badcovid.ru
Open in
urlscan Pro
195.161.41.132
Public Scan
Effective URL: https://badcovid.ru/
Submission: On May 26 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 7th 2020. Valid for: 3 months.
This is the only time badcovid.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 195.161.41.132 195.161.41.132 | 8342 (RTCOMM-AS) (RTCOMM-AS) | |
2 | 178.62.225.201 178.62.225.201 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE) | |
2 9 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
1 2 | 2606:4700:303... 2606:4700:3033::681b:b5f1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2a00:1450:400... 2a00:1450:4001:81e::2003 | 15169 (GOOGLE) (GOOGLE) | |
31 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
badcovid.ru
1 redirects
badcovid.ru |
157 KB |
9 |
yandex.ru
2 redirects
mc.yandex.ru |
98 KB |
7 |
gstatic.com
fonts.gstatic.com |
106 KB |
2 |
coronavirus-monitor.ru
1 redirects
coronavirus-monitor.ru |
349 B |
2 |
1shownews.com
1shownews.com |
12 KB |
1 |
googleapis.com
fonts.googleapis.com |
41 KB |
31 | 6 |
Domain | Requested by | |
---|---|---|
14 | badcovid.ru |
1 redirects
badcovid.ru
|
9 | mc.yandex.ru |
2 redirects
badcovid.ru
mc.yandex.ru |
7 | fonts.gstatic.com |
badcovid.ru
|
2 | coronavirus-monitor.ru |
1 redirects
badcovid.ru
|
2 | 1shownews.com |
badcovid.ru
1shownews.com |
1 | fonts.googleapis.com |
badcovid.ru
|
31 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.badcovid.ru Let's Encrypt Authority X3 |
2020-04-07 - 2020-07-06 |
3 months | crt.sh |
getcontent24.com Let's Encrypt Authority X3 |
2020-04-14 - 2020-07-13 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
*.coronavirus-monitor.ru Let's Encrypt Authority X3 |
2020-03-29 - 2020-06-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://badcovid.ru/
Frame ID: 23DB7BA17B984D6DA76A18F7C940A2DF
Requests: 30 HTTP requests in this frame
Frame:
https://coronavirus-monitor.ru/map/
Frame ID: 76FA2FAF350D5A6BC4E9B62A0FE5A28B
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://badcovid.ru/
HTTP 302
https://badcovid.ru/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Yoast SEO (SEO) Expand
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://badcovid.ru/
HTTP 302
https://badcovid.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://coronavirus-monitor.ru/map HTTP 301
- https://coronavirus-monitor.ru/map/
- https://mc.yandex.ru/watch/61726411?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014011%3Aet%3A1590536411%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1021894349981%3Arqn%3A1%3Arn%3A651975247%3Ahid%3A7120732%3Ads%3A0%2C369%2C400%2C0%2C275%2C0%2C0%2C496%2C61%2C%2C%2C%2C1545%3Afp%3A1609%3Awn%3A49439%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536411%3Au%3A1590536411681133763%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%E2%80%94%20%D0%9A%D0%9E%D0%A0%D0%9E%D0%9D%D0%90%D0%92%D0%98%D0%A0%D0%A3%D0%A1%20COVID-19 HTTP 302
- https://mc.yandex.ru/watch/61726411/1?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014011%3Aet%3A1590536411%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1021894349981%3Arqn%3A1%3Arn%3A651975247%3Ahid%3A7120732%3Ads%3A0%2C369%2C400%2C0%2C275%2C0%2C0%2C496%2C61%2C%2C%2C%2C1545%3Afp%3A1609%3Awn%3A49439%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536411%3Au%3A1590536411681133763%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%E2%80%94%20%D0%9A%D0%9E%D0%A0%D0%9E%D0%9D%D0%90%D0%92%D0%98%D0%A0%D0%A3%D0%A1%20COVID-19
- https://mc.yandex.ru/watch/61726411?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014026%3Aet%3A1590536426%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A140%3Als%3A1021894349981%3Arqn%3A2%3Arn%3A510702933%3Ahid%3A7120732%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3739%2C3739%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536426%3Au%3A1590536411681133763 HTTP 302
- https://mc.yandex.ru/watch/61726411/1?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014026%3Aet%3A1590536426%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A140%3Als%3A1021894349981%3Arqn%3A2%3Arn%3A510702933%3Ahid%3A7120732%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3739%2C3739%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536426%3Au%3A1590536411681133763
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
badcovid.ru/ Redirect Chain
|
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1shownews.com/ |
11 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
badcovid.ru/wp-includes/css/dist/block-library/ |
