xn--80affa3aj0al.net
Open in
urlscan Pro
Puny
телеграм.net IDN
213.166.68.130
Malicious Activity!
Public Scan
Submitted URL: https://xn--80affa3aj0al.net/
Effective URL: https://xn--80affa3aj0al.net/
Submission: On May 07 via manual from BG
Effective URL: https://xn--80affa3aj0al.net/
Submission: On May 07 via manual from BG
Summary
This website contacted 9 IPs
in 5 countries
across 8 domains to perform 77 HTTP transactions.
The main IP is 213.166.68.130, located in
Dronten, Netherlands and
belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL.
The main domain is xn--80affa3aj0al.net.
TLS certificate: Issued by R3 on April 12th 2021. Valid for: 3 months.
This is the only time xn--80affa3aj0al.net was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 12th 2021. Valid for: 3 months.
This is the only time xn--80affa3aj0al.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 54 | 213.166.68.130 213.166.68.130 | 204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands) | |
| 1 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
| 1 | 2a02:6ea0:c70... 2a02:6ea0:c700::4 | 60068 (CDN77 (^_^)/) (CDN77 (^_^)/) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
| 3 7 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
| 5 | 2001:67c:4e8:... 2001:67c:4e8:1033:2:100:0:a | 62041 (TELEGRAM) (TELEGRAM) | |
| 8 | 2001:67c:4e8:... 2001:67c:4e8:1033:3:100:0:a | 62041 (TELEGRAM) (TELEGRAM) | |
| 1 | 2001:67c:4e8:... 2001:67c:4e8:1033:4:100:0:a | 62041 (TELEGRAM) (TELEGRAM) | |
| 77 | 9 |
54
213.166.68.130
(Dronten, Netherlands)
ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: telegramm.net
ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: telegramm.net
| xn--80affa3aj0al.net |
8
2001:67c:4e8:1033:3:100:0:a
(Virgin Islands (British))
ASN62041 (TELEGRAM, VG)
ASN62041 (TELEGRAM, VG)
| venus.web.telegram.org | |
| web.telegram.org |
1
2001:67c:4e8:1033:4:100:0:a
(Virgin Islands (British))
ASN62041 (TELEGRAM, VG)
ASN62041 (TELEGRAM, VG)
| venus.web.telegram.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 54 |
xn--80affa3aj0al.net
xn--80affa3aj0al.net |
810 KB |
| 14 |
telegram.org
web.telegram.org venus.web.telegram.org |
54 KB |
| 5 |
yandex.com
2 redirects
mc.yandex.com |
2 KB |
| 2 |
yandex.ru
1 redirects
mc.yandex.ru |
69 KB |
| 1 |
googleapis.com
ajax.googleapis.com |
3 KB |
| 1 |
webpushs.com
web.webpushs.com |
34 KB |
| 1 |
fontawesome.com
use.fontawesome.com |
12 KB |
| 0 |
telegramm-web.ru
Failed
cerber.telegramm-web.ru Failed |
|
| 77 | 8 |
| Domain | Requested by | |
|---|---|---|
| 54 | xn--80affa3aj0al.net |
xn--80affa3aj0al.net
web.webpushs.com |
| 8 | web.telegram.org |
xn--80affa3aj0al.net
|
| 6 | venus.web.telegram.org |
xn--80affa3aj0al.net
|
| 5 | mc.yandex.com |
2 redirects
xn--80affa3aj0al.net
|
| 2 | mc.yandex.ru |
1 redirects
xn--80affa3aj0al.net
|
| 1 | ajax.googleapis.com |
xn--80affa3aj0al.net
|
| 1 | web.webpushs.com |
xn--80affa3aj0al.net
|
| 1 | use.fontawesome.com |
xn--80affa3aj0al.net
|
| 0 | cerber.telegramm-web.ru Failed |
xn--80affa3aj0al.net
|
| 77 | 9 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.xn--80affa3aj0al.net R3 |
2021-04-12 - 2021-07-11 |
3 months | crt.sh |
| *.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
| web.webpushs.com Sectigo RSA Domain Validation Secure Server CA |
2020-12-30 - 2022-01-16 |
a year | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2021-02-27 - 2021-08-09 |
5 months | crt.sh |
| *.web.telegram.org Go Daddy Secure Certificate Authority - G2 |
2020-08-28 - 2022-10-27 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://xn--80affa3aj0al.net/
Frame ID: A673D6A18F0FD2D544157CD32EB67078
Requests: 78 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
AngularJS
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /angular.*\.js/i
