![](/screenshots/9f31cdd6-14ba-4440-b9d0-6dec5eeedbae.png)
ur-l.ru
Open in
urlscan Pro
194.61.0.8
Public Scan
Effective URL: https://ur-l.ru/KNlFE
Submission Tags: @phish_report
Submission: On August 22 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on August 18th 2023. Valid for: 3 months.
This is the only time ur-l.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 16 | 194.61.0.8 194.61.0.8 | 43263 (SMARTSYST...) (SMARTSYSTEMS-AS) | |
1 | 2a02:6b8:a::a 2a02:6b8:a::a | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 | 2a11:27c0::93 2a11:27c0::93 | 210756 (EDGECENTE...) (EDGECENTERLLC) | |
1 | 52.222.214.28 52.222.214.28 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
7 | 2a02:6b8:20::215 2a02:6b8:20::215 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
29 | 8 |
ASN43263 (SMARTSYSTEMS-AS, RU)
PTR: isp02.eternalhost.net
ur-l.ru |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-28.fra56.r.cloudfront.net
image.thum.io |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
ur-l.ru
2 redirects
ur-l.ru |
997 KB |
7 |
yastatic.net
yastatic.net — Cisco Umbrella Rank: 6466 |
194 KB |
5 |
yandex.ru
1 redirects
yandex.ru — Cisco Umbrella Rank: 2014 mc.yandex.ru — Cisco Umbrella Rank: 3768 |
163 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102 |
248 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76 |
81 KB |
1 |
thum.io
image.thum.io — Cisco Umbrella Rank: 247181 |
|
1 |
kwork.ru
cdn-edge.kwork.ru — Cisco Umbrella Rank: 536557 |
29 KB |
29 | 7 |
Domain | Requested by | |
---|---|---|
16 | ur-l.ru |
2 redirects
ur-l.ru
|
7 | yastatic.net |
yandex.ru
|
4 | mc.yandex.ru |
1 redirects
ur-l.ru
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
ur-l.ru
|
1 | image.thum.io |
ur-l.ru
|
1 | cdn-edge.kwork.ru |
ur-l.ru
|
1 | yandex.ru |
ur-l.ru
|
29 | 8 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ur-l.ru R3 |
2023-08-18 - 2023-11-16 |
3 months | crt.sh |
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018 |
2023-06-21 - 2023-12-19 |
6 months | crt.sh |
cdn-edge.kwork.ru R3 |
2023-08-14 - 2023-11-12 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-08-14 - 2024-01-24 |
5 months | crt.sh |
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018 |
2023-07-10 - 2024-01-07 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ur-l.ru/KNlFE
Frame ID: BE4BE8BFD75BC4F3A050422BA901F9B1
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/9f31cdd6-14ba-4440-b9d0-6dec5eeedbae.png)
Page Title
CS GO PRIZE - Сократить ссылку | Короткая ссылкаPage URL History Show full URLs
-
http://ur-l.ru/KNlFE
HTTP 301
https://ur-l.ru/KNlFE Page URL
Detected technologies
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Yandex.Metrika.png)
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ur-l.ru/KNlFE
HTTP 301
https://ur-l.ru/KNlFE Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://ur-l.ru/KNlFE/i HTTP 302
- https://image.thum.io/get/width/600/crop/900/https://givesdrop.ru/
- https://mc.yandex.ru/watch/88210293?wmode=7&page-url=https%3A%2F%2Fur-l.ru%2FKNlFE&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A988%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A715634790578%3Ahid%3A662192188%3Az%3A180%3Ai%3A20230822185945%3Aet%3A1692719985%3Ac%3A1%3Arn%3A59049578%3Arqn%3A1%3Au%3A1692719985357859644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C116%2C227%2C55%2C283%2C0%2C%2C353%2C0%2C%2C%2C%2C1035%3Aco%3A0%3Acpf%3A1%3Ans%3A1692719983893%3Arqnl%3A1%3Ast%3A1692719985%3At%3ACS%20GO%20PRIZE%20-%20%D0%A1%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%D1%8C%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%7C%20%D0%9A%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D0%B0%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
- https://mc.yandex.ru/watch/88210293/1?wmode=7&page-url=https%3A%2F%2Fur-l.ru%2FKNlFE&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A988%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A715634790578%3Ahid%3A662192188%3Az%3A180%3Ai%3A20230822185945%3Aet%3A1692719985%3Ac%3A1%3Arn%3A59049578%3Arqn%3A1%3Au%3A1692719985357859644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C116%2C227%2C55%2C283%2C0%2C%2C353%2C0%2C%2C%2C%2C1035%3Aco%3A0%3Acpf%3A1%3Ans%3A1692719983893%3Arqnl%3A1%3Ast%3A1692719985%3At%3ACS%20GO%20PRIZE%20-%20%D0%A1%D0%BE%D0%BA%D1%80%D0%B0%D1%82%D0%B8%D1%82%D1%8C%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%7C%20%D0%9A%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D0%B0%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
KNlFE
ur-l.ru/ Redirect Chain
|
22 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.css
ur-l.ru/static/frontend/libs/cookieconsent/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
ur-l.ru/static/frontend/css/ |
460 KB 460 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
context.js
yandex.ru/ads/system/ |
304 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
ur-l.ru/content/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01.jpg
cdn-edge.kwork.ru/images/partner/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
image.thum.io/get/width/600/crop/900/https://givesdrop.ru/ Redirect Chain
|
61 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.pack.js
ur-l.ru/static/ |
324 KB 324 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feather.min.js
ur-l.ru/static/frontend/libs/feather-icons/dist/ |
