420069-nexi.s5.advantme.su
Open in
urlscan Pro
85.92.118.168
Public Scan
Submission: On December 18 via automatic, source certstream-suspicious — Scanned from FI
Summary
TLS certificate: Issued by E6 on December 18th 2024. Valid for: 3 months.
This is the only time 420069-nexi.s5.advantme.su was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 85.92.118.168 85.92.118.168 | 198770 (Virtuaali...) (Virtuaalinfra-AS Virtual infrastructures Ltd.) | |
11 | 62.84.124.207 62.84.124.207 | 200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC) | |
1 | 188.40.246.96 188.40.246.96 | 24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH) | |
4 11 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX YA...) (YANDEX YANDEX LLC) | |
29 | 4 |
ASN198770 (Virtuaalinfra-AS Virtual infrastructures Ltd., RU)
420069-nexi.s5.advantme.su |
ASN200350 (YandexCloud Yandex.Cloud LLC, RU)
livechatv2.chat2desk.com |
ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.96.246.40.188.clients.your-server.de
remote.captcha.com |
ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru | |
mc.yandex.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
chat2desk.com
livechatv2.chat2desk.com — Cisco Umbrella Rank: 426397 |
442 KB |
10 |
advantme.su
420069-nexi.s5.advantme.su |
247 KB |
8 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 9443 |
4 KB |
3 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4577 |
76 KB |
1 |
captcha.com
remote.captcha.com — Cisco Umbrella Rank: 51300 |
633 B |
29 | 5 |
Domain | Requested by | |
---|---|---|
11 | livechatv2.chat2desk.com |
420069-nexi.s5.advantme.su
livechatv2.chat2desk.com |
10 | 420069-nexi.s5.advantme.su |
420069-nexi.s5.advantme.su
|
8 | mc.yandex.com |
3 redirects
420069-nexi.s5.advantme.su
mc.yandex.ru |
3 | mc.yandex.ru |
1 redirects
420069-nexi.s5.advantme.su
|
1 | remote.captcha.com |
420069-nexi.s5.advantme.su
|
29 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
captcha.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
420069-nexi.s5.advantme.su E6 |
2024-12-18 - 2025-03-18 |
3 months | crt.sh |
*.chat2desk.com RapidSSL TLS RSA CA G1 |
2024-10-28 - 2025-11-27 |
a year | crt.sh |
remote.captcha.com R11 |
2024-11-27 - 2025-02-25 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2024-10-20 - 2025-04-01 |
5 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://420069-nexi.s5.advantme.su/
Frame ID: 29099E4FF93A160E13D378CAF38F9487
Requests: 27 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 79E4A064F8FEBB0C92DEE689E388F001
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Сайт в разработке, мы скоро откроемсяDetected technologies
Yandex.Metrika (Analytics) ExpandDetected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10598.uV09t3dmS_C4aovKFDmFLlV65iavc5JRIQTHQwyL5AEKY-vRQNASmL754u2-dkxZ.Y86kkrmdm4CLvCfw1z-7R7DEmBU%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10598.GbV7Ff5gA9qLt4XOW4ersV4eBsfWCHWKYoPay4c0RK7TD5syeOLfFI1jRfeFr4jwtZZKuI-NYMLDf2BZIot-OBxfgbS2SQ2FjXC8eLQzxK-pLv82fIULe4e4QYp-MBQcp-y-ezsngN6zLiSGiVLVSNofCxc_n1j5oSupA39J6rVHFq29oYKRBFIWMUVo6gvCNFv6aZOuGqNtw4PxZ54qAuUFq4tfMguzM31HbzqGBss%2C.MFuycJdhB7rJ3eVYx28b6NtPZZ0%2C HTTP 302
- https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10598.Qokr9fjVhjtQK9YAcj7yQGK9Qt4FXp5_QagVsHi3XDZm8igj4EB1gNAuW-GKXl8XnLpF-249GSPxcmgmlBZFrKh7gsoDxhM_S_3el5PUhnI5LGzEnwnNxO7-m3cJ5_JwwJPf9pHJX33RE6adxIC4KBuYiVRP24fVG7Lkwhk2aA3mfbX65BRbeYf-2-_GnE4G-efQVxazDx7LwaqxTTFZBw%2C%2C.2Abf3cI5ByONiW8ojFbql4_rQPQ%2C
- https://mc.yandex.com/watch/45526215?wmode=7&page-url=https%3A%2F%2F420069-nexi.s5.advantme.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A648063183332%3Ahid%3A413118570%3Az%3A120%3Ai%3A20241218174456%3Aet%3A1734536697%3Ac%3A1%3Arn%3A806222079%3Arqn%3A1%3Au%3A1734536697799044114%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A588%3Awv%3A2%3Ads%3A268%2C154%2C109%2C2%2C0%2C0%2C%2C1464%2C0%2C%2C%2C%2C1998%3Aco%3A0%3Acpf%3A1%3Ans%3A1734536694418%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734536697%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B2%20%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%2C%20%D0%BC%D1%8B%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%20%D0%BE%D1%82%D0%BA%D1%80%D0%BE%D0%B5%D0%BC%D1%81%D1%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