Clipboard.js
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 59- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9266.thZaC06XsXkVMXnQExHxiWxU--72llea1-Qbjm1EkWEk_VdgVni1y7hAqdZ0CyW6.1O2p0lc2RnbbGriz--rjc9B0oXQ%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9266.g6uwYR1q3YQRVLxOZZ32hVIVsMLTndEB-3HfraLdShAyNx5ubjfTmtDDe0deFVoGWJRZK9ZPlzkWl7irHWQ_hw%2C%2C.d2RY0Fx4xfAY5BxVgdHjDbzD74k%2C
- https://mc.yandex.com/watch/65323339?wmode=7&page-url=https%3A%2F%2Fxn--80affa3aj0al.net%2F%23%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1299%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A475473061144%3Ahid%3A808662837%3Az%3A120%3Ai%3A20210507184442%3Aet%3A1620405882%3Ac%3A1%3Arn%3A554637064%3Au%3A1620405882697538289%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620405880635%3Ads%3A59%2C107%2C62%2C1%2C0%2C0%2C%2C1037%2C21%2C%2C%2C%2C1270%3Adsn%3A60%2C107%2C62%2C1%2C0%2C0%2C%2C1039%2C21%2C%2C%2C%2C1270%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620405882%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20-%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20web%20telegram%20org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B8%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC HTTP 302
- https://mc.yandex.com/watch/65323339/1?wmode=7&page-url=https%3A%2F%2Fxn--80affa3aj0al.net%2F%23%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1299%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A475473061144%3Ahid%3A808662837%3Az%3A120%3Ai%3A20210507184442%3Aet%3A1620405882%3Ac%3A1%3Arn%3A554637064%3Au%3A1620405882697538289%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620405880635%3Ads%3A59%2C107%2C62%2C1%2C0%2C0%2C%2C1037%2C21%2C%2C%2C%2C1270%3Adsn%3A60%2C107%2C62%2C1%2C0%2C0%2C%2C1039%2C21%2C%2C%2C%2C1270%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620405882%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20-%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20web%20telegram%20org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B8%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC
77 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
xn--80affa3aj0al.net/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular-csp.css
xn--80affa3aj0al.net/vendor/angular/ |
232 B 547 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.css
xn--80affa3aj0al.net/vendor/bootstrap/css/ |
97 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
toaster.css
xn--80affa3aj0al.net/vendor/angularjs-toaster/ |
9 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
xn--80affa3aj0al.net/css/ |
82 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
use.fontawesome.com/releases/v5.2.0/css/ |
46 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cc41c52ab5544dc543a60ec381b4482a_1.js
web.webpushs.com/js/push/ |
115 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
polyfill.js
xn--80affa3aj0al.net/js/lib/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
xn--80affa3aj0al.net/vendor/jquery/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.js
xn--80affa3aj0al.net/js/lib/ |
238 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
init.js
xn--80affa3aj0al.net/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nanoscroller.js
xn--80affa3aj0al.net/vendor/jquery.nanoscroller/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular.js
xn--80affa3aj0al.net/vendor/angular/ |
299 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular-route.js
xn--80affa3aj0al.net/vendor/angular/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular-animate.js
xn--80affa3aj0al.net/vendor/angular/ |
55 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular-sanitize.js
xn--80affa3aj0al.net/vendor/angular/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular-touch.js
