john.gurucan.com
Open in
urlscan Pro
3.222.146.93
Public Scan
Submission: On September 30 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 16th 2022. Valid for: a year.
This is the only time john.gurucan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 3.222.146.93 3.222.146.93 | 14618 (AMAZON-AES) (AMAZON-AES) | |
5 | 151.101.0.176 151.101.0.176 | 54113 (FASTLY) (FASTLY) | |
1 2 | 178.248.237.144 178.248.237.144 | 197068 (QRATOR) (QRATOR) | |
15 | 34.111.151.68 34.111.151.68 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
7 | 2a03:90c0:999... 2a03:90c0:9996::9996 | 199524 (GCORE) (GCORE) | |
3 | 54.186.23.98 54.186.23.98 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.43.178.180 52.43.178.180 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:816::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::2003 | 15169 (GOOGLE) (GOOGLE) | |
37 | 9 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-146-93.compute-1.amazonaws.com
john.gurucan.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.151.111.34.bc.googleusercontent.com
payments.open.money |
ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-178-180.us-west-2.compute.amazonaws.com
m.stripe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
open.money
payments.open.money |
522 KB |
9 |
gurucan.com
john.gurucan.com assets.gurucan.com cdn.gurucan.com |
1 MB |
7 |
stripe.com
js.stripe.com — Cisco Umbrella Rank: 1097 q.stripe.com — Cisco Umbrella Rank: 6952 m.stripe.com — Cisco Umbrella Rank: 1019 |
88 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41 |
2 KB |
2 |
stripe.network
m.stripe.network — Cisco Umbrella Rank: 1183 |
17 KB |
2 |
cloudpayments.ru
1 redirects
widget.cloudpayments.ru — Cisco Umbrella Rank: 230172 |
37 KB |
1 |
gstatic.com
fonts.gstatic.com |
13 KB |
37 | 7 |
Domain | Requested by | |
---|---|---|
15 | payments.open.money |
john.gurucan.com
payments.open.money |
5 | assets.gurucan.com |
john.gurucan.com
assets.gurucan.com |
3 | q.stripe.com |
john.gurucan.com
|
3 | js.stripe.com |
john.gurucan.com
js.stripe.com |
2 | fonts.googleapis.com |
payments.open.money
|
2 | cdn.gurucan.com |
john.gurucan.com
|
2 | m.stripe.network |
js.stripe.com
m.stripe.network |
2 | widget.cloudpayments.ru |
1 redirects
john.gurucan.com
|
2 | john.gurucan.com |
assets.gurucan.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | m.stripe.com |
m.stripe.network
|
37 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
storageapi.fleek.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gurucan.com AlphaSSL CA - SHA256 - G2 |
2022-08-16 - 2023-09-17 |
a year | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2022-08-31 - 2023-01-10 |
4 months | crt.sh |
*.open.money Starfield Secure Certificate Authority - G2 |
2021-11-10 - 2022-12-12 |
a year | crt.sh |
assets.gurucan.com R3 |
2022-09-03 - 2022-12-02 |
3 months | crt.sh |
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-06 - 2022-12-07 |
3 months | crt.sh |
cdn-temp.gurucan.com R3 |
2022-09-02 - 2022-12-01 |
3 months | crt.sh |
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-15 - 2023-01-26 |
4 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://john.gurucan.com/6332e8413558c9001253c82a
Frame ID: BEBA17E45206E2C70BBC489C31FC3C23
Requests: 12 HTTP requests in this frame
Frame:
https://payments.open.money/open/prefetcher
Frame ID: A9AD722C479F9B2C45641907ED113F95
Requests: 17 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-1156c9fc45a36380bf5f3448b809db30.html
Frame ID: CAF3282214DA8892FC305B2110F958D9
Requests: 4 HTTP requests in this frame
Frame:
https://m.stripe.network/inner.html
Frame ID: E84BEFA662D4818548E2343984822138
Requests: 4 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: CLICK HERE TO DOWNLOAD
