www.credit.vkremenchuge.com
Open in
urlscan Pro
5.187.0.16
Public Scan
URL:
https://www.credit.vkremenchuge.com/
Submission: On May 07 via automatic, source certstream-suspicious — Scanned from DE
Submission: On May 07 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 3 domains to perform 23 HTTP transactions.
The main IP is 5.187.0.16, located in
Frankfurt am Main, Germany and
belongs to DE-FIRSTCOLO firstcolo.net, DE.
The main domain is www.credit.vkremenchuge.com.
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.
This is the only time www.credit.vkremenchuge.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.
This is the only time www.credit.vkremenchuge.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 19 | 5.187.0.16 5.187.0.16 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO firstcolo.net) | |
| 4 8 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
| 23 | 2 |
19
5.187.0.16
(Frankfurt am Main, Germany)
ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)
PTR: hostde18.fornex.host
ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)
PTR: hostde18.fornex.host
| www.credit.vkremenchuge.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 19 |
vkremenchuge.com
www.credit.vkremenchuge.com |
662 KB |
| 5 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 9603 |
4 KB |
| 3 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4550 |
59 KB |
| 23 | 3 |
| Domain | Requested by | |
|---|---|---|
| 19 | www.credit.vkremenchuge.com |
www.credit.vkremenchuge.com
|
| 5 | mc.yandex.com |
3 redirects
www.credit.vkremenchuge.com
|
| 3 | mc.yandex.ru |
1 redirects
www.credit.vkremenchuge.com
|
| 23 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| credit.vkremenchuge.com R3 |
2024-03-07 - 2024-06-05 |
3 months | crt.sh |
| mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-12-26 - 2024-06-05 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.credit.vkremenchuge.com/
Frame ID: 7280C809E0DADE8EF8CD6C874264FDD3
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Капитал - кредит наличными в Кременчуге. Частный займ под залог. Без справки о доходах Кременчуг.Detected technologies
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10362.hV4cOpVzPYrsKDXdnLo9UzbAqhKSosfHiu_7esxPE9QkXJ8qyODiYByvPEju1QZU.XDyE2H0qGNgsMgb3uSspMmtBYRw%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10362.1zJqelNeMFD107hWwv-FnE4jTSR_sECbnC7Pl3PHiQ4p0OUEB2g3cA8JX-FPOXLnNDcR3UxnhLupeK7qP8wuzHq5TCybnvWOEtxufqP3GtYh_Ycmaswf95u3pTmBcLi2NVfh0yp7Zh9BUhp-VIl5ezeSCIyTPMdXtzr9LOLePN2tKKzJ06vJdaIWz7pX3gFd2aOduuofIzehJHf5gLpqzDM2iWZwdMJIM8inpzeSqq4%2C.V3hSEBXeq5HADasRdBZEBMdGl7s%2C HTTP 302
- https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10362.7Bg5-6EnqcvIGfN6uHHYjDStNRFV49fZHK1luQAwUcnX2AICtOoGrV04oWK_1HCv2GG8-RttY8Snw3HTYp-QqUPs-CbHUhVsRdsK7FFTb6mg28DzaZK_k6teeP_9Nk-JEIE6uQ7Mi8cSwC4F1uDoDc1uLum6mQ7gHL7EZP3myxizyOMrR8kyPVh_DNx3AvhfjKcBkC27NbaHOz7I7VXzhg%2C%2C.sxmPt_7ML0eTqxOsHIYzPtM86a4%2C
- https://mc.yandex.com/watch/23481583?wmode=7&page-url=https%3A%2F%2Fwww.credit.vkremenchuge.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.118%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.118%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.118%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A666f337a0wppt9wwzbzs7rmhn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1372098081503%3Ahid%3A596629426%3Az%3A120%3Ai%3A20240508013357%3Aet%3A1715124838%3Ac%3A1%3Arn%3A774337917%3Arqn%3A1%3Au%3A1715124838840547418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A232%3Ads%3A0%2C58%2C40%2C1%2C0%2C0%2C%2C118%2C3%2C%2C%2C%2C225%3Aco%3A0%3Acpf%3A1%3Ans%3A1715124836960%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715124838%3At%3A%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB%20-%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%B2%20%D0%9A%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D1%87%D1%83%D0%B3%D0%B5.%20%D0%A7%D0%B0%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BF%D0%BE%D0%B4%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B3.%20%D0%91%D0%B5%D0%B7%20%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BE%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%B0%D1%85%20%D0%9A%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D1%87%D1%83%D0%B3.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3178756)ti(1) HTTP 302
