ke.mpesaken.gifts
Open in
urlscan Pro
198.54.116.12
Public Scan
Effective URL: https://ke.mpesaken.gifts/vps6x9l
Submission: On December 23 via manual from KE — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 11th 2021. Valid for: a year.
This is the only time ke.mpesaken.gifts was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.0.235.4 162.0.235.4 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
6 | 198.54.116.12 198.54.116.12 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY) | |
3 | 2a00:1450:400... 2a00:1450:4001:80e::2001 | 15169 (GOOGLE) (GOOGLE) | |
3 | 139.45.197.252 139.45.197.252 | 9002 (RETN-AS) (RETN-AS) | |
1 | 185.53.177.53 185.53.177.53 | 61969 (TEAMINTER...) (TEAMINTERNET-AS) | |
1 | 46.105.201.240 46.105.201.240 | 16276 (OVH) (OVH) | |
1 | 198.27.80.143 198.27.80.143 | 16276 (OVH) (OVH) | |
1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
36 | 14 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server292-2.web-hosting.com
safproms.gifts |
ASN22612 (NAMECHEAP-NET, US)
PTR: server196-4.web-hosting.com
ke.mpesaken.gifts |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
imgur.com
i.imgur.com |
861 KB |
6 |
mpesaken.gifts
ke.mpesaken.gifts |
156 KB |
3 |
choogeet.net
choogeet.net |
41 KB |
3 |
blogspot.com
1.bp.blogspot.com |
58 KB |
3 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
32 KB |
2 |
histats.com
s10.histats.com s4.histats.com |
5 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
38 KB |
1 |
rtmark.net
my.rtmark.net |
545 B |
1 |
owo-owo.vip
owo-owo.vip |
785 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
20 KB |
1 |
safproms.gifts
safproms.gifts |
914 B |
0 |
c1oud1are.com
Failed
c1oud1are.com Failed |
|
36 | 12 |
Domain | Requested by | |
---|---|---|
11 | i.imgur.com |
ke.mpesaken.gifts
|
6 | ke.mpesaken.gifts |
safproms.gifts
ajax.googleapis.com ke.mpesaken.gifts |
3 | choogeet.net |
ke.mpesaken.gifts
choogeet.net |
3 | 1.bp.blogspot.com |
ke.mpesaken.gifts
|
2 | cdnjs.cloudflare.com |
ke.mpesaken.gifts
cdnjs.cloudflare.com |
2 | fonts.googleapis.com |
ke.mpesaken.gifts
|
1 | my.rtmark.net |
choogeet.net
|
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
ke.mpesaken.gifts
|
1 | owo-owo.vip |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
ke.mpesaken.gifts
|
1 | maxcdn.bootstrapcdn.com |
ke.mpesaken.gifts
|
1 | safproms.gifts | |
0 | c1oud1are.com Failed |
ajax.googleapis.com
|
36 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
safproms.gifts Sectigo RSA Domain Validation Secure Server CA |
2021-10-07 - 2022-10-07 |
a year | crt.sh |
ke.mpesaken.gifts Sectigo RSA Domain Validation Secure Server CA |
2021-11-11 - 2022-11-11 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
misc-sni.blogspot.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
choogeet.net R3 |
2021-10-29 - 2022-01-27 |
3 months | crt.sh |
owo-owo.vip Sectigo RSA Domain Validation Secure Server CA |
2021-12-22 - 2022-03-22 |
3 months | crt.sh |
histats.com R3 |
2021-10-27 - 2022-01-25 |
3 months | crt.sh |
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA |
2021-11-20 - 2022-11-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ke.mpesaken.gifts/vps6x9l
Frame ID: 38DE0B77475BFF953D7F3F36AECD5128
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
Safaricom Mpesa Gifts!Page URL History Show full URLs
- https://safproms.gifts/8d4cbfo Page URL
- https://ke.mpesaken.gifts/vps6x9l Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://safproms.gifts/8d4cbfo Page URL
- https://ke.mpesaken.gifts/vps6x9l Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
8d4cbfo
safproms.gifts/ |
2 KB 914 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
vps6x9l
ke.mpesaken.gifts/ |
66 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 936 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/ |
80 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 583 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CUN5lgs.png
i.imgur.com/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XDksoVa.png
i.imgur.com/ |
250 KB 250 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ouJgS71.gif
i.imgur.com/ |
49 KB 49 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z4Wdyix.jpg
i.imgur.com/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kNovlqO.jpg
i.imgur.com/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uX9vrSN.jpg
i.imgur.com/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jdqoSTy.png
i.imgur.com/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twwr.jpg
1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aP4hWCC.jpg
i.imgur.com/ |
123 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ettte.jpg
1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lz7ilfE.jpg
i.imgur.com/ |
178 KB 178 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uMlXz9m.png
i.imgur.com/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gy.jpg
1.bp.blogspot.com/-8b8Dz7vkxYA/YKKfcPgq6MI/AAAAAAAAB3c/FfLq7idbQLoDLcNVA1aU7NOvOK-LGyPtACLcBGAsYHQ/s200/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AIcpwae.jpg
i.imgur.com/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