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://widget.cloudpayments.ru/bundles/cloudpayments HTTP 301
- https://widget.cloudpayments.ru/bundles/cloudpayments/
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
6332e8413558c9001253c82a
john.gurucan.com/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
352 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
widget.cloudpayments.ru/bundles/cloudpayments/ Redirect Chain
|
112 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer
payments.open.money/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d824df7eb2e268626a2dd9a6a741ac4e.woff2
assets.gurucan.com/landings/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.5a035fcd3155657282c4.js
assets.gurucan.com/landings/ |
3 MB 837 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prefetcher
payments.open.money/open/ Frame A9AD |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6332e8413558c9001253c82a
john.gurucan.com/api/landings/ |
5 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-1156c9fc45a36380bf5f3448b809db30.html
js.stripe.com/v3/ Frame CAF3 |
186 B 798 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame CAF3 |
0 570 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame CAF3 |
0 571 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-ae15f9409b6011aa9910b1831ff9c874.js
js.stripe.com/v3/fingerprinted/js/ Frame CAF3 |
526 B 389 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inner.html
m.stripe.network/ Frame E84B |
930 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resources.json
assets.gurucan.com/translations/ |
11 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame E84B |
0 344 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a4276f43-359b-42d3-8c5f-669e39ab205d42042ede-daa8-478e-a5a7-33ea861e7a157e4603ca-a048-40b1-b8fa-3b9440465058a8c53430-bcc8-4147-90d7-4557f29d4b4f.png
cdn.gurucan.com/images/a4276f43-359b-42d3-8c5f-669e39ab205d42042ede-daa8-478e-a5a7-33ea861e7a157e4603ca-a048-40b1-b8fa-3b9440465058a8c53430-bcc8-4147-90d7-4557f29d4b4f/ |
4 KB 4 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d65113b6da7ba4bd0a59dbda5a7e24d4.woff2
assets.gurucan.com/landings/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
out-4.5.42.js
m.stripe.network/ Frame E84B |
86 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e5f1782c-6fed-40dc-b134-ea13cd1864e0c10e7c11-a89a-43ed-9375-88cf09cb17b0cfcd68cd-96d3-47bd-b7ba-193ebde762802ea21596-5448-4d16-98e8-5ad7acb48092.png
cdn.gurucan.com/images/e5f1782c-6fed-40dc-b134-ea13cd1864e0c10e7c11-a89a-43ed-9375-88cf09cb17b0cfcd68cd-96d3-47bd-b7ba-193ebde762802ea21596-5448-4d16-98e8-5ad7acb48092/ |
4 KB 4 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5182da425f811908bed9f5b8c72fa44f.ttf
assets.gurucan.com/landings/ |
287 KB 287 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
6
m.stripe.com/ Frame E84B |
156 B 522 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame A9AD |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame A9AD |
2 KB 613 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
layer.7f177c62dec903bb9889.css
payments.open.money/static/layer/css/ Frame A9AD |
52 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
payments.open.money/jquery/ Frame A9AD |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
visa.svg
payments.open.money/static/layer/images/ Frame A9AD |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rupay.svg
payments.open.money/static/layer/images/ Frame A9AD |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
maestro.svg
payments.open.money/static/layer/images/ Frame A9AD |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
master.svg
payments.open.money/static/layer/images/ Frame A9AD |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