74 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.js
ur-l.ru/static/frontend/libs/cookieconsent/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
228 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blockadblock.min.js
ur-l.ru/static/frontend/libs/blockadblock/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detect.app.js
ur-l.ru/static/ |
591 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min.js
ur-l.ru/static/frontend/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
server.min.js
ur-l.ru/static/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-600.woff2
ur-l.ru/static/frontend/fonts/ |
17 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-regular.woff2
ur-l.ru/static/frontend/fonts/ |
17 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-italic.woff2
ur-l.ru/static/frontend/fonts/ |
17 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
216 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 248 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f18dcfd520fe5628140f.js
yastatic.net/partner-code-bundles/849150/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
015e1f1c0e2e33d59ccf.js
yastatic.net/partner-code-bundles/849150/ |
24 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8c49a9f0594a9bf8b013.js
yastatic.net/partner-code-bundles/849150/ |
119 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
host.js
yastatic.net/safeframe-bundles/0.83/ |
33 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
335a957151a233be7e36.js
yastatic.net/partner-code-bundles/849150/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
da69e5e3e53029f1f647.js
yastatic.net/partner-code-bundles/849150/ |
606 KB 117 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 114 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/88210293/ Redirect Chain
|
427 B 510 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| yaContextCb function| $ function| jQuery object| bootstrap function| SVGInjector object| feather function| initCookieConsent function| gtag object| dataLayer function| BlockAdBlock object| blockAdBlock object| detect function| engageBlock object| lang function| livesearch undefined| Coupon object| SvgInjector undefined| Tooltip undefined| Dropdown undefined| PasswordText undefined| Pricing undefined| ScrollTo undefined| Select object| cc function| refreshlinks function| triggerShortModal function| ym object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| cnc object| pcode_849150_default_q6P6j773SE object| Ya object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| yaCounter88210293 boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ur-l.ru/ | Name: PHPSESSID Value: f745f90bfb6e2a83e45f30992147948e |
|
ur-l.ru/ | Name: short_7928 Value: 1 |
|
.yandex.ru/ | Name: i Value: z3cpS9fH73iYSlOtXkxarOZsr3dend1N+/W0PNR8op5uRs3Yw/F+iWVyhebEguZIlNrvUgGJYTE1QwXccg05VKCNGIE= |
|
.yandex.ru/ | Name: yandexuid Value: 2535878931692719985 |
|
.ur-l.ru/ | Name: _ga_526RVW4328 Value: GS1.1.1692719985.1.0.1692719985.0.0.0 |
|
.ur-l.ru/ | Name: _ga Value: GA1.1.1235626058.1692719985 |
|
.ur-l.ru/ | Name: _ym_uid Value: 1692719985357859644 |
|
.ur-l.ru/ | Name: _ym_d Value: 1692719985 |
|
.ur-l.ru/ | Name: _ym_isad Value: 2 |
|
mc.yandex.ru/ | Name: yabs-sid Value: 2301287931692719985 |
|
.yandex.ru/ | Name: yuidss Value: 2535878931692719985 |
|
.yandex.ru/ | Name: ymex Value: 1724255985.yrts.1692719985 |
|
.yandex.ru/ | Name: bh Value: KgI/MA== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-edge.kwork.ru
image.thum.io
mc.yandex.ru
region1.google-analytics.com
ur-l.ru
www.googletagmanager.com
yandex.ru
yastatic.net
194.61.0.8
2001:4860:4802:32::36
2a00:1450:4001:80e::2008
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
2a11:27c0::93
52.222.214.28
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04023f8cf0e279a3bf634ff5ea4119a76e51a116ce602e95b6e30b04d267a68e
17130920b20124d18fa937d20628ff50980d364be53f4b3c0c0ab7c757f7da2b
192f158b4605f0b9bffd6d086c834b5dac318d14a8f42b8c22144c294eee2ee3
266f9bf7b783aaf73a8332c66b6041ffb3c9965fb6dc76b153a6dfc5f6d0ac3d
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3bb2ae307d25e391de9bffc02b4e25730641155a98fd8c764bdf94d3738f7db3
4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
6b58b168cfc701612b58b40c8ca29d9ff8cc959985decd853d4d687ccc1f68de
76276ee02cd7aaa400ee881d7748c6cf3c8cd672bdd637c9cba656584b3a3bd2
7b142db4a05d3e2cb0649a4a2e82a4d4b360469725d5a1f51e27b0d5ff1b5700
800015905e0e95d7e7eae80f0e6eacf3863d05206ae99104686ee275f19e010c
807b4c2f9b355593a752fe3c376399298df887ffe6be278964fbf104da8be01d
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
af7ef6cec4eea6ee55c83df391cf9558be6d194361cf914d70f2bd5a43fd333d
b29669091b7654e69932e1e9bc5d5ef82dc41030c026d4b594a6c9d6d41007ab
b5e39ae9db3080097e3315230de402bdd0d6778ffaf3f32b47927e8059757c82
c24f471b663e41200eb404ef40b2a5cd2cbf410425f7b1bf80a951d25fa202c3
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
df779e05d8f1ad0ec5b4576670e2bc2a19d77eaf574875648d564cedc416a647
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2c089f168e9cc7df37952fe98dd4de87242832871b045732ef26fb186e500d0
f37d261feb967d601b207da30b4304bb14274310399c93105caeeb080db84c19
f40234138f39383984747f2b2775dd8e40881afa191c6ca5d34410596e9b8e76
fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b