promo.sber.ru
Open in
urlscan Pro
194.54.15.144
Public Scan
Submitted URL: https://rustories.sber.ru/
Effective URL: https://promo.sber.ru/rustories
Submission Tags: phishingrod
Submission: On April 20 via api from DE — Scanned from DE
Effective URL: https://promo.sber.ru/rustories
Submission Tags: phishingrod
Submission: On April 20 via api from DE — Scanned from DE
Summary
This website contacted 12 IPs
in 1 countries
across 10 domains to perform 56 HTTP transactions.
The main IP is 194.54.15.144, located in
Russian Federation and
belongs to SBERBANK, RU.
The main domain is promo.sber.ru.
TLS certificate: Issued by Russian Trusted Sub CA on March 3rd 2023. Valid for: a year.
This is the only time promo.sber.ru was scanned on urlscan.io!
TLS certificate: Issued by Russian Trusted Sub CA on March 3rd 2023. Valid for: a year.
This is the only time promo.sber.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 178.248.233.180 178.248.233.180 | 197068 (QRATOR) (QRATOR) | |
| 11 | 194.54.15.144 194.54.15.144 | 35237 (SBERBANK) (SBERBANK) | |
| 5 | 151.236.71.248 151.236.71.248 | 204720 (CDNETWORKS) (CDNETWORKS) | |
| 6 18 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
| 2 | 87.240.132.72 87.240.132.72 | 47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com) | |
| 4 | 95.163.52.67 95.163.52.67 | 47764 (VK-AS) (VK-AS) | |
| 1 | 23.111.96.36 23.111.96.36 | 39134 (UNITEDNET) (UNITEDNET) | |
| 6 | 37.18.110.198 37.18.110.198 | 208677 (SBERCLOUD-AS) (SBERCLOUD-AS) | |
| 1 4 | 84.252.144.107 84.252.144.107 | 35237 (SBERBANK) (SBERBANK) | |
| 4 | 81.19.89.16 81.19.89.16 | 24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS) | |
| 1 2 | 195.209.108.50 195.209.108.50 | 52007 (ADRIVER-AS) (ADRIVER-AS) | |
| 1 | 195.209.108.55 195.209.108.55 | 52007 (ADRIVER-AS) (ADRIVER-AS) | |
| 6 | 84.252.146.96 84.252.146.96 | 35237 (SBERBANK) (SBERBANK) | |
| 56 | 12 |
11
194.54.15.144
(Russian Federation)
ASN35237 (SBERBANK, RU)
PTR: 144.15-54-194.sberbank.ru
ASN35237 (SBERBANK, RU)
PTR: 144.15-54-194.sberbank.ru
| promo.sber.ru |
18
2a02:6b8::1:119
(Moscow, Russian Federation)
ASN208722 (GLOBAL_DC, FI)
ASN208722 (GLOBAL_DC, FI)
| mc.yandex.ru | |
| mc.yandex.com |
2
87.240.132.72
(Russian Federation)
ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com
ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com
| vk.com |
6
37.18.110.198
(Russian Federation)
ASN208677 (SBERCLOUD-AS, RU)
ASN208677 (SBERCLOUD-AS, RU)
| dmp.sbermarketing.ru | |
| dmp-profiles.sbermarketing.ru |
4
81.19.89.16
(Russian Federation)
ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
| kraken.rambler.ru |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
yandex.com
4 redirects
mc.yandex.com — Cisco Umbrella Rank: 7652 |
6 KB |
| 12 |
sber.ru
1 redirects
rustories.sber.ru promo.sber.ru |
591 KB |
| 10 |
sberbank.ru
1 redirects
visor.sberbank.ru — Cisco Umbrella Rank: 101755 sve.online.sberbank.ru — Cisco Umbrella Rank: 367614 |
2 KB |
| 6 |
sbermarketing.ru
dmp.sbermarketing.ru — Cisco Umbrella Rank: 98682 dmp-profiles.sbermarketing.ru — Cisco Umbrella Rank: 597039 |
4 KB |
| 5 |
trbcdn.net
8kwky1agm3.a.trbcdn.net |
171 KB |
| 4 |
rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 26829 |
3 KB |
| 4 |
adriver.ru
1 redirects
content.adriver.ru — Cisco Umbrella Rank: 23925 ad.adriver.ru — Cisco Umbrella Rank: 13737 ev.adriver.ru — Cisco Umbrella Rank: 24975 |
