xodrev.gaydatlng.com
Open in
urlscan Pro
18.235.21.239
Public Scan
Effective URL: https://xodrev.gaydatlng.com/?j9=1&s1=138579&s3=rs_b5148zhu_8a9f208f&utm_source=f82757e39b1a28a9&s5=%7Bp1%7D&s2=1317638&j1=1&...
Submission: On October 17 via api from US — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2023. Valid for: a year.
This is the only time xodrev.gaydatlng.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.48.31 104.21.48.31 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.156.39 172.67.156.39 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.21.48.33 104.21.48.33 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 52.9.189.85 52.9.189.85 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 54.153.123.233 54.153.123.233 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.235.21.239 18.235.21.239 | 14618 (AMAZON-AES) (AMAZON-AES) | |
27 | 104.126.117.19 104.126.117.19 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 142.250.72.106 142.250.72.106 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.251.35.163 142.251.35.163 | 15169 (GOOGLE) (GOOGLE) | |
35 | 7 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-189-85.us-west-1.compute.amazonaws.com
closemeetups.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-123-233.us-west-1.compute.amazonaws.com
empirelayer.club |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-21-239.compute-1.amazonaws.com
xodrev.gaydatlng.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-117-19.deploy.static.akamaitechnologies.com
cdn-dimi.akamaized.net |
ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
akamaized.net
cdn-dimi.akamaized.net — Cisco Umbrella Rank: 142201 |
297 KB |
2 |
gstatic.com
fonts.gstatic.com |
66 KB |
2 |
empirelayer.club
empirelayer.club |
1 KB |
2 |
closemeetups.com
1 redirects
closemeetups.com |
2 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49 |
1023 B |
1 |
gaydatlng.com
xodrev.gaydatlng.com |
8 KB |
1 |
binum12122.top
1 redirects
003sugg.binum12122.top |
769 B |
1 |
mtboom.top
mtboom.top |
1 KB |
1 |
asson.cfd
1 redirects
kelby.asson.cfd |
787 B |
35 | 9 |
Domain | Requested by | |
---|---|---|
27 | cdn-dimi.akamaized.net |
xodrev.gaydatlng.com
cdn-dimi.akamaized.net |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | empirelayer.club |
mtboom.top
closemeetups.com |
2 | closemeetups.com |
1 redirects
empirelayer.club
|
1 | fonts.googleapis.com |
cdn-dimi.akamaized.net
|
1 | xodrev.gaydatlng.com |
closemeetups.com
|
1 | 003sugg.binum12122.top | 1 redirects |
1 | mtboom.top | |
1 | kelby.asson.cfd | 1 redirects |
35 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-01-26 - 2024-01-26 |
a year | crt.sh |
empirelayer.club Amazon RSA 2048 M01 |
2023-07-22 - 2024-08-18 |
a year | crt.sh |
closemeetups.com Amazon RSA 2048 M01 |
2023-02-10 - 2024-02-03 |
a year | crt.sh |
*.adsbridge.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-17 - 2024-07-27 |
a year | crt.sh |
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-05-16 - 2024-05-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://xodrev.gaydatlng.com/?j9=1&s1=138579&s3=rs_b5148zhu_8a9f208f&utm_source=f82757e39b1a28a9&s5=%7Bp1%7D&s2=1317638&j1=1&click_id=fb1ec992014ac0d91bf0c9bde07428f293688836
Frame ID: 26A19AFA2BE4D5D28F324579ACE8194A
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://kelby.asson.cfd/
HTTP 302
https://mtboom.top/click?o=3&a=1059&aff_click_id=2iqdalvbcvos&sub_id1=s Page URL
-
https://003sugg.binum12122.top/click.php?key=z852fk2nhhmodvyuhn81&externalid=88538bc7ecbd4f53d552d84b51a709...
