urlscan.io logo urlscan.io
SecurityTrails logo

norshen.ru Open in urlscan Pro
178.57.217.251  Public Scan

Go To Rescan Add Verdict Report
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Submission: On September 15 via manual from UA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 178.57.217.251, located in Russian Federation and belongs to IHC, RU. The main domain is norshen.ru.
This is the only time norshen.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 178.57.217.251 203226 (IHC)
1 1 217.20.147.3 47764 (MAILRU-AS...)
2 217.20.155.208 47764 (MAILRU-AS...)
21 2
Apex Domain
Subdomains		 Transfer
19 norshen.ru
norshen.ru
295 KB
3 ok.ru
connect.ok.ru
3 KB
21 2
Domain Requested by
19 norshen.ru norshen.ru
3 connect.ok.ru 1 redirects norshen.ru
connect.ok.ru
21 2

This site contains links to these domains. Also see Links.

Domain
tv7h.pro
www.youtube.com
Subject Issuer Validity Valid
*.ok.ru
GeoTrust RSA CA 2018		 2018-02-09 -
2021-03-21		 3 years crt.sh

This page contains 2 frames:

Primary Page: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Frame ID: B31A5B0DDE7FDB94F256711F64CDEBA7
Requests: 20 HTTP requests in this frame

Frame: https://connect.ok.ru/dk?st.cmd=WidgetGroup&st.groupId=42873003507919&st.fid=__okGroup0&st.hoster=http%3A%2F%2Fnorshen.ru%2Fredirect%3Furl%3Dhttp%3A%2F%2Ftv7h.pro%2Ff%2F9l28&st.settings=%7Bwidth%3A210%2Cheight%3A285%7D
Frame ID: 219317E0F4741A55F6E972FF7B7AACED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

21
Requests

10 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

298 kB
Transfer

493 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://connect.ok.ru/connect.js HTTP 302
  • https://connect.ok.ru/connect.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set redirect
norshen.ru/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed / InstantCMS 2
Resource Hash
73ad916728680970bd913ffed3c694ce1767859dfa876e3830fe94d3c8d65760
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
norshen.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
B31A5B0DDE7FDB94F256711F64CDEBA7

Response headers

Set-Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; path=/ icms[device_type]=desktop; expires=Sun, 15-Sep-2019 03:02:12 GMT; Max-Age=31536000; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
X-Powered-By
InstantCMS 2
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Sat, 15 Sep 2018 03:02:12 GMT
Accept-Ranges
bytes
Server
LiteSpeed
Connection
close
theme-text.css
norshen.ru/templates/default/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/css/theme-text.css
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
8a3ccf00c82756ee1000c2a8fd119ef484176cb04b6b9ae1208c938a914f0445

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Feb 2017 18:13:30 GMT
Server
LiteSpeed
ETag
"7b3-589619ca-e86f5c97874b771c;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
783
theme-layout.css
norshen.ru/templates/default/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/css/theme-layout.css
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
bf48f2fa45735808540b645ebae899111c293f002a51f96fbaa9f77e1dc793b3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:36 GMT
Server
LiteSpeed
ETag
"3783-58bd5d74-b642543a047d24c8;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3109
theme-gui.css
norshen.ru/templates/default/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/css/theme-gui.css
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
ef5b3e99ddb57f7c30cbf7c13b552bdcfbb05ae69ccb90f125b4ff7ca11231c4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:36 GMT
Server
LiteSpeed
ETag
"d38e-58bd5d74-b38f1448c6ca8d59;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9877
theme-widgets.css
norshen.ru/templates/default/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/css/theme-widgets.css
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
ad8f240f2c5ffc919e29cabe1ed27e348015991eb8739a9880fbba341ee4ac69

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:36 GMT
Server
LiteSpeed
ETag
"4e14-58bd5d74-540c218a766c28a1;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3450
theme-content.css
norshen.ru/templates/default/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/css/theme-content.css
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
2f1275a2ab1f97673a946590daa16d838902ef0b7756bf6995b51ca2e3129295

