www.mandatedmoney.com
Open in
urlscan Pro
2606:4700:3031::ac43:9d1c
Public Scan
Effective URL: https://www.mandatedmoney.com/?view=sms
Submission: On August 23 via api from BE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 2nd 2021. Valid for: a year.
This is the only time www.mandatedmoney.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.45.84 13.111.45.84 | 22606 (EXACT-7) (EXACT-7) | |
2 | 2606:4700:303... 2606:4700:3031::ac43:9d1c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2600:9000:20e... 2600:9000:20eb:0:f:75e2:4ac0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2.18.234.122 2.18.234.122 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 3.216.185.243 3.216.185.243 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.102.183.26 34.102.183.26 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2606:4700:20:... 2606:4700:20::ac43:49ec | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.13.44 151.101.13.44 | 54113 (FASTLY) (FASTLY) | |
33 | 13 |
ASN22606 (EXACT-7, US)
PTR: click.exct.bonnerandpartners.com
click.exct.bonnerandpartners.com |
ASN16509 (AMAZON-02, US)
d3bjnmbj12697.cloudfront.net |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com
players.brightcove.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-185-243.compute-1.amazonaws.com
sms-live.legacyresearch.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 26.183.102.34.bc.googleusercontent.com
cdn.pushcrew.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
cloudfront.net
d3bjnmbj12697.cloudfront.net |
735 KB |
5 |
lytics.io
c.lytics.io |
42 KB |
4 |
gstatic.com
fonts.gstatic.com |
78 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com |
134 KB |
2 |
mandatedmoney.com
www.mandatedmoney.com |
21 KB |
1 |
taboola.com
trc.taboola.com |
174 B |
1 |
pushcrew.com
cdn.pushcrew.com |
70 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
35 KB |
1 |
legacyresearch.com
sms-live.legacyresearch.com |
1 KB |
1 |
brightcove.net
players.brightcove.net |
184 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
bonnerandpartners.com
1 redirects
click.exct.bonnerandpartners.com |
214 B |
33 | 13 |
Domain | Requested by | |
---|---|---|
10 | d3bjnmbj12697.cloudfront.net |
www.mandatedmoney.com
|
5 | c.lytics.io |
www.mandatedmoney.com
c.lytics.io |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | cdnjs.cloudflare.com |
www.mandatedmoney.com
cdnjs.cloudflare.com |
2 | www.mandatedmoney.com |
www.mandatedmoney.com
|
1 | trc.taboola.com | |
1 | cdn.pushcrew.com |
www.mandatedmoney.com
|
1 | www.googletagmanager.com |
www.mandatedmoney.com
|
1 | sms-live.legacyresearch.com |
www.mandatedmoney.com
|
1 | players.brightcove.net |
www.mandatedmoney.com
|
1 | code.jquery.com |
www.mandatedmoney.com
|
1 | fonts.googleapis.com |
www.mandatedmoney.com
|
1 | click.exct.bonnerandpartners.com | 1 redirects |
33 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.brownstoneresearch.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-08-02 - 2022-08-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
players.brightcove.net DigiCert SHA2 Secure Server CA |
2021-08-04 - 2022-08-04 |
a year | crt.sh |
*.legacyresearch.com Amazon |
2021-07-01 - 2022-07-30 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.pushcrew.com Go Daddy Secure Certificate Authority - G2 |
2021-07-23 - 2022-08-24 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-25 - 2021-12-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.mandatedmoney.com/?view=sms
Frame ID: 1D97052680262CEE4A4A51442486BC60
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
Click for Crypto: Jeff Brown's First Ever Cryptocurrency EventPage URL History Show full URLs
-
https://click.exct.bonnerandpartners.com/?qs=044eeae9544ad4b5de3bd468b62350133cbdbbc8e65e04fa35929840874cc981e600d294...