HTTP 302
https://closemeetups.com/tds/ae?tds_campaign=s4238buc&tdsId=s4238buc_r&s1=int&utm_source=int&utm_term... HTTP 302
https://empirelayer.club/tds/interlayer/eb/s/0f38aa475cb970e7e61434f113be8e98?__t=1697510826470&__l=3600 Page URL
- https://xodrev.gaydatlng.com/?j9=1&s1=138579&s3=rs_b5148zhu_8a9f208f&utm_source=f82757e39b1a28a9&s5=%7Bp1... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://kelby.asson.cfd/
HTTP 302
https://mtboom.top/click?o=3&a=1059&aff_click_id=2iqdalvbcvos&sub_id1=s Page URL
-
https://003sugg.binum12122.top/click.php?key=z852fk2nhhmodvyuhn81&externalid=88538bc7ecbd4f53d552d84b51a709ed&a=1059&sub_id1=s
HTTP 302
https://closemeetups.com/tds/ae?tds_campaign=s4238buc&tdsId=s4238buc_r&s1=int&utm_source=int&utm_term=1&clickid=7de49ntfy1nxs8ndcc&subid={subid}&subid2={subid2}&affid=8a9f208f&clickid=7de49ntfy1nxs8ndcc&subid=1059 HTTP 302
https://empirelayer.club/tds/interlayer/eb/s/0f38aa475cb970e7e61434f113be8e98?__t=1697510826470&__l=3600 Page URL
- https://xodrev.gaydatlng.com/?j9=1&s1=138579&s3=rs_b5148zhu_8a9f208f&utm_source=f82757e39b1a28a9&s5=%7Bp1%7D&s2=1317638&j1=1&click_id=fb1ec992014ac0d91bf0c9bde07428f293688836 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://kelby.asson.cfd/ HTTP 302
- https://mtboom.top/click?o=3&a=1059&aff_click_id=2iqdalvbcvos&sub_id1=s
- https://003sugg.binum12122.top/click.php?key=z852fk2nhhmodvyuhn81&externalid=88538bc7ecbd4f53d552d84b51a709ed&a=1059&sub_id1=s HTTP 302
- https://closemeetups.com/tds/ae?tds_campaign=s4238buc&tdsId=s4238buc_r&s1=int&utm_source=int&utm_term=1&clickid=7de49ntfy1nxs8ndcc&subid={subid}&subid2={subid2}&affid=8a9f208f&clickid=7de49ntfy1nxs8ndcc&subid=1059 HTTP 302
- https://empirelayer.club/tds/interlayer/eb/s/0f38aa475cb970e7e61434f113be8e98?__t=1697510826470&__l=3600
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
click
mtboom.top/ Redirect Chain
|
930 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0f38aa475cb970e7e61434f113be8e98
empirelayer.club/tds/interlayer/eb/s/ Redirect Chain
|
923 B 920 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
closemeetups.com/lp-external/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
interlayer
empirelayer.club/tds/ |
0 319 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
xodrev.gaydatlng.com/ |
31 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.min.css
cdn-dimi.akamaized.net/landings/280996/1686831601/css/ |
773 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
cdn-dimi.akamaized.net/landings/280996/1686831601/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reviews.css
cdn-dimi.akamaized.net/landings/280996/1686831601/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
safety-block.css
cdn-dimi.akamaized.net/landings/280996/1686831601/css/ |
1 KB 974 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timer.css
cdn-dimi.akamaized.net/landings/280996/1686831601/css/ |
1 KB 996 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js
cdn-dimi.akamaized.net/landings/280996/1686831601/js/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timer.js
cdn-dimi.akamaized.net/landings/280996/1686831601/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translates.js
cdn-dimi.akamaized.net/landings/280996/1686831601/js/ |
53 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translates-review.js
cdn-dimi.akamaized.net/landings/280996/1686831601/js/ |
36 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-location.svg
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
297 B 787 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unlock.svg
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shield.svg
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
796 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
password.svg
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8-eu.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 1023 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-timer.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
418 B 904 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-content.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-like.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