- https://mc.yandex.com/watch/45526215/1?wmode=7&page-url=https%3A%2F%2F420069-nexi.s5.advantme.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A648063183332%3Ahid%3A413118570%3Az%3A120%3Ai%3A20241218174456%3Aet%3A1734536697%3Ac%3A1%3Arn%3A806222079%3Arqn%3A1%3Au%3A1734536697799044114%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A588%3Awv%3A2%3Ads%3A268%2C154%2C109%2C2%2C0%2C0%2C%2C1464%2C0%2C%2C%2C%2C1998%3Aco%3A0%3Acpf%3A1%3Ans%3A1734536694418%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734536697%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B2%20%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%2C%20%D0%BC%D1%8B%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%20%D0%BE%D1%82%D0%BA%D1%80%D0%BE%D0%B5%D0%BC%D1%81%D1%8F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
420069-nexi.s5.advantme.su/ |
18 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BotDetectCaptcha.ashx
420069-nexi.s5.advantme.su/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BotDetectCaptcha.ashx
420069-nexi.s5.advantme.su/ |
210 B 599 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BotDetectCaptcha.ashx
420069-nexi.s5.advantme.su/ |
25 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BotDetectCaptcha.ashx
420069-nexi.s5.advantme.su/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie-11-support.js
livechatv2.chat2desk.com/packs/ |
274 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Montserrat-Bold.woff2
420069-nexi.s5.advantme.su/fonts/Montserrat/ |
90 KB 90 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Circe.woff2
420069-nexi.s5.advantme.su/fonts/Circe/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Montserrat-Regular.woff2
420069-nexi.s5.advantme.su/fonts/Montserrat/ |
90 KB 90 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
include.js
remote.captcha.com/ |
1 KB 633 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
221 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.json
livechatv2.chat2desk.com/packs/ |
68 B 220 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BotDetectCaptcha.ashx
420069-nexi.s5.advantme.su/ |
971 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.6f33c739af5192c661f1.js
livechatv2.chat2desk.com/packs/ |
666 KB 192 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Robotolight.woff2
livechatv2.chat2desk.com/fonts/ |
28 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto.woff2
livechatv2.chat2desk.com/fonts/ |
27 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Robotomedium.woff2
livechatv2.chat2desk.com/fonts/ |
28 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Robotobold.woff2
livechatv2.chat2desk.com/fonts/ |
28 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Robotoblack.woff2
livechatv2.chat2desk.com/fonts/ |
28 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
start
livechatv2.chat2desk.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
start
livechatv2.chat2desk.com/ |
25 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_finish
mc.yandex.ru/ Redirect Chain
|
43 B 586 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 575 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame 79E4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wa_default_logo.jpg
livechatv2.chat2desk.com/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/45526215/ Redirect Chain
|
661 B 890 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
420069-nexi.s5.advantme.su/ |
318 B 748 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
45526215
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
45526215
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| BotDetect function| ym function| setImmediate function| clearImmediate object| regeneratorRuntime object| WebComponents function| __CE_installPolyfill object| ShadyCSS string| chat24_token string| chat24_url string| chat24_socket_url string| chat24_show_new_wysiwyg string| chat24_static_files_domain string| lang object| CaptchaSource number| swapDemo_firstVar number| swapDemo_secondVar function| axios object| Ya object| yaCounter4552621526 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.420069-nexi.s5.advantme.su/ | Name: customer Value: 9163abd2-d325-4ee1-9115-d8f79c2d4906 |