17 KB |
| 4 |
mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 6293 |
17 KB |
| 3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2437 |
59 KB |
| 2 |
vk.com
vk.com — Cisco Umbrella Rank: 3288 |
24 KB |
| 56 | 10 |
| Domain | Requested by | |
|---|---|---|
| 15 | mc.yandex.com |
4 redirects
promo.sber.ru
mc.yandex.ru |
| 11 | promo.sber.ru |
promo.sber.ru
|
| 6 | sve.online.sberbank.ru |
8kwky1agm3.a.trbcdn.net
|
| 5 | 8kwky1agm3.a.trbcdn.net |
promo.sber.ru
8kwky1agm3.a.trbcdn.net |
| 4 | kraken.rambler.ru |
8kwky1agm3.a.trbcdn.net
promo.sber.ru |
| 4 | visor.sberbank.ru |
1 redirects
promo.sber.ru
|
| 4 | dmp.sbermarketing.ru |
8kwky1agm3.a.trbcdn.net
|
| 4 | top-fwz1.mail.ru |
promo.sber.ru
|
| 3 | mc.yandex.ru |
2 redirects
promo.sber.ru
|
| 2 | dmp-profiles.sbermarketing.ru |
promo.sber.ru
|
| 2 | ad.adriver.ru |
1 redirects
promo.sber.ru
|
| 2 | vk.com |
promo.sber.ru
|
| 1 | ev.adriver.ru |
content.adriver.ru
|
| 1 | content.adriver.ru |
8kwky1agm3.a.trbcdn.net
|
| 1 | rustories.sber.ru | 1 redirects |
| 56 | 15 |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| promo.sber.ru Russian Trusted Sub CA |
2023-03-03 - 2024-03-02 |
a year | crt.sh |
| *.a.trbcdn.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-05-13 - 2023-05-31 |
a year | crt.sh |
| mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-03-17 - 2023-08-27 |
5 months | crt.sh |
| *.vk.com GlobalSign Organization Validation CA - SHA256 - G2 |
2023-03-16 - 2024-02-20 |
a year | crt.sh |
| *.mail.ru GlobalSign ECC OV SSL CA 2018 |
2022-10-18 - 2023-11-19 |
a year | crt.sh |
| *.adriver.ru GlobalSign GCC R3 DV TLS CA 2020 |
2023-03-07 - 2024-04-07 |
a year | crt.sh |
| *.sbermarketing.ru AlphaSSL CA - SHA256 - G2 |
2022-08-04 - 2023-09-05 |
a year | crt.sh |
| visor.sberbank.ru HARICA DV TLS RSA |
2023-01-20 - 2024-01-20 |
a year | crt.sh |
| *.rambler.ru GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-17 - 2024-05-18 |
a year | crt.sh |
| webclickstream.online.sberbank.ru Actalis Domain Validation Server CA G3 |
2023-01-16 - 2024-01-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://promo.sber.ru/rustories
Frame ID: 00695429E5FA143280D9CFE4E8E6BD59
Requests: 50 HTTP requests in this frame
Screenshot
Page Title
Сбер Российские историиPage URL History Show full URLs
-
https://rustories.sber.ru/
HTTP 301
https://promo.sber.ru/rustories Page URL
Detected technologies
AdRiver
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://vk.com/app8189026
Title: Рассказать в VK
Title: Рассказать в VK
Search URL Search Domain Scan URL
URL: https://t.me/rustoriesbot
Title: Рассказать в телеграм
Title: Рассказать в телеграм
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rustories.sber.ru/
HTTP 301
https://promo.sber.ru/rustories Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://visor.sberbank.ru/get HTTP 302
- https://visor.sberbank.ru/get?try=1
- https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223989&bt=62&loc=https%253A%252F%252Fpromo.sber.ru%252Frustories&ph=1&rnd=422058&tail256=unknown HTTP 302
- https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223989&bt=62&loc=https%253A%252F%252Fpromo.sber.ru%252Frustories&ph=1&rnd=422058&tail256=unknown&tuid=-6281768115
