![](/screenshots/2673d466-95db-4715-b792-66d345b7c6fc.png)
havas.liftrelations.com
Open in
urlscan Pro
94.245.104.73
Public Scan
Effective URL: https://havas.liftrelations.com/Account/Survey/Index?token=MkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwNDQ2ODk3
Submission: On November 07 via manual from MX — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on October 17th 2023. Valid for: 6 months.
This is the only time havas.liftrelations.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.115.147 167.89.115.147 | 11377 (SENDGRID) (SENDGRID) | |
3 18 | 94.245.104.73 94.245.104.73 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2620:1ec:46::45 2620:1ec:46::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2001:4860:480... 2001:4860:4802:36::178 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 68.219.88.97 68.219.88.97 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.62.48.180 20.62.48.180 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2a00:1450:400... 2a00:1450:400c:c00::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2004 | 15169 (GOOGLE) (GOOGLE) | |
29 | 10 |
ASN11377 (SENDGRID, US)
PTR: o16789115x147.outbound-mail.sendgrid.net
u23575444.ct.sendgrid.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
havas.liftrelations.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
liftrelations.com
3 redirects
havas.liftrelations.com |
247 KB |
5 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 827 c.clarity.ms — Cisco Umbrella Rank: 1405 e.clarity.ms — Cisco Umbrella Rank: 17761 |
27 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6862 |
515 B |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2 |
667 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
410 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
132 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 236 |
761 B |
1 |
sendgrid.net
1 redirects
u23575444.ct.sendgrid.net |
319 B |
29 | 9 |
Domain | Requested by | |
---|---|---|
18 | havas.liftrelations.com |
3 redirects
havas.liftrelations.com
|
2 | www.google.de | |
2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
2 | c.clarity.ms | 1 redirects |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.clarity.ms |
havas.liftrelations.com
www.clarity.ms |
2 | www.googletagmanager.com |
havas.liftrelations.com
www.google-analytics.com |
1 | www.google.com | |
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | e.clarity.ms |
www.clarity.ms
|
1 | c.bing.com | 1 redirects |
1 | u23575444.ct.sendgrid.net | 1 redirects |
29 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
havas.liftrelations.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-10-17 - 2024-04-17 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-29 - 2024-08-29 |
a year | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 06 |
2023-02-13 - 2024-02-08 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://havas.liftrelations.com/Account/Survey/Index?token=MkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwNDQ2ODk3
Frame ID: B8E72CF7055151E9F79232FA496CB105
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/2673d466-95db-4715-b792-66d345b7c6fc.png)
Page Title
Arena Media, MexicoPage URL History Show full URLs
-
https://u23575444.ct.sendgrid.net/ls/click?upn=1fFmwOVCb4CfK1j9kwGMqA3w1YQpmVeMdF4HFo3iPSVYbfd5vI48vm-2B-2B3mi...
HTTP 302
https://havas.liftrelations.com/Auth/login?email=dbenavidesl&token=MkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwN... HTTP 302
https://havas.liftrelations.com/Localize/Index/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DMkZDM0ZEN0... HTTP 302
https://havas.liftrelations.com/Localize/Set/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DMkZDM0ZEN0Qt... HTTP 302
https://havas.liftrelations.com/Account/Survey/Index?token=MkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwNDQ2ODk3 Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u23575444.ct.sendgrid.net/ls/click?upn=1fFmwOVCb4CfK1j9kwGMqA3w1YQpmVeMdF4HFo3iPSVYbfd5vI48vm-2B-2B3misZcwoa7kAhwXyPEi-2BQIUHyuTgjFRSW9LFFJUULNnJuqCNoh500Ch-2FBC3Z2HPGSh3-2Fi6p6FyyuWsNgyhGO7ULSNwEtpAGNKVxty9ydvm-2FP-2FxKnnQU-3DL3v7_K2Eve4ImdLg7b5l5eB2Lw2Z-2FIb4UqGJfjiJDGMNWN8H6eHYx84s0FodAv4jERsA-2FC8JekZeKUjxovVEbkFayYfAsCbvM3QYgWT-2FfhPdJmBonbBrBgTDj-2Fdq83Ft7m8ZoUA4KdNxOxshWz5mCaY-2F-2Bj53b-2F50-2BeOSmu4IkVzGIHYCCRZ5uDBaFoAd-2FkhZ6w6NJ8RXuTFdLGED8xFLY-2B8h7OBrttNXwe4668x7q1-2BkqiMz-2BcaP88iIp2V6G1qpjDFeH8vC-2BWAkVWp3MexrG8liLYECfm736KVnvvDYur1MdYydMKpIuK51RYzXPS-2BOk-2F-2Bnpj7n-2Fh-2FjoRRoz9fRhXdFvAzOtBHni8UCIAJqUWSDeZ2xJp9WjH32A71-2FEpbmbz5kDGkGkDJApSzoCCVmi8Qv-2FLId0gq3AMRl9nkjpzZ0-2BgrM-3D
HTTP 302
https://havas.liftrelations.com/Auth/login?email=dbenavidesl&token=MkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwNDQ2ODk3 HTTP 302
https://havas.liftrelations.com/Localize/Index/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DMkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwNDQ2ODk3 HTTP 302
https://havas.liftrelations.com/Localize/Set/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DMkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwNDQ2ODk3 HTTP 302
https://havas.liftrelations.com/Account/Survey/Index?token=MkZDM0ZEN0QtMUFENC00NTlGLUJERjctODE4MTEwNDQ2ODk3 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FAB8EA20DCCB4F119227F528539F3E86&RedC=c.clarity.ms&MXFR=0310ABFB76B162A81CC7B83972B16C6F HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAB8EA20DCCB4F119227F528539F3E86&MUID=238035F1962765452CD72633974C649D
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Index
havas.liftrelations.com/Account/Survey/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Common
havas.liftrelations.com/Content/Survey/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.js