52 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
346 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
badcovid.ru/wp-content/themes/law-firm-lite/assets/css/ |
174 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
badcovid.ru/wp-content/themes/law-firm-lite/ |
40 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-all.css
badcovid.ru/wp-content/themes/law-firm-lite/assets/css/ |
69 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dashicons.min.css
badcovid.ru/wp-includes/css/ |
46 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jetpack.css
badcovid.ru/wp-content/plugins/jetpack/css/ |
72 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
badcovid.ru/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
badcovid.ru/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
badcovid.ru/wp-content/themes/law-firm-lite/assets/js/ |
2 KB 891 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SmoothScroll.js
badcovid.ru/wp-content/themes/law-firm-lite/assets/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
two-way.gif
badcovid.ru/wp-content/themes/law-firm-lite/assets/images/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
badcovid.ru/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
mc.yandex.ru/metrika/ |
359 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
coronavirus-monitor.ru/map/ Frame 76FA Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0yb9GDoxxrvAnPhYGxktaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v11/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/ |
5 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0yb9GDoxxrvAnPhYGxkpaE0Urhg0.woff2
fonts.gstatic.com/s/vollkorn/v11/ |
40 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem6YaGs126MiZpBA-UFUK0ddc1GAK6bt6o.woff2
fonts.gstatic.com/s/opensans/v17/ |
6 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1shownews.com/ |
10 B 196 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/61726411/ Redirect Chain
|
171 B 718 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
61726411
mc.yandex.ru/webvisor/ |
43 B 534 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
61726411
mc.yandex.ru/webvisor/ |
43 B 534 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
61726411
mc.yandex.ru/webvisor/ |
43 B 534 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/61726411/ Redirect Chain
|
43 B 444 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery function| menu_openNav function| menu_closeNav object| jQuery1124013843739535996114 function| SmoothScroll function| ym object| twemoji object| wp object| Ya object| yaCounter617264114 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.coronavirus-monitor.ru/ | Name: _ym_visorc_57227650 Value: b |
|
.coronavirus-monitor.ru/ | Name: _ym_d Value: 1590536412 |
|
.coronavirus-monitor.ru/ | Name: _ym_isad Value: 2 |
|
.coronavirus-monitor.ru/ | Name: _ym_uid Value: 1590536412882978008 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1shownews.com
badcovid.ru
coronavirus-monitor.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
178.62.225.201
195.161.41.132
2606:4700:3033::681b:b5f1
2a00:1450:4001:815::200a
2a00:1450:4001:81e::2003
2a02:6b8::1:119
0e9bb8c7e78a6ffb800359440cbf456fc20e2b03c0bfb23a81a16996b6665efb
10ad93a3602068c768e39b1a132e9bb748eadbb70f35c6bfd36c08928a9f602c
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
229493d2bcde38dbbfc8b0efbc3c9577a77898ae9ecaef626faed87e8955dd2e
2d82c8632ba1524d5c503e0ab45bf4b12151b7547f0d69cdfedf4437882f48a0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6a501cfc205dd779142ea89acf37ad2b5b488e640bffcbf326f28d9046d1db6c
7802ab7abd053752bebf764dbf39c389fa17e47909fcdd317225f39efa6de14f
7dcd0802bd86365ee828836178f831e35ad9228753bfdf86f684698aad3d4b28
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
915a879d022e9eaf8bc28ac422f5048d26d84e8136e0e33fbcffbf0b558ec12e
934dc3a005115ead8f70eada94b6cb246064ed87e8b8694f1531e1582b8e7136
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9ff7371c3daf01adfcdc7a97c291e07125ec7771a263962e1f1939e948f69851
a0451d2a2d4738b21444007ffded10c5bd03bb3f6c92c9da7c0e991e63c723bf
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
d367b41c066d517626057831fc8d5bc713cd9250c6bbfe1bfce94041db5eef61
e5a5eb8bfaf7cfd306119915f0a580dfb93b7795da64ba09a72cf614c29299f6
eaa6a6d8393fb15cff327506fb28fa39e859df40420dc5ddc91fd34f2ebb1f95
f032294207e8ba683f350cf12b26bf73d054b427ce483a06afb66317f235194f
fe441bfdc0ee8a4d841523d4ecb3c7880c190cdba6f53755939d94ac1f414ade
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305