- https://mc.yandex.com/watch/23481583/1?wmode=7&page-url=https%3A%2F%2Fwww.credit.vkremenchuge.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.118%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.118%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.118%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A666f337a0wppt9wwzbzs7rmhn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1372098081503%3Ahid%3A596629426%3Az%3A120%3Ai%3A20240508013357%3Aet%3A1715124838%3Ac%3A1%3Arn%3A774337917%3Arqn%3A1%3Au%3A1715124838840547418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A232%3Ads%3A0%2C58%2C40%2C1%2C0%2C0%2C%2C118%2C3%2C%2C%2C%2C225%3Aco%3A0%3Acpf%3A1%3Ans%3A1715124836960%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715124838%3At%3A%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB%20-%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%B2%20%D0%9A%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D1%87%D1%83%D0%B3%D0%B5.%20%D0%A7%D0%B0%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B7%D0%B0%D0%B9%D0%BC%20%D0%BF%D0%BE%D0%B4%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B3.%20%D0%91%D0%B5%D0%B7%20%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BE%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%B0%D1%85%20%D0%9A%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D1%87%D1%83%D0%B3.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178756%29ti%281%29
23 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.credit.vkremenchuge.com/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
www.credit.vkremenchuge.com/style/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.7.2.js
www.credit.vkremenchuge.com/js/ |
247 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.maskedinput.js
www.credit.vkremenchuge.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
161 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zel.jpg
www.credit.vkremenchuge.com/img/ |
747 B 978 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
verh.jpg
www.credit.vkremenchuge.com/img/ |
88 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.jpg
www.credit.vkremenchuge.com/img/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tel.jpg
www.credit.vkremenchuge.com/img/ |
524 B 755 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
forma.png
www.credit.vkremenchuge.com/img/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otpr.png
www.credit.vkremenchuge.com/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kak.jpg
www.credit.vkremenchuge.com/img/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gal.jpg
www.credit.vkremenchuge.com/img/ |
993 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otz1.jpg
www.credit.vkremenchuge.com/img/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otz2.jpg
www.credit.vkremenchuge.com/img/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otz3.jpg
www.credit.vkremenchuge.com/img/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
niz.jpg
www.credit.vkremenchuge.com/img/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MyriadPro-BoldCond.ttf
www.credit.vkremenchuge.com/font/ |
111 KB 111 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MyriadPro-Regular.ttf
www.credit.vkremenchuge.com/font/ |
116 KB 116 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_finish
mc.yandex.ru/ Redirect Chain
|