havas.liftrelations.com/Scripts/umd/ |
85 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
havas.liftrelations.com/Scripts/ |
194 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Common
havas.liftrelations.com/Scripts/Survey/ |
58 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font.css
havas.liftrelations.com/Fonts/ |
396 B 664 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
liftrelations.survey.index.css
havas.liftrelations.com/Content/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-select.min.css
havas.liftrelations.com/Content/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
havas.liftrelations.com/Content/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hainsight.common.js
havas.liftrelations.com/Scripts/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-select.js
havas.liftrelations.com/Scripts/ |
111 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
havas.liftrelations.com/Scripts/ |
57 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
133 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inrrgm8yk9
www.clarity.ms/tag/ |
650 B 1012 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lift-logo-poweredby.png
havas.liftrelations.com/Images/Common/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Montserrat-Regular.woff
havas.liftrelations.com/Fonts/ |
23 KB 24 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.13/ |
59 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
united-kingdom.png
havas.liftrelations.com/Images/Flags/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 227 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 443 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
e.clarity.ms/ |
0 303 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 354 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
229 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| dataLayer function| clarity object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| Popper function| $ function| jQuery function| commit function| ShowErrorMessage string| root string| commitUrl string| cancelUrl boolean| skipWarning object| formTimeoutHandle object| bootstrap function| SetCheckboxValue function| GetCheckboxValue function| ShowSystemNotification string| SetLanguageUrl object| gaplugins object| gaGlobal object| gaData18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
havas.liftrelations.com/ | Name: ASP.NET_SessionId Value: hykdtthitdbudn5dat3gdepk |
|
havas.liftrelations.com/ | Name: .ASPXAUTH Value: 1CA52B5306627E579C3FB877F235E962D898ADB1F694B46B884CFFA0F108100BDF140AC272390FFD7DD4B1BCEDD62FE841A2001252B39CCBE9E99930D0841E85550046EB6745EE762F2BA74B1BEFA7B9C720BAC3FFB7804BBF42BE7B3294DCB9929E158F20BC8494A35025B1ADE31530 |
|
.havas.liftrelations.com/ | Name: ARRAffinity Value: 63d50692f07c5e72749eac6d09e5ef6313391debbdc58f900362bbaa6abdbd51 |
|
.havas.liftrelations.com/ | Name: ARRAffinitySameSite Value: 63d50692f07c5e72749eac6d09e5ef6313391debbdc58f900362bbaa6abdbd51 |
|
www.clarity.ms/ | Name: CLID Value: 3ee149904d4342c0b9620d270f396fa2.20231107.20241106 |
|
.liftrelations.com/ | Name: _clck Value: v7ol5s|2|fgi|0|1406 |
|
.liftrelations.com/ | Name: _ga Value: GA1.2.834185206.1699377331 |
|
.liftrelations.com/ | Name: _gid Value: GA1.2.143744411.1699377331 |
|
.liftrelations.com/ | Name: _gat_UA-58364987-2 Value: 1 |
|
.liftrelations.com/ | Name: _ga_P8R16M26JX Value: GS1.2.1699377331.1.0.1699377331.60.0.0 |
|
.liftrelations.com/ | Name: _clsk Value: 1l3okzk|1699377332020|1|1|e.clarity.ms/collect |
|
.bing.com/ | Name: MUID Value: 238035F1962765452CD72633974C649D |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 238035F1962765452CD72633974C649D |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 238035F1962765452CD72633974C649D |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=16070400; includeSubDomains |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.bing.com
c.clarity.ms
e.clarity.ms
havas.liftrelations.com
region1.analytics.google.com
stats.g.doubleclick.net
u23575444.ct.sendgrid.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
167.89.115.147
20.62.48.180
2001:4860:4802:34::36
2001:4860:4802:36::178
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
68.219.88.97
94.245.104.73
1b000cb512aaf28719c817609b5c17fadcdddbf9c36dbd941ae94876a388b625
1de866281c9eb33f14dbe43ba315bfb2ed68016695b75376fd17b3b857372381
27435a221e3a696543acfb828b3281ae78fdde2544729cae66a6979cd7c14080
2c6064ce1d247950bdf7f47cd670a80ab58c08ce059f363a93133c1db2ecbe6d
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
5ca328e975c1b4b38c55a1920c281ee48b7d5070204a77994f66f6641b65e65a
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86593f8462032736c25b59fe75c413ef85143141f486e5a6686daf41feca65ca
86a7cb3a6b929a12179e707f8ded2c5efc0655f17ea8e98953077c3c524c6ed8
877762ea54a7b4425f5a34936edaf5e7e4371103259c300f48491fada0668027
8f0244538a7561db7298b17002361f6a6e4f8f934e9f2966b3ade4ecb610f499
9727a6a805bf36768d72ede5f519dab6376ad24fe95513ad8cdbd035bbd743c3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c2332cce095ba7a6fe828c7cdb69efc45084784942fd19352fb6053e9109005
9d4df9c0ad6eb11c8e95e37a783411430b9fe7177f1cead744a482f602686976
9e705f3783a7d7ec8bb7da6c3eba34ab3b0b4b81f3c6ee7450ab4e3b1a47374b
a24709f4282ca8fe781c814b008d5ddd831ab66cce98e02a4cdb6b156438f165
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
dd65545505bce94615dd3dabd95e8cde5f3095703c740c7afd8ccfb4be42c486
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95bf5f90cf4fb24fd9e72dfb068713138402a111c946aa4b0ed79f28c380a60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9af43575539ef5f21eeef6848bd695d062cfd86ce985b17e12158b00b847507