qirancy.com
Open in
urlscan Pro
104.18.17.176
Public Scan
Effective URL: https://qirancy.com/
Submission Tags: #phishing @ecarlesi Search All
Submission: On July 20 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2022. Valid for: a year.
This is the only time qirancy.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 104.18.17.176 104.18.17.176 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
25 | 103.160.204.4 103.160.204.4 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
1 | 151.101.65.21 151.101.65.21 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:440... 2606:4700:440e::6812:2fe6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 23.36.163.246 23.36.163.246 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 8.45.52.250 8.45.52.250 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 103.160.204.10 103.160.204.10 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
40 | 8 |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
static-theme.cdncloud.top | |
img.cdncloud.top |
ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-246.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
cdncloud.top
static-theme.cdncloud.top — Cisco Umbrella Rank: 203480 img.cdncloud.top — Cisco Umbrella Rank: 117917 |
2 MB |
7 |
qirancy.com
1 redirects
qirancy.com |
13 KB |
4 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 919 |
89 KB |
1 |
itaboola.com
www.itaboola.com — Cisco Umbrella Rank: 333307 |
451 B |
1 |
alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 11142 |
43 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
26 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1311 |
5 KB |
1 |
paypal.com
www.paypal.com — Cisco Umbrella Rank: 2205 |
|
40 | 8 |
Domain | Requested by | |
---|---|---|
19 | static-theme.cdncloud.top |
qirancy.com
static-theme.cdncloud.top |
7 | qirancy.com |
1 redirects
static-theme.cdncloud.top
static.cloudflareinsights.com |
6 | img.cdncloud.top |
qirancy.com
|
4 | analytics.tiktok.com |
qirancy.com
analytics.tiktok.com |
1 | www.itaboola.com |
static-theme.cdncloud.top
|
1 | at.alicdn.com |
static-theme.cdncloud.top
|
1 | connect.facebook.net |
qirancy.com
|
1 | static.cloudflareinsights.com |
qirancy.com
|
1 | www.paypal.com |
qirancy.com
|
40 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
qirancy.com Cloudflare Inc ECC CA-3 |
2022-07-19 - 2023-07-19 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-30 - 2023-05-30 |
a year | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2022-04-12 - 2023-04-12 |
a year | crt.sh |
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-13 - 2023-01-13 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-04-29 - 2022-07-28 |
3 months | crt.sh |
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-07-04 - 2023-08-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://qirancy.com/
Frame ID: EDCC1FC31BAE12296795B8604E004CB9
Requests: 40 HTTP requests in this frame
Screenshot
Page Title
qirancyPage URL History Show full URLs
-
http://qirancy.com/
HTTP 301
https://qirancy.com/ Page URL
Detected technologies
Cloudflare Browser Insights (Analytics) ExpandDetected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
FingerprintJS (JavaScript libraries) Expand
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Swiper Slider (Miscellaneous) Expand
Detected patterns
- swiper(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://qirancy.com/
HTTP 301
https://qirancy.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
qirancy.com/ Redirect Chain
|
48 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
static-theme.cdncloud.top/liquid/buyer/public/css/ |
313 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopify001.comm.min.css
static-theme.cdncloud.top/s/files/public/css/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
static-theme.cdncloud.top/liquid/buyer/public/js/ |
1 KB 825 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.paypal.com/sdk/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Swiper.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ |
121 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.min.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ |
28 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.min.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
575e89757ad61e843d470b2c49dae479.jpg
img.cdncloud.top/uploader/ |
134 KB 134 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
575e89757ad61e843d470b2c49dae479.jpg
img.cdncloud.top/uploader/ |
522 KB 523 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
default.png
static-theme.cdncloud.top/buyer/public/img/ |
56 B 686 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6052f38d5dd6c3cbb4fdca0e15451a3936b75d3e.jpeg
img.cdncloud.top/uploader/ |
98 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
paypal.png
static-theme.cdncloud.top/buyer/public/img/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
paypal.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
visa1.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mastercard.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
maestro.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ |
8 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AmericanExpress.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event.js
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ |
634 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
126 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font_871426_ou7555ftk8o.woff2
at.alicdn.com/t/ |
42 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ |
