urlscan.io logo urlscan.io
SecurityTrails logo

safemont.ru Open in urlscan Pro
3.65.195.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://safemont.ru/
Submission: On July 31 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 23 HTTP transactions. The main IP is 3.65.195.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is safemont.ru.
TLS certificate: Issued by E5 on July 31st 2024. Valid for: 3 months.
This is the only time safemont.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3.65.195.50 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
12 52.85.151.11 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 91.215.42.151 57724 (DDOS-GUARD)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 109.235.165.9 43247 (YOOMONEY-AS)
1 185.71.78.18 43247 (YOOMONEY-AS)
23 9
2    3.65.195.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-195-50.eu-central-1.compute.amazonaws.com
safemont.ru
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    52.85.151.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-11.iad89.r.cloudfront.net
d15k2d11r6t6rl.cloudfront.net
1    2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    91.215.42.151 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
land.unisender.com
2    2607:f8b0:4004:c1d::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c1f::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    109.235.165.9 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: 109-235-165-9.yoomoney.ru
yookassa.ru
1    185.71.78.18 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: ip-185-71-78-18.yoomoney.ru
static.yoomoney.ru
Apex Domain
Subdomains		 Transfer
12 cloudfront.net
d15k2d11r6t6rl.cloudfront.net
7 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 gstatic.com
fonts.gstatic.com
54 KB
2 safemont.ru
safemont.ru
44 KB
1 yoomoney.ru
static.yoomoney.ru — Cisco Umbrella Rank: 240858
49 KB
1 yookassa.ru
yookassa.ru — Cisco Umbrella Rank: 391667
308 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
343 B
1 unisender.com
land.unisender.com
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
77 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
23 10
Domain Requested by
12 d15k2d11r6t6rl.cloudfront.net safemont.ru
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 safemont.ru
1 static.yoomoney.ru safemont.ru
1 yookassa.ru 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 land.unisender.com safemont.ru
1 www.googletagmanager.com safemont.ru
1 fonts.googleapis.com safemont.ru
23 10

This site contains links to these domains. Also see Links.

Domain
t.me
vk.com
business.unisender.com
Subject Issuer Validity Valid
safemont.ru
E5		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.unisender.com
GlobalSign GCC R3 DV TLS CA 2020		 2024-06-06 -
2025-07-08		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://safemont.ru/
Frame ID: E9A42FB703BF7776C175F7DAEC939000
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Электромонтаж

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

23
Requests

96 %
HTTPS

50 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

7825 kB
Transfer

8311 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://yookassa.ru/checkout-widget/v1/checkout-widget.js HTTP 301
  • https://static.yoomoney.ru/checkout-client/checkout-widget.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safemont.ru/ 		245 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.65.195.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-195-50.eu-central-1.compute.amazonaws.com
Software
Caddy openresty /
Resource Hash
7408376c480eb5a2bff52ba4c8dcc1b01c72f8e5ebf977f08604f53a80997c89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 31 Jul 2024 16:10:47 GMT
etag
W/"1b7a78105de46fa38210e43c3a1fc068"
last-modified
Mon, 24 Jun 2024 15:45:32 GMT
server
Caddy openresty
x-amz-id-2
58qtLIxL4oPVoUdPSb+UjXeojEnP3PzsGJuRowZ4fmZLNiDKjy8dMljrZCWZ1ir0Du0zW12KqKAwuu/zeD83tml7uBeqYV6W8IXCGGPGttA=
x-amz-request-id
6VNK2BBAQMX1Y2CF
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;700;900&display=swap
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
709b1411a02b44522ce5048bbba165b0421875903cc6b7ead71d5ffcf925058c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 16:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 16:00:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 16:19:49 GMT
%D0%BB%D0%BE%D0%B3%D0%BE%20%D0%BC%D0%B0%D0%BB%D0%B5%D0%BD.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/fms/1lq/8he/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/fms/1lq/8he/%D0%BB%D0%BE%D0%B3%D0%BE%20%D0%BC%D0%B0%D0%BB%D0%B5%D0%BD.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c94012b1fc51333df5ea9900420944b7335a04b56d2c4532feea7ea4955f838

