rusteatrkbr.ru
Open in
urlscan Pro
2a00:f940:2:2:1:1:0:131
Public Scan
Submission Tags: phishingrod
Submission: On March 24 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 23rd 2024. Valid for: 3 months.
This is the only time rusteatrkbr.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2a00:f940:2:2... 2a00:f940:2:2:1:1:0:131 | 197695 (AS-REG) (AS-REG) | |
4 | 109.207.9.85 109.207.9.85 | 196747 (ELECTRONI...) (ELECTRONIC-GOVERNMENT) | |
4 10 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208398 (TELETECH) (TELETECH) | |
28 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
rusteatrkbr.ru
rusteatrkbr.ru |
734 KB |
7 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 6478 |
3 KB |
4 |
gosuslugi.ru
pos.gosuslugi.ru — Cisco Umbrella Rank: 198627 |
699 KB |
3 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2486 |
74 KB |
28 | 4 |
Domain | Requested by | |
---|---|---|
18 | rusteatrkbr.ru |
rusteatrkbr.ru
|
7 | mc.yandex.com |
3 redirects
rusteatrkbr.ru
mc.yandex.ru |
4 | pos.gosuslugi.ru |
rusteatrkbr.ru
|
3 | mc.yandex.ru |
1 redirects
rusteatrkbr.ru
|
28 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
facebook.com |
twitter.com |
youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rusteatrkbr.ru R3 |
2024-03-23 - 2024-06-21 |
3 months | crt.sh |
*.gosuslugi.ru GlobalSign GCC R3 DV TLS CA 2020 |
2023-10-12 - 2024-11-12 |
a year | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-12-26 - 2024-06-05 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rusteatrkbr.ru/
Frame ID: 10FEF31701E6F148A6CB58075D61584D
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
РУССКИЙ ДРАМАТИЧЕСКИЙ ТЕАТРDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10317.Q1g5Iyybs-b6nwgEP2YcY5sSIqY-MMo9U0MyRJnhpxvtD33o8zXdXRnJeLQDmjjO.wbKf2Kg5QjqJMr-OxYhAk2krky4%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10317.vq4ztYmCJJA4H3Iywf98t2YDkNE9rGvGx-Pv0Vg09mOzlma-E-C8H8ZE7YnOqegRcwTv2VEvQdrmdVFlfctVdRE6SD15OQ4WpCIJt85DcA-6oMLfMPTyWctVCYH3g_VO7QiSmOQsPLkOCv0hsVN4Xf7Ro074oJoXY0ZWgdJp_g52af_gg89CScg_xEoOnbaFoD2kXqAv5nZkaCWX70BLxdym7KSzgJpE09MNtMsV5e8%2C.c1YMmj_-aqyUzGmGQF0Yx6_EMJw%2C HTTP 302
- https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10317.TQejMfpDbKgzRpmRfLoNPHc9qxeAkhY-M6hhuU547bXZevCWwBf0EI1UXob17D2tTA9rgV9_-P_jLHp1cAUaAZ_n8FFKBmbIWbEwAu2VLapv6IbNGrnlEqXDNCvzogn1UJrRQEArUoCrlofT0ZumOZxwiJ9yvUzyQTJTzWHCLrSJYbgrvp6lW6JRVdexo6weGQLXEYxY_V6GIvKu9hMy3w%2C%2C.azUxkeTN6kTM-Jc7hE3ggaDOBP8%2C
- https://mc.yandex.com/watch/94195395?wmode=7&page-url=https%3A%2F%2Frusteatrkbr.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.4%22%2C%22pluginVersion%22%3A%221.1.9%22%2C%22ymCmsRip%22%3A%221597463007%22%7D%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A1%3Adp%3A0%3Als%3A483356358431%3Ahid%3A727030257%3Az%3A60%3Ai%3A20240324015937%3Aet%3A1711241978%3Ac%3A1%3Arn%3A595451956%3Arqn%3A1%3Au%3A1711241978381879402%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A658%3Awv%3A2%3Ads%3A0%2C88%2C253%2C1%2C%2C0%2C%2C311%2C6%2C%2C%2C%2C809%3Aco%3A0%3Acpf%3A1%3Ans%3A1711241976952%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711241978%3At%3A%D0%A0%D0%A3%D0%A1%D0%A1%D0%9A%D0%98%D0%99%20%D0%94%D0%A0%D0%90%D0%9C%D0%90%D0%A2%D0%98%D0%A7%D0%95%D0%A1%D0%9A%D0%98%D0%99%20%D0%A2%D0%95%D0%90%D0%A2%D0%A0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