117 KB 118 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ |
212 KB 213 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirNext-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ |
411 KB 412 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
user-capi
qirancy.com/buyer/user/ |
79 B 412 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
select-coupon
qirancy.com/buyer/user/ |
64 B 374 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper.js
www.itaboola.com/ |
0 451 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.js
analytics.tiktok.com/i18n/pixel/ |
114 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
analytics.tiktok.com/i18n/pixel/ |
58 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a295651a39eeec663cd886029288393a710d3019.jpeg
img.cdncloud.top/uploader/ |
348 KB 349 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3d819d133cb434ff9cc5b02500d0b4ae63b01f6d.jpeg
img.cdncloud.top/uploader/ |
125 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bca6021eaa1d41cd36f7cd6721801c7c21847841.jpeg
img.cdncloud.top/uploader/ |
154 KB 154 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 719 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
cart
qirancy.com/buyer/ |
910 B 699 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
free-express
qirancy.com/buyer/express/ |
71 B 377 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
qirancy.com/cdn-cgi/ |
0 163 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| dpr number| rem function| $ function| jQuery function| Swiper function| Fingerprint2 function| _createClass function| _classCallCheck function| _typeof object| NP_ENV object| $api object| $tracking boolean| isLazyLoad function| lazyLoad object| $asiabillPayment object| $xborderPayment string| TiktokAnalyticsObject object| ttq string| id function| setCookie function| getCookie string| clientId object| event_id_PageView function| fbq function| _fbq function| userLogin object| __cfBeacon object| $plug object| $http function| xtag function| sharetag function| conversionsApi object| $session object| jQuery1102029109678835253106 string| user_fingerprint object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.qirancy.com/ | Name: __cfruid Value: 4e9cc25293f95737e75de8d1944b4c1ed94d97b1-1658334122 |
|
.qirancy.com/ | Name: ssid Value: 79304 |
|
.qirancy.com/ | Name: utuni Value: d78ea8b6d35e0d7789244c4f9cc1cb63f21ceb2f9a961a2a95ad77c2df6379b3a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A4276452243%3B%7D |
|
.paypal.com/ | Name: tsrce Value: clientsdknodeweb |
|
.paypal.com/ | Name: l7_az Value: dcg14.slc |
|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1753028523%26vteXpYrS%3D1658335923%26vr%3D1c6a97441820a2d1f20a598cfd619eed%26vt%3D1c6a97441820a2d1f20a598cfd619eec%26vtyp%3Dnew |
|
.paypal.com/ | Name: ts_c Value: vr%3D1c6a97441820a2d1f20a598cfd619eed%26vt%3D1c6a97441820a2d1f20a598cfd619eec |
|
.qirancy.com/ | Name: client_id Value: 1658334130029156 |
|
qirancy.com/ | Name: ga_utm Value: {} |
|
.tiktok.com/ | Name: _ttp Value: 2CDPLR1UQFfBrhjfOQugpaZMvJk |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
at.alicdn.com
connect.facebook.net
img.cdncloud.top
qirancy.com
static-theme.cdncloud.top
static.cloudflareinsights.com
www.itaboola.com
www.paypal.com
103.160.204.10
103.160.204.4
104.18.17.176
151.101.65.21
23.36.163.246
2606:4700:440e::6812:2fe6
2a03:2880:f02d:12:face:b00c:0:3
8.45.52.250
0c5cc2a52627a859899dd766d22294b29bb0523f0b842215c5baa776fbf5952e
0d18c859b3b60b5e1f77185d440a61af49502a178edaaca66dd076d98af11890
0e3b4da50e6f3846f53aa553a6b7185cd07dd32f346ca6f987c9759e8380e1a1
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
17accff499542caec138b081f007ff4d3409ca8b324db3c6d916ce2e1fad2a17
1a531863287ef363669d36fe8dc31793d32ce8fbc38b3eb18db50cc778b8cb6e
1eba8268d112d2903105c9b82da51799cd7467c382af9b3b94bcb41295d9c1dc
21d499734783809cfcf7354e04cf179447b8d5ac98f62575524f314fe0345171
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec
43d0a062df3eccf50cf81f80ee88b7d37d7ccd3953a06e3b000e888ca11d2194
48fc0c00a491f69684ee6d9c1f4d3f18621273a37de49f460f28421eb1be26c7
540e356fc44fab690f8d9e6f8ed5d2aea3deb3f47263c614d598e4d7f990ab53
5bbf62ad203c1261b1f628721481e4d387b4d3bece69aa9328e7e49a98b39375
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6ffe8936a0ddde0d13b4a50ea16d6cc647e2e1b43bca5b01b2cb78d67fd754fc
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
7cd5bd3eea0170b3fd5874a4a576b93a1887af50c1e0b6b88d564202ea68ec91
7d4d9a300548af55e7e41339bfc6271c51fde7adc3cc4dd4635449e52c6a6011
7d81f3c3e1c65379bfdec8620a41bd87581d45677316e57becc16692b8737d3a
80aa3fe5432df59b7abab02e52151e388ee927734221eb102e6d44f6cf89f650
9158c942ad899cdee196355e6792afadd33e0b10f77c4a09c5fd2911fce61d04
9199abe21eabbc2a5687c9451c65aa462059bc4224e3fbf749cb449f6a9fb1d8
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b80f3aec5ad80f7d5fb64b9c4a804c470f531de95e6983abcea18f0780b052a6
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade
badac064c42cb3fb15e99081017de61afade4a42732ed459b57167b0ce610a5d
c42a7f762dff0348a739456ab0f0fc990921471759a548edb183b146942c9b5f
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b
e343488f96408aea44782d62e4545685d02d996bb0ad6ef5be3c68552e997e8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6b5e28081145a7ebe3b4dae7517a87cfbcafca5974fa226edb3045f6f3f66a
ee67da59a98b15eee7e5940b02e4d0d5664592c48e6a92caab1c9fefb3a55089
f11f657befbc50e25094542377231e5d487293a9b26c1d1d0c067ad6b66c19d5
f2ef172aa4800b8232e983684503c2367e292ae8613839eb13517a6cae89620d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505