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 16:21:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"bd3bdec7afb0193bb5f331940df6e3d6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
78730
x-amz-cf-id
Cbc1wou31BDXPn0qG7jBp3mvimksUMANp0BSB9dSX-ccUgRmuVyLXg==
free-icon-telegram-5968804.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/6u4/7ks/59p/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/6u4/7ks/59p/free-icon-telegram-5968804.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88c16ce79fe1548a56501f83cb00bbf37fe990cfb25d779ab2c4d35c17e22241

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 15:12:38 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"7957e04f372145bffa452c228048d2db"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
20355
x-amz-cf-id
btnTdkYxQtl4ZdMBnsgd6SXyF39JHclMOtyC81Chj2vJI6NCV_ro7A==
free-icon-email-6052372.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/yd4/663/1fe/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/yd4/663/1fe/free-icon-email-6052372.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bffe702b7e012e591cabdcd3af60394573417ee2acd0b261fa1d52af6b0e3584

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Sat, 01 Jun 2024 15:20:07 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"7c8bbec5562ac24c1b6084568526ef3f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
20233
x-amz-cf-id
lgZlO61yf77uHO-8cd2nzxIx2vgC-d6izLCvwluGNm1eCoJLxR3CRg==
free-icon-whatsapp-3670051.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/ndf/e2i/6sd/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/ndf/e2i/6sd/free-icon-whatsapp-3670051.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92dbd9610c5bf463746836b0d71372422e54cf121e95581afb34622662acc024

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Sat, 01 Jun 2024 15:22:33 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"ec69d1fab1d1b2bd76ab53aab8e982e2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30559
x-amz-cf-id
OFkDvKVZ6rCjk08Kk7VSHnt6g2ZSRQUzEs8BON3xUeRIB-3WkidEwA==
free-icon-vk-3670055.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/hqm/ubs/2tb/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/hqm/ubs/2tb/free-icon-vk-3670055.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
641ff2be6ab73f87c5570c64a34f755977dd87dd05038290c3abea6f9cf1b026

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jun 2024 21:08:35 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"87cef6d5442a6b69519cf00ff2a326a1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
21064
x-amz-cf-id
dkwHRg3Q1PK7gH9lS7Wc-lik_9ivUDquqmBdQSvrvKQUnblL2mCfzg==
%D0%BD%D0%BE%D1%80%D0%BC.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/hab/ana/wo1/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/hab/ana/wo1/%D0%BD%D0%BE%D1%80%D0%BC.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3059f6251486782634a8e45d52f119abc1bb74342897f343d5da71fc3688e1df

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 15:42:54 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"259e391e385de5db94fd8b9f14859738"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
156780
x-amz-cf-id
cfQdBH7eEDXn3lg_J-QeuuGetR8zTlRTmajUuqEIXBK5u9xMRHBp8A==
%D0%B2%D0%B0%D0%B2%D0%B0.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/xu8/pkg/gbk/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/xu8/pkg/gbk/%D0%B2%D0%B0%D0%B2%D0%B0.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ef030d97609c509310d5bf01a393e48f005e4c2b7cb8195ec53370fcfc2b1ad

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Sat, 01 Jun 2024 15:40:54 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"496e102048898e0dc803de8f4ef8e5eb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1733379
x-amz-cf-id
QtT52GUhi6KFjTGOlopVNy0DJHviLSsvjfTedSE6mlrPgKloOnqmmQ==
8632.jpg
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/98z/zlv/haw/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/98z/zlv/haw/8632.jpg
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37d36b72e7ee88842ce4116388072acdd065bc34816fd31109352a9024fc16ba

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 15:46:48 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"cae34d9579cb167863a552b5b3dc4cfa"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1298573
x-amz-cf-id
opAPPIFfxd62K891V9g3XAtBogA18b_DfGxN4I3Sq21Px-0s2p3FJg==
%D0%B0.png
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/5bu/gjm/2iz/ 		870 KB
871 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/5bu/gjm/2iz/%D0%B0.png
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf31fb549506c490a68b552b09cbc43b67988e294082d13807e328fe8e1034af