undefined.svg
payments.open.money/static/layer/images/ Frame A9AD |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
checked.svg
payments.open.money/static/layer/images/ Frame A9AD |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
check_default.svg
payments.open.money/static/layer/images/ Frame A9AD |
740 B 764 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
layer.7026dc9fbf1d193030c2.js
payments.open.money/static/layer/js/ Frame A9AD |
228 KB 228 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a8b41e1c7ea1af0ae905b44d0cdd9a45.svg
payments.open.money/static/layer/css/ Frame A9AD |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f28c77ccb3ef33c77ec8dc986e6a3d20.svg
payments.open.money/static/layer/css/ Frame A9AD |
740 B 764 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b18dd0bd175248a1fb98a18a2aa83b73.png
payments.open.money/static/layer/css/ Frame A9AD |
121 KB 121 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame A9AD |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunkstripe_js_v3 function| Stripe object| cp object| regeneratorRuntime object| Layer object| CONFIG object| vttjs function| WebVTT function| setImmediate function| clearImmediate object| core3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
m.stripe.com/ | Name: m Value: 2ea46a0f-740c-48bf-b70c-4daa1009c1409d18a0 |
|
.john.gurucan.com/ | Name: __stripe_mid Value: 15112be6-a447-454d-965d-f24dc1d834384b9547 |
|
.john.gurucan.com/ | Name: __stripe_sid Value: 5b5f9d82-5161-4dc9-9085-965e87978e2b0b9254 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.gurucan.com
cdn.gurucan.com
fonts.googleapis.com
fonts.gstatic.com
john.gurucan.com
js.stripe.com
m.stripe.com
m.stripe.network
payments.open.money
q.stripe.com
widget.cloudpayments.ru
151.101.0.176
178.248.237.144
2607:f8b0:4006:816::200a
2607:f8b0:4006:823::2003
2a03:90c0:9996::9996
3.222.146.93
34.111.151.68
52.43.178.180
54.186.23.98
0f26f3cf60be0ac4a238c4364cafe40d89287394000f04bd4bf6be7688ca6729
12add8ed78eb2a82cf09215a438981cfcad652365acb991e75142d546b55d014
159301d872e2683da91bb79fce52331adf25b70dd2d69915655d956490a3a8b1
172d5622fa11e7d3f6c945236ce609333c70925c6b56c1296c679d0a1b11e4e3
1da60376e4997f4810f2c73335d581f1c122864b96a99888db7eb7f7f12f542c
247bff5f05f8374caf6f6ee9631b8c1a66d0c6a2ac7c08c4eb4dc98bfe10a6e0
28a7499a5dc3f5d700697a4f615df33a9174bf8cb6146c2184bb7f338474da25
32a2e9d1a9281a44b4d9cef3924a8420664a031cd7c062527b985fd5584f58e2
37c80d69600c115649c256e8a499f132d5e856c23c92ea8fbaae371293ccd3e0
3e956247975fae43d40f2cab1c902441d696b0f16e02b13c5a8a13802a389331
44c5cc39d0b5ceed26e16377ea0e733e80b223a57e1e1cc33ab5f6f152f301ff
4640138a21a40c07e6ce66152ff2430a10cf77a9b55c9a0671f230e224daa8e7
5084516a4bd81aa90fac257bb3f9ac5d835459d6508d40f906e882baa94233ac
524be57f481e468cb8d65e7cac89ae52c357581c65779762617c8db7acd6b393
6429ed374e386caeeeeddf44b9bfe4548b983510db3ef5bec527e565f614c271
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a
78c1ed0d135fa650e9886a6e79067d9fea30c502f3f675b03be8db8f5b210fcd
97c20f8b27d13df9c3f33b2f4d91f2b2767606e5bc4488f2973811401f97e4a9
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8b31265d6d8fba855d3a4887699470206912a3bfe08dcc01bee54058e2a3abd
ad4408e85eea768b7fe44e8716da68d651b6cfa05bda6ef53335d93d73f34d9b
b460cbe590b203d52514ddc1e0e29efd735b4cd19bc861334264627b2d4d3c27
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b56a96c8ac30c44981eff6d7f8a7b75bdcb55d8427f7fb078ae210c9cc136a
e5039c1d8f6d965215bd2204fabc23f5703ee6d41fec3c734436cff046409956
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5b58de34b704bed7ab5bcb713f24afe191ee0d72f9ef6df02839e64ea637af5
f978a47ac8a0b2796b9fd64383b325ac25da1253f5c36869bc3c0047948672e6