43 B 614 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 572 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/23481583/ Redirect Chain
|
447 B 539 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.credit.vkremenchuge.com/img/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| closeMess function| showMess number| statMss number| pos object| Ya object| yaCounter2348158323 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .yandex.ru/ | Name: yashr Value: 4072089161715124837 |
|
| mc.yandex.ru/ | Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg== |
|
| .vkremenchuge.com/ | Name: _ym_uid Value: 1715124838840547418 |
|
| .vkremenchuge.com/ | Name: _ym_d Value: 1715124838 |
|
| .mc.yandex.com/ | Name: sync_cookie_csrf Value: 2339386833fake |
|
| mc.yandex.com/ | Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg== |
|
| .yandex.com/ | Name: i Value: SuM0uxx/WzWTIteDrCGL448h3Pq/lz6HtkuDyULV6eUiirhd4tSSgST4/AkkowPGB9WjxxNtglYgTyZotDEmwGKBsBo= |
|
| .yandex.com/ | Name: yandexuid Value: 4464556111715124837 |
|
| .yandex.com/ | Name: yashr Value: 9437792211715124837 |
|
| .vkremenchuge.com/ | Name: _ym_isad Value: 2 |
|
| .mc.yandex.ru/ | Name: sync_cookie_csrf Value: 422438643fake |
|
| .mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
| .yandex.ru/ | Name: yandexuid Value: 4464556111715124837 |
|
| .yandex.ru/ | Name: yuidss Value: 4464556111715124837 |
|
| .yandex.ru/ | Name: i Value: SuM0uxx/WzWTIteDrCGL448h3Pq/lz6HtkuDyULV6eUiirhd4tSSgST4/AkkowPGB9WjxxNtglYgTyZotDEmwGKBsBo= |
|
| .yandex.ru/ | Name: yp Value: 1715211237.yu.6020885631715124837 |
|
| .yandex.ru/ | Name: ymex Value: 1717716837.oyu.6020885631715124837 |
|
| mc.yandex.com/ | Name: yabs-sid Value: 718144031715124838 |
|
| .yandex.com/ | Name: yuidss Value: 4464556111715124837 |
|
| .yandex.com/ | Name: ymex Value: 1746660838.yrts.1715124838 |
|
| .yandex.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .yandex.com/ | Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI0IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI0IhoFIng4NiIiECIxMjQuMC42MzY3LjExOCIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJcIkNocm9taXVtIjt2PSIxMjQuMC42MzY3LjExOCIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNC4wLjYzNjcuMTE4IiwiTm90LUEuQnJhbmQiO3Y9Ijk5LjAuMC4wIiI= |
|
| .vkremenchuge.com/ | Name: _ym_visorc Value: w |
52 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mc.yandex.com
mc.yandex.ru
www.credit.vkremenchuge.com
2a02:6b8::1:119
5.187.0.16
017a3b4474e6aa94ea0528186ac1ef7a532947586028d6d9c43f0611492001dd
0223cb640e7db84f5f024bf6cf520ad733e4f40b523bf4b7a990daa4a4ee9b01
1717ea1fde8ceb7584341a24efc85c853083c660a1185968fbf94520f7193de2
1984b7b12eb2bc9f3dc606ce6b2582dd584909093d822c529656c15003554bb9
4db1596849fce8e3e533ab9236119fb2f0b60a1a7c18d6db18ebc5b550c45720
4f4c0c1dcf96beee082005e8200e2ac08a47c428262a3cfa8b149b8e2f2dea80
537f01f3bc635c8736f46823b9b14dd8019e23b3d8e10c8a3feddea655649013
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56d0102afc6194ea1d0b53ae028ddf0a63b2f3b39e73243b189bbc9cf13b9fdd
651cedc6da75e44d65ec622489495f2cf3e88ff3048a0de99aaff86c26f6a363
67d3a0457051bcd13138cc690bf897ec93ce2d39891aee9e4c2095a15bfb7b64
69acf1b504c48f36f4c7403f29a1d5b7ad506c371b90d75b0c173abf3193e0eb
7b88bbfe05251bbfda7282aa2f39c887b522b51b4470a446e74dd41c670172c6
8a4a5add2304c19d7311c63df54617a6b8e94bdf2bdfcff073cdb5059a735b8e
9c5d2a6da1ec1dbfb86a99603f8da84eba88c43895a7a87d5ee3d45940369c2d
a965b7ee2648ce7af148112a91814ccf10673b75c5bc7dbec3d90b604a67c9be
bc094b8c378aa7a41a4a36be46fe9d33ecd11fa3460ad3c2442a91a5cb8f376a
bc6e4e8b91a25bf0a88929120c3c0d00c24967c026d7cec63d2ae77ac630a971
bd8af23bd77d156c77b20e90817090fc0ae7027dc004ff290fa5a58b26cb731c
e416a1431e345b69e446e13652eb70be0c393acee52019de2cf396d818636fa6
ebf638376ee368dfb57d54f727a512c24090e2b5fb665f32e5871883e8fe28a0
f5ec7167f899208d5184dee9cbda085e5f9e18055c2f5f965dad9930f7f2b067