legendary-promo.com
Open in
urlscan Pro
85.13.164.10
Public Scan
Submission: On July 27 via manual from DE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 21st 2020. Valid for: 3 months.
This is the only time legendary-promo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 85.13.164.10 85.13.164.10 | 34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 213.196.53.134 213.196.53.134 | 7979 (SERVERS-COM) (SERVERS-COM) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE) | |
1 6 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0a::9a | 15169 (GOOGLE) (GOOGLE) | |
29 | 10 |
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd47610.kasserver.com
legendary-promo.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
legendary-promo.com
legendary-promo.com |
531 KB |
6 |
yandex.ru
1 redirects
mc.yandex.ru |
97 KB |
4 |
google-analytics.com
www.google-analytics.com |
20 KB |
2 |
gstatic.com
fonts.gstatic.com |
22 KB |
2 |
youtube.com
www.youtube.com |
1 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
99 B |
1 |
ytimg.com
s.ytimg.com |
32 KB |
1 |
platincoin.com
img.platincoin.com |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
34 KB |
1 |
googleapis.com
fonts.googleapis.com |
774 B |
29 | 10 |
Domain | Requested by | |
---|---|---|
11 | legendary-promo.com |
legendary-promo.com
|
6 | mc.yandex.ru |
1 redirects
legendary-promo.com
mc.yandex.ru |
4 | www.google-analytics.com |
legendary-promo.com
www.google-analytics.com |
2 | fonts.gstatic.com |
legendary-promo.com
|
2 | www.youtube.com |
legendary-promo.com
s.ytimg.com |
1 | stats.g.doubleclick.net |
legendary-promo.com
|
1 | s.ytimg.com |
www.youtube.com
|
1 | img.platincoin.com |
legendary-promo.com
|
1 | www.googletagmanager.com |
legendary-promo.com
|
1 | fonts.googleapis.com |
legendary-promo.com
|
29 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
platincoin.com |
wa.me |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
legendary-promo.com Let's Encrypt Authority X3 |
2020-07-21 - 2020-10-19 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.platincoin.com Thawte RSA CA 2018 |
2018-09-24 - 2020-09-23 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://legendary-promo.com/de/?team=1661458299&video=https://youtu.be/F8xaRkRrujI
Frame ID: 621C2C28ECAFDFEDAF216D3B6E769F8A
Requests: 28 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/F8xaRkRrujI?color=white&modestbranding=1&rel=0&iv_load_policy=3&controls=1&enablejsapi=1&origin=https%3A%2F%2Flegendary-promo.com&widgetid=1
Frame ID: 6721FEFF31E29000CB13AB8972AEF733
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Freie registrierung
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://mc.yandex.ru/watch/63610837?wmode=7&page-url=https%3A%2F%2Flegendary-promo.com%2Fde%2F%3Fteam%3D1661458299%26video%3Dhttps%3A%2F%2Fyoutu.be%2FF8xaRkRrujI&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595809966082%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200727023246%3Aet%3A1595809967%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1087589718418%3Arqn%3A1%3Arn%3A214606835%3Ahid%3A243673230%3Ads%3A51%2C142%2C87%2C1%2C0%2C0%2C0%2C278%2C6%2C%2C%2C%2C706%3Afp%3A566%3Awn%3A17165%3Ahl%3A2%3Agdpr%3A14%3Av%3A1904%3Awv%3A2%3Arqnl%3A1%3Ast%3A1595809967%3Au%3A1595809967706964538%3At%3A%23kurzerkl%C3%A4rt%3A%20Was%20ist%20eine%20Blockchain%3F HTTP 302
- https://mc.yandex.ru/watch/63610837/1?wmode=7&page-url=https%3A%2F%2Flegendary-promo.com%2Fde%2F%3Fteam%3D1661458299%26video%3Dhttps%3A%2F%2Fyoutu.be%2FF8xaRkRrujI&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595809966082%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200727023246%3Aet%3A1595809967%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1087589718418%3Arqn%3A1%3Arn%3A214606835%3Ahid%3A243673230%3Ads%3A51%2C142%2C87%2C1%2C0%2C0%2C0%2C278%2C6%2C%2C%2C%2C706%3Afp%3A566%3Awn%3A17165%3Ahl%3A2%3Agdpr%3A14%3Av%3A1904%3Awv%3A2%3Arqnl%3A1%3Ast%3A1595809967%3Au%3A1595809967706964538%3At%3A%23kurzerkl%C3%A4rt%3A%20Was%20ist%20eine%20Blockchain%3F
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
legendary-promo.com/de/ |
18 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_d143e4f6802415e2555ceea670145ac0.css
legendary-promo.com/wp-content/cache/autoptimize/css/ |
354 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 774 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
legendary-promo.com/wp-includes/js/jquery/ |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PlEl65.jpg
img.platincoin.com/ut/37/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartphone.svg
