mmelgasdosbusartem.ru Open in urlscan Pro
2606:4700:3034::ac43:c949  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request main Show response mmelgasdosbusartem.ru/	15 KB 7 KB	343ms 150ms	Document text/html	2606:4700:3034::ac43:c949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b171db41d29e787f28dc29eadc2d50f414aba3e6e85f6249b119956d265e0dfa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f53d751ddf7b52d-OSL content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 21 Dec 2024 00:43:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66kJ6rkhIQm1PFfxrt31kZK2O1ObZWCPWjVkFoq1JS4uMtJ3%2F9UiKR30lOTNy2MKaIqGtN3t6REGiLoNng8GE3RIawBgZZpI%2F5L4pvX4w6CpOd%2FykFKK1V8r4hXpPx5%2Bjyq65L%2BMtSUZzbWvSOgsMc4pLsU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=46368&min_rtt=46346&rtt_var=7369&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3983&recv_bytes=2364&delivery_rate=87157&cwnd=253&unsent_bytes=0&cid=7a8ab5a04a71191b&ts=156&x=0" vary Accept-Encoding
GET H2	200	index-e-jlGVAF.js Show response mmelgasdosbusartem.ru/	133 KB 48 KB	178ms 178ms	Script text/javascript	2606:4700:3034::ac43:c949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b04e833ae43c5493e983f070356392a25e11942e3f4ec8fd705b0e8e8950f8b0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer https://mmelgasdosbusartem.ru/main Response headers content-encoding gzip cf-cache-status MISS etag "21298-625384f5aa200-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WXGp68kv2lxJZ%2F7OvIUk2H%2BP2ekWpw8EkXOAX9ydwT3lv3ybyVx6i7N5HUE1YntSbKRHBhKopQDZ7%2B5MRcjI6wN4hST96m%2BwrlV3xjdcwi8njlXYSEB5HOdj53Kx5SiYIXfK%2BnUDU6vv5852PllYLZLKfnc%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=46963&min_rtt=46346&rtt_var=2924&sent=51&recv=17&lost=0&retrans=0&sent_bytes=42620&recv_bytes=2637&delivery_rate=236805&cwnd=257&unsent_bytes=0&cid=7a8ab5a04a71191b&ts=337&x=0" date Sat, 21 Dec 2024 00:43:59 GMT content-type text/javascript last-modified Thu, 24 Oct 2024 12:40:40 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d752cebcb52d-OSL accept-ranges bytes content-length 48447 server cloudflare
GET H2	200	index-vX_PR0Tt.css mmelgasdosbusartem.ru/	477 KB 82 KB	153ms 153ms	Stylesheet text/css	2606:4700:3034::ac43:c949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/index-vX_PR0Tt.css Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer https://mmelgasdosbusartem.ru/main Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "77466-623b840a87380-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8ShgXjPtfIadyM1zB46PvSmb0TjLRN%2BAYheorK7R07AfuXBhlBWmu%2FH8NwzSLaSDMKUFrje8elbzA1lml2oPuod%2BKEB2s3I6RgCdpMF8jP31zX5dgrPRL1yQG919vetLTHQ4H63%2FubfHYgNj8%2BPGMEk8XA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f53d752ceb9b52d-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=46963&min_rtt=46346&rtt_var=2924&sent=19&recv=17&lost=0&retrans=0&sent_bytes=10857&recv_bytes=2637&delivery_rate=236805&cwnd=257&unsent_bytes=0&cid=7a8ab5a04a71191b&ts=313&x=0" date Sat, 21 Dec 2024 00:43:59 GMT content-type text/css last-modified Sat, 05 Oct 2024 10:28:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	axios.min.js Show response cdn.jsdelivr.net/npm/axios/dist/	53 KB 18 KB	114ms 36ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/main Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9cf48244581d6cb6486d6702f7372292284faef2489a3be419ac1bc70606be72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mmelgasdosbusartem.ru/ Response headers access-control-expose-headers * content-encoding br etag W/"d322-jO32YHmnvWmO/sus6Gyfc4bMqU4" age 27 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sat, 21 Dec 2024 00:43:59 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220107-FRA, cache-hel1410030-HEL vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 18369 x-jsd-version 1.7.9
GET H3	200	send.php Show response mmelgasdosbusartem.ru/server/	6 B 657 B	203ms 203ms	XHR application/json	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/server/send.php?check&service=Telegram Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abdfbffecbe18ed94df9829819e596ee285b52a94aa108514452a9121721c789 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://mmelgasdosbusartem.ru/main Response headers access-control-expose-headers Content-Length,Content-Type,Date,Server,Connection nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j09Cwci0oBnB0Oe5%2F1xYtYh81QXiN81Mp8od7HDNTdMI%2FVAnp6V4zF2WZ2PJbHN6ocqeLBHRT%2BD7rc9tbsDw69lQlh%2BFaVwfejoSK6TmkbUReidmVH3L5VB5nek3YRMK%2BKoahPOLTFI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f53d7546afe1c16-OSL access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 6 server-timing cfL4;desc="?proto=QUIC&rtt=46758&min_rtt=46494&rtt_var=4292&sent=36&recv=18&lost=0&retrans=0&sent_bytes=25904&recv_bytes=6785&delivery_rate=39356&cwnd=16800&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=409&x=1", cfExtPri, cfHdrFlush;dur=7 date Sat, 21 Dec 2024 00:44:00 GMT content-type application/json server cloudflare priority u=1,i