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 15:56:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"b29896997c1ca95ad756927865c57286"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
890507
x-amz-cf-id
ZpSI---qpvYgje0hUj40qd1CaZCxRdVcWwQ8cMZVivtVGY_44Co94w==
5293.jpg
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/snz/8rh/2li/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/snz/8rh/2li/5293.jpg
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50a24776c1c0d1045211985cd55fcb8d6db5f51a8e7c24ab5c05de5ef5fd1660

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 15:55:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"5499b0b1300ab7a1e4a7ffa40a1a950e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1741488
x-amz-cf-id
v2GEosELtpdHAFzjgP4imD4UIAXCG5e7y6UtjbiSjCZPxwiMhpx9sA==
2147743078.jpg
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/age/809/cle/ 		559 KB
560 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/age/809/cle/2147743078.jpg
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad26b78a31908c6b5a98f5bdfe98f7921758222ae0e7d2eaf46c5ccf4efbc1ae

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 15:55:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"5ee0843c4f860a689a324e19caf49a7d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
572301
x-amz-cf-id
WzmOnPxlFxOOC_JyhsXWjvCsPStm_TnRcmHsxh9Gthuu9GRQuM28VQ==
26527.jpg
d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/vmo/ubx/o00/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d15k2d11r6t6rl.cloudfront.net/pub/2ied/fiub8wei/vmo/ubx/o00/26527.jpg
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-11.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a7b6a1bb8fcbbf6721fcadb1e539ba7d94c8574ab8a5df5e8094f1bb8e5a398

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:07:40 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 15:46:48 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
730
etag
"a34e9e7d81639c46883a0d273055bc8e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1176169
x-amz-cf-id
y5CDDy6byWqGJ3NHOjjFlNukREs0OSDDEUf2LbHyi1ZqDbvdtU45yg==
gtm.js
www.googletagmanager.com/ 		212 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XDFFZQ
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c61775cbd552b13b847bc376e1e0316b71dbac7a6e679e24f3aa014afa43ef6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:19:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77943
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 16:04:46 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 16:19:49 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://safemont.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 07:57:09 GMT
x-content-type-options
nosniff
age
202960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Jul 2025 07:57:09 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://safemont.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 09:20:55 GMT
x-content-type-options
nosniff
age
370734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:43:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Jul 2025 09:20:55 GMT
main.js
land.unisender.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://land.unisender.com/js/main.js
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.215.42.151 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
Software
ddos-guard / EmailDelivery
Resource Hash
136ed5fed5a4f8ec0911edcef579df45711cf9a35e1565459ff3bd4bba25e4d9

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 09:13:06 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 10:59:54 GMT
server
ddos-guard
age
284804
etag
W/"661e5a2a-5df9"
x-powered-by
EmailDelivery
vary
Accept-Encoding
x-varnish
689606344
content-type
application/javascript; charset=UTF-8
ddg-cache-status
HIT
accept-ranges
bytes
x-robots-tag
noindex,nofollow
content-length
7190
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XDFFZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 Jul 2024 15:36:19 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2610
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 31 Jul 2024 17:36:19 GMT
collect
www.google-analytics.com/ 		35 B
238 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 16:19:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://safemont.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11336777-21&cid=1493095666.1722442790&jid=385854448&gjid=1929835784&_gid=265665628.1722442790&_u=YGBAgEABAAAAAEAEK~&z=672916635
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jul 2024 16:19:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://safemont.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
checkout-widget.js
static.yoomoney.ru/checkout-client/
Redirect Chain
  • https://yookassa.ru/checkout-widget/v1/checkout-widget.js
  • https://static.yoomoney.ru/checkout-client/checkout-widget.js
159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/checkout-client/checkout-widget.js
Requested by
Host: safemont.ru
URL: https://safemont.ru/
Protocol
H2
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
ip-185-71-78-18.yoomoney.ru
Software
/
Resource Hash
482fe0fdd034ae48cf39ba0fd6f521a5570f2325ade63345d770492f44ec5017
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:19:52 GMT
content-encoding
br
strict-transport-security
max-age=15768000
last-modified
Wed, 31 Jul 2024 09:20:55 GMT
x-amz-meta-s3cmd-attrs
md5:ee1693fd14bd002c876c9be6eb242ecb
etag
W/"ee1693fd14bd002c876c9be6eb242ecb"
vary
Accept-Encoding
content-type
text/javascript
x-amz-storage-class
STANDARD
cache-control
no-cache