legendary-promo.com/wp-content/themes/presentation/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whatsapp.svg
legendary-promo.com/wp-content/themes/presentation/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram.svg
legendary-promo.com/wp-content/themes/presentation/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram.svg
legendary-promo.com/wp-content/themes/presentation/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skype.svg
legendary-promo.com/wp-content/themes/presentation/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
859 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_2b8bd4ec5504451dc6ea469f4fcb5b53.js
legendary-promo.com/wp-content/cache/autoptimize/js/ |
214 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
legendary-promo.com/wp-includes/js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
mc.yandex.ru/metrika/ |
363 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bckground-02.jpg
legendary-promo.com/wp-content/uploads/2020/05/ |
350 KB 353 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflOHiu0I/ |
87 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 96 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F8xaRkRrujI
www.youtube.com/embed/ Frame 6721 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/63610837/ Redirect Chain
|
171 B 726 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
63610837
mc.yandex.ru/webvisor/ |
43 B 542 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
63610837
mc.yandex.ru/webvisor/ |
43 B 542 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout function| gaOptout string| GoogleAnalyticsObject function| __gaTracker object| _wpemojiSettings object| monsterinsights_frontend undefined| $ function| jQuery function| ym function| gtag object| dataLayer object| YT object| YTConfig function| onYTReady function| parseGetParam function| onYouTubeIframeAPIReady object| shared object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| twemoji object| wp function| MonsterInsights object| MonsterInsightsObject function| UIkit function| UIkitIcons object| Ya object| yaCounter6361083711 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: GPS Value: 1 |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: IQ32YMdOeJk |
|
.legendary-promo.com/ | Name: _ym_isad Value: 2 |
|
.legendary-promo.com/ | Name: _ym_d Value: 1595809967 |
|
.legendary-promo.com/ | Name: _ym_uid Value: 1595809967706964538 |
|
.youtube.com/ | Name: YSC Value: mRdW1H9slSg |
|
.legendary-promo.com/ | Name: _gat_gtag_UA_162504748_3 Value: 1 |
|
.legendary-promo.com/ | Name: _gat Value: 1 |
|
.legendary-promo.com/ | Name: _ym_visorc_63610837 Value: w |
|
.legendary-promo.com/ | Name: _gid Value: GA1.2.1888936595.1595809967 |
|
.legendary-promo.com/ | Name: _ga Value: GA1.2.2050298323.1595809967 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
img.platincoin.com
legendary-promo.com
mc.yandex.ru
s.ytimg.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
213.196.53.134
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:815::200e
2a00:1450:4001:818::200e
2a00:1450:400c:c0a::9a
2a02:6b8::1:119
85.13.164.10
02a5f2e6d393897fc80527bd3cf0c1c74aaa8cf9bb1a83158539b5d2b7f39284
04241e3c48be7d1a6a7ea39acf6355873bf683610242d1768cffb689d7748c83
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
28872290fa2a88d94ea16f196403ffddee04c05cb124033e9a8dd4ca2790f563
29ffe1ae1490b95e5e7cf6844097c7d197138e75607a4c3fecadcfc2d26936b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
548ffb1bf5547461432583308d6fbda70ca232847aa5a9503db7884db4ec3cb7
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7c093acccc62d33449295a0df6ed1e44935fe109093bcda66b4ddc4e31865dfa
7ed17054b547a442fd0232b341d96fcfcd6c3aa0cbda8e9004ad3918a2d09c28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c98e870f4c0e969a2d263d727191478f5c2f186f0b0670a50fb434020e43ed1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
a29a02263d734f42670a9a4789dd1bc62cf3a7a5ca86106c686a4765f634dfeb
a90ac19f084bc3135038c2a16c54616cf21f64f4298137beba8084bc492502fd
ad44e3d53a6d68afc42124934b8c8d0efe2724e2d08bdd18e64499a6068eca6c
ca4f12b5b1dfdd41530eb18a61a4a07b36bc26282c2ef88ae5dfe17a78cf22cb
ccdb8a1b4762296b21bd4565f774deec2ab21f02555bff7b074dbf66410c1a07
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d2202487eb46bf6c947314b28445ec928cccd43f6c9435fd1fed7629f0e4c0b2
e6f9408795bab1597567fa301dcbdc898f62840312f861e1fa57f8fda52322eb
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fec0e915b933818d525802faccb57396e195a05b4c29e3394789b38278bc75da