GET		mtproto.worker-ByDWDGLw.js mmelgasdosbusartem.ru/	0 0
GET		crypto.worker-CfCshcpI.js mmelgasdosbusartem.ru/	0 0
GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	crypto.worker-CfCshcpI.js Show response mmelgasdosbusartem.ru/	67 KB 24 KB	147ms 147ms	Fetch text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/crypto.worker-CfCshcpI.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mmelgasdosbusartem.ru/main Response headers content-encoding gzip cf-cache-status MISS etag "10d02-623b840a87380-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3z3B3qnjvHBXsqq7JZ3o1m4DDmZL9eIfR11HLY1ykLg8f%2FqXMUVZEkELh7zCHGMLW4LKEjt5Se5S8XJK4x9gSNQImoAdbU9aN9nbW5Orf9fCxPN8n0vwIzU0hAzJX8P8NFyrJa2DB4%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46806&min_rtt=46707&rtt_var=7494&sent=22&recv=16&lost=0&retrans=0&sent_bytes=10765&recv_bytes=6699&delivery_rate=388&cwnd=12000&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=377&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:00 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:46 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7548b121c16-OSL accept-ranges bytes content-length 23808 server cloudflare
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/avif
GET H3	200	favicon.ico mmelgasdosbusartem.ru/assets/img/	15 KB 4 KB	149ms 149ms	Other image/vnd.microsoft.icon	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mmelgasdosbusartem.ru/main Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"3aee-623b840e57c80" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPeMCkqr%2BB1q%2BrA4Lz4TtDznvr6fNihcZ5xVhNRihqijQDHe4m88ArIlSg7E%2BhYDge8lxqXU94Qi%2Fi2MqWsLHL%2BSktHUv%2F6f4sDGCetpD5c8cCPeJnYOUeRoK6HBLEXLkc1hB3cRumI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f53d7548b151c16-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46806&min_rtt=46707&rtt_var=7494&sent=27&recv=16&lost=0&retrans=0&sent_bytes=16304&recv_bytes=6699&delivery_rate=388&cwnd=12000&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=381&x=1", cfExtPri, cfHdrFlush;dur=4 date Sat, 21 Dec 2024 00:44:00 GMT content-type image/vnd.microsoft.icon last-modified Sat, 05 Oct 2024 10:28:50 GMT vary Accept-Encoding priority u=1,i
GET H3	200	lang-CNYDDQNH.js Show response mmelgasdosbusartem.ru/	137 KB 40 KB	174ms 174ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/lang-CNYDDQNH.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Response headers content-encoding gzip cf-cache-status MISS etag "2247a-623b840a87380-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=et%2FACwL7m0Ql9rzDslWKwiD37uv6%2Bal6TcTgMzecxzfOMb29pk5x6UbNkq4HKrwVc8PeYC5rl1dNCP7JZeS4MUdKuKxSTWj37QFxb%2BAccovUJ05eHIEjRmTlfRJ762ucNnhmmuTHWAE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46758&min_rtt=46494&rtt_var=4292&sent=36&recv=18&lost=0&retrans=0&sent_bytes=25904&recv_bytes=6785&delivery_rate=39356&cwnd=16800&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=395&x=1", cfExtPri, cfHdrFlush;dur=29 date Sat, 21 Dec 2024 00:44:00 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:46 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d754ab2d1c16-OSL accept-ranges bytes content-length 39939 server cloudflare
GET H3	200	langSign-CN-ja8rh.js Show response mmelgasdosbusartem.ru/	2 KB 1 KB	120ms 120ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/langSign-CN-ja8rh.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Response headers content-encoding gzip cf-cache-status MISS etag "66e-623b840a87380-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2twlf48JAOQmiPpv%2Fe1YF42WJM%2F91ug073T6gx4ZkQAKT6eDkE8uhNlziRxeIZKX1Jqb2xXV%2B91GJTKXFWfqlT7Pk%2FYxVGq6GeMtEL0qNDj%2FBdsWH8ktj03n0R5U3gu9A7Vy9WXxyGM%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46806&min_rtt=46707&rtt_var=7494&sent=20&recv=16&lost=0&retrans=0&sent_bytes=9208&recv_bytes=6699&delivery_rate=388&cwnd=12000&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=370&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:00 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:46 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d754ab2f1c16-OSL accept-ranges bytes content-length 809 server cloudflare