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9979.TMnBnUO_XcwTVe6JLMJjYaiw-eSXBCOxtOWcv_1xqwcso_S-znJa7IefkV3Q_bVk.OqfrQ3cCh--lq9dKA3k_yRjJK1E%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9979.zDBgp4HhrJv9Seaf1YnWJvuEWyLDnHa4YzpSLzAWT-nJOIV5mT3bUNeWpYG2AMyb5zTHEEjsY6Z-BFxZiGMYQE3O4oqD4Rrir8fnJuLlr14%2C.4IHEcRSSZ9zr5795P7eMiWlqihA%2C
- https://mc.yandex.com/watch/31643078?wmode=7&page-url=https%3A%2F%2Fpromo.sber.ru%2Frustories&charset=utf-8&site-info=%7B%22sessions_params%22%3A%7B%22sessionID%22%3A%221682025479306.6yfmg82b%22%2C%22andata_ubtcuid%22%3A%22_upf0visfh5%22%2C%22window_navigator_userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%22%2C%22ga_cid%22%3A%22%22%2C%22user_paths%22%3Anull%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A2%3Adp%3A0%3Als%3A1499846423962%3Ahid%3A839416506%3Az%3A0%3Ai%3A20230420211759%3Aet%3A1682025480%3Ac%3A1%3Arn%3A592364214%3Arqn%3A1%3Au%3A1682025480596965757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C163%2C117%2C54%2C78%2C0%2C%2C336%2C2%2C%2C%2C%2C21240%3Aco%3A0%3Acpf%3A1%3Ans%3A1682025457952%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682025480%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D0%B5%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/31643078/1?wmode=7&page-url=https%3A%2F%2Fpromo.sber.ru%2Frustories&charset=utf-8&site-info=%7B%22sessions_params%22%3A%7B%22sessionID%22%3A%221682025479306.6yfmg82b%22%2C%22andata_ubtcuid%22%3A%22_upf0visfh5%22%2C%22window_navigator_userAgent%22%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F112.0.5615.121%20Safari%2F537.36%22%2C%22ga_cid%22%3A%22%22%2C%22user_paths%22%3Anull%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A2%3Adp%3A0%3Als%3A1499846423962%3Ahid%3A839416506%3Az%3A0%3Ai%3A20230420211759%3Aet%3A1682025480%3Ac%3A1%3Arn%3A592364214%3Arqn%3A1%3Au%3A1682025480596965757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C163%2C117%2C54%2C78%2C0%2C%2C336%2C2%2C%2C%2C%2C21240%3Aco%3A0%3Acpf%3A1%3Ans%3A1682025457952%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682025480%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D0%B5%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
- https://mc.yandex.com/watch/65289342?wmode=7&page-url=https%3A%2F%2Fpromo.sber.ru%2Frustories&charset=utf-8&site-info=%7B%22sessions_params%22%3A%7B%22sessionID%22%3A%221682025479306.6yfmg82b%22%2C%22andata_ubtcuid%22%3A%22_upf0visfh5%22%2C%22window_navigator_userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%22%2C%22ga_cid%22%3A%22%22%2C%22user_paths%22%3Anull%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A901136921965%3Ahid%3A839416506%3Az%3A0%3Ai%3A20230420211759%3Aet%3A1682025480%3Ac%3A1%3Arn%3A426055647%3Arqn%3A1%3Au%3A1682025480596965757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C163%2C117%2C54%2C78%2C0%2C%2C336%2C2%2C%2C%2C%2C21240%3Aco%3A0%3Acpf%3A1%3Ans%3A1682025457952%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682025480%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D0%B5%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/65289342/1?wmode=7&page-url=https%3A%2F%2Fpromo.sber.ru%2Frustories&charset=utf-8&site-info=%7B%22sessions_params%22%3A%7B%22sessionID%22%3A%221682025479306.6yfmg82b%22%2C%22andata_ubtcuid%22%3A%22_upf0visfh5%22%2C%22window_navigator_userAgent%22%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