p=https%3A//twitter.dnevnikonline.ru&dtd=337
Frame ID: CF8F730D25F1A9FE693C627111CB6750
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4083554475376428&output=html&h=280&slotname=3877548295&adk=2831126782&adf=1124141848&w=1130&fwrn=4&fwrnh=100&lmt=1598025370&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1130x280&url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1598025370591&bpp=1&bdt=831&idt=365&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280%2C545x280&correlator=7861896934774&frm=20&pv=1&ga_vid=1587963727.1598025371&ga_sid=1598025371&ga_hid=1448941843&ga_fc=0&iag=0&icsg=545434240&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=235&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125%2C44723322%2C21066647%2C21066532%2C21066392&oid=3&pvsid=2735821462566588&pem=500&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w76LAOJTjH&p=https%3A//twitter.dnevnikonline.ru&dtd=370
Frame ID: CA7C403D173C732E35358B68FFAE5994
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4083554475376428&output=html&h=280&slotname=3877548295&adk=1581122276&adf=423027156&w=545&fwrn=4&fwrnh=100&lmt=1598025370&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=545x280&url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1598025370609&bpp=28&bdt=849&idt=361&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280%2C545x280%2C1130x280&correlator=7861896934774&frm=20&pv=1&ga_vid=1587963727.1598025371&ga_sid=1598025371&ga_hid=1448941843&ga_fc=0&iag=0&icsg=545434240&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=4655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125%2C44723322%2C21066647%2C21066532%2C21066392&oid=3&pvsid=2735821462566588&pem=500&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoevEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=456gt9B5d0&p=https%3A//twitter.dnevnikonline.ru&dtd=365
Frame ID: EC23EA499E1B45274F7CA1AB65201816
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4083554475376428&output=html&adk=1812271804&adf=3025194257&lmt=1598025371&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1598025370735&bpp=1&bdt=976&idt=297&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280%2C545x280%2C1130x280%2C545x280&nras=1&correlator=7861896934774&frm=20&pv=1&ga_vid=1587963727.1598025371&ga_sid=1598025371&ga_hid=1448941843&ga_fc=0&iag=0&icsg=545434240&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125%2C44723322%2C21066647%2C21066532%2C21066392&oid=3&pvsid=2735821462566588&pem=500&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=308
Frame ID: F5B175A031847FD61B9150B3336406D4
Requests: 1 HTTP requests in this frame
Frame:
https://vk.com/widget_comments.php?app=6855599&width=1062px&_ver=1&limit=5&height=0&mini=auto&norealtime=0&page=11170991648&status_publish=0&attach=*&url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&title=%D0%9A%D1%83%D1%80%D1%81%20%D0%B5%D0%B2%D1%80%D0%BE.%20%D0%A2%D0%B2%D0%B8%D1%82%D1%82%D0%B5%D1%80%20%D0%B2%D1%85%D0%BE%D0%B4&description=%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%BFepco%D0%BDa%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20twitter.&image=&referrer=&17411bc0daf
Frame ID: 4C922DBF32879E7D594AE6E005CC7AF7
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: C045F5DCE8F652FAED6B26D2BBF2EA15
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Lua
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /mc\.yandex\.ru\/metrika\/watch\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://facebook.dnevnikonline.ru/facebook-vhod
Title: Регистрация в Facebook
Title: Регистрация в Facebook
Search URL Search Domain Scan URL
URL: https://instagram.dnevnikonline.ru/
Title: Регистрация в Instagram
Title: Регистрация в Instagram
Search URL Search Domain Scan URL
URL: https://pinterest.dnevnikonline.ru/
Title: Регистрация в Pinterest
Title: Регистрация в Pinterest
Search URL Search Domain Scan URL
URL: https://xn--80ahnahceodec3ba.xn--e1aafnbodhpvjk3gg.xn--p1ai/
Title: Регистрация в OK
Title: Регистрация в OK
Search URL Search Domain Scan URL
URL: https://vkontakte.dnevnikonline.ru/
Title: Регистрация в VK
Title: Регистрация в VK
Search URL Search Domain Scan URL
URL: https://twitter.com/home?lang=en
Title: Войти в Твиттер
Title: Войти в Твиттер