608 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-comment.png
cdn-dimi.akamaized.net/landings/280996/1686831601/images/ |
307 B 793 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v13/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qFdH35WCmI96Ajtm81GhU9vyww.woff2
fonts.gstatic.com/s/overpass/v13/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| imiFinButClickSubscribe function| imiFinButSubscriberDone function| imiBBQAdd function| imiBB boolean| prefBClicked object| _rup function| $ function| jQuery object| langs function| detect_language object| formData object| ortbConf13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kelby.asson.cfd/ | Name: _subid Value: 2iqdalvbcvos |
|
kelby.asson.cfd/ | Name: 62fd5 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExNlwiOjE2OTc1MTA4MjR9LFwiY2FtcGFpZ25zXCI6e1wiMTZcIjoxNjk3NTEwODI0fSxcInRpbWVcIjoxNjk3NTEwODI0fSJ9.xO_jnlYL6geci2JDCJdtn6jWJLKQbETPrrQr6V77ztU |
|
mtboom.top/ | Name: U-eccbc87e4b5ce2fe28308fd9f2a7baf3 Value: unique |
|
mtboom.top/ | Name: o_eccbc87e4b5ce2fe28308fd9f2a7baf3 Value: 7d01faf7-4af7-434d-b168-8fe1c73618d5 |
|
003sugg.binum12122.top/ | Name: uclick Value: ntfy1nxs8n |
|
003sugg.binum12122.top/ | Name: uclickhash Value: ntfy1nxs8n-ntfy1nxs8n-bl-g5wj-my8n-j6g6-ftg6-ec67b8 |
|
.closemeetups.com/ | Name: dci Value: 774a6e924c9c7e8a82a324ee4c903f233a69d218 |
|
closemeetups.com/ | Name: dm Value: fe450dd0d1dadc615429144d33241f42 |
|
xodrev.gaydatlng.com/ | Name: unique_id Value: 652df5ab00080a39 |
|
xodrev.gaydatlng.com/ | Name: unique_id2 Value: 652df5ab000b6058 |
|
xodrev.gaydatlng.com/ | Name: 652df5ab000b6058_c Value: 1 |
|
xodrev.gaydatlng.com/ | Name: ref_token Value: 138579 |
|
xodrev.gaydatlng.com/ | Name: 652df5ab000b6058_sl Value: [280996] |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
003sugg.binum12122.top
cdn-dimi.akamaized.net
closemeetups.com
empirelayer.club
fonts.googleapis.com
fonts.gstatic.com
kelby.asson.cfd
mtboom.top
xodrev.gaydatlng.com
104.126.117.19
104.21.48.31
104.21.48.33
142.250.72.106
142.251.35.163
172.67.156.39
18.235.21.239
52.9.189.85
54.153.123.233
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
204fef06480467f71c010ca13b98cc49991566ab09272069eae8d7d3eeb0a1b7
26712f06ca0fe45d57c9c61161d24c1d17fc0c4a13d4ac3cd8cc5b06b9918b32
267381e7207fcf462164777df54535cae5c3b68fb1ef58c84536a651d5850d3f
4373edec4065f19813927b3b997054ec527535f3e68bff9f926bba4ed9d19c76
46d0f26293372cffa7b14ce1a07b25db31fd821b73ca6157141ec7b40d68f524
4f19f4675d1fd57442802d5935529904ddaaab1cc66dcb7c369976a0e7bf97df
5578b0e340376ea1d7aeaf068a100a2ef436b84fb57ca3c3b99780d35af40fe4
585655916599643442af0e13d60203304a44e0aa12295d8dd211bfa6de0e4afb
59b0961f0274c258b14c7df8a0d16994b719fa6a0efb7650bd019faf11106dea
634df6ae6f46c4b286cd8aec2866d6fe7e004ccf0c1d94df302518ce4915a0eb
67737d6da2711b7e1d906ddae1f60ae7d1005c542f7240a2c3391d2b7228d749
7c0746c032f32ffd1c0397f56b03f3655739253cce0f5b9afa5cbcc7ff351b05
8100215233029630e611de2def20f94027458b52da03d724a8ab5a9df423c469
8242c02ebed3f36bbddbc8a5d1d95f14c8cf7b0e9eb7259cdebc80d6e22007c0
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8365642e534620b23b8633df04a4658cca5f8dc5aba131191985bf5c9906e0e7
852e0df3e94bad63cc0604d2f524fb57c4a1d4d41217b75d26cf1cfd10291266
970c5a0e1747891e68f7ff12ef016b91a3e6a74d537219d81ab73512399a4a38
a0ddff3cd7b382245d2d804541987cbb43d26f2b06c3586f14f037f5d0a41872
a4949267c263e1ea206a9b645dd31ae8475c962fcb204352590df16ff7bad5c5
b04b3ac5d6c640e79a65985d81e743995c588709a82a3a21b053fc4af4a0e14e
bb5b063f2431606d001eb4d4d15536ef2f0a781ce03abb28058b9017e4036bd1
c14485c6d4e29e9aa24d34ea48fecb22c45b73452721e2102125cc523d97c07a
c868964389330b3c14273e37acac5b56f5c746c4e21abfddecacc8c8a425834a
d84cfa3e6e8498413c351b5cbb8098a63d8c78e7a730ff5ba88eb31735c2d8e2
e0938544830fdf90ad208873298e99da69fd5672600875c2a6eeb6c338aa969a
e0a600cb1bfa151c241cbc6cd77a83ae98bc1099c846476963f741e2f1925131
e20a9d214ae095aee78745f2af1a6a8b34c263c447398b981081955c3cf89f31
e3a9f2f0dc0f143cf83abc24a0587a1a7d8123090f17ecdbe0e0759345d5801a
e3c07e11f8765896c0e9da80d23de2db39ac0753a178217f94f36f0de5e92cde
e6daa5755861f7b77c8cd9e0487f7c1e8140c15d47f2cbc5a880c7177a3ada5a
fadbb357613e66df8ff2015bbe28dc6eb31d24fbea98c4c9c781d6aa69882ae5