F112.0.5615.121%20Safari%2F537.36%22%2C%22ga_cid%22%3A%22%22%2C%22user_paths%22%3Anull%7D%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A901136921965%3Ahid%3A839416506%3Az%3A0%3Ai%3A20230420211759%3Aet%3A1682025480%3Ac%3A1%3Arn%3A426055647%3Arqn%3A1%3Au%3A1682025480596965757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C163%2C117%2C54%2C78%2C0%2C%2C336%2C2%2C%2C%2C%2C21240%3Aco%3A0%3Acpf%3A1%3Ans%3A1682025457952%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682025480%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D0%B5%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
- https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9979.ti8oXnmgpqz6_0370wyqvXWEdEkMYXeJxRh-piEkAvjvJ947Ym_eSfwzJFZW_PxT.7zwLNJevXRNl6twfyhiQXE-OenA%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9979.icmwS-lFsNASU7cjvwe-v6ZwOVyPSm3G0KBZjeDPnsiqYkqNoJ_gtSp7MswZi6Ng1FCJ5j3AcH2vG8eHduevfr_T9DEYnQX9sN2do2wdiiI%2C.0rqcQNClrInndbB_Uk8XcbySNw8%2C
56 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
rustories
promo.sber.ru/ Redirect Chain
|
47 KB 48 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
grid-3.0.min.css
promo.sber.ru/rustories/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blocks-page28102823.min.css
promo.sber.ru/rustories/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.10.2.min.js
promo.sber.ru/rustories/js/ |
91 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lazyload-1.3.min.js
promo.sber.ru/rustories/js/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GTM-TQX7VQ.js
8kwky1agm3.a.trbcdn.net/gtm/ |
397 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GTM-TLLMLP.js
8kwky1agm3.a.trbcdn.net/gtm/ |
0 384 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sbsansdisplay-bold.woff
promo.sber.ru/rustories/css/ |
53 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sbsansdisplay-regula.woff
promo.sber.ru/rustories/css/ |
47 KB 48 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sbsansdisplay-semibo.woff
promo.sber.ru/rustories/css/ |
52 KB 53 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
164 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
top100.js
8kwky1agm3.a.trbcdn.net/gtm/ |
175 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sv152.js
8kwky1agm3.a.trbcdn.net/gtm/ |
41 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tm.js
8kwky1agm3.a.trbcdn.net/gtm/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
openapi.js
vk.com/js/api/ |
104 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
code.js
top-fwz1.mail.ru/js/ |
33 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AdRiverFPS.js
content.adriver.ru/ |
13 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
dmp.sbermarketing.ru/ |
35 B 702 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
dmp.sbermarketing.ru/ |
35 B 701 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
get
visor.sberbank.ru/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
get
visor.sberbank.ru/ Redirect Chain
|
60 B 823 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
kraken.rambler.ru/cnt/ |
3 B 564 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
kraken.rambler.ru/cnt/ |
595 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rtrg
vk.com/ |
49 B 576 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
erle.cgi
ad.adriver.ru/cgi-bin/ Redirect Chain