xn--80affa3aj0al.net/vendor/angular/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui-bootstrap-custom-tpls-0.12.0.js
xn--80affa3aj0al.net/vendor/ui-bootstrap/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular-media-player.js
xn--80affa3aj0al.net/vendor/angular-media-player/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
angular-cookies.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.7/ |
10 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jsbn_combined.js
xn--80affa3aj0al.net/vendor/jsbn/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crypto.js
xn--80affa3aj0al.net/vendor/cryptoJS/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rusha.js
xn--80affa3aj0al.net/vendor/rusha/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gunzip.min.js
xn--80affa3aj0al.net/vendor/zlib/ |
12 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
long.js
xn--80affa3aj0al.net/vendor/closure/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bigint.js
xn--80affa3aj0al.net/vendor/leemon_bigint/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
libwebp-0.2.0.js
xn--80affa3aj0al.net/vendor/libwebpjs/ |
61 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
toaster.js
xn--80affa3aj0al.net/vendor/angularjs-toaster/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clipboard.js
xn--80affa3aj0al.net/vendor/clipboard/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ogv.js
xn--80affa3aj0al.net/vendor/ogv.js/ |
145 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ogv-demuxer-ogg.js
xn--80affa3aj0al.net/vendor/ogv.js/ |
235 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ogv-decoder-audio-opus.js
xn--80affa3aj0al.net/vendor/ogv.js/ |
422 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ogv-decoder-audio-vorbis.js
xn--80affa3aj0al.net/vendor/ogv.js/ |
385 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ogv-support.js
xn--80affa3aj0al.net/vendor/ogv.js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
recorder.min.js
xn--80affa3aj0al.net/vendor/recorderjs/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utils.js
xn--80affa3aj0al.net/js/lib/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bin_utils.js
xn--80affa3aj0al.net/js/lib/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tl_utils.js
xn--80affa3aj0al.net/js/lib/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ng_utils.js
xn--80affa3aj0al.net/js/lib/ |
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i18n.js
xn--80affa3aj0al.net/js/lib/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
xn--80affa3aj0al.net/js/lib/mtproto/ |
62 KB 16 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mtproto_wrapper.js
xn--80affa3aj0al.net/js/lib/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
xn--80affa3aj0al.net/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
services.js
xn--80affa3aj0al.net/js/ |
111 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
controllers.js
xn--80affa3aj0al.net/js/ |
174 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
filters.js
xn--80affa3aj0al.net/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
messages_manager.js
xn--80affa3aj0al.net/js/ |
134 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
message_composer.js
xn--80affa3aj0al.net/js/ |
40 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
directives.js
xn--80affa3aj0al.net/js/ |
92 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
directives_mobile.js
xn--80affa3aj0al.net/js/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
desktop.css
xn--80affa3aj0al.net/css/ |
45 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en-us.json
xn--80affa3aj0al.net/js/locales/ |
48 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
215 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.html
xn--80affa3aj0al.net/partials/desktop/ |
