mk-nhts.ru
Open in
urlscan Pro
141.8.194.230
Public Scan
Submission: On September 07 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 27th 2023. Valid for: 3 months.
This is the only time mk-nhts.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 141.8.194.230 141.8.194.230 | 35278 (SPRINTHOST) (SPRINTHOST) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:801::2001 | 15169 (GOOGLE) (GOOGLE) | |
5 10 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
25 | 4 |
ASN15169 (GOOGLE, US)
lh5.googleusercontent.com | |
lh6.googleusercontent.com |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
mk-nhts.ru
mk-nhts.ru |
421 KB |
7 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 8136 |
3 KB |
3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3674 |
55 KB |
3 |
googleusercontent.com
lh5.googleusercontent.com — Cisco Umbrella Rank: 167 lh6.googleusercontent.com — Cisco Umbrella Rank: 507 |
869 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1134 |
7 KB |
25 | 5 |
Domain | Requested by | |
---|---|---|
16 | mk-nhts.ru |
mk-nhts.ru
|
7 | mc.yandex.com |
3 redirects
mk-nhts.ru
|
3 | mc.yandex.ru |
2 redirects
mk-nhts.ru
|
2 | lh6.googleusercontent.com |
mk-nhts.ru
|
1 | lh5.googleusercontent.com |
mk-nhts.ru
|
1 | maxcdn.bootstrapcdn.com |
mk-nhts.ru
|
25 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
itmagency.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mk-nhts.ru R3 |
2023-08-27 - 2023-11-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-08-14 - 2024-01-24 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mk-nhts.ru/news/perexodyi-trojniki-i-otvodyi-obzor-statej.html
Frame ID: 8452FE0D04AA54ED9CF76E3BF18476EC
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Переходы, тройники и отводы на производстве ООО "МК НХТС" с доставкой по России и СНГDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10119.dYnf2FVr5Df5oAdCtjnwI0JkLdcD-SptBZF-FHqRt8j8DZLjMT8ETv3403Mbuomq.hEdflszC91WzTSrW0usJQiPCb7w%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10119.Zl54le7zZKlgPmht2ukk2OLHeeaVVc1jODKGrTo0o5B45P45P_cYtdQSbkPUOsnlsg3IkG81bf7OzRQ64fGhcyBpwAtagsqMzww664cd_sM%2C.XuiDUDFbzrYwiQqY-5CKQC1bzdI%2C
- https://mc.yandex.com/watch/36865415?wmode=7&page-url=https%3A%2F%2Fmk-nhts.ru%2Fnews%2Fperexodyi-trojniki-i-otvodyi-obzor-statej.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A1137%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1467571490698%3Ahid%3A281407163%3Az%3A120%3Ai%3A20230907190859%3Aet%3A1694106539%3Ac%3A1%3Arn%3A739678743%3Arqn%3A1%3Au%3A1694106539195710418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A461%2C119%2C190%2C0%2C0%2C0%2C%2C476%2C2%2C%2C%2C%2C1247%3Aco%3A0%3Acpf%3A1%3Ans%3A1694106537711%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694106539%3At%3A%D0%9F%D0%B5%D1%80%D0%B5%D1%85%D0%BE%D0%B4%D1%8B%2C%20%D1%82%D1%80%D0%BE%D0%B9%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%BE%D0%B4%D1%81%D1%82%D0%B2%D0%B5%20%D0%9E%D0%9E%D0%9E%20%22%D0%9C%D0%9A%20%D0%9D%D0%A5%D0%A2%D0%A1%22%20%D1%81%20%D0%B4%D0%BE%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%A1%D0%9D%D0%93&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/36865415/1?wmode=7&page-url=https%3A%2F%2Fmk-nhts.ru%2Fnews%2Fperexodyi-trojniki-i-otvodyi-obzor-statej.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A1137%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1467571490698%3Ahid%3A281407163%3Az%3A120%3Ai%3A20230907190859%3Aet%3A1694106539%3Ac%3A1%3Arn%3A739678743%3Arqn%3A1%3Au%3A1694106539195710418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A461%2C119%2C190%2C0%2C0%2C0%2C%2C476%2C2%2C%2C%2C%2C1247%3Aco%3A0%3Acpf%3A1%3Ans%3A1694106537711%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694106539%3At%3A%D0%9F%D0%B5%D1%80%D0%B5%D1%85%D0%BE%D0%B4%D1%8B%2C%20%D1%82%D1%80%D0%BE%D0%B9%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%BE%D0%B4%D1%81%D1%82%D0%B2%D0%B5%20%D0%9E%D0%9E%D0%9E%20%22%D0%9C%D0%9A%20%D0%9D%D0%A5%D0%A2%D0%A1%22%20%D1%81%20%D0%B4%D0%BE%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%A1%D0%9D%D0%93&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
- https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10119.3BgmEq5zw3WcBvghBDkBrpHRf5peb6b0IsHQmejCDykYJ9HMdaSyByaRdoteKrBX.xicw2haRy0RbP3nPurqFshReMq8%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10119.XEgx_LKlW9UPtrioPJalyvRqm8GZMvm_gOk-CojHG_Wisi7f8S2axLEf8ZvQS5cQ40d444eEoTOI0H6Ch74b6ZWRb-nbExXl--1ShKyoqBQ%2C.VDQ6dRh4bx_r4NKD1iXy_k12vmA%2C
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
perexodyi-trojniki-i-otvodyi-obzor-statej.html
mk-nhts.ru/news/ |
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.css
mk-nhts.ru/assets/template/css/fancy/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flexslider.css
mk-nhts.ru/assets/template/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
mk-nhts.ru/assets/template/css/ |
516 KB 127 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
