shopping.oneforyou.co
Open in
urlscan Pro
18.216.64.231
Public Scan
Effective URL: https://shopping.oneforyou.co/
Submission Tags: phishingrod
Submission: On May 11 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by R3 on February 9th 2023. Valid for: 3 months.
This is the only time shopping.oneforyou.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.216.64.231 18.216.64.231 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 18.66.192.110 18.66.192.110 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 44.212.137.48 44.212.137.48 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 34.120.184.123 34.120.184.123 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 13.249.9.61 13.249.9.61 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 16.12.66.9 16.12.66.9 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.249.9.107 13.249.9.107 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
4 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
44 | 11 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-64-231.us-east-2.compute.amazonaws.com
shopping.oneforyou.co |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-110.muc50.r.cloudfront.net
spread.name |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-137-48.compute-1.amazonaws.com
api.spreadsimple.com | |
stats.spreadsimple.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 123.184.120.34.bc.googleusercontent.com
youengage.me |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-61.cdg53.r.cloudfront.net
js.stripe.com |
ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com
s3.us-east-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-107.cdg53.r.cloudfront.net
js.stripe.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
spread.name
spread.name — Cisco Umbrella Rank: 863903 |
1 MB |
5 |
spreadsimple.com
api.spreadsimple.com stats.spreadsimple.com |
37 KB |
4 |
showthis.work
imagevideo.showthis.work |
307 KB |
4 |
amazonaws.com
s3.us-east-2.amazonaws.com |
10 MB |
2 |
stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088 |
148 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183 |
73 KB |
2 |
youengage.me
youengage.me |
142 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
274 B |
1 |
oneforyou.co
shopping.oneforyou.co |
805 B |
1 |
readynowgo.co
1 redirects
readynowgo.co |
504 B |
0 |
funnelll.com
Failed
private.funnelll.com Failed |
|
44 | 11 |
Domain | Requested by | |
---|---|---|
22 | spread.name |
shopping.oneforyou.co
spread.name |
4 | imagevideo.showthis.work | |
4 | s3.us-east-2.amazonaws.com | |
3 | stats.spreadsimple.com |
spread.name
stats.spreadsimple.com |
2 | js.stripe.com |
spread.name
js.stripe.com |
2 | connect.facebook.net |
shopping.oneforyou.co
connect.facebook.net |
2 | youengage.me |
spread.name
youengage.me |
2 | api.spreadsimple.com |
spread.name
|
1 | www.facebook.com | |
1 | shopping.oneforyou.co | |
1 | readynowgo.co | 1 redirects |
0 | private.funnelll.com Failed |
spread.name
|
44 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
shopping.oneforyou.co R3 |
2023-02-09 - 2023-05-10 |
3 months | crt.sh |
spread.name Amazon RSA 2048 M02 |
2024-04-24 - 2025-05-24 |
a year | crt.sh |
api.spreadsimple.com R3 |
2024-04-17 - 2024-07-16 |
3 months | crt.sh |
youengage.me GTS CA 1D4 |
2024-04-19 - 2024-07-18 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-18 - 2024-05-18 |
3 months | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2024-03-27 - 2024-06-27 |
3 months | crt.sh |
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01 |
2024-02-29 - 2025-02-12 |
a year | crt.sh |
stats.spreadsimple.com R3 |
2024-04-30 - 2024-07-29 |
3 months | crt.sh |
showthis.work GTS CA 1P5 |
2024-04-13 - 2024-07-12 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://shopping.oneforyou.co/
Frame ID: 1F9BFBCF8A1E1F6A5126121B58B3CB6B
Requests: 42 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 190F624AD6D0475DF9FC011CDAB7F357
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
The Lifetime Software Deals MarketplacePage URL History Show full URLs
-
https://readynowgo.co/
HTTP 302
https://shopping.oneforyou.co/ Page URL
Detected technologies
Stripe (Payment Processors) ExpandDetected patterns
- js\.stripe\.com
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://readynowgo.co/
HTTP 302
https://shopping.oneforyou.co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
shopping.oneforyou.co/ Redirect Chain
|
2 KB 805 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
spread.name/css/ |
425 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
spread.name/js/ |
2 MB 512 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-checkout.js
spread.name/js/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-spread-view.js
spread.name/js/ |
0 27 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-view.js
spread.name/js/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~page-spread-view.js
spread.name/js/ |
0 14 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping.oneforyou.co
api.spreadsimple.com/spread-view/public/omit-routes/ |
13 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
spread.name/ |
318 B 679 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
spread.name/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN/scheme/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN
api.spreadsimple.com/sheet/ |
0 288 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~page-checkout~page-details-view-noprefetch~page-spread-view.js