9 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
58 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crypto_worker.js
xn--80affa3aj0al.net/js/lib/ |
1013 B 900 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
General.png
xn--80affa3aj0al.net/img/icons/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Telegram.svg
xn--80affa3aj0al.net/img/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
venus.web.telegram.org/apiw1/ |
84 B 344 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sp-push-worker-fb.js
xn--80affa3aj0al.net/ |
73 B 483 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/65323339/ Redirect Chain
|
184 B 324 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
venus.web.telegram.org/apiw1/ |
652 B 912 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
venus.web.telegram.org/apiw1/ |
72 B 331 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
venus.web.telegram.org/apiw1/ |
168 B 428 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
venus.web.telegram.org/apiw1/ |
168 B 428 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
/
cerber.telegramm-web.ru/venus/apiw1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
venus.web.telegram.org/apiw1/ |
200 B 461 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
General.png
web.telegram.org/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
/
venus.web.telegram.org/apiw1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cerber.telegramm-web.ru
- URL
- https://cerber.telegramm-web.ru/venus/apiw1/
- Domain
- venus.web.telegram.org
- URL
- https://venus.web.telegram.org/apiw1/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)373 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| oSpPOptions function| oPromptPush object| oSpP object| core object| __core-js_shared__ object| firebase function| UAParser function| setZeroTimeout function| $ function| jQuery object| Config object| ConfigStorage object| angular number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin object| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time object| global object| t object| ua undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| CryptoJS function| Rusha object| Zlib object| goog function| findPrimes function| millerRabinInt function| millerRabin function| bitSize function| expand function| randTruePrime function| randProbPrime function| randProbPrimeRounds function| mod function| addInt function| mult function| powMod function| sub function| add function| inverseMod function| multMod function| randTruePrime_ function| randBigInt function| randBigInt_ function| GCD function| GCD_ function| inverseMod_ function| inverseModInt function| inverseModInt_ function| eGCD_ function| negative function| greaterShift function| greater function| divide_ function| carry_ function| modInt function| int2bigInt function| str2bigInt function| equalsInt function| equals function| isZero function| bigInt2str function| dup function| copy_ function| copyInt_ function| addInt_ function| rightShift_ function| halve_ function| leftShift_ function| multInt_ function| divInt_ function| linComb_ function| linCombShift_ function| addShift_ function| subShift_ function| sub_ function| add_ function| mult_ function| mod_ function| multMod_ function| squareMod_ function| trim function| powMod_ function| mont_ number| bpe number| mask number| radix string| digitsStr object| buff object| one object| ss object| s0 object| s1 object| s2 object| s3 object| s4 object| s5 object| s6 object| s7 object| T object| sa object| mr_x1 object| mr_r object| mr_a object| eg_v object| eg_u object| eg_A object| eg_B object| eg_C object| eg_D object| md_q1 object| md_q2 object| md_q3 object| md_r object| md_r1 object| md_r2 object| md_tt object| primes object| pows object| s_i object| s_i2 