|
420069-nexi.s5.advantme.su/ | Name: s Value: uhutxr0fxkwpoowcjtujb10w |
|
.420069-nexi.s5.advantme.su/ | Name: advs Value: %7b%22d%22%3a%222024-12-18T18%3a44%3a54.8676202%2b03%3a00%22%2c%22u%22%3a%22https%3a%2f%2f420069-nexi.s5.advantme.su%2f%22%2c%22h%22%3a%227b761e4fe4b9361e1e8b9a8f833425d1%22%2c%22i%22%3a%22193.138.7.226%22%7d |
|
.420069-nexi.s5.advantme.su/ | Name: ipzone Value: 223%3b0%3b0%3b%d0%a3%d1%83%d1%81%d0%b8%d0%bc%d0%b0%d0%b0%3b%d0%a5%d0%b5%d0%bb%d1%8c%d1%81%d0%b8%d0%bd%d0%ba%d0%b8%3b358%3b%3b |
|
.yandex.ru/ | Name: yashr Value: 2205878221734536696 |
|
.advantme.su/ | Name: _ym_uid Value: 1734536697799044114 |
|
.advantme.su/ | Name: _ym_d Value: 1734536697 |
|
.advantme.su/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 2337550125fake |
|
420069-nexi.s5.advantme.su/ | Name: c2d_widget_id Value: {%22cce328295086b162be04888d84798af0%22:%22{%5C%22client_id%5C%22:%5C%22[chat]%20616e72f33dd5826520be%5C%22%2C%5C%22client_token%5C%22:%5C%220105156afd3969c0de85e2a22fc1fe33%5C%22}%22} |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3319706811fake |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
.yandex.com/ | Name: i Value: zTjpSdJQWdTbzYT2eek9vSp6rXk1ioIg7BFKSidxBtxHBW5OHtGb2bG+yLh+PdmhAv3lXXx9tVqtzJa7ScnfLluEAfk= |
|
.yandex.com/ | Name: yandexuid Value: 5692604621734536697 |
|
.yandex.com/ | Name: yashr Value: 4451413871734536697 |
|
.yandex.ru/ | Name: yandexuid Value: 1134605181734536696 |
|
.yandex.ru/ | Name: yuidss Value: 1134605181734536696 |
|
.yandex.ru/ | Name: i Value: WnZSlPuZDmXQaOhFNH1OTFMFUpCxYJ9FO+IfcgdOMlLXIK2kdw/cECoOQNs8SUtd93TfbOir6AjOPXOOuCDSEdOC7hs= |
|
.yandex.ru/ | Name: yp Value: 1734623097.yu.7905027901734536696 |
|
.yandex.ru/ | Name: ymex Value: 1737128697.oyu.7905027901734536696 |
|
mc.yandex.com/ | Name: yabs-sid Value: 1774644171734536697 |
|
.yandex.com/ | Name: yuidss Value: 5692604621734536697 |
|
.yandex.com/ | Name: ymex Value: 1766072697.yrts.1734536697 |
|
.yandex.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.yandex.com/ | Name: bh Value: KgI/MGD524u7Bg== |
|
.advantme.su/ | Name: _ym_visorc Value: w |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SameOrigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
420069-nexi.s5.advantme.su
livechatv2.chat2desk.com
mc.yandex.com
mc.yandex.ru
remote.captcha.com
188.40.246.96
2a02:6b8::1:119
62.84.124.207
85.92.118.168
0d6c041972ed378d262cf3bc2a88d365c57197b94ade39c4346c4481c962947c
2535ef093ec0fcc05ca47c6060cd67522030b1bbe397faa10ad788968e9f8740
3592b3b938e0269c992373b46f8fe06cb3f45982c5fc09af81f1c230d4bb6cee
38bfe89fd835e684b9af7606f7301c70eb0ea3193f9ae6d8dcc7aa3b03b6c909
3ae821332b2141308414524648b5586844ed652408275feed7c4ad71e7b91b10
3d2424e390b5101dc1ed305b5beab001b5c8f19ceeb44e8a86d688db9ac85c71
3e8a31a94d79c8b045392efbb23333a077aa2ab7f0f8215eb5f5f9ced749de67
41d56ca79c55e786f9a4bdcde952f7b312a1e59883dea0fed5b80eab2a9c5fc5
4d20cecb38d42375ec6ae500118404de8603edde2086b559889791aaa1f7b710
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
59efc3d7fef2a6404d5f42fbe24ab52f12241e9361d38d0755baf50037a70785
5dbbf905d005335f588558b55ee8470efadc0db1a9539fb1ff4e4de7923dba12
61b2ad51fbc2aefaf7210a547063aaa8ef617179af1fcf51fee94ed07ec69e67
66886575fb5a7afcda1a4a8d921422ab7d9faf24039e9461f7497eff729d2508
95c243ca906ee897662146a1323a31f15f7465227e91af8d2b0d6f86ac64c765
a90ad1fd1e6699bb85f8d2bba7572c4b9acf1cdc55be3266ef53e65e4a4a888f
c7ff5a3b62813ecb76c059e1d59e2de5cd4495b7c50f76b0c0981ccb21148cbd
ced3eadf5027dc4b2bb80033efc2e847b21d1528fd82546343d9ce26983ecd07
eac0ec918cd74c051f4c5c83cdfe60c12a3bf2fd44a0472661fafab04777e9f9
f052bcffa2e3fee9733296a15176435d83d94fdc6621ea7f32af6f0711d0816f
f890118ba7fdd609755f16bbf27ed8c9b056144800c78cfe082d21da4a80d7e4
fa88ed6dcc00cf660ae6cb9c4bf4fa279d3ce55549ac439f18a87af2f03f1579
ffaec545b82d09a63a845f7faf0b6809843f653957525d84c381be20493a9fa0