moneytrain2-demo.com
Open in
urlscan Pro
192.71.244.95
Public Scan
Submission: On February 27 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 8th 2023. Valid for: 3 months.
This is the only time moneytrain2-demo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
33 | 192.71.244.95 192.71.244.95 | 48894 (OPTIMUS-AS) (OPTIMUS-AS) | |
2 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.132.255.57 142.132.255.57 | 24940 (HETZNER-AS) (HETZNER-AS) | |
5 10 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
41 | 4 |
ASN48894 (OPTIMUS-AS, SI)
PTR: 95.244.71.192.in-addr.arpa
moneytrain2-demo.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.57.255.132.142.clients.your-server.de
pushtorm.net |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
moneytrain2-demo.com
moneytrain2-demo.com |
5 MB |
7 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 9427 |
2 KB |
3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3674 |
73 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339 |
43 KB |
1 |
pushtorm.net
pushtorm.net — Cisco Umbrella Rank: 89054 |
4 KB |
41 | 5 |
Domain | Requested by | |
---|---|---|
33 | moneytrain2-demo.com |
moneytrain2-demo.com
|
7 | mc.yandex.com |
3 redirects
moneytrain2-demo.com
|
3 | mc.yandex.ru |
2 redirects
moneytrain2-demo.com
|
2 | cdn.jsdelivr.net |
moneytrain2-demo.com
|
1 | pushtorm.net |
moneytrain2-demo.com
|
41 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
moneytrain2-demo.com R3 |
2023-01-08 - 2023-04-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
pushtorm.net R3 |
2023-02-14 - 2023-05-15 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2022-10-18 - 2023-03-30 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://moneytrain2-demo.com/
Frame ID: 12842ECF9850D02A1462F6BD471844A6
Requests: 41 HTTP requests in this frame
Screenshot
Page Title
Pregled igralnega avtomata Money Train 2 Slovenija 2023Detected technologies
Yandex.Metrika (Analytics) ExpandDetected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9927.ypbC7GJ723HYINqiHs3sVdZHM4g24DevqmpGRwRS6UsWKX_VMGB1c7F51i4zy_LB.w2uMHB202YKDGzxeyZeYLjagoUU%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9927.C2nJReqa_07isrwmGPXHagD6hdMxppk8xK3YdxYciBmkTAdYxsYRhJM4M44I3yTq1xg4qawX1BC6xJyl1E1dyAYiXyzRlIFQeKXxYrxIWB8%2C.giTp3AolTZpVZO8KH6GFFjyIfLw%2C
- https://mc.yandex.com/watch/92293919?wmode=7&page-url=https%3A%2F%2Fmoneytrain2-demo.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A408407921330%3Ahid%3A817517513%3Az%3A0%3Ai%3A20230227103346%3Aet%3A1677494027%3Ac%3A1%3Arn%3A894287508%3Arqn%3A1%3Au%3A1677494027763029297%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A22%2C143%2C64%2C1%2C%2C0%2C%2C135%2C0%2C%2C%2C%2C429%3Aco%3A0%3Acpf%3A1%3Ans%3A1677494025413%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677494028%3At%3APregled%20igralnega%20avtomata%20Money%20Train%202%20Slovenija%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/92293919/1?wmode=7&page-url=https%3A%2F%2Fmoneytrain2-demo.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A388%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A408407921330%3Ahid%3A817517513%3Az%3A0%3Ai%3A20230227103346%3Aet%3A1677494027%3Ac%3A1%3Arn%3A894287508%3Arqn%3A1%3Au%3A1677494027763029297%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A22%2C143%2C64%2C1%2C%2C0%2C%2C135%2C0%2C%2C%2C%2C429%3Aco%3A0%3Acpf%3A1%3Ans%3A1677494025413%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677494028%3At%3APregled%20igralnega%20avtomata%20Money%20Train%202%20Slovenija%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
- https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9927.HEr3dATlvybY8KugMmq0g1wpJTi5L7Vw18i08Hv46tQFUt5C1NHo7m1YdDddcysA.MucIoAjtfXeDnWSMgHqMsueMKWM%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9927.MeARq7zu0DsdaeCn_RLR_-FCBfW1ONJa4A_LRojd__OsUHWa_x6P9hoSRFcdOSnWRjQi8IsKF515_U5W-TP-XrETh4lZCWwzEA5hRvGxh0o%2C.BWIulsIrynRcFbABG0qUkI6N9Mw%2C