object| s_R object| s_rm object| s_q object| s_n1 object| s_a object| s_r2 object| s_n object| s_b object| s_d object| s_x1 object| s_x2 object| s_aa object| rpprb function| WebPDecoder function| OGVTimeRanges function| OGVMediaError string| prop object| OGVCompat object| OGVLoader function| OGVMediaType function| OGVPlayer string| OGVVersion object| ogvjs function| OGVDemuxerOgg function| OGVDecoderAudioOpus function| OGVDecoderAudioVorbis function| Recorder number| _logTimer function| dT function| checkClick function| isInDOM function| checkDragEvent function| cancelEvent function| hasOnclick function| getScrollWidth function| onCtrlEnter function| setFieldSelection function| getFieldSelection function| getRichValue function| getRichValueWithCaret function| getRichElementValue function| setRichFocus function| getSelectedText function| scrollToNode function| onContentLoaded function| tsNow function| safeReplaceObject function| listMergeSorted function| listUniqSorted function| templateUrl function| encodeEntities function| calcImageInBox function| versionCompare function| onAnimationFrameCallback object| SearchIndexManager function| bigint function| bigStringInt function| dHexDump function| bytesToHex function| bytesFromHex function| bytesToBase64 function| uint6ToBase64 function| base64ToBlob function| dataUrlToBlob function| blobConstruct function| blobSafeMimeType function| bytesCmp function| bytesXor function| bytesToWords function| bytesFromWords function| bytesFromBigInt function| bytesFromLeemonBigInt function| bytesToArrayBuffer function| convertToArrayBuffer function| convertToUint8Array function| convertToByteArray function| bytesFromArrayBuffer function| bufferConcat function| longToInts function| longToBytes function| longFromInts function| intToUint function| uintToInt function| sha1HashSync function| sha1BytesSync function| sha256HashSync function| rsaEncrypt function| addPadding function| aesEncryptSync function| aesDecryptSync function| gzipUncompress function| nextRandomInt function| pqPrimeFactorization function| pqPrimeBigInteger function| gcdLong function| pqPrimeLong function| pqPrimeLeemon function| bytesModPow function| TLSerialization function| TLDeserialization function| mtprotoloadproxy object| extraModules function| EmojiTooltip function| EmojiPanel function| MessageComposer function| Scroller object| EmojiHelper function| ym object| jQuery111106063177772775035 function| safeConfirm undefined| BlobBuilder undefined| requestFileSystem object| rushaInstance object| Ya object| yaCounter65323339 number| checkConnectionPeriod5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .xn--80affa3aj0al.net/ | Name: _ym_isad Value: 2 |
|
| .xn--80affa3aj0al.net/ | Name: _ym_d Value: 1620405882 |
|
| xn--80affa3aj0al.net/ | Name: useproxy Value: 0 |
|
| .xn--80affa3aj0al.net/ | Name: _ym_uid Value: 1620405882697538289 |
|
| xn--80affa3aj0al.net/ | Name: ten_min Value: true |
40 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cerber.telegramm-web.ru
mc.yandex.com
mc.yandex.ru
use.fontawesome.com
venus.web.telegram.org
web.telegram.org
web.webpushs.com
xn--80affa3aj0al.net
cerber.telegramm-web.ru
venus.web.telegram.org
2001:67c:4e8:1033:2:100:0:a
2001:67c:4e8:1033:3:100:0:a
2001:67c:4e8:1033:4:100:0:a
213.166.68.130
23.111.9.35
2a00:1450:4001:810::200a
2a02:6b8::1:119
2a02:6ea0:c700::4
00a8918ea1283c186af960f33f7762cdc552bdc76fe41d080f673475f2b651f7
02e43eae189ff289d16bd67251968289ab838ce8f43358a04c024f14682e6eeb
0f20ff5eb764a30f6c3b958eb491094152bef7977df633b4cda666d931dc73e7
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
12465750e4d5364584b4326b493e63ec7994275bcafd84f82ed5a79602349891
126a9d94ffc3d7c385c761f5acac9f95bff4e89426f8c42b04de1c6d3c3e94ee
1787211bb6c15bc910e4aa84f5840a92bf1d52d9fed9975d604e91a2164d894e