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:14 GMT
Server
LiteSpeed
ETag
"5019-58bd5d5e-1c814e4f7e97d639;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4663
theme-modal.css
norshen.ru/templates/default/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/css/theme-modal.css
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
a7b13ce7cd1e9f855634aec530f519dc5345762942702c3521a6febfe7e368e7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:14 GMT
Server
LiteSpeed
ETag
"c60-58bd5d5e-206e70da363b5890;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1011
styles.css
norshen.ru/templates/default/controllers/redirect/ 		388 B
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/controllers/redirect/styles.css
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
e8e95f600287b94184bdcfa96546867013f1166d589f5167f8dee6f40749706d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Feb 2017 18:13:30 GMT
Server
LiteSpeed
ETag
"184-589619ca-687bf16f46c467a1;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
233
jquery.js
norshen.ru/templates/default/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/js/jquery.js
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Feb 2017 18:13:30 GMT
Server
LiteSpeed
ETag
"17b8b-589619ca-ba6d159fe00f6477;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33793
jquery-modal.js
norshen.ru/templates/default/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/js/jquery-modal.js
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
15d5674ffad5fa853655a44e6280569277c95348b239d63017fe7c763010af7a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:14 GMT
Server
LiteSpeed
ETag
"82a5-58bd5d5e-b653eaf49dc7ed9f;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8287
core.js
norshen.ru/templates/default/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/js/core.js
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
77ab03e0cbbb8eb9b0f8ef23f3e40b76cd450d741d2f644e13a631cfc81d2f5a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:36 GMT
Server
LiteSpeed
ETag
"2d30-58bd5d74-4e5844b5a66f53e4;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3111
modal.js
norshen.ru/templates/default/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/js/modal.js
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
550a5c62489ac4d4f62ace0718f6f7ca2cda1ec89098384a1c4c3459e6840c4e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2017 13:00:14 GMT
Server
LiteSpeed
ETag
"ac0-58bd5d5e-73015dc19856e811;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
732
jquery-cookie.js
norshen.ru/templates/default/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norshen.ru/templates/default/js/jquery-cookie.js
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
a80c8a909e1cd12d55bf6a701cb72336b010a11246ae0c5d4fb7dfb0e292e878

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Feb 2017 16:42:04 GMT
Server
LiteSpeed
ETag
"1113-5896045c-20d983c0585077c9;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1549
bg.png
norshen.ru/templates/default/images/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norshen.ru/templates/default/images/bg.png
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://norshen.ru/templates/default/css/theme-layout.css
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/templates/default/css/theme-layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:13 GMT
Last-Modified
Sat, 04 Feb 2017 16:42:02 GMT
Server
LiteSpeed
ETag
"21a05-5896045a-fbffe48876e59909;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
137733
nav-arrow-down-white.png
norshen.ru/templates/default/images/ 		242 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norshen.ru/templates/default/images/nav-arrow-down-white.png
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
183f59df956ab47fc078b30c4f119be4a223b5a80724e10a7d2c9542e2c545b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://norshen.ru/templates/default/css/theme-layout.css
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/templates/default/css/theme-layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:13 GMT
Last-Modified
Sat, 04 Feb 2017 16:42:03 GMT
Server
LiteSpeed
ETag
"f2-5896045b-c922a36a08477b5c;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
242
bg_top.png
norshen.ru/templates/default/images/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norshen.ru/templates/default/images/bg_top.png
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
9e549181e4883efe09200ec0dc1ece7514763df98c4fa0b7cad373c08138e63e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://norshen.ru/templates/default/css/theme-layout.css
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/templates/default/css/theme-layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:13 GMT
Last-Modified
Sat, 04 Feb 2017 16:42:03 GMT
Server
LiteSpeed
ETag
"12a55-5896045b-284964fe6f2a9b5f;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
76373
user_add.png
norshen.ru/templates/default/images/icons/ 		705 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norshen.ru/templates/default/images/icons/user_add.png
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
e0b91d78048bee3847254b5fee49828542635aed7b258fbc0249c356ea0ad16a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://norshen.ru/templates/default/css/theme-gui.css
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/templates/default/css/theme-gui.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:13 GMT
Last-Modified
Sat, 04 Feb 2017 16:42:04 GMT
Server
LiteSpeed
ETag
"2c1-5896045c-94ed280bca6a1cd9;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
705
key.png
norshen.ru/templates/default/images/icons/ 		664 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norshen.ru/templates/default/images/icons/key.png
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
11e55ce68558b4b7284ffce9ec3d769c1618968272a080fcffa015ae03eacdaa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://norshen.ru/templates/default/css/theme-gui.css
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/templates/default/css/theme-gui.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:13 GMT
Last-Modified
Sat, 04 Feb 2017 16:42:03 GMT
Server
LiteSpeed
ETag
"298-5896045b-9f59dd73fcca0b7b;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
664
logo.png
norshen.ru/templates/default/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norshen.ru/templates/default/images/logo.png
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
HTTP/1.1
Server
178.57.217.251 , Russian Federation, ASN203226 (IHC, RU),
Reverse DNS
cpanel1.hothat.ru
Software
LiteSpeed /
Resource Hash
9a4c57f2f7aa1013578270f9966f071890b7da984aa3989c2bdf92bcc61e9f2b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
norshen.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://norshen.ru/templates/default/css/theme-layout.css
Cookie
PHPSESSID=0694f96111e9723f6845f52fe7c0a403; icms[device_type]=desktop
Connection
keep-alive
Cache-Control
no-cache
Referer
http://norshen.ru/templates/default/css/theme-layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 15 Sep 2018 03:02:13 GMT
Last-Modified
Sat, 04 Feb 2017 16:42:04 GMT
Server
LiteSpeed
ETag
"172f-5896045c-291f286dc0453b49;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5935
connect.js
connect.ok.ru/
Redirect Chain
  • http://connect.ok.ru/connect.js
  • https://connect.ok.ru/connect.js
3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/connect.js
Requested by
Host: norshen.ru
URL: http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
895c1def2772b4984125fc3744c2da74d629ec5e043e4da81889b86d79ffbf7b