Redirect headers

location
https://static.yoomoney.ru/checkout-client/checkout-widget.js
date
Wed, 31 Jul 2024 16:19:51 GMT
strict-transport-security
max-age=15768000
content-length
162
content-type
text/html
favicon-32x32.png
safemont.ru/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://safemont.ru/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.65.195.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-195-50.eu-central-1.compute.amazonaws.com
Software
Caddy, openresty /
Resource Hash
12b7a9cab6ce453e825d04e7f50a09b8121ad3b0cd7dc0d58580b48b41833764

Request headers

Referer
https://safemont.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:10:51 GMT
last-modified
Mon, 02 Aug 2021 08:08:34 GMT
server
Caddy, openresty
x-amz-request-id
MNSZZ3HWQ4KZVVWF
etag
"1128fc5f3464fed811f506d007b1af25"
content-type
image/png
accept-ranges
bytes
content-length
1458
x-amz-id-2
ZQ2hbcHVrVlhfrgDncGJwljU8zW/sDewNp8DTrPhUYxUlLjKSNPOH496ud3gwoekq8r3SbNsTo3cvPilmp5EMw==

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask function| YooMoneyCheckoutWidget object| MicroModal function| iFrameResize function| YandexCheckout

3 Cookies

Domain/Path Name / Value
.safemont.ru/ Name: _ga
Value: GA1.2.1493095666.1722442790
.safemont.ru/ Name: _gid
Value: GA1.2.265665628.1722442790
.safemont.ru/ Name: _dc_gtm_UA-11336777-21
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d15k2d11r6t6rl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
land.unisender.com
safemont.ru
static.yoomoney.ru
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
yookassa.ru
109.235.165.9
185.71.78.18
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1d::65
2607:f8b0:4004:c1f::9c
3.65.195.50
52.85.151.11
91.215.42.151
12b7a9cab6ce453e825d04e7f50a09b8121ad3b0cd7dc0d58580b48b41833764
136ed5fed5a4f8ec0911edcef579df45711cf9a35e1565459ff3bd4bba25e4d9
3059f6251486782634a8e45d52f119abc1bb74342897f343d5da71fc3688e1df
37d36b72e7ee88842ce4116388072acdd065bc34816fd31109352a9024fc16ba
3a7b6a1bb8fcbbf6721fcadb1e539ba7d94c8574ab8a5df5e8094f1bb8e5a398
3c94012b1fc51333df5ea9900420944b7335a04b56d2c4532feea7ea4955f838
482fe0fdd034ae48cf39ba0fd6f521a5570f2325ade63345d770492f44ec5017
50a24776c1c0d1045211985cd55fcb8d6db5f51a8e7c24ab5c05de5ef5fd1660
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
641ff2be6ab73f87c5570c64a34f755977dd87dd05038290c3abea6f9cf1b026
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
709b1411a02b44522ce5048bbba165b0421875903cc6b7ead71d5ffcf925058c
7408376c480eb5a2bff52ba4c8dcc1b01c72f8e5ebf977f08604f53a80997c89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88c16ce79fe1548a56501f83cb00bbf37fe990cfb25d779ab2c4d35c17e22241
8ef030d97609c509310d5bf01a393e48f005e4c2b7cb8195ec53370fcfc2b1ad
92dbd9610c5bf463746836b0d71372422e54cf121e95581afb34622662acc024
ad26b78a31908c6b5a98f5bdfe98f7921758222ae0e7d2eaf46c5ccf4efbc1ae
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf31fb549506c490a68b552b09cbc43b67988e294082d13807e328fe8e1034af
bffe702b7e012e591cabdcd3af60394573417ee2acd0b261fa1d52af6b0e3584
c61775cbd552b13b847bc376e1e0316b71dbac7a6e679e24f3aa014afa43ef6d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd