urlscan.io logo urlscan.io
SecurityTrails logo

doramasia.ru Open in urlscan Pro
185.178.208.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blog.my3.topserials.tv/
Effective URL: https://doramasia.ru/
Submission: On August 31 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 185.178.208.187, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is doramasia.ru.
TLS certificate: Issued by R3 on July 26th 2021. Valid for: 3 months.
This is the only time doramasia.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.178.208.169 57724 (DDOS-GUARD)
8 185.178.208.187 57724 (DDOS-GUARD)
2 185.129.100.100 57724 (DDOS-GUARD)
1 9 104.16.169.131 13335 (CLOUDFLAR...)
18 4
Apex Domain
Subdomains		 Transfer
9 hcaptcha.com
hcaptcha.com
newassets.hcaptcha.com
454 KB
8 doramasia.ru
doramasia.ru
221 KB
2 ddos-guard.net
check.ddos-guard.net
742 B
1 topserials.tv
blog.my3.topserials.tv
269 B
18 4
Domain Requested by
8 doramasia.ru doramasia.ru
6 newassets.hcaptcha.com doramasia.ru
hcaptcha.com
newassets.hcaptcha.com
3 hcaptcha.com 1 redirects newassets.hcaptcha.com
2 check.ddos-guard.net doramasia.ru
1 blog.my3.topserials.tv 1 redirects
18 5

This site contains links to these domains. Also see Links.

Domain
ddos-guard.net
Subject Issuer Validity Valid
doramasia.ru
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.ddos-guard.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-30 -
2022-07-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://doramasia.ru/
Frame ID: 413E816A39C1194954ABA734E8790F05
Requests: 14 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-challenge.html
Frame ID: 4AEABDA3E0CB2BE84FCD8E885EF255F0
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-checkbox.html
Frame ID: 192308E2693020E19BC175FDE9F6EEA8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DDOS-GUARD

Page URL History Show full URLs

  1. https://blog.my3.topserials.tv/ HTTP 301
    https://doramasia.ru/ Page URL
  2. https://doramasia.ru/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

675 kB
Transfer

1510 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blog.my3.topserials.tv/ HTTP 301
    https://doramasia.ru/ Page URL
  2. https://doramasia.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://blog.my3.topserials.tv/ HTTP 301
  • https://doramasia.ru/
Request Chain 8
  • https://hcaptcha.com/1/api.js HTTP 302
  • https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
doramasia.ru/
Redirect Chain
  • https://blog.my3.topserials.tv/
  • https://doramasia.ru/
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
b707ae0894fc1ba487c333418665779c91fbe5cb56275a93508232e8fa4d63ae

Request headers

:method
GET
:authority
doramasia.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
ddos-guard
date
Tue, 31 Aug 2021 11:53:05 GMT
set-cookie
__ddgid=ESA88xeUvX4WuFpJ; Domain=.doramasia.ru; HttpOnly; SameSite=None; Secure; Path=/; Expires=Wed, 31-Aug-2022 11:53:05 GMT __ddgmark=Sj2GVUVd1XoyFUdH; Domain=.doramasia.ru; HttpOnly; SameSite=None; Secure; Path=/; Expires=Wed, 01-Sep-2021 11:53:05 GMT __ddg5=keEfRg1A3tWmw0wF; Domain=.doramasia.ru; SameSite=None; Secure; Path=/; Expires=Tue, 31-Aug-2021 14:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
content-length
8213

Redirect headers

server
ddos-guard
content-security-policy
upgrade-insecure-requests;
set-cookie
__ddg1=vNyjEJi4vSxhHFsgIysq; Domain=.topserials.tv; HttpOnly; Path=/; Expires=Wed, 31-Aug-2022 11:53:04 GMT
date
Tue, 31 Aug 2021 11:53:04 GMT
content-type
text/html
location
https://doramasia.ru/
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
vary
Accept-Encoding
check.js
check.ddos-guard.net/ 		152 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://check.ddos-guard.net/check.js
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.100 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
082059ff49ef8622f5cab6e71419a4220a20f714b0b68a567244cb1976e2e027

Request headers

Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:05 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
ddos-guard
etag
KcaMd5VFz2JKPg0V
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
private, s-maxage=0, max-age=31536000
content-type
application/javascript
content-length
152
expires
Wed, 31 Aug 2022 11:53:05 GMT
check
doramasia.ru/.well-known/ddos-guard/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doramasia.ru/.well-known/ddos-guard/check?context=free_splash
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
71957760ca93b2618d5a1cc376e2f55be6fca6b0722a227c930dd874fe7f71fd