GET H3	200	countries-CzeCvYH8.js Show response mmelgasdosbusartem.ru/	24 KB 5 KB	89ms 88ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/countries-CzeCvYH8.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Response headers content-encoding gzip cf-cache-status MISS etag "5e21-623b840a87380-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2l4Ldeh8v59d5bKRUmoE4boe%2BYmzqr%2BW0Gl%2B%2B0GkXnkO4DzJvvbx9W8Pq%2FtgOmeU%2Bl1qds5PaKlYqb6qXoQfPCO7BR8tFJu2AiUywzHpsIF94bhizE8aSDU1TgfE2nsHrkdHw9XJRs%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46806&min_rtt=46707&rtt_var=7494&sent=15&recv=16&lost=0&retrans=0&sent_bytes=4304&recv_bytes=6699&delivery_rate=388&cwnd=12000&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=338&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:00 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:46 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d754ab301c16-OSL accept-ranges bytes content-length 4048 server cloudflare
GET H3	200	pageSignQR-C3lXUpHx.js Show response mmelgasdosbusartem.ru/	5 KB 3 KB	1391ms 1390ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/pageSignQR-C3lXUpHx.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 879d4f4091627258a6b4f30e1ffa7e12273c302c77387b870c2e7c63d76bdfcb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer Response headers content-encoding gzip cf-cache-status MISS etag "15a0-623b840c6f800-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoggfgbq18YZe0WqucISJvroa9GXpjSkJ7B1YmSpMHOLCBSYcXzwsaEPfWGwGtscXD8mknnU%2Fw4L3HGvRmepzlW58pzhNhwO4GNqMkF9ZiRNuSh0uJPHpEoBhZfm%2FQaQ7meGUVmhmkU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47351&min_rtt=46462&rtt_var=818&sent=325&recv=91&lost=0&retrans=0&sent_bytes=354607&recv_bytes=11473&delivery_rate=79144&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=1890&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:01 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:48 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7563d041c16-OSL accept-ranges bytes content-length 2611 server cloudflare
GET H3	200	page-BMz-rky6.js Show response mmelgasdosbusartem.ru/	10 KB 5 KB	2394ms 2393ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/page-BMz-rky6.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c83e96a914db1e2c858e798c86cdbf9c0cb372241d2d8e925bbd79457d1703b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer Response headers content-encoding gzip cf-cache-status MISS etag "290c-623b840c6f800-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xf9HqNM4eNUmLFTsLlp1T7vjzE9NsYz08TRDnvDFIE6kv5D3Zs0gtbQHlxg%2BlAvwLyuZN99pRreUSJzAGcTpRFAQv0Kiw%2FYK5xDLJfCF%2B2t4dFDH83OapYc8Yn26Tt173CajFa015Ig%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47272&min_rtt=46462&rtt_var=773&sent=329&recv=92&lost=0&retrans=0&sent_bytes=358993&recv_bytes=11518&delivery_rate=73534&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=2894&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:02 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:48 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7563d051c16-OSL accept-ranges bytes content-length 4114 server cloudflare
GET H3	200	button-DNOYFSTy.js Show response mmelgasdosbusartem.ru/	9 KB 4 KB	385ms 385ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/button-DNOYFSTy.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53215a998c994f1475191e266b3658282cec121c0ce01db226313eba52644565 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer Response headers content-encoding gzip cf-cache-status MISS etag "241a-623b840a87380-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcoIKYW3zf%2FCBI0cpXVPocAueGojix2pnhZS0ZI%2BXblItHDe%2FrSAogvbC10gy4khPQMtj4DsQy36kpaa0MrWsFV5z8tDn9OSEFQQDkA9kRUTeuU9310PWMZ%2FsOvVCVj8uhjN6%2FDRKNA%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47472&min_rtt=46462&rtt_var=769&sent=320&recv=90&lost=0&retrans=0&sent_bytes=348755&recv_bytes=11428&delivery_rate=3139275&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=884&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:00 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:46 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7563d061c16-OSL accept-ranges bytes content-length 3854 server cloudflare
GET H3	200	putPreloader-CByTF1BW.js Show response mmelgasdosbusartem.ru/	699 B 1 KB	1387ms 1386ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/putPreloader-CByTF1BW.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b565e185c7c2c3cdcac2c73df77098ff3aa6cce17102ce9e01cfc9f4ac408d73 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer Response headers content-encoding gzip cf-cache-status MISS etag "2bb-623b840c6f800-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbQHvKI7u95F91ZB9Y24XO%2BGtm9UggIaJ1e25H4RpNVk0COZz%2FoOSJEebvIWiX0xvC4GeQfnM4r6RBkYYH94dSaxiCYoxACnYndXaxVEFyfyx8Ibx1brisLtv%2FvTTL0OLfmFqePQWMU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47351&min_rtt=46462&rtt_var=818&sent=324&recv=91&lost=0&retrans=0&sent_bytes=353410&recv_bytes=11473&delivery_rate=79144&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=1886&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:01 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:48 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7563d071c16-OSL accept-ranges bytes content-length 471 server cloudflare
