xgamespin.com
Open in
urlscan Pro
2606:4700:30::681b:aa94
Malicious Activity!
Public Scan
Submission: On February 15 via manual from NO
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 14th 2019. Valid for: a year.
This is the only time xgamespin.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 2606:4700:30:... 2606:4700:30::681b:aa94 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 205.185.208.52 205.185.208.52 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2606:4700::68... 2606:4700::6813:c697 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
25 | 2.16.186.120 2.16.186.120 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
47 | 5 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
xgamespin.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-120.deploy.static.akamaitechnologies.com
steamcdn-a.akamaihd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
akamaihd.net
steamcdn-a.akamaihd.net |
444 KB |
20 |
xgamespin.com
1 redirects
xgamespin.com |
1 MB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
18 KB |
1 |
googleapis.com
ajax.googleapis.com |
50 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
47 | 5 |
Domain | Requested by | |
---|---|---|
25 | steamcdn-a.akamaihd.net |
xgamespin.com
|
20 | xgamespin.com |
1 redirects
xgamespin.com
cdnjs.cloudflare.com |
1 | cdnjs.cloudflare.com |
xgamespin.com
|
1 | ajax.googleapis.com |
xgamespin.com
|
1 | code.jquery.com |
xgamespin.com
|
47 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-02-14 - 2020-02-14 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-01-29 - 2019-04-23 |
3 months | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-09-22 - 2019-03-31 |
6 months | crt.sh |
a248.e.akamai.net DigiCert ECC Secure Server CA |
2018-10-18 - 2019-10-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://xgamespin.com/
Frame ID: 0923223E043D9E9C09DD7122E99ED20E
Requests: 47 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://xgamespin.com/ Page URL
-
https://xgamespin.com/cdn-cgi/l/chk_jschl?s=389d45b567c5915935c8bf4650eafb61291a82f8-1550230888-18...
HTTP 302
https://xgamespin.com/ Page URL
Detected technologies
Node.js (Programming Languages) ExpandDetected patterns
- script /socket.io.*\.js/i
- env /^io$/i
Socket.io (JavaScript Frameworks) Expand
Detected patterns
- script /socket.io.*\.js/i
- env /^io$/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://xgamespin.com/ Page URL
-
https://xgamespin.com/cdn-cgi/l/chk_jschl?s=389d45b567c5915935c8bf4650eafb61291a82f8-1550230888-1800-AVqg1HlHTmDXgBmYFASrfdAQKn5edFhVxOKrpYJnIpHzdA0UTqFZW4t5bxdWpVRcKQbHHwVRfGwRACn%2BtHLw2mQ%2FVEN8YrcCpNFUh9roKFJs&jschl_vc=695f1e41be83e0d498c7b2006e5a1648&pass=1550230892.863-ElkV978x4V&jschl_answer=24.4017946135
HTTP 302
https://xgamespin.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
47 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
xgamespin.com/ |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
xgamespin.com/ Redirect Chain
|
22 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
xgamespin.com/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countdown.js
xgamespin.com/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.5/ |
191 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
xgamespin.com/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window.css
xgamespin.com/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
xgamespin.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socket.io.js
cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/ |
59 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
birthday.png
xgamespin.com/images/ |
172 KB 172 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/637670/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/379430/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/346110/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/578080/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/271590/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/730/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.jpg
steamcdn-a.akamaihd.net/steam/apps/578080/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.jpg
steamcdn-a.akamaihd.net/steam/apps/57690/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.jpg
steamcdn-a.akamaihd.net/steam/apps/730/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.jpg
steamcdn-a.akamaihd.net/steam/apps/57690/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69b4fd8062cd67f9a7fe7283a6efa7fea296e89c_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/69/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1e440832232b9c011c72068867fea0986652a0dd_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/1e/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f5960a542edf2b773215ff6997f24ae6c0cb63a8_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/f5/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8b173bbbf2dd677b62909eb035998f73e11cbd8b_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/8b/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
baecf6d71f8a60295c952b753806fcec43234a60_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/ba/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
08bdc9e8c758bf663c15b7ec0bb6973faf89f5df_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/08/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