choogeet.net/pfe/current/ |
104 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yuming.js
ke.mpesaken.gifts/ |
66 KB 14 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
verify.js
owo-owo.vip/ |
320 B 785 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
total.php
c1oud1are.com/record/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
total.php
c1oud1are.com/record/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.png
ke.mpesaken.gifts/img/f/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bubble.png
ke.mpesaken.gifts/img/f/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tahoma-Bold.ttf
ke.mpesaken.gifts/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/ |
23 KB 23 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tahoma.ttf
ke.mpesaken.gifts/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
zone
choogeet.net/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
51 B 185 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 545 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zone
choogeet.net/ |
694 B 983 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- c1oud1are.com
- URL
- https://c1oud1are.com/record/total.php?ac=total&name=null&_=1640266017825
- Domain
- c1oud1are.com
- URL
- https://c1oud1are.com/record/total.php?ac=total&name=50&_=1640266017826
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery number| timer_start string| redirectURL string| WhatsApp_share_message string| Share_link string| alert_text number| total number| ii number| iy function| hidepop function| incrementValue1 function| incrementValue_i boolean| spin2enabled number| ob string| _0xodL object| _0x44bf function| _0x17b0 function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| lasthtml function| dapp function| dappp function| record string| j string| randomcode string| klast string| banner string| dl object| _Hasync object| ntfcSDK object| zfgformats function| chfh function| chfh2 string| _HST_cntval object| Histats number| _popwnd function| _popwnd_open object| _HistatsCounterGraphics_0_setValues11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ke.mpesaken.gifts/ | Name: null Value: null |
|
ke.mpesaken.gifts/ | Name: 50 Value: 50 |
|
ke.mpesaken.gifts/ | Name: HstCfa4590856 Value: 1640266017971 |
|
ke.mpesaken.gifts/ | Name: HstCla4590856 Value: 1640266017971 |
|
ke.mpesaken.gifts/ | Name: HstCmu4590856 Value: 1640266017971 |
|
ke.mpesaken.gifts/ | Name: HstPn4590856 Value: 1 |
|
ke.mpesaken.gifts/ | Name: HstPt4590856 Value: 1 |
|
ke.mpesaken.gifts/ | Name: HstCnv4590856 Value: 1 |
|
ke.mpesaken.gifts/ | Name: HstCns4590856 Value: 1 |
|
ke.mpesaken.gifts/ | Name: c_ref_4590856 Value: https%3A%2F%2Fsafproms.gifts%2F |
|
my.rtmark.net/ | Name: ID Value: 9b1ec9de34d74e7fa7d312a6971e2942 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.bp.blogspot.com
ajax.googleapis.com
c1oud1are.com
cdnjs.cloudflare.com
choogeet.net
fonts.googleapis.com
i.imgur.com
ke.mpesaken.gifts
maxcdn.bootstrapcdn.com
my.rtmark.net
owo-owo.vip
s10.histats.com
s4.histats.com
safproms.gifts
c1oud1are.com
139.45.195.8
139.45.197.252
151.101.12.193
162.0.235.4
185.53.177.53
198.27.80.143
198.54.116.12
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:82b::200a
46.105.201.240
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0f776291468675488641be94472564b2e03dabc2c439c051278a2cda7bda7ce0
2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
334e94b518501cbee3bd657a6891e98686dadb86fe40a4871b219f55ba8f3372
4aa7af1442f6f006f5fc0cc0550ce8d2246d4ec52f8c6dfc00de75702d878ee4
5bb505919c390a51598036b1e5691ea2ff28cc3babc2475204ad7058734f8af2
60163ceba06c0fb67f3898558b9b7e8f0bcb654912c1a76e19ed4b22cd6ea2e5
6b49f8fa3c9496523f289e71501541f4917117a4416c067a74366cc18d327b46
6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395
780ab616be7da9c0bad2a120339db6b06919893b11c9ed7d8a0c2597ae6a09f9
7b4b0ee71a5b08051bd06a726997315889a2fb2e944b2ccd323d455aeefa5d16
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
82885afcc2e2041cc0bd59eb6551859107165126b2cb0b89fc6ed9c1f484a8e3
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
98870b6bd2401fbab529d656dffe304bd9ff18652a1032696263a8c10b30c63b
9c8422d5613999e44fd77a0d46e2161faf8de4fd967265da030323f0b1b48eea
9f0a40b05f1980c6af2ecef8e637275e50b24f441300a43b8858a61737723088
b5395e4a225c849aee7a44c7ba55bfa603228758d38bd680f9c6c3059d231998
b8ecdfce2df5b4fee0472f711f50e050a8501b31c5c6b34688f852a97c92453d
b993c198b83498973baf062a0ba6265416352b6f755856b1071770482d0f736f
bbac1b6d051cf765cf59a36fd3a731cb7754fbc11586a42074c7397eee603187
c0b90a38d57e425c78b77701e9a6be73194f05b00b6df348eaa3e1465d1614b2
ccd057614298e00b5b7a8e8fd626e033e1dd611fa7b024b49f7afc0513ef580b
df256b03cb313a930810440c59b9ee68f6100e4ff6a2e2561e9b48b4b885c05d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea05e6c716c1e72e7aab7abde872bd5dd45acf4142bd4ad198ebfc74989b0880
eaf8234ca8c7fff8fce1a268275806efb63012087837263f2d6f5a0ae17e1973
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8374a257614885fe6ddf3f7c63c86dcd69d9f3bfb9b9c7c62cd730e32429e3f
fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c