GET H3	200	textToSvgURL-Cnw_Q8Rw.js Show response mmelgasdosbusartem.ru/	357 B 979 B	2392ms 2392ms	Script text/javascript	172.67.201.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/textToSvgURL-Cnw_Q8Rw.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.201.73 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer Response headers content-encoding gzip cf-cache-status MISS etag "165-623b840c6f800-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2B9kld78GhC%2BKWOzCP5K4h5fVQ69a87wfFLZt6dy6gtlA0zW8NttViYV4gL1EZLGfHibKePvwmJjIlMGPUw6X69If8Vnt4EkFQ7ppjU0Y7izkhmdMDUd4kaVDXRyXVBe4TLJXD0NMnQ%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47272&min_rtt=46462&rtt_var=773&sent=328&recv=92&lost=0&retrans=0&sent_bytes=357991&recv_bytes=11518&delivery_rate=73534&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=2891&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:02 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:48 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7563d081c16-OSL accept-ranges bytes content-length 277 server cloudflare
GET		083b2b96-ddb9-42bc-8cb4-717fd162426b https://mmelgasdosbusartem.ru/	0 0
GET		084a9e9e-a4f9-435c-8393-1887c1130b0f https://mmelgasdosbusartem.ru/	0 0
GET		140ae60e-4f2c-4812-864a-ae478adc0a24 https://mmelgasdosbusartem.ru/	0 0
GET H3	200	qr-code-styling-CvBVNv73.js Show response mmelgasdosbusartem.ru/	65 KB 0	123ms 123ms	Script text/javascript
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/qr-code-styling-CvBVNv73.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer Response headers content-encoding gzip cf-cache-status MISS etag "10251-623b840c6f800-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLr5zdol2f8IKoNNrWjYdpmOLBFb1C60jK%2F2kbj6%2BYIVumI8pn0A3DXUrY5KJkpXuR6g6UiVMaL3fhmt3EQkvsYP8ePDGqU%2B2gp6ii6lVAupNBbbhbOmt1x9GxlpgVr2eeRkPg9HrPs%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47526&min_rtt=46462&rtt_var=1089&sent=335&recv=94&lost=0&retrans=0&sent_bytes=363953&recv_bytes=12255&delivery_rate=103521&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=3021&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:02 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:48 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7653da61c16-OSL accept-ranges bytes content-length 17206 server cloudflare
GET H3	200	_commonjsHelpers-Cpj98o6Y.js Show response mmelgasdosbusartem.ru/	290 B 0	124ms 124ms	Script text/javascript
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/_commonjsHelpers-Cpj98o6Y.js Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/index-e-jlGVAF.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://mmelgasdosbusartem.ru Referer Response headers content-encoding gzip cf-cache-status MISS etag "122-623b84089ef00-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5uxj64eFsl73tWlE%2FKMZBRgeirOMGBK7a0QcKtkxFvDFY9k75AS9%2FPhH0jIHFRfu0e3QGsjepqUvN81ZEBvGvnS%2BwvCEIcY0mTvCmjw9HYwDkn1QnMOIeJuhWbdijHftVCCIJ3nl7o%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47526&min_rtt=46462&rtt_var=1089&sent=351&recv=94&lost=0&retrans=0&sent_bytes=382249&recv_bytes=12255&delivery_rate=103521&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=3022&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:02 GMT content-type text/javascript last-modified Sat, 05 Oct 2024 10:28:44 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f53d7653da71c16-OSL accept-ranges bytes content-length 228 server cloudflare
GET H3	200	logo_padded.svg Show response mmelgasdosbusartem.ru/assets/img/	1 KB 0	120ms 120ms	Fetch image/svg+xml
General Check archive.org Show headers Download Go to Full URL https://mmelgasdosbusartem.ru/assets/img/logo_padded.svg Requested by Host: mmelgasdosbusartem.ru URL: https://mmelgasdosbusartem.ru/pageSignQR-C3lXUpHx.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://mmelgasdosbusartem.ru/main Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"42d-623b840e57c80" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSDHowo1EAUl9uqN%2F8PE2bAkvJLXJmFP6W0%2FpYwgVNKydFQhBfkMJJWLxrO9QZwCX3NkOTCNIWPNh0gf0hdZWTiWiRkr4n08XTDxmS4SI2j7TFQxIRfzH1dZNDWfNSYHOEBwe9wusxQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f53d7706cc71c16-OSL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47419&min_rtt=46462&rtt_var=810&sent=353&recv=97&lost=0&retrans=0&sent_bytes=383223&recv_bytes=12706&delivery_rate=162482&cwnd=173700&unsent_bytes=0&cid=e32cd482bb0c8ddc&ts=4812&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 21 Dec 2024 00:44:04 GMT content-type image/svg+xml last-modified Sat, 05 Oct 2024 10:28:50 GMT server cloudflare priority u=1,i vary Accept-Encoding
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mmelgasdosbusartem.ru