|
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
counter
top-fwz1.mail.ru/ |
43 B 959 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
json.cgi
ev.adriver.ru/cgi-bin/ |
403 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tild3735-6564-4566-b530-643461636235__kv_rus_stories_butto.png
promo.sber.ru/rustories/images/ |
261 KB 262 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tild3764-6635-4665-a631-306130623630__logo_1.png
promo.sber.ru/rustories/images/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tild3233-6133-4132-b962-623763376330___.svg
promo.sber.ru/rustories/images/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
get
visor.sberbank.ru/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/31643078/ Redirect Chain
|
447 B 539 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/65289342/ Redirect Chain
|
447 B 479 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_decide_secondary
mc.yandex.com/ Redirect Chain
|
43 B 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
partners
sve.online.sberbank.ru/metrics/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
partners
sve.online.sberbank.ru/metrics/ |
0 174 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
products
dmp-profiles.sbermarketing.ru/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
products
dmp-profiles.sbermarketing.ru/v2/ |
462 B 878 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
counter
top-fwz1.mail.ru/ |
43 B 875 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracker
top-fwz1.mail.ru/ |
43 B 875 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
partners
sve.online.sberbank.ru/metrics/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
partners
sve.online.sberbank.ru/metrics/ |
0 174 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
dmp.sbermarketing.ru/ |
35 B 701 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
1
mc.yandex.com/watch/65289342/ |
43 B 158 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
1
mc.yandex.com/watch/31643078/ |
43 B 114 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
kraken.rambler.ru/cnt/ |
43 B 486 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
partners
sve.online.sberbank.ru/metrics/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
partners
sve.online.sberbank.ru/metrics/ |
0 174 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
dmp.sbermarketing.ru/ |
35 B 701 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
1
mc.yandex.com/watch/65289342/ |
43 B 74 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
1
mc.yandex.com/watch/31643078/ |
43 B 74 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
kraken.rambler.ru/cnt/ |
43 B 486 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
1
mc.yandex.com/watch/65289342/ |
43 B 448 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
1
mc.yandex.com/watch/31643078/ |