HTTP 302
https://www.mandatedmoney.com/?view=sms Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.exct.bonnerandpartners.com/?qs=044eeae9544ad4b5de3bd468b62350133cbdbbc8e65e04fa35929840874cc981e600d294407a49d3cd29a59aad156bc5c7970dd17e132bc6
HTTP 302
https://www.mandatedmoney.com/?view=sms Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.mandatedmoney.com/ Redirect Chain
|
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/ |
157 KB 157 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
site.css
www.mandatedmoney.com/assets/css/ |
69 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.bundle.min.js
d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/ |
79 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c.js
d3bjnmbj12697.cloudfront.net/_/js/countdown/1.0.2/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jeff-brown.580x642.png
d3bjnmbj12697.cloudfront.net/_/headshots/ |
109 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-bup.png
d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/img/ |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lr-data-br.bundle.js
d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.0.7/ |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.min.js
players.brightcove.net/5102072647001/0zLsWuD5UW_default/ |
676 KB 184 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
libphonenumber-js.min.js
cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.7.54/ |
137 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
group.min.js
sms-live.legacyresearch.com/snippets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tm.js
d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/js/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
280a1d345d060ccc7f11fd00aa14bc9b.js
cdn.pushcrew.com/js/ |
243 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-1.jpg
d3bjnmbj12697.cloudfront.net/br/p/bup/2108-click-for-crypto/img/ |
266 KB 266 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marker-oval-dark.1600x608.png
d3bjnmbj12697.cloudfront.net/_/dazzle/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
underline-dark.764x100.png
d3bjnmbj12697.cloudfront.net/_/dazzle/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v10/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ |
13 KB 14 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ |
78 KB 79 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.min.js
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ |
56 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
08e8e3d5-59df-40e1-9380-f47e83c36f97
https://www.mandatedmoney.com/ |
31 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ |
35 B 540 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u_393014081856441400
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ |
73 B 425 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ |
35 B 313 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm
trc.taboola.com/sg/lytics/1/ |
43 B 174 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.js
c.lytics.io/static/ |
100 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tDbY2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8SKtTOlOV.woff2
fonts.gstatic.com/s/jetbrainsmono/v6/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
98 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| test string| view string| source string| type string| effortId object| dataLayer object| _pcq function| $ function| jQuery object| bootstrap string| onExpire string| redirectURL boolean| whitelist function| urlParams object| q boolean| debug function| countdownReady function| countdownCheck string| assetId string| campaignId object| brandIds object| lrUnits function| lrData object| cidEls object| ddLinkEls undefined| ddLink string| emailSignupMethod string| etPostUrl object| emailForms object| smsForms object| smsDisclaimers undefined| emailFormData undefined| formType undefined| placeholder undefined| buttonText undefined| emailFormHTML object| forms object| validation undefined| smsFormData undefined| callLoopId undefined| smsFormHTML undefined| smsDisclaimerHTML object| google_tag_manager object| countdowns object| countdownContainers string| countdownDate object| urgency number| timer object| jstag boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs object| videojsLoscore function| videojsFlash object| videojsFlashlsSourceHandler object| videojsHttpStreaming function| videojsProxyTracks function| videojsPerSourceBehaviors function| videojsSeekEvents function| videojsContextmenu function| videojsContextmenuUi function| videojsPlayerInfo function| videojsBcAnalytics function| videojsErrors function| videojsBcCatalog function| videojsPlaylist function| bc string| touchEvent object| libphonenumber boolean| _pc_loaded object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit function| legacy string| qEffortId function| tmReady function| tmCheck object| __lytics__jstag__ undefined| u_7567163547860018002 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.mandatedmoney.com/ | Name: seerid Value: u_393014081856441400 |
|
.www.mandatedmoney.com/ | Name: seerses Value: e |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.lytics.io
cdn.pushcrew.com
cdnjs.cloudflare.com
click.exct.bonnerandpartners.com
code.jquery.com
d3bjnmbj12697.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
players.brightcove.net
sms-live.legacyresearch.com
trc.taboola.com
www.googletagmanager.com
www.mandatedmoney.com
13.111.45.84
151.101.13.44
2.18.234.122
2001:4de0:ac18::1:a:3b
2600:9000:20eb:0:f:75e2:4ac0:21
2606:4700:20::ac43:49ec
2606:4700:3031::ac43:9d1c
2606:4700::6810:125e
2a00:1450:4001:809::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
3.216.185.243
34.102.183.26
0960d7ff328253f0fece0a022442605ef7667e67340266b33918a8c592f2f9c7
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1c552fc9f71448908dc8b9bcecef9461e4ced804d0c45c54b288f643fbf2432f
21f5d570a0ec0703e97ec7cfda5dc0ca0eefc28aff0755c2576d02cec6b62f2c
262c4235e948c3755b69cd31333474e2abdf2d28f0d8d332458211436b0241ea
423d18dedb1bc099b3d620cf0933f90c75c68793d54fed04c1920d550fbe14cb
51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48
5e14a0d748e047afd36d4ecb8f79e27a7158054a4ceefd9502497b1aa107cc7f
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
617bff95592163fca5d324a4e0319fa23e4bb0886ccc534384c0980f602e4725
61bdf51fbeabbc9aa8651d2b9e8e2c666c8a62683a5296545b2c70ac2cde9e85
65cca0d6ad4ec9bbac4f1017c6dab4aee1c5ab0b12210cf5b12822dbe239a754
68596b94d76a90f2b97c02594c2cb618c584dbf20acf6577217e1a300cb612e1
6aae28bcba8db9ca75753fd96de986a5e2f3020627f640715f19727c220e4638
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79f7e85d33599f85fad5cc0460c005ca3c7d02a8ba55625c5ede40b052a47a3b
7ca0075907ebce76b8bd38620a0beda50d8dc0d24205e42bd75ae5bc5c3cc463
7f727647a68ac63bad9d5488a88b540389f23a5e4e620ec7a4ced9d0f9df702d
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
94e5ee31e880b74a094a789645dc8ecb9559a86271c1d2739ba29fdd0dfc1fe7
95e4afed859f7a24e70fb57401f87b8038409a3f3033f951bcdcca0b595d4167
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9e3ff5b86971ef697048b5a1dd045cf88e989ea044d02814602abe05751255fd
afdf1f69d6a605db213b026b0220fb731389f1bf59469412424aa8ad799fe956
b1e3934b4ec4320ab1bfab235db1c5f781a0796bf15258a5e7ca7ee8e3fff12d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7c89476d491e38b87d4c34f89f3c629dccb127ec7dcbe6e2073fc82e0bbc89f
e359ff6302ee28cf85300ddf6b114ee25e5e7305f52e9fa9dd0b858bb82b4d24
ebe2ba28a26859c028288403f39e04d27e659713ee7269d0b66a1916de30ee16
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d