URL

https://mmelgasdosbusartem.ru/mtproto.worker-ByDWDGLw.js

Domain

mmelgasdosbusartem.ru

URL

https://mmelgasdosbusartem.ru/crypto.worker-CfCshcpI.js

Domain

mmelgasdosbusartem.ru

URL

blob:https://mmelgasdosbusartem.ru/083b2b96-ddb9-42bc-8cb4-717fd162426b

Domain

mmelgasdosbusartem.ru

URL

blob:https://mmelgasdosbusartem.ru/084a9e9e-a4f9-435c-8393-1887c1130b0f

Domain

mmelgasdosbusartem.ru

URL

blob:https://mmelgasdosbusartem.ru/140ae60e-4f2c-4812-864a-ae478adc0a24

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| axios number| interval function| postLocalStorageWithFatch object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| appNavigationController object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates function| dispatchHeavyAnimationEvent object| pagesManager object| sequentialDom function| putPreloader

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mmelgasdosbusartem.ru/	1970-01-21 01:52:22	Name: token_abc Value: 561eb848a97c631d38627b06f6059e24

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://mmelgasdosbusartem.ru/main Message: [GroupMarkerNotSet(crbug.com/242999)!:A0309507F4100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
mmelgasdosbusartem.ru
mmelgasdosbusartem.ru
172.67.201.73
2606:4700:3034::ac43:c949
2a04:4e42:200::485
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896
53215a998c994f1475191e266b3658282cec121c0ce01db226313eba52644565
55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48
879d4f4091627258a6b4f30e1ffa7e12273c302c77387b870c2e7c63d76bdfcb
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
9cf48244581d6cb6486d6702f7372292284faef2489a3be419ac1bc70606be72
abdfbffecbe18ed94df9829819e596ee285b52a94aa108514452a9121721c789
b04e833ae43c5493e983f070356392a25e11942e3f4ec8fd705b0e8e8950f8b0
b171db41d29e787f28dc29eadc2d50f414aba3e6e85f6249b119956d265e0dfa
b565e185c7c2c3cdcac2c73df77098ff3aa6cce17102ce9e01cfc9f4ac408d73
c83e96a914db1e2c858e798c86cdbf9c0cb372241d2d8e925bbd79457d1703b3
db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4