- https://mc.yandex.com/watch/94195395/1?wmode=7&page-url=https%3A%2F%2Frusteatrkbr.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.4%22%2C%22pluginVersion%22%3A%221.1.9%22%2C%22ymCmsRip%22%3A%221597463007%22%7D%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A1%3Adp%3A0%3Als%3A483356358431%3Ahid%3A727030257%3Az%3A60%3Ai%3A20240324015937%3Aet%3A1711241978%3Ac%3A1%3Arn%3A595451956%3Arqn%3A1%3Au%3A1711241978381879402%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A658%3Awv%3A2%3Ads%3A0%2C88%2C253%2C1%2C%2C0%2C%2C311%2C6%2C%2C%2C%2C809%3Aco%3A0%3Acpf%3A1%3Ans%3A1711241976952%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711241978%3At%3A%D0%A0%D0%A3%D0%A1%D0%A1%D0%9A%D0%98%D0%99%20%D0%94%D0%A0%D0%90%D0%9C%D0%90%D0%A2%D0%98%D0%A7%D0%95%D0%A1%D0%9A%D0%98%D0%99%20%D0%A2%D0%95%D0%90%D0%A2%D0%A0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rusteatrkbr.ru/ |
108 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
rusteatrkbr.ru/wp-includes/blocks/navigation/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
rusteatrkbr.ru/wp-includes/blocks/image/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
rusteatrkbr.ru/wp-includes/blocks/cover/ |
18 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
rusteatrkbr.ru/wp-includes/blocks/social-links/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bvi.min.css
rusteatrkbr.ru/wp-content/plugins/button-visually-impaired/assets/css/ |
77 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interactivity.min.js
rusteatrkbr.ru/wp-includes/js/dist/ |
32 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view.min.js
rusteatrkbr.ru/wp-includes/blocks/navigation/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YmEc.min.js
rusteatrkbr.ru/wp-content/plugins/wp-yandex-metrika/assets/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
rusteatrkbr.ru/wp-includes/js/jquery/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
rusteatrkbr.ru/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontend.min.js
rusteatrkbr.ru/wp-content/plugins/wp-yandex-metrika/assets/ |
284 B 466 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-WhatsApp-Image-2023-09-05-at-14.20.05-1-1-1.png
rusteatrkbr.ru/wp-content/uploads/2023/09/ |
104 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%D0%BE%D0%B1%D0%BB%D0%BE%D0%B6%D0%BA%D0%B0.png
rusteatrkbr.ru/wp-content/uploads/2023/09/ |
85 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_777300_original-1.jpg
rusteatrkbr.ru/wp-content/uploads/2024/03/ |
391 KB 392 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WhatsApp-Image-2024-01-09-at-12.20.41-e1704792232894-300x177.jpeg
rusteatrkbr.ru/wp-content/uploads/2024/01/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
pos.gosuslugi.ru/bin/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gosuslugi-logo-blue.svg
pos.gosuslugi.ru/bin/banner-fluid/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bvi.min.js
rusteatrkbr.ru/wp-content/plugins/button-visually-impaired/assets/js/ |
38 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
209 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter.woff2
rusteatrkbr.ru/wp-content/themes/blockify/assets/fonts/ |
37 KB 37 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-Regular.woff2
pos.gosuslugi.ru/bin/fonts/Lato/fonts/ |
178 KB 179 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-fluid-100-720.svg
pos.gosuslugi.ru/bin/banner-fluid/100/ |
511 KB 511 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_finish
mc.yandex.ru/ Redirect Chain
|
43 B 611 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 574 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/94195395/ Redirect Chain