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
moneytrain2-demo.com/ |
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.webp
moneytrain2-demo.com/img/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.webp
moneytrain2-demo.com/img/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
man.avif
moneytrain2-demo.com/img/ |
3 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero_bg.webp
moneytrain2-demo.com/img/ |
156 KB 156 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero_bg-head.webp
moneytrain2-demo.com/img/ |
179 KB 179 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.svg
moneytrain2-demo.com/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.css
moneytrain2-demo.com/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
moneytrain2-demo.com/css/ |
46 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bonus.js
moneytrain2-demo.com/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-bundle.min.js
cdn.jsdelivr.net/npm/swiper@8/ |
140 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smooth-scroll.polyfills.min.js
cdn.jsdelivr.net/gh/cferdinandi/smooth-scroll@15/dist/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
moneytrain2-demo.com/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.svg
moneytrain2-demo.com/img/ |
1 KB 1 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Bold.woff2
moneytrain2-demo.com/fonts/ |
64 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rubik-Regular.woff2
moneytrain2-demo.com/fonts/ |
48 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff2
moneytrain2-demo.com/fonts/ |
64 KB 64 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rubik-Bold.woff2
moneytrain2-demo.com/fonts/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
man.webp
moneytrain2-demo.com/img/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jawbone.webp
moneytrain2-demo.com/img/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
well.webp
moneytrain2-demo.com/img/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero_bg.png
moneytrain2-demo.com/img/ |
3 MB 3 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
man_full.png
moneytrain2-demo.com/img/ |
85 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cover.png
moneytrain2-demo.com/img/ |
387 KB 388 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.webp
moneytrain2-demo.com/img/screenshots/ |
187 KB 187 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.webp
moneytrain2-demo.com/img/screenshots/ |
202 KB 203 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cover.webp
moneytrain2-demo.com/img/ |
31 KB 31 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
subscription.js
pushtorm.net/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
211 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bonus.json
moneytrain2-demo.com/src/middleware/slots/region/slovenia/ |
7 KB 7 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.webp
moneytrain2-demo.com/img/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card_bg.webp
moneytrain2-demo.com/img/ |
35 KB 35 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blizzo.svg
moneytrain2-demo.com/src/middleware/slots/images/ |
18 KB 18 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20bet.webp
moneytrain2-demo.com/src/middleware/slots/images/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
22bet.webp
moneytrain2-demo.com/src/middleware/slots/images/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hellspin.svg
moneytrain2-demo.com/src/middleware/slots/images/ |
11 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
national.svg