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://mc.yandex.ru/watch/56916922?wmode=7&page-url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598025369412%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200821175610%3Aet%3A1598025371%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1412173921144%3Arqn%3A1%3Arn%3A23466364%3Ahid%3A824794186%3Ads%3A61%2C166%2C117%2C5%2C0%2C0%2C0%2C974%2C42%2C%2C%2C%2C1323%3Afp%3A839%3Awn%3A29515%3Ahl%3A2%3Agdpr%3A14%3Av%3A1914%3Arqnl%3A1%3Ast%3A1598025371%3Au%3A1598025371811652919%3At%3A%D0%9A%D1%83%D1%80%D1%81%20%D0%B5%D0%B2%D1%80%D0%BE.%20%D0%A2%D0%B2%D0%B8%D1%82%D1%82%D0%B5%D1%80%20%D0%B2%D1%85%D0%BE%D0%B4 HTTP 302
- https://mc.yandex.ru/watch/56916922/1?wmode=7&page-url=https%3A%2F%2Ftwitter.dnevnikonline.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1598025369412%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200821175610%3Aet%3A1598025371%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1412173921144%3Arqn%3A1%3Arn%3A23466364%3Ahid%3A824794186%3Ads%3A61%2C166%2C117%2C5%2C0%2C0%2C0%2C974%2C42%2C%2C%2C%2C1323%3Afp%3A839%3Awn%3A29515%3Ahl%3A2%3Agdpr%3A14%3Av%3A1914%3Arqnl%3A1%3Ast%3A1598025371%3Au%3A1598025371811652919%3At%3A%D0%9A%D1%83%D1%80%D1%81%20%D0%B5%D0%B2%D1%80%D0%BE.%20%D0%A2%D0%B2%D0%B8%D1%82%D1%82%D0%B5%D1%80%20%D0%B2%D1%85%D0%BE%D0%B4
44 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
twitter.dnevnikonline.ru/ |
130 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendors.css
s.plpstatic.ru/assets/3.3/ |
308 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
plp.css
s.plpstatic.ru/assets/3.3/ |
560 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nodes.css
s.plpstatic.ru/assets/3.3/ |
115 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 642 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
124 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendors.js
s.plpstatic.ru/assets/3.3/ |
355 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
plp.js
s.plpstatic.ru/assets/3.3/ |
77 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nodes.js
s.plpstatic.ru/assets/3.3/ |
49 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ |
140 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
y7lebkjgREBJK96VQi37ZkbeuvGrcRTTBH456c-a4yI.woff
fonts.gstatic.com/s/robotoslab/v6/ |
21 KB 21 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
DXI1ORHCpsQm3Vp6mXoaTQcuEIXEaFWBWXA4NoGd_Oo.woff
fonts.gstatic.com/s/opensans/v13/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getInformer
fortrader.org/informers/ Frame 2D57 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
u-440qyriQwlOrhSvowK_l5-eCZMdeX3rsHo.woff2
fonts.gstatic.com/s/merriweather/v21/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
RjgO7rYTmqiVp7vzi-Q5UbO3LdcAZYWl9Si6vvxL-qU.woff
fonts.gstatic.com/s/opensans/v13/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v21/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
116 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
83 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 316 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/ |
225 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
83 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
81 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
MTP_ySUJH_bn48VBG8sNSgcuEIXEaFWBWXA4NoGd_Oo.woff
fonts.gstatic.com/s/opensans/v13/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
s.plpstatic.ru/fonts/ |
70 KB 71 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
xjAJXh38I15wypJXxuGMBkbeuvGrcRTTBH456c-a4yI.woff
fonts.gstatic.com/s/opensans/v13/ |
20 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200818/r20190131/ Frame 9AD0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
79 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
openapi.js
vk.com/js/api/ |
100 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1
mc.yandex.ru/watch/56916922/ Redirect Chain
|
186 B 746 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
95c7f20e739a950f9db40191e4a5b01c.png
u20.plpstatic.ru/c395de540d39eeaf964a257078406345/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
PUT H/1.1 |
/
twitter.dnevnikonline.ru/ |
2 B 289 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
ads
googleads.g.doubleclick.net/pagead/ Frame 7E22 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
71 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
ads
googleads.g.doubleclick.net/pagead/ Frame CF8F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
collect
www.google-analytics.com/r/ |
35 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
ads
googleads.g.doubleclick.net/pagead/ Frame CA7C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
ads
googleads.g.doubleclick.net/pagead/ Frame EC23 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