|
482 B 574 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
94195395
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
94195395
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| YmEc undefined| $ function| jQuery object| wpym function| ym object| DataLayer function| Widget function| ownKeys function| _objectSpread function| _defineProperty string| POS_PREFIX_104 object| posOptionsInitialBanner104 function| setStyles function| removeStyles function| changePosBannerOnResize object| wp_bvi object| regeneratorRuntime object| isvek object| Bvi object| __WordPressPrivateInteractivityAPI__ object| Ya object| yaCounter9419539520 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yandex.ru/ | Name: yashr Value: 8860784201711241977 |
|
.rusteatrkbr.ru/ | Name: _ym_uid Value: 1711241978381879402 |
|
.rusteatrkbr.ru/ | Name: _ym_d Value: 1711241978 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 301358006fake |
|
.yandex.com/ | Name: i Value: GE5ONImIZVNDEAyKuG7zl/5qe2ICfzAV/fKT4jL5M78BOm0QSNvi1NVAe8zWwp416RRZYn2xisT4EefBwCshsRcX+jM= |
|
.yandex.com/ | Name: yandexuid Value: 6888883851711241977 |
|
.yandex.com/ | Name: yashr Value: 2161009121711241977 |
|
.rusteatrkbr.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2258016185fake |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
.yandex.ru/ | Name: yandexuid Value: 6888883851711241977 |
|
.yandex.ru/ | Name: yuidss Value: 6888883851711241977 |
|
.yandex.ru/ | Name: i Value: GE5ONImIZVNDEAyKuG7zl/5qe2ICfzAV/fKT4jL5M78BOm0QSNvi1NVAe8zWwp416RRZYn2xisT4EefBwCshsRcX+jM= |
|
.yandex.ru/ | Name: yp Value: 1711328378.yu.343748831711241977 |
|
.yandex.ru/ | Name: ymex Value: 1713833978.oyu.343748831711241977 |
|
mc.yandex.com/ | Name: yabs-sid Value: 326771091711241978 |
|
.yandex.com/ | Name: yuidss Value: 6888883851711241977 |
|
.yandex.com/ | Name: ymex Value: 1742777978.yrts.1711241978 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
|
.rusteatrkbr.ru/ | Name: _ym_visorc Value: w |
62 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mc.yandex.com
mc.yandex.ru
pos.gosuslugi.ru
rusteatrkbr.ru
109.207.9.85
2a00:f940:2:2:1:1:0:131
2a02:6b8::1:119
0495e974df6b1fb87ac2b2eb55d3d19b7932de28d5005c4dfe895a6a367ca794
1da6ac92ca3e30a2b3f83b5ca6f7f1aafc604baf34706951762786f47122faea
298dd619079eea12a6f2a83b4dff27fe6ed775e94f0e367954d2dfa90e2469a1
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4a64a8cbe21f6031f47d5381d9ce4dd8bbccaf985fe041b02d28a578a4a5fefc
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
62a5fa8eb86fb06c5e0bc6d89097b5343dcbeecf1b8f7e0315a4fc9294840083
661f5ac8c396edf7b29f361b899fbf25c96aae3b078651680bd81e8fe8649374
7dd08afdc9c802e72949cc16eabce890ae28f263ae85cda432080997238ec6c2
7dfffee0f42b87166ce1ad371df343c9b8b2240e125dd0b4fe909f46f660a307
9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9d07fac0a7e1c42a57c76e7ce9c51d60cf3ddc5826d5747f5baac2875a84443a
b9ce16882c4377960b25e12a19d78b129c6981b13242ca0975c641e1702c04cd
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d71e6d47043a5e0c9f7470ae9491a72c8a026afd56fce327f19f646bfa6e023a
db7b8cdd61c661ac00bcc05e1b7081366e0270213bfdb371d8341e96ad8218af
e043dc87f68acd6a9248feb3cdd95c411259545f3f890f291593dbe228a4da26
e70a38e3a15d27eafc3a268b9e72502bd0045134e9be2bfed528c48015b05c10
ebadb4794d5c935d2a73ead8ef436d089fc5fe9ff61c5decc7eaddea8d9d1e81
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966
f471e9a7d22d33362e950f7f1fe33b1b6e74105c7253156ada1db8e6010cb5fd