leferdinand.com
Open in
urlscan Pro
13.32.151.107
Public Scan
Submission: On December 24 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on September 19th 2023. Valid for: a year.
This is the only time leferdinand.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 13.32.151.107 13.32.151.107 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
2 5 | 34.252.115.63 34.252.115.63 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:224... 2600:9000:224a:8a00:1c:f638:2940:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9d | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:244... 2600:9000:2440:f000:19:61a3:b200:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
40 | 10 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-107.iad66.r.cloudfront.net
leferdinand.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-115-63.eu-west-1.compute.amazonaws.com
www.bookingsync.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
leferdinand.com
leferdinand.com |
2 MB |
5 |
bookingsync.com
2 redirects
www.bookingsync.com |
130 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189 |
22 KB |
3 |
axept.io
static.axept.io — Cisco Umbrella Rank: 54203 client.axept.io — Cisco Umbrella Rank: 56715 |
255 KB |
3 |
gstatic.com
fonts.gstatic.com |
88 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
4 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
180 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75 |
346 B |
40 | 8 |
Domain | Requested by | |
---|---|---|
22 | leferdinand.com |
leferdinand.com
|
5 | www.bookingsync.com |
2 redirects
leferdinand.com
www.bookingsync.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | client.axept.io |
static.axept.io
|
2 | fonts.googleapis.com |
leferdinand.com
www.bookingsync.com |
2 | www.googletagmanager.com |
leferdinand.com
www.googletagmanager.com |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | static.axept.io |
leferdinand.com
|
40 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bookingsync.com |
www.smily.com |
wihphotels.com |
cheneaudiere.secretbox.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
leferdinand.com Amazon RSA 2048 M01 |
2023-09-19 - 2024-10-17 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
static.axeptio.eu Amazon RSA 2048 M02 |
2023-06-19 - 2024-07-17 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.bookingsync.com R3 |
2023-12-15 - 2024-03-14 |
3 months | crt.sh |
client.axept.io Amazon RSA 2048 M01 |
2023-08-03 - 2024-08-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://leferdinand.com/en/
Frame ID: E66FE23FD2E09FE5DD15B98C8DF66CAB
Requests: 40 HTTP requests in this frame
Screenshot
Page Title
Hotel le Ferdinand the Marais | Luxury Apartments Paris | IndexDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Request to Book
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Smily
Search URL Search Domain Scan URL
Title: Site by WIHP
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://www.bookingsync.com/api/v2/js/booknow.js HTTP 302
- https://www.bookingsync.com/assets/api/v2/booknow/application-0777590b413bdd3312b74a83958d1dc7ab90d494966cef09858135abf4d9b585.js
- https://www.bookingsync.com/api/v2/css/booknow.css HTTP 302
- https://www.bookingsync.com/assets/api/v2/booknow/application-d883e44f8312d56601430cc2f5ff048d787f44ea7fe3b749dc8aab1e5936baec.css
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
leferdinand.com/en/ |
158 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
leferdinand.com/assets/ |
357 KB 106 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
272 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-desktop.svg
leferdinand.com/_img/ |
91 KB 34 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-mobile.svg
leferdinand.com/_img/ |
43 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4594358-1416506_0_204_2200_1199_2200_1200.rc.jpg
leferdinand.com/_novaimg/ |
385 KB 386 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4592915-1416605_975_351_1001_850_1000_850.jpg
leferdinand.com/_novaimg/ |
107 KB 108 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4593335-1416531_0_0_1727_1468_1000_850.jpg
leferdinand.com/_novaimg/ |