mk-nhts.ru/assets/components/ajaxform/css/ |
2 KB 874 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
mk-nhts.ru/phpthumbsup/w/200/f/png/src/uploads/template/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dUCBbYA7k4M79crSX0ot0z3i8ehp_wxJQ09Wg1o5JusTX0tpMjky_lkHUJNY7iIq1IUwgTwNkyunN2hDC0g364cx1LySteG18GkIbgWNhMHuRDYKIr1ecPLYvA3h8zlbzJFyIonF
lh5.googleusercontent.com/ |
518 KB 519 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZqSF2jLquf_2fnVRbmzLzmXYFexraa-y1RWXnisqy-fI9GY3W175xAGmK84WBW3SlMNyBs6yMisxxtHYWJBbT5z9Db_Hp899r8hBG_2mE8-fO_ty5svWNT9Cca-zSLPG_rNoGbwA
lh6.googleusercontent.com/ |
172 KB 173 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpn1wOt-SVkvdmxzA8pIEJ1EO5Am_UzTPVXLx41xy-6046xn4892eWeKv3xtEH22Wg2MZy03wd_dYeL7MgpAVUziFhmf8QIyAODU__5n9n7Qs7WKDVXJo7GTknOjrg_WfTWz14sK
lh6.googleusercontent.com/ |
178 KB 178 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-itm.png
mk-nhts.ru/assets/template/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
mk-nhts.ru/assets/template/js/ |
148 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
mk-nhts.ru/assets/components/ajaxform/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.jgrowl.min.css
mk-nhts.ru/assets/components/ajaxform/css/lib/ |
3 KB 933 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
153 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.png
mk-nhts.ru/assets/template/img/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PT_Sans-Web-Regular_0.woff
mk-nhts.ru/assets/template/fonts/ |
79 KB 80 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Exo2-SemiBold.woff
mk-nhts.ru/assets/template/fonts/ |
54 KB 54 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Exo2-Regular.woff
mk-nhts.ru/assets/template/fonts/ |
53 KB 53 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.form.min.js
mk-nhts.ru/assets/components/ajaxform/js/lib/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.jgrowl.min.js
mk-nhts.ru/assets/components/ajaxform/js/lib/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 114 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/36865415/ Redirect Chain
|
454 B 595 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide_secondary
mc.yandex.com/ Redirect Chain
|
43 B 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| AjaxForm object| Ya object| yaCounter3686541513 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mk-nhts.ru/ | Name: PHPSESSID Value: bt60n1aui69ctjugg09foce054 |
|
.mk-nhts.ru/ | Name: _ym_uid Value: 1694106539195710418 |
|
.mk-nhts.ru/ | Name: _ym_d Value: 1694106539 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 368621150fake |
|
.mk-nhts.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 150184584fake |
|
mc.yandex.com/ | Name: yabs-sid Value: 1423728851694106539 |
|
.yandex.com/ | Name: i Value: 9maeHQbRxazAZC8/Oit4rRhtgRJTOl6IoThdj3UPLSp3jmsngA/sDewUuEyfnaQ+NC7j0GJnP9yFFOE7ANJZYcAWT7o= |
|
.yandex.com/ | Name: yandexuid Value: 5110099141694106539 |
|
.yandex.com/ | Name: yuidss Value: 5110099141694106539 |
|
.yandex.com/ | Name: ymex Value: 1725642539.yrts.1694106539#1725642539.yrtsi.1694106539 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
|
.mk-nhts.ru/ | Name: _ym_visorc Value: w |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lh5.googleusercontent.com
lh6.googleusercontent.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
mk-nhts.ru
141.8.194.230
2606:4700::6812:bcf
2a00:1450:4001:801::2001
2a02:6b8::1:119
0083f0f3348865478e1c056dcb8acc72042cae5510ae041a0aabf3f05e6817b8
1384c978ab862ee04c1c52257a6d224ca50ce5cecf38389290984a946aed6e8f
224c67cc7832ab04bba7cecc44e93160799e2d72ec7a22c252920e30bd88ff24
2d917d3b50769b125de350fa87b5372119441833f9e8f16b2b2e4c34a27c0522
3b5aa1d0cc0071cbe94f7467c828d2c70add2c093b1257cf1c6cc55b5b80d344
4355184d240069d95f3239b287bee903501e37730fd6765aa8aabdafaa0ae74a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
93f6a072d6d428467985a0240ea29003105568ddfc3a8b267c4dd5091103bd46
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
983427acf316a44d96bfb445877141151fa9c83f39578c7df969833ccc1115f4
a4b0719ee671d83ec7094fe2307118cb3a48e01611618095adb43584e15b5936
b28adb20802eca5c6176cfbf03e1ae9b8d8366087debabe403d82ff2366a79a8
b398b9352d271c41c1f428c101051f24fb75740bce1bb20b18667a74db1f2302
b601d15b0d8a2a2d7447ad356a03af45c371540f629f5a9558cb37e949fb01b5
c4387607bd36c3496edcff651e4813e55e92ce7636c48bf5986ac293a431c559
d238e2b665035b4c79a882af6295e37b5dd0e52340954a8c4b8b495c02296781
d85932f67a40a0d435281276df73389b9255014aae2e24bff438464e8d329204
dab32f9f905ee63fa92b35315aebca49886e1a06fb88356fd46db1dd822d1ef6
dd4d606465daa5b32a7e5c3b4e8068e07e92d9785342b44f58e6dfd28a89f950
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dec02000effb475b67302569444c69f36700bdaad525f95956a2ba3873361f6d
f0f2fc153daf5d3ef66c6e26f9b8d244212b12c27e725e237b5d2afc2bd35afe
f61844c5f73d356e8d3bc6c90fdcd78b0a1feab17e73c7f46220963b259ad601