Request headers

:path
/.well-known/ddos-guard/check?context=free_splash
pragma
no-cache
cookie
__ddgid=ESA88xeUvX4WuFpJ; __ddgmark=Sj2GVUVd1XoyFUdH; __ddg5=keEfRg1A3tWmw0wF
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
doramasia.ru
referer
https://doramasia.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:05 GMT
expires
Tue, 31 Aug 2021 12:53:05 GMT
server
ddos-guard
content-length
92814
content-type
application/javascript
truncated
/ 		555 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
781f9640521a0e58c8bfa567d0b6646fd227fb85ff3530f737ebec5998633ce0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
KcaMd5VFz2JKPg0V
doramasia.ru/.well-known/ddos-guard/id/ 		68 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doramasia.ru/.well-known/ddos-guard/id/KcaMd5VFz2JKPg0V
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

:path
/.well-known/ddos-guard/id/KcaMd5VFz2JKPg0V
pragma
no-cache
cookie
__ddgid=ESA88xeUvX4WuFpJ; __ddgmark=Sj2GVUVd1XoyFUdH; __ddg5=keEfRg1A3tWmw0wF
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
doramasia.ru
referer
https://doramasia.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:05 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
ddos-guard
set-cookie
__ddg2=KcaMd5VFz2JKPg0V; Domain=doramasia.ru; Path=/; HttpOnly; Expires=Wed, 31-Aug-2022 11:53:05 GMT
content-length
68
content-type
image/png
KcaMd5VFz2JKPg0V
check.ddos-guard.net/set/id/ 		68 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://check.ddos-guard.net/set/id/KcaMd5VFz2JKPg0V
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.100 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:53:05 GMT
server
ddos-guard
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache
content-type
image/png
content-length
68
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
doramasia.ru/.well-known/ddos-guard/mark/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://doramasia.ru/.well-known/ddos-guard/mark/
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/.well-known/ddos-guard/check?context=free_splash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://doramasia.ru
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
__ddgid=ESA88xeUvX4WuFpJ; __ddgmark=Sj2GVUVd1XoyFUdH; __ddg5=keEfRg1A3tWmw0wF
content-length
38977
:path
/.well-known/ddos-guard/mark/
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
doramasia.ru
referer
https://doramasia.ru/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Aug 2021 11:53:05 GMT
content-length
0
server
ddos-guard
Primary Request /
doramasia.ru/ 		27 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doramasia.ru/
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
37f2032e7e9a0c0eff10d4ff751c36f1bbf8309990bf97f75ba2dde406e61f27

Request headers

:method
GET
:authority
doramasia.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://doramasia.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__ddgid=ESA88xeUvX4WuFpJ; __ddgmark=Sj2GVUVd1XoyFUdH; __ddg5=keEfRg1A3tWmw0wF; __ddg2=KcaMd5VFz2JKPg0V
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://doramasia.ru/

Response headers

server
ddos-guard
date
Tue, 31 Aug 2021 11:53:08 GMT
set-cookie
__ddg3=nsT9E9mYMfLlygmq; Domain=.doramasia.ru; SameSite=None; Secure; Path=/; Expires=Wed, 01-Sep-2021 11:53:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
content-length
27705
captcha_js
doramasia.ru/.well-known/ddos-guard/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doramasia.ru/.well-known/ddos-guard/captcha_js
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e336374900cd49a470788be58ddabdaf7fb69a3e93d44c61b47b1eb32558605f

Request headers

:path
/.well-known/ddos-guard/captcha_js
pragma
no-cache
cookie
__ddgid=ESA88xeUvX4WuFpJ; __ddgmark=Sj2GVUVd1XoyFUdH; __ddg5=keEfRg1A3tWmw0wF; __ddg2=KcaMd5VFz2JKPg0V; __ddg3=nsT9E9mYMfLlygmq
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
doramasia.ru
referer
https://doramasia.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
expires
Tue, 31 Aug 2021 12:53:08 GMT
server
ddos-guard
content-length
4040
content-type
application/javascript
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/0c2e31a/
Redirect Chain
  • https://hcaptcha.com/1/api.js
  • https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha.js
82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha.js
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e437b25764a255f96e9d686bc2770c26cd7c432fb80fbb3b7bc78bf7a838016
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
via
1.1 66be79bde9fd204b1a11f560cee8fff4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
29142
cf-polished
origSize=84485
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 30 Aug 2021 11:34:31 GMT
server
cloudflare
etag
W/"2fed7b565651a501de2756670ef0a314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
ARN1-C1
cf-ray
68760e839a920d46-ARN
x-amz-cf-id
IfafCaQu2wPd9nCnoxfzIOl7p_DjBysp8VkopGtiXWSfshZzLoo32Q==
cf-bgj
minify