43 B 74 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| t_onReady function| t_onFuncLoad function| $ function| jQuery object| dataLayer function| t_lazyload_update function| LazyLoad string| lazy object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| ubtcuid object| yaParams function| ym_sberbank object| _top100q object| eventData object| dmpkitdl object| date string| gtmRefer undefined| url_query_utm_source undefined| url_query_utm_medium undefined| url_query_utm_campaign undefined| url_query_utm_content undefined| url_query_utm_term string| cookie_utm_source undefined| gtmOrgEngn undefined| utmsrc undefined| utmmdm undefined| utmcmp undefined| utmcnt undefined| utmtrm object| _tmr object| lazyload_cover object| _DMPKit string| res object| __core-js_shared__ function| SberVisor string| user_paths_sasa object| sv_partner object| webVitals function| userID object| adtechUID function| Kraken function| top100 object| closure_lm_382912 object| globalStorage object| t3122244 object| _top100 boolean| IS_CLIENT_SIDE boolean| IS_ANDROID_WEBVIEW boolean| IS_IOS_WEBVIEW boolean| IS_WEB undefined| androidBridge undefined| iosBridge function| _bridgeSend function| _bridgeSupports boolean| IS_BRIDGE_AVAILABLE function| obj2qs object| fastXDM object| VK function| AdRiverFPS function| AdriverCounterImage function| AdriverCounterJS object| AFPS object| adrCounterStorage function| AdriverCounter object| Ya object| yaCounter65289342 object| yaCounter31643078 object| lazyload_img object| lazyload_bgimg object| lazyload_iframe function| yaCounter_F36 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| promo.sber.ru/ | Name: sberru.region_id Value: 77 |
|
| promo.sber.ru/ | Name: sberru.city Value: Стокгольм |
|
| promo.sber.ru/ | Name: sberru.region_name Value: Москва |
|
| promo.sber.ru/ | Name: X-Session-ID Value: 186d7f03efe2872ea1eb0cff398fb1b4 |
|
| promo.sber.ru/ | Name: TS01ffbc76 Value: 013ade289994f6a89cd82d5d1bcc3851c6555925da5bcb0e05c19b16f38c07f7cfc422ad37f804ce964858bcaa55f374043d9ceb3821856c38832a32b2f68c311d1346a84e9cc6c75219e22d11377d9b683413bf431fb364a37f1f1e262bf1b67bb1c9eb5571dac9dc0a710843d0ecd75404fee2ed |
|
| promo.sber.ru/ | Name: ___dmpkit___ Value: 42713d35-f6f5-490c-b43d-9c059bbdcb4b |
|
| .sber.ru/ | Name: _sa Value: SA1.86742ea1-1f5a-4856-afd8-a711822fb884.1682025479 |
|
| promo.sber.ru/ | Name: top100_id Value: t1.3122244.1380215234.1682025479371 |
|
| promo.sber.ru/ | Name: last_visit Value: 1682025479375::1682025479375 |
|
| .sber.ru/ | Name: adtech_uid Value: e52a4d31-662f-4e09-b063-dc2d67786d84%3Asber.ru |
|
| .sber.ru/ | Name: user-id_1.0.5_lr_lruid Value: pQ8AAAesQWS9T1gnAcfJRQA%3D |
|
| .sbermarketing.ru/ | Name: dmpuid Value: 6qZoc9SqSA-BpZ03tcKo6A |
|
| .vk.com/ | Name: remixlang Value: 6 |
|
| .vk.com/ | Name: remixstlid Value: 9080762797940957742_R70o7BpqJR1dkzgaPKyfaNjgEXJWgL7Iu6O67pEjzzH |
|
| .sber.ru/ | Name: tmr_lvid Value: c3447ffe2dc8bcb44819e5f8063d4d35 |
|
| .sber.ru/ | Name: tmr_lvidTS Value: 1682025479544 |
|
| .rambler.ru/ | Name: ruid Value: 1CIAAAesQWS4meSlATHHgwB= |
|
| .sber.ru/ | Name: _ym_uid Value: 1682025480596965757 |
|
| .sber.ru/ | Name: _ym_d Value: 1682025480 |
|
| .mc.yandex.com/ | Name: sync_cookie_csrf Value: 996742780fake |
|
| .sber.ru/ | Name: _ym_isad Value: 2 |
|
| .mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3421156213fake |
|
| promo.sber.ru/ | Name: TSd14bbd25027 Value: 08fbdc5594ab2000cac4f222e60b6d72f620e7d0fb11b8be7927acab34eb1f2a97bd8e91501d6c9a08cccad35111300025a2430c30092a16de49b6453ae859bf19b0b92377e917335190d5f67198bf5bb2f5a3f3d89097f8d9148f0e6d3702d3 |
|
| .adriver.ru/ | Name: cid Value: AgnASx3OVOwdkO9pwff7hlQ |
|
| .sber.ru/ | Name: adrdel Value: 1 |
|
| .sber.ru/ | Name: adrcid Value: AgnASx3OVOwdkO9pwff7hlQ |
|