70294f393cda25e965e256c0ccd4edbe4d903cc0_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/70/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71985364f322b1343f66a6169f2a06c4786ab133_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/71/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6671145ea849cc787067bda77e335d4d3a7dc20b_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/66/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b254d84bc24665f4a7feacd15cefda24260713a7_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/b2/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
humble.png
xgamespin.com/images/ |
169 KB 169 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
akella.png
xgamespin.com/images/ |
135 KB 136 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window.css
xgamespin.com/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click.mp3
xgamespin.com/audio/ |
4 KB 5 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
xgamespin.com/socket.io/ |
104 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
xgamespin.com/images/ |
372 KB 372 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova-Bold.woff
xgamespin.com/fonts/ |
51 KB 51 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova-Regular.woff
xgamespin.com/fonts/ |
51 KB 51 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova-Light.woff
xgamespin.com/fonts/ |
51 KB 51 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
xgamespin.com/socket.io/ |
515 B 344 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
xgamespin.com/socket.io/ |
3 B 99 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/105600/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/578080/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/252490/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/271590/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capsule_184x69.jpg
steamcdn-a.akamaihd.net/steam/apps/552500/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| DP_jQuery_1550230893143 object| wingames object| players object| caseScrollAudio function| getRandomInt undefined| x undefined| xVel undefined| prevTime undefined| kVar number| xAcc function| setupCookies function| nextDay function| startTimer number| online function| addWinner function| replaceLogin function| setCookie function| getCookie function| deleteCookie function| declension string| BANNED_DOMAINS function| io object| a function| b object| socket object| games undefined| w function| makeid object| url object| ref function| mobLogin function| mobLog4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
xgamespin.com/ | Name: __ddg_ Value: 7762 |
|
.xgamespin.com/ | Name: cf_clearance Value: 0bb55e9528c4f3635bfe6da5123789f46a3f9dc3-1550230892-1800-150 |
|
xgamespin.com/ | Name: io Value: R6-82bVKVOz1OBJWAAsA |
|
.xgamespin.com/ | Name: __cfduid Value: da3bb930bee5cfe48ffaf35229af9b5aa1550230892 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
steamcdn-a.akamaihd.net
xgamespin.com
2.16.186.120
205.185.208.52
2606:4700:30::681b:aa94
2606:4700::6813:c697
2a00:1450:4001:817::200a
03d1814a79614474287246b1b9c1cb1b2c1ea07ee3a1154c8f9a161fc4fa014f
0511ae4e638f7ce7aa7a424ad0281c63958a4558354675c15866b0f7c5f9509c
05b7af295fe8e23c2db768f73a1401de4483e0ec5781ea51bad5090601166327
09c4c3aeadfe02741e2bb481d1adc5e82bb2ad7cc5426e498a45c65e2ba377ae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19707fff8109498391980868f6590eeaff477896fe3468cc08956cbe47bb4294
19e2d19e83e4aa871d879721d3419438110b01b00c9bdb02f72cf52976b5bcf3
1c71c7c87acc24da048572cd7e36632584dc0c83547d5aa05f77db248c989818
30dc30db4546473cf5b976acaf6c6fb1410e37cfb88ed490a38a946e16108e2c
323dda53487558f66cc606ec2a8528109bee6affb33e9c536fec2f65d09df14e
34e9f060db53c7c81ae42d77857e7f98d73a96f2366213599ff8202327207fd8
362b00f5849947411c39de916818aeaa2c88b6e408ff449d056d398d9e615b7f
58f7853d60f73d94140eba459c333537629a74d57009f352e1c099efc6fbe93f
59980632edc053d4e6c397181ced95dcc1a723a18b0d6e34fb5e2b6874d9b7ea
5b327af1320744fbc30a5d1d22e7a5af4920696ae7adb45d045a389376e726e4
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
64dd0b8e3d84c4677d9b4056191dde8330661a99c11cd5c9aaa154a524773f1c
66faf9f823bf70a48dc5130d120d86f3a29eaf9f41c6312beabc67d592be4a5e
714764521099f3d3577bfdeb4af5d647838ef581f50c1781a9e04cd7900d1875
72ffdef6d473e2320b48a2c07d53756ea7171cc5a52b8d6045d38dbd6e25e345
7ceb1ee966a9c53ad44893892025d76301d124e3dae82d4e5105e2ec2f43772f
7d9974cc8208d89347788bfc80e62e69da001ed397fc4443d885c4e64a01dc46
81c6d1a13227777d009f275f5ecb80bd6c780d2843b9b18fe2809ff9822a2066
8301cbf362618d1e54779def33a0a2c83151e7cc32e3d6a8610174db5af6ecde
85cd7cac0d46b6cc53b0175d04f4bbf7ad99df6ab17b5ea1a0b44cd74829b263
9157f1ce39ed0e28c60fd406c69cfb1883c429ec72b9d62588fb0e5998013e41
99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1
9d8c881af2e0ed90419baad083e34f921c4ed54f9264d4932aa1ea2b5c25bdc2
ab885f2e02fb5365483752e9bde61387fcc1c2866751c1d44337ddfbc8e3c446
abd815390a7d75fd81e228910e3d5cbca637178abfb3c016c396601bf2338f74
b05d048c32e966ec99351c9c8f5d76f3a8eb1470e718287474ae116ef7ec69cd
b5e61baff7e113d5a69e890bea1778be2fdffe0194cfd1d7b616a8c0a82cb83d
c73a613badee454c2580106c9617c62963cde10205c6afcb4289053eae6a8fde
ca1b6226476536bad134b41cffd2606600b899892e7ee3f5c242d2729ba4c352
d35004828024b24743ec7e5a490eeaae4c7492edae102827631cc9d528e0854b
d39087256385ffd80e83574e4364349ecc22e6e37d2f9081930a8ae1fd990bdc
d699249a2ea30a3ee8bb23153ab4d9b6449130c59b6525d2fd6695b17632b490
e42a5d32bc8ecc74568f9c33475a2a23f89fd2308d61b5c40b7c7d6060b15225
e6b4514f1745434c93214b0c4a5467c474cc1c3511dcdf24a052c70b0ac638df
e7d0e61e04e776f23b13fb5f6463601777387ddbf41d4f968d16ceb245ac8a9c
fa10d6b3cee42136de343517c36e8a9c33fbfd5b38d39cdc677ec86861b5eb45
ff9d551c9e644a0896ab25e7f513bc4f4687060a77f8d873b1310f1e9042b98c