Request headers

Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 15 Sep 2018 03:02:13 GMT
server
apache
etag
c7865120aaa5e181142e14908c3352c3
content-length
2988
content-type
text/javascript;charset=utf-8

Redirect headers

Location
https://connect.ok.ru/connect.js
Date
Sat, 15 Sep 2018 03:02:13 GMT
Server
Apache
Connection
keep-alive
Content-Length
0
dk
connect.ok.ru/ Frame 2193 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=WidgetGroup&st.groupId=42873003507919&st.fid=__okGroup0&st.hoster=http%3A%2F%2Fnorshen.ru%2Fredirect%3Furl%3Dhttp%3A%2F%2Ftv7h.pro%2Ff%2F9l28&st.settings=%7Bwidth%3A210%2Cheight%3A285%7D
Requested by
Host: connect.ok.ru
URL: https://connect.ok.ru/connect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru; worker-src blob: 'self'; connect-src * wss:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=2592000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
connect.ok.ru
:scheme
https
:path
/dk?st.cmd=WidgetGroup&st.groupId=42873003507919&st.fid=__okGroup0&st.hoster=http%3A%2F%2Fnorshen.ru%2Fredirect%3Furl%3Dhttp%3A%2F%2Ftv7h.pro%2Ff%2F9l28&st.settings=%7Bwidth%3A210%2Cheight%3A285%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
B31A5B0DDE7FDB94F256711F64CDEBA7
Referer
http://norshen.ru/redirect?url=http://tv7h.pro/f/9l28

Response headers

status
200
server
apache
date
Sat, 15 Sep 2018 03:02:13 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
set-cookie
bci=-6535282159748697089; Domain=.ok.ru; Expires=Thu, 03-Oct-2086 06:16:20 GMT; Path=/; HttpOnly landref=norshen.ru; Domain=.ok.ru; Path=/
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru; worker-src blob: 'self'; connect-src * wss:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control
no-cache no-store
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=2592000;includeSubdomains
rendered-blocks
WidgetPage
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| icms function| toggleFilter function| goBack function| spellcount function| renderHtmlAvatar function| initTabs string| module object| jQuery112407217572273823556 object| OK

4 Cookies

Domain/Path Name / Value
.ok.ru/ Name: landref
Value: norshen.ru
.ok.ru/ Name: bci
Value: -6535282159748697089
norshen.ru/ Name: icms[device_type]
Value: desktop
norshen.ru/ Name: PHPSESSID
Value: 0694f96111e9723f6845f52fe7c0a403

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.ok.ru
norshen.ru
178.57.217.251
217.20.147.3
217.20.155.208
11e55ce68558b4b7284ffce9ec3d769c1618968272a080fcffa015ae03eacdaa
15d5674ffad5fa853655a44e6280569277c95348b239d63017fe7c763010af7a
183f59df956ab47fc078b30c4f119be4a223b5a80724e10a7d2c9542e2c545b9
241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf
2f1275a2ab1f97673a946590daa16d838902ef0b7756bf6995b51ca2e3129295
550a5c62489ac4d4f62ace0718f6f7ca2cda1ec89098384a1c4c3459e6840c4e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
73ad916728680970bd913ffed3c694ce1767859dfa876e3830fe94d3c8d65760
77ab03e0cbbb8eb9b0f8ef23f3e40b76cd450d741d2f644e13a631cfc81d2f5a
895c1def2772b4984125fc3744c2da74d629ec5e043e4da81889b86d79ffbf7b
8a3ccf00c82756ee1000c2a8fd119ef484176cb04b6b9ae1208c938a914f0445
9a4c57f2f7aa1013578270f9966f071890b7da984aa3989c2bdf92bcc61e9f2b
9e549181e4883efe09200ec0dc1ece7514763df98c4fa0b7cad373c08138e63e
a7b13ce7cd1e9f855634aec530f519dc5345762942702c3521a6febfe7e368e7
a80c8a909e1cd12d55bf6a701cb72336b010a11246ae0c5d4fb7dfb0e292e878
ad8f240f2c5ffc919e29cabe1ed27e348015991eb8739a9880fbba341ee4ac69
bf48f2fa45735808540b645ebae899111c293f002a51f96fbaa9f77e1dc793b3
e0b91d78048bee3847254b5fee49828542635aed7b258fbc0249c356ea0ad16a
e8e95f600287b94184bdcfa96546867013f1166d589f5167f8dee6f40749706d
ef5b3e99ddb57f7c30cbf7c13b552bdcfbb05ae69ccb90f125b4ff7ca11231c4