161 KB 161 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4593329-1416626_319_0_1881_1600_1000_850.jpg
leferdinand.com/_novaimg/ |
158 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-0777590b413bdd3312b74a83958d1dc7ab90d494966cef09858135abf4d9b585.js
www.bookingsync.com/assets/api/v2/booknow/ Redirect Chain
|
406 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-footer.svg
leferdinand.com/_img/ |
91 KB 35 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top-overlay.png
leferdinand.com/_img/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-sidebar.png
leferdinand.com/_img/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
divider.png
leferdinand.com/_img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-features-1.png
leferdinand.com/_img/ |
92 KB 92 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-features-2.png
leferdinand.com/_img/ |
68 KB 69 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontello.woff2
leferdinand.com/fonts/ |
29 KB 30 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RageItalic.woff
leferdinand.com/fonts/ |
81 KB 81 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HTxwL3I-JCGChYJ8VI-L6OO_au7B47rxz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
263 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
static.axept.io/ |
953 KB 245 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 346 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
booknow
www.bookingsync.com/api/v2/public/rentals/95450,95451,95453,95454,95455,95456,95457,95459/ |
14 KB 15 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-d883e44f8312d56601430cc2f5ff048d787f44ea7fe3b749dc8aab1e5936baec.css
www.bookingsync.com/assets/api/v2/booknow/ Redirect Chain
|
68 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flags_14_circles_updated.png
leferdinand.com/_img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-footer.png
leferdinand.com/_img/ |
76 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
leferdinand.com/_img/ |
418 B 772 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63853ad9dc58c2fd05fbd05e.json
client.axept.io/ |
34 KB 7 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en
client.axept.io/pack/ |
7 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4592921-1416624_0_400_2200_1200_2200_1200.rc.jpg
leferdinand.com/_novaimg/ |
317 KB 318 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4594340-1416504_0_0_4800_2615_2200_1200.rc.jpg
leferdinand.com/_novaimg/ |
357 KB 358 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4593297-1416625_0_312_2200_1200_2200_1200.rc.jpg
leferdinand.com/_novaimg/ |
233 KB 233 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
97 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| class_wihp_ln_already_redir object| classwihplnalreadyredir function| pload object| pnl function| $$ object| pnla function| $$$ object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| el function| dialogv2 object| dialogmaster function| nova_utility object| nova_utils function| novautils_pulsarPreload object| novarefhidden function| fadeInAfterLoad function| asrc_sequenceload function| novahtmlslider function| novahtmlslider_easyconfig function| novaMontage function| novahover function| nova_imagelistfader function| novabox function| novaform function| convertggmap function| searchBoxDatepickers string| META_SHARED_URL function| loadAdditive function| loadcss2 function| pulsarPreload function| novacmsmode string| G_TLD_LIST boolean| G_FLAG_AUTOSYNC boolean| G_FLAG_GLOBAL_UPDATED function| is_empty number| openedDialog function| parseUri function| get_domain_tld function| wihp_get_domain function| formatMoney function| novacms_command function| loadHtmlTemplate function| loadcss function| getCookie function| Set_Cookie function| class_gdpr function| $ function| jQuery function| DP_jQuery_1703453240880 object| jQuery171029560772112552014 object| AOS function| PerfectScrollbar function| objectFitPolyfill function| show_loader function| hide_loader function| get_template function| str_replace function| cache_autosync object| classgdpr function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| webpackChunkcaas_styleguide function| setImmediate function| clearImmediate object| regeneratorRuntime function| googleTagLinker object| BookingSync function| $BookingSync function| novajsloader object| nova_post2js function| getbyclass object| tohide number| ecommerce_customlinks object| tomorow object| __axeptioSDK object| _axcb object| axeptioSDK string| axeptioBuildTimestamp number| useLeft number| useWidth object| slideObj number| maxzoom_width number| maxzoom_height number| $newHeight function| axeptioHandleVendors function| openAxeptioCookies function| showAxeptioButton function| hideAxeptioButton boolean| _pulsarDocLoad object| novacmsadm8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