Redirect headers

date
Tue, 31 Aug 2021 11:53:08 GMT
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
68760e8339950d46-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b508917ed4c0aa43f8a221cb3fd295d6f2bb209e1e68a8093ce07675459a509e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		688 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5b0f42ea9a216b66c8cff1011c0018aa6c89b5ec1229300e63ff2b91b504b0a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
check
doramasia.ru/.well-known/ddos-guard/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doramasia.ru/.well-known/ddos-guard/check?context=captcha
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/.well-known/ddos-guard/captcha_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
71957760ca93b2618d5a1cc376e2f55be6fca6b0722a227c930dd874fe7f71fd

Request headers

:path
/.well-known/ddos-guard/check?context=captcha
pragma
no-cache
cookie
__ddgid=ESA88xeUvX4WuFpJ; __ddgmark=Sj2GVUVd1XoyFUdH; __ddg5=keEfRg1A3tWmw0wF; __ddg2=KcaMd5VFz2JKPg0V; __ddg3=nsT9E9mYMfLlygmq
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
doramasia.ru
referer
https://doramasia.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
expires
Tue, 31 Aug 2021 12:53:08 GMT
server
ddos-guard
content-length
92814
content-type
application/javascript
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/0c2e31a/static/ Frame 4AEA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc868921df41eb7a4995681fcd015e15b496305e808cf071adf185e24c6b1ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/0c2e31a/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://doramasia.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://doramasia.ru/

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
content-type
text/html
last-modified
Mon, 30 Aug 2021 11:34:31 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 163a559a90b919cdbd95acf4deecc98b.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN1-C1
x-amz-cf-id
g-F5yR9Q9BHTn6xHd0mAP_hPF16PstBLq2-2iu8TcTOEKtBroiH42A==
age
87441
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
68760e846e861695-ARN
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/0c2e31a/static/ Frame 1923 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f71b553e841a0abc9282fc1b6de8430d30e07c4699b4981069ac2378d592041
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/0c2e31a/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://doramasia.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://doramasia.ru/

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
content-type
text/html
last-modified
Mon, 30 Aug 2021 11:34:31 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 8b82a0c44466382daf259dbb61c8f23c.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN1-C1
x-amz-cf-id
ttveDmswfJiVpLkVpss6buUlQ3RiIg_8lfmPh8qMIzXOQBfgjbzQgA==
age
87441
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
68760e846e891695-ARN
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
doramasia.ru/.well-known/ddos-guard/mark/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://doramasia.ru/.well-known/ddos-guard/mark/
Requested by
Host: doramasia.ru
URL: https://doramasia.ru/.well-known/ddos-guard/check?context=captcha
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.187 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://doramasia.ru
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
__ddgid=ESA88xeUvX4WuFpJ; __ddgmark=Sj2GVUVd1XoyFUdH; __ddg5=keEfRg1A3tWmw0wF; __ddg2=KcaMd5VFz2JKPg0V; __ddg3=nsT9E9mYMfLlygmq
content-length
38973
:path
/.well-known/ddos-guard/mark/
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
doramasia.ru
referer
https://doramasia.ru/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://doramasia.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
content-length
0
server
ddos-guard
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/0c2e31a/ Frame 4AEA 		210 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-challenge.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09dd3db87571cb11224f35348693918a8ad747f13babb2c930b2944ccc0383b1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
via
1.1 f9a0ddc3860252ab6c4d02ab024b4891.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
29144
cf-polished
origSize=215057
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 30 Aug 2021 11:34:28 GMT
server
cloudflare
etag
W/"e646ce7d1b3db20d37367db801609a95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
ARN1-C1
cf-ray
68760e84df931695-ARN
x-amz-cf-id
iUgbhGHjWbYxJebt5d2TcYDU50LP9k4mb76zmwPJMhmu7odWhhzI_g==
cf-bgj
minify
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/0c2e31a/ Frame 1923 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-checkbox.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70aac96a70cafe4ace88187a4051e8a18798c4ac07254a552b3f0c8cec333c6c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-checkbox.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
via
1.1 381415f9cd2a81e354df30a9d968048d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
29145
cf-polished
origSize=132272
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 30 Aug 2021 11:34:29 GMT
server
cloudflare
etag
W/"c38002ada6d71d50eb2e7b4178bfaa55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
ARN1-C1
cf-ray
68760e84df9a1695-ARN
x-amz-cf-id
x7ySd2m-kNHwavALa55TFp1bISwrwGHav3VYkd8abk9eKEWEMHpEtg==
cf-bgj
minify
truncated
/ Frame 1923 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 1923 		508 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=doramasia.ru&sitekey=74bd458c-ccae-46ce-9faa-3eebbb352829&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha-checkbox.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde8dc4032474a3fee4940e0813e79af1cefcbb70fe1d0329ddd84341f7d5c59
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
68760e867b961695-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=doramasia.ru&sitekey=74bd458c-ccae-46ce-9faa-3eebbb352829&sc=1&swa=1
Protocol
H3-29
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
68760e8629ba0d46-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/64a5bfd3/ Frame 4AEA 		853 KB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/64a5bfd3/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/0c2e31a/hcaptcha-challenge.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a3867381adb7e33c6dbad98c7b1ac198e873340ed24cf3f7c03ef139f403d8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/0c2e31a/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:53:08 GMT
via
1.1 feed293e4f35224252786d4d48fa601f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
29144
cf-polished
origSize=873288
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 30 Aug 2021 12:18:06 GMT
server
cloudflare
etag
W/"373c84793b699a747aae557d2514a87e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
ARN1-C1
cf-ray
68760e86dca71695-ARN
x-amz-cf-id
NtSFzW8j1aoBJNZ5LvOC8Q_sryy2XuueWHV2LTReHiReY08P_gzNaQ==
cf-bgj
minify