moneytrain2-demo.com/src/middleware/slots/images/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 137 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/92293919/ Redirect Chain
|
435 B 518 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide_secondary
mc.yandex.com/ Redirect Chain
|
43 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| ym function| openCasino function| postData function| Swiper function| SmoothScroll object| pushService object| Ya object| yaCounter9229391910 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.moneytrain2-demo.com/ | Name: _ym_uid Value: 1677494027763029297 |
|
.moneytrain2-demo.com/ | Name: _ym_d Value: 1677494027 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 3320939395fake |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3174584588fake |
|
.moneytrain2-demo.com/ | Name: _ym_isad Value: 2 |
|
mc.yandex.com/ | Name: yabs-sid Value: 1283399211677494028 |
|
.yandex.com/ | Name: i Value: sYYpS9LTuT7WY/6HoYe+/Zwnk851cqsFfeNc8SyhWzb/DkDiJowF1Dvr+dNogmlFOiRTszOS3Z61IQwglzXDGiS+GxY= |
|
.yandex.com/ | Name: yandexuid Value: 4799267281677494028 |
|
.yandex.com/ | Name: yuidss Value: 4799267281677494028 |
|
.yandex.com/ | Name: ymex Value: 1709030028.yc.1677494028#1709030028.yrts.1677494028#1709030028.yrtsi.1677494028 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
mc.yandex.com
mc.yandex.ru
moneytrain2-demo.com
pushtorm.net
142.132.255.57
192.71.244.95
2606:4700::6810:5514
2a02:6b8::1:119
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
08c18c5ab3f650e914f67de6277699c7f6a824cfaa1207debb419d1aee66a0a3
0f87f68b6d92fd04940e82bbb530e8f9b2ca9882fbe23963755fb4c3f0646c47
14b86cebc24f0a71ed1bfb033d22807081f5df27a7fbb7ad37f170a7225a5fe8
1512662ffdb56b269ac9f0abfade75b58bf197915fb00475e27d1ed8357f7174
1dc8be6bfb0c16f5c7495edaf870ffc79c16d2fd3c4e91fc29acb4cc68a9e1cd
1f8891208e93f3dda559cd8a538a824402967022bb7784468165e69b026f7995
20292d51662df8d63ec51746f4e40623babb84eb01cd9c4a2bea1f1904146561
207b641685ec831c3fb1bc87487c5621754392ff2503070de10e7b1816832fcc
2257d0733140a71d6a19e229cafd29261008863f810f5222b5024378a7a88711
237ba360d72fc05bc8ff95e0fc9c927d2339de96aec757ab97a2e4f60514a8dd
2f5edbb2d6cd5725fe410fac7825737b962293da8e4e9551ff0fe3d5bbf32b4c
3ba6ac69c0d00b100a7333b243524464c9ee75a6d474676697b5c33e37d32913
3e2d327bae6a95e32e2ec860b234f3bba743163bafa1a4f53f3d2097c6865736
433ff175efa0d642dcd378219496ea582cec06cab344b53b335c40e127443fb1
486b14413699ba9f19c0ba71aee67605e8fbe67b26df7e6e458d022709a179bb
4a3a98c3deaf91065f5e56ad97108083002a1bc50458b196de497b17bc03b868
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c30a530d6d776bb470367792552f4a725c90b83424433835eb91460ee0db4f8
5db5e58bcbee68c992333f9dd354784c47fd86edfdfe81635cb14aa093d2bdc5
64286a4c1bee811d6053aa8a3eda8f99e7db9ee49c0757b49fbb114eec0232b3
6470c0a77f569e4179f1dbc1484d19c227b997160a458a39a1b31ba5e975eabe
7290c262f3cd738e81f636dd8f30b93ff744453d5e0f7a61d733d00163f591bb
81975c0506b7fd4c4d4237180ea89b826c7192839b6ee69ef405146ee294343a
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
9215dad2e213c9a6ad7b14ed27ac71293d6e1ae7129ea8b92fb9d7d1b28e3904
a7f8929145d3087e445dce36a5215ad20e2b6739ce4166ce66c0d92577c97b15
aa75d03ea43283e44e8c44c1a5c788e033382c2a61d2068d6a4966785d76eebb
c405a05d084b5aba390c69b15bf88f20323198c26cdc0bf4ff4bfcd1820039fa
c4fe9245f48278a64482bdc8f4ced1b89d2084d0667345a1d68cb94f71ba8a5a
c79493c2b688806570a055519c85f698ff5162532f6049c72a500a19547f7689
cd85bbf8267a5c0350a3dd645008d6b364da1d8657ec9f25a4ef422403216971
d2cfe72bfbc69132aea6712ba2f460cafec47237707b28a8be26f4a8724a17ce
df4a681e1062a82fc9aa35e888e8a0dc4fbe206e5ecf570a68035f55b6536a01
f41df0db20ee0b1609f53212c7486d2a5ff235d23de4fe93b966d2d73a3a7e28
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f99301d4acf19c66d58cdb447e8b164ba2c87155970ab427d5859e7a273640ec