19ecf3e00ada8cf3e5172c9f0d8675bf86d6bb7fff58075dd88cb0350f99ecc1
1c9625af0e5542e4cf4d0562ac07ce32f8b473f078274251f550bffd1156cf0d
1d6e3816d3089ee9bc9743c206210a2dae4659b841f762944c7b9069be00a575
1d71d84c6fe72f9774693d521d25ffb5a374300e76608460adfea44277ddb661
1f0a928febfbc4ceac366627a7865589bcba4cb59f028497bbe37dae15a5d0f5
25eb8bbf82ed85dfb40380162f022fb193fd39351e72e60425f619b3a5c3525d
266971038fa69a2ef9bd7b327a5a02e42fdb5e6421c694eb4d4508bc0b1039c6
2c4a502ff8f39cd6b2a0f2959d61d6e9867bbcfd0d9351052f90cb7f2dbeed69
2f29d9d3df67c4e09e306693ad5e1bb2bcb38bd2dd632725b54ca8738f3f0428
45125f0cd284408e91f85bc4d39aae1a599c3aa7c98cbc7720c52124ff36aae4
49792111d9c30fa5cdc10d3277c48eff030be61191fe2003e6dd044c7e0185be
4bd3235c2b661d573efd26d1bb7fd4068d1ca171032d481696096b2773141b3b
543321f4cb4dc5d389c9c1a3886888ddc0dba575a5ecafdda55cf48fe644fc49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d1f0fafe8e5e1316fd7b8c71c90a840954acc7a620f0d3a4bae1f09571fa4f
5601d32f8f59160382f7f93fe63fbd34a86157f8212460f4e82f7d801783a279
57490bbf8b50d7c7769cd2d447c22901588d2b39533839c876b06a31c9919a04
5817c80a9cb541d99e9ffa347b1f5f91d5b3bd03ec99c5f63cf5c0c10b3d350b
5834e76cef89cb271ddd823224b9b236ffe68e242407247c7a0e2d4d42953c97
5ee1e826a6dc36a2e7869b3b33b22b0e7e96c3b03b95288b85d6c32654567715
64a47e9fee054cbf373601256ade0b5a98f1fbd90247299fe5b530136cd5fcae
6ec1337a6581378f7d05a03eeede3fe5b054500791074aba052e21d971734465
6eff25c05a2902f47b30ff3f302b0df8fb24e470f245e653dd1cd264b4887dda
733a34c54f55acd2b99e48d55228abf9a5248930bda8443ab1da335085bd6a1c
73aa0cbb15a5060b11bbd06beb3ef1d29942ccfd1c562251d07b11202380bc38
7a9c5042cbd59e97cec7ec16aaf8731697e9f02f0f29f6b75c27362f3f7df017
7d353c760210ba55144a689f9d1190157a4a1b03ecec770b85843e53b9a44956
7ea8dfb4f6b6310b04c17c31485c5092afc5efa459defaef568960f5b43d60d7
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
89424f7b15964d0f9aea9b25c3687155170e48c893e3ac177d2c8649c203699d
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
93f06b1f6991bdcc7f18bd7a9307913f11b344b13181b1f8d0bfa256dbc19d14
94690c2796f7fba15ed718181d478ea5dae63b461fb3074c59e9ef0606f0ba9f
9dfd6262b5eea4752731b640437d3f74fed981ce69d732590de6032d24e29f43
9e73adc1b7f1cbe917f64a062c8b7a188d7d4a2178215007fb48fe55d0957452
9fb2a0148dcad4358f2e24260b97371d33ad5f6cd8ef7772ce7898594c595e9b
a32d9e3854dee89bc26e12b7e724ec0c0769b5c49c666f014b0b6d83e4631080
a6aa8d343cbf2559f79896cac3083fb2255073ba8c303e87a6f8eb860d8c1938
a91f5f67ad27115d96c3c130e238d4fd50b892ddbc25671a9b62599a56b89d3b
ab26f95476f03588d83b4fdf1e628d9ae6d9d402bc2a6c73a26e8b4b06eb6514
b5532b1548f1a22dca46ed74e7c84efdfa95158b5269c9b0215ed1b5f1a9878e
bd24e2e781d27a24a5b689e340f6acfd17069cf48814d563160c8c9265382d77
bdf9512f08da96fe7dc1d9312b302db1fd1929c0d3e12e50cd012abb2547c88c
c06cf7736a06b55be9494a3bcfda8c3fee7a89dc47d9fa8b7361b2f5700881fd
c7e3ba2203db13ea26b799e56ba45188fd68c9f4ae752044a66a14c5869f418f
d0fc9ce6692f87e1476f4985cfe061a020e2730882173e2a4b19b41e1e784366
dae366cb5cf8679cf484c6446e28956c37863c10d9cfd902d15a654b9f7ce2a7
dcd15c3721402deb565520b0265f98d87391f5a7b4f7ec73bb6d68a33c6b4d2c
dd6953614e26451e3e39e0f43436caac0aeb8d89251cd395936185ac6c442037
e2a91872ec3acf90b043e0a5c7d7870681ab685704b334a163194aaa55faacbc
e58c5a24ce9ab78f75ec5e1f985b5470973539f03ccd88ac95012e2f63d3f1aa
e6e0d485d27ecdc1a03f79db849616a33cf15275a87c7d27f7d5ba1379b2f107
e94b521c9940b21d582ae416407e9dbf03f4aa0968fe64b624b02576f568b262
eff0fb5a0d93eaca83b1fa9513c07df98f9df702eb69f942e01f6196a74c9fc0
eff1c92bea1f426d1be8071cf06702d5ef8a3220f4968f7fda61ecdafe2fbba3
f52ff7466b9c6b79bec5c22fdc8ea25fd7bf6062f47ba10c37a82f9c318157f8
f6557be5e266e498089dfc234d444d125fc1aa98eaebcbe70dc085493b227dc5
f73f96c2e10a6f1418916bb0431f4e3dbf8db9028e00376988ce302bb621d13f
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514