ads
googleads.g.doubleclick.net/pagead/ Frame F5B1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
upload.gif
vk.com/images/ |
230 B 482 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget_comments.php
vk.com/ Frame 4C92 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 22 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame C045 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/2+Q/46 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 22 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| plp number| plp_page_id number| plp_content_id string| plp_lang string| lptag function| error_handler object| _trackJs function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| ytp function| $ function| jQuery function| _ object| Modernizr function| WOW object| store function| sweetAlertInitialize function| swal function| sweetAlert object| stackEffects function| Snowfall function| particlesJS object| jQuery111008622425219948173 object| goodshare object| Ya object| yaCounter56916922 object| yaCounter object| x function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| obj2qs object| fastXDM object| VK object| google_image_requests object| GoogleGcLKhOms16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .vk.com/ | Name: tmr_lvid Value: ae19bc377ad65197bd522ac1b0ba76ce |
|
| .vk.com/ | Name: remixstid Value: 578454953_iN1Ta27jbAmoFaQZjoetPZHKbm9EJZzLxnEAoCGZl3o |
|
| .dnevnikonline.ru/ | Name: _gat_gtag_UA_99607533_4 Value: 1 |
|
| .vk.com/ | Name: tmr_lvidTS Value: 1598025372583 |
|
| .vk.com/ | Name: remixlang Value: 3 |
|
| twitter.dnevnikonline.ru/ | Name: plp7_2409573 Value: 5f3fee9a0d59f892014638 |
|
| .dnevnikonline.ru/ | Name: _gid Value: GA1.2.1743525609.1598025371 |
|
| fortrader.org/ | Name: pll_language Value: ru |
|
| .dnevnikonline.ru/ | Name: _ga Value: GA1.2.1587963727.1598025371 |
|
| .dnevnikonline.ru/ | Name: _ym_d Value: 1598025371 |
|
| .dnevnikonline.ru/ | Name: _ym_visorc_56916922 Value: w |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnGr9jonCD03rbjPhYOMWnvd9V6S5dvcyI_kj2VehazryQd8_q4PW8e3tBI |
|
| fortrader.org/ | Name: PHPSESSID Value: 49mbcfkgq4jmg76kgr90slk6l4 |
|
| .vk.com/ | Name: tmr_reqNum Value: 1 |
|
| .dnevnikonline.ru/ | Name: _ym_isad Value: 2 |
|
| .dnevnikonline.ru/ | Name: _ym_uid Value: 1598025371811652919 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
fortrader.org
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
s.plpstatic.ru
tpc.googlesyndication.com
twitter.dnevnikonline.ru
u20.plpstatic.ru
vk.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
159.69.144.179
2a00:1450:4001:801::2002
2a00:1450:4001:802::200e
2a00:1450:4001:817::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:820::2008
2a02:6b8::1:119
80.93.179.58
80.93.179.62
85.119.149.99
87.240.190.72
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
1a7a7f2ec92a645d302108d9dcf88e99d23b58d32f46f626de131f9d088b168c
1cd69bb4cf78044a55a59f6bc6d8fff8479ad4775964c76dbaee02d9ab66f8f4
1db6a268677e54cf4be9704ccc6ac6e3288f015472211c4127fee25ef6243cad
21f538bb5a3b10b0c6758f5072ca4469075bc6367444dc0bf8c0177617280997
25cd4b3632c9b1622968d1b3de5841c14a3c563dd507da009f14cc06b48b4292
274533f86a530bf9f4ef20a622e84a80456f37f6d649e9e9df76ee548645b380
2a06ca6be781f9a91be2f84d1fbbb2063fa6e0dad66dd8e21ed336ab770415c3
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
455fd61edcf6d3aa8e71196d17da84c3537c9b0de3c98844ac820b9633a361fc
4a8106ac064e738cd838a7a836bd9527ef3f6b40d9ef44dcdd742c3aef3d818c
4f55a2fd3e6a2a791c70218a86fb8c8bf0fe82842d35721b46023d8d02b467ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ce56f5211b6aacd3ca7f0011dbf28a8faab54f8a7f91036785097689cf804ee
5f157eaeebd80fe5f89ac54d13bd68bdc12e8f68cfbc6bae75270adf4a1510ad
62109d008290dcc5082732986afd832448190b03dfdf67b4940398bf1a9add45
687584625fa912e0fd6fec7f0fbee226ba732b64712d1080d06cdb88689d959f
71f6104f1b70f598a1a59cb2fb3092a4b9d072b0df5e77cc9e60761f2debb003
7a13ee75dc207f9a65442b766c6a68123d2f3b4db81d87c96604bd8dece2fcbd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
aa0954bcc19d3316a48b7c99d8cdb3b600925421cfb49cbc1737ec03c9c58b9c
af2e7ab5faba85ec065a772b72df56a852d487eb5e4f59479529f4ade22c103f
bfefe268bc05b349c75c286b36e52f8378f19bb2e58054b44f5657376762718e
c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3
cfe689e67061824b061d250169023efcff1bbcec33f2be214be50fb55dc8ad3e
da6382fb8b35006af5b26d3018554ec9260fae51e0c215e23d1e43a598093812
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955