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| lang object| _0x1320 function| _0x23d9 function| getCookie function| getAjax function| isWebDriver function| cb object| _0x1126 function| _0x473c function| _0x18b586 function| Fingerprint2 function| UAParser object| hcaptcha object| grecaptcha

5 Cookies

Domain/Path Name / Value
.doramasia.ru/ Name: __ddg2
Value: KcaMd5VFz2JKPg0V
.doramasia.ru/ Name: __ddgmark
Value: Sj2GVUVd1XoyFUdH
.doramasia.ru/ Name: __ddg3
Value: nsT9E9mYMfLlygmq
.doramasia.ru/ Name: __ddg5
Value: keEfRg1A3tWmw0wF
.doramasia.ru/ Name: __ddgid
Value: ESA88xeUvX4WuFpJ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.my3.topserials.tv
check.ddos-guard.net
doramasia.ru
hcaptcha.com
newassets.hcaptcha.com
104.16.169.131
185.129.100.100
185.178.208.169
185.178.208.187
082059ff49ef8622f5cab6e71419a4220a20f714b0b68a567244cb1976e2e027
09dd3db87571cb11224f35348693918a8ad747f13babb2c930b2944ccc0383b1
37f2032e7e9a0c0eff10d4ff751c36f1bbf8309990bf97f75ba2dde406e61f27
44a3867381adb7e33c6dbad98c7b1ac198e873340ed24cf3f7c03ef139f403d8
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
70aac96a70cafe4ace88187a4051e8a18798c4ac07254a552b3f0c8cec333c6c
71957760ca93b2618d5a1cc376e2f55be6fca6b0722a227c930dd874fe7f71fd
781f9640521a0e58c8bfa567d0b6646fd227fb85ff3530f737ebec5998633ce0
8e437b25764a255f96e9d686bc2770c26cd7c432fb80fbb3b7bc78bf7a838016
9f71b553e841a0abc9282fc1b6de8430d30e07c4699b4981069ac2378d592041
b508917ed4c0aa43f8a221cb3fd295d6f2bb209e1e68a8093ce07675459a509e
b707ae0894fc1ba487c333418665779c91fbe5cb56275a93508232e8fa4d63ae
d5b0f42ea9a216b66c8cff1011c0018aa6c89b5ec1229300e63ff2b91b504b0a
dcc868921df41eb7a4995681fcd015e15b496305e808cf071adf185e24c6b1ae
e336374900cd49a470788be58ddabdaf7fb69a3e93d44c61b47b1eb32558605f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
fde8dc4032474a3fee4940e0813e79af1cefcbb70fe1d0329ddd84341f7d5c59