leferdinand.com/ | Name: ln_already_redir Value: 1 |
|
.leferdinand.com/ | Name: _ga_XXHGFP0MTB Value: GS1.1.1703453240.1.0.1703453240.0.0.0 |
|
.leferdinand.com/ | Name: _ga Value: GA1.2.1569730112.1703453241 |
|
.leferdinand.com/ | Name: _gid Value: GA1.2.1372833297.1703453241 |
|
.leferdinand.com/ | Name: _dc_gtm_UA-173655083-1 Value: 1 |
|
leferdinand.com/ | Name: axeptio_cookies Value: {%22$$token%22:%22powrshpbm69awdbvfeyy7%22%2C%22$$date%22:%222023-12-24T21:27:21.383Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false} |
|
leferdinand.com/ | Name: axeptio_authorized_vendors Value: %2C%2C |
|
leferdinand.com/ | Name: axeptio_all_vendors Value: %2C%2C |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
client.axept.io
fonts.googleapis.com
fonts.gstatic.com
leferdinand.com
region1.google-analytics.com
static.axept.io
stats.g.doubleclick.net
www.bookingsync.com
www.google-analytics.com
www.googletagmanager.com
13.32.151.107
2001:4860:4802:32::36
2600:9000:224a:8a00:1c:f638:2940:93a1
2600:9000:2440:f000:19:61a3:b200:93a1
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9d
34.252.115.63
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
1173bf0f294f1bc8b3f4a9ec043c7db82261212a0ec06130be70b2d024b4d55c
1394881b000e5c2bca37e77a30fe205f14f7566cb43df1f4e98a28a90a115f33
1a1a7d2a397f8ce51d57188cdfed6de44fea55c7077ef5553e2dbe96b2208808
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e79b6544e937a9457383f8a31bfd751969054962a60a6d45e499883c3f5b379
24984f28fa8930816afaef2e60a9c5f33a497eca3661ddac754f0668261158fa
3142648b6abe52b7d30a0ff6b06eec3c084cb8944d91e851c5bc94b2454fc0f9
326dcf0ac7f5a1260f32d1c1726ed4bd4202b70cf69e9b29f48ab7031673511a
32818793c01e09a36fbabac030ca6624bee299db72b2581e173b227e5c442998
354a62875641250d3c281e39145e96a67a5bdc62964c08452e5abcbf85497f63
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40d6273c1ea508a44369c0f2da5fcd3c1a490cf714f4143f143829fc4fbb54b6
4db68d3b9903793f698363386c109ba948ab51dae76953f257fe50918f655563
52b8bdfbcb7be86c780fe85d1cc0057b4b57d338a9e8c414c5fced0ec9029451
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eca4ce50aa9d3bf92f89280352c0b190414e4f4c4207cfc682a20fca24371aa
7319d4054eb8112093ca83279f5fc9b2d639ad9607aa223798e3b46ef5e32b44
7d494950c54bc1eff1717510885519bff70d149ea15e94c4d1b20ec715b8fc40
80176ec83b0a543070f3d2a0858f5e55937a0c3a3309456accea446e7006872e
8b0b609731e36f30f895352b4fc1897416ba6170987cf59c73aee16845a0edee
8beb1ed508764c37c5a623bb01ee07e4b753cad8bc56c11e1d55fa19b10d0140
8f75668d8f382eb9e8c6b15bd4e2423354055b94062be1cb04df128f6102543d
90c9627a0e708da6cf2c76981d50718e204761a15137d2a3936a3a55623265de
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
aa1895205efb0ef0fa4232b6289c46a12bf07b9493598c2d50d3afe6d9ce9d9d
ad71e6bbfff214973a6fc955f1d35b1b0fa1288e3e7ae7cd4ab6e170c97c0289
b016d6dd585337c8fdc974f2612903bc0b79b764017f10d26b741ea3fb433936
b97d048e413636464834969157e6d86a58a3139232900d88e3ee580b26b8ff1e
ba3a8f71d8a5c26deb05ae1039a9bbdb04a9db3d43618bed95e873318093db3a
be4d4f07b471241cf40b5cb7fcb9d2cd4cbf9660825eb1a0b11e9d4cf83da333
c7ffcaeb09bc8ae35b995270025ae634385c850dd8c3bc5b12647876b3f756f7
da5a2d6fe2e2932cfef3b82af39cebed247d04fd80f5b9ed5961b482b8d83796
daac4a3d43db7a0214a14f8bc32043a4d71beec3302a78cc0dc4d43015709ec7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fe1b753c21f6c29cac8e0de22462f87c9df63c4f2b3e9a7186b07667b9af1c
ee2a8b187e20780f8a482818db2890e3641a91b2eb77dd164929d2976cf1ddfb
f3d4193688541378c9f298eb2e5e9b9de4dc4b707651f0ebcc65cf7cdcda548f
f475fe2887526ee4a0b18c3b4a389e3d9722a8f736c603176c0054346082bf61