| .yandex.com/ | Name: ymex Value: 1713561479.yc.1682025479#1713561479.yrts.1682025479#1713561479.yrtsi.1682025479 |
|
| .yandex.com/ | Name: bh Value: KgI/MA== |
|
| mc.yandex.com/ | Name: yabs-sid Value: 2351159831682025479 |
|
| .yandex.com/ | Name: i Value: u+niiYkK/s6QkSIluMPuKRcg253Wpr2NjlDTqFr9BFkDse/DIM1j8kdjlFOfIWyYWdljb1BQL01Ty0g6+mxQlEMjzfs= |
|
| .yandex.com/ | Name: yandexuid Value: 4755056081682025479 |
|
| .yandex.com/ | Name: yuidss Value: 4755056081682025479 |
|
| .sberbank.ru/ | Name: _sv Value: SA1.5f779ee3-2932-4767-a3c6-088d9b04a620.1682025472 |
|
| .mail.ru/ | Name: VID Value: 2n6yt92VIjIH00000q1eP4YH:::0-0-0-95c04c7:CAASEOTJ48A1x5i5u_LRsxm-KnUaYEENzOT6TOvNAGmSyVz_KkxIGtLi9-bFbPGZvIGHgza0qlMyI3n2wuxCc4yaOCiVt9R9gVgKapLyg7wuyIGEz3OLbbmNcW_klF3y9t1qTljkMukFJg9vt2HSyGB9BSCvjA |
|
| promo.sber.ru/ | Name: t1_sid_3122244 Value: s1.1090883081.1682025479371.1682025480193.1.4.4 |
|
| promo.sber.ru/ | Name: tmr_detect Value: 0%7C1682025481826 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8kwky1agm3.a.trbcdn.net
ad.adriver.ru
content.adriver.ru
dmp-profiles.sbermarketing.ru
dmp.sbermarketing.ru
ev.adriver.ru
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
promo.sber.ru
rustories.sber.ru
sve.online.sberbank.ru
top-fwz1.mail.ru
visor.sberbank.ru
vk.com
151.236.71.248
178.248.233.180
194.54.15.144
195.209.108.50
195.209.108.55
23.111.96.36
2a02:6b8::1:119
37.18.110.198
81.19.89.16
84.252.144.107
84.252.146.96
87.240.132.72
95.163.52.67
049b4bb2f56f352914971b1cef4bcf9cb4540d6191b5f94de3baac236d31472f
1acb0319a0a0eb294b38b1343f9e15df8957cec766467b71b5f5169ada000175
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
31eecd8e85fb527d5217340f80d0b1110be67f454f0cb7861d3eb4b1542938d5
3542b2ed8c08bdd44d634b69e6e711b6f00d378846d5a9457276db2f8826b3de
35f937089854552e059d7ede6d4fb61eb6abe18fb05f8fc9e00b8f5b1de738cf
3ba2d8264676aac4e699a390ef9a28063249d0b26a8d214a1940a903214b9204
3c1caee5c8ec42c342a2d5352a78b647ec0dc3180a63f7f975e1f6af4a306fbf
4a29005bef08386b18e8fde48b782d349d4632de2ee2b557114dfa0c930ed676
4b89102bf3ae441c39c9bce81460e1628925b5de7d45b3b9aa0ed6f2a5313ee5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9b5b9e92ca410c2b2c97c9bf53d51ebf533520c4737698ae96ea3897685313
5e2cfb0e9de61de66beb40cdb8438afa35404a0ca43fa43db2cd3bea6a06a360
5ece4cb32c2f84a3b83a3c2bf1fd39260ed35b2a8e7d4e5f6d320979445162c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c1433e573ef6f9edcdfa69658f888fda3232c3e9920fd811ca0d31efe1dd0c9
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a3c85e2f019c6cf962badd84ef20832631c65bcb1d1799c86dcba9fa4b393110
b9099d1b3ef457dd4c23a2db37ee0edb96e55fabc357f015a4d34b5d799ee385
bad583455e403d0bfd1e953119c892ac820c90aab92c90c57354aa99f82e289b
bcea02de2d60af2bf580254e1b214158019b896a8c68c0f3d920e621036e645d
bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e
c318aef7bde305a6d985cb3c6849979f83663e4e0037af086bf190ae81aa3995
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0884c9854c85977d8f291f52495aa99c4a40a9259098f4b01ce5c54a83b0525
dd839a9666bb46326e873180af2282f4788f8e32df945822bc3d02a84659daf9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f02af1d5265f98f1743b41a75a7809ac652c0c8643035f9b43d1ea0e01a766d6
f0a12353804bef0c3410596b11330bda01b455cedf5998cc36f99f08420619f0
f5c301b8769579afae9deb4eda7659df32661229039c6b7a37cfabd1827317ce