spread.name/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~page-details-view-noprefetch~page-spread-view.css
spread.name/css/ |
22 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~page-details-view-noprefetch~page-spread-view.js
spread.name/js/ |
201 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~page-spread-view.js
spread.name/js/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-checkout~page-details-view-noprefetch~page-spread-view.js
spread.name/js/ |
68 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-spread-view.js
spread.name/js/ |
111 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
scripts
private.funnelll.com/scriptserver/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
service-loader.js
youengage.me/ |
241 B 423 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
604 KB 148 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bd7620b1-f2f9-44db-ae1c-fd10f5075e75_Logo_transp..png
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ |
88 KB 88 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e573cdee-4c89-4134-b2d3-273902f855cb_Imagem_pagamento_5.png
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ |
38 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNextCyr-Medium.ttf
spread.name/fonts/ |
87 KB 87 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNextCyr-Demi.ttf
spread.name/fonts/ |
87 KB 87 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNextCyr-Bold.ttf
spread.name/fonts/ |
86 KB 87 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aa44ede8-041d-4994-9979-9e2e23286b9d_logo%20para%20facebook.png
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ |
7 KB 7 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.js
stats.spreadsimple.com/ |
32 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
youengage.me/ |
141 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
829710047788256
connect.facebook.net/signals/config/ |
66 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 190F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
collect
stats.spreadsimple.com/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.spreadsimple.com/api/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external-checkout-action-noprefetch.js
spread.name/js/ |
14 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c05ebb75-02a8-4a55-ae70-c476ca8d03f5_videogifdocortado.gif
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ |
9 MB 9 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.ttf
spread.name/fonts/ |
27 KB 27 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirNextCyr-Regular.ttf
spread.name/fonts/ |
87 KB 88 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
spread.name/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN/filters/ |
5 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN
spread.name/sheet/ |
329 KB 33 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8Lpp4bZj.jpg
imagevideo.showthis.work/file/ |
76 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mR25ju19.jpg
imagevideo.showthis.work/file/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7atGqX8G.jpg
imagevideo.showthis.work/file/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tjyHy7M9.jpg
imagevideo.showthis.work/file/ |
167 KB 168 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- private.funnelll.com
- URL
- https://private.funnelll.com/scriptserver/scripts?id=2855eb8a-0290-4e24-a5f4-1b80db41e288
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| prerenderReady object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| filterCSS function| filterXSS function| fbq function| _fbq function| ssPopup object| fs object| webpackChunkStripeJSouter function| noop function| Stripe object| __global__ object| L string| template4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.oneforyou.co/ | Name: _fbp Value: fb.1.1715418835381.1042277118 |
|
m.stripe.com/ | Name: m Value: df88e485-f81c-45c0-8e87-9eac7b25b62875d864 |
|
.shopping.oneforyou.co/ | Name: __stripe_mid Value: 8318c01f-18f0-49c3-9fc6-0f85f880d934d7a993 |
|
.shopping.oneforyou.co/ | Name: __stripe_sid Value: c37b2ec8-9180-4331-885e-ec39b6759c8e4c2d40 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.spreadsimple.com
connect.facebook.net
imagevideo.showthis.work
js.stripe.com
private.funnelll.com
readynowgo.co
s3.us-east-2.amazonaws.com
shopping.oneforyou.co
spread.name
stats.spreadsimple.com
www.facebook.com
youengage.me
private.funnelll.com
13.249.9.107
13.249.9.61
16.12.66.9
18.216.64.231
18.66.192.110
188.114.96.3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
34.120.184.123
44.212.137.48
0afce76c1d7a06860fa3a26ec07bdaa24af7cad986a78378559aa4a1b2115b13
0e09291de20c414b7c880d6f93086ee898c273f66b8dfdaf0d467163d86317c2
0e3462d939c32ae7235051dfdaeb80eae00dbb14ce002d762eb7cde1fecc18cd
104e1dd42b1a93041add9e8f020e9b05405d14ac722ef40a104617435f10bc6d
12697a7076965af46b63f9487e36b8354e77024898a83ce41b91e84218247788
1aba8adbc8676f9cc1299a182956f284bd4d0f9ccf29de0866852fe7f346c7e2
1d147a1c5b475ead166ee32d7b260b64e3fcac99a6c5ea623b1c7b741e4e90dd
2519c95490973cb3a674fd7f12bf6bc667eb62b5e40948316caf50bc5c86fbdc
2a69f9c759d17283f76e934c647e05f7cf79088e65222b51af94055b46ef1fe9
2c37d50ecda0357ec6991687a78c0f32ce0ae7f26d6ef849fd1a5a19cb234abf
2dda88f9fe9b926149c3c953e87f27676d2e33873df69d2654a80a9f630a2e69
467f3d85cdf7bf5b57cb7eb270fd99c628bdc8d688b2132cc203229e311eb609
4c2714b8e6554eede27cd2c010f1008ecceb21fbe0c9fc353343071c60562fa1
5f5482b3d9d687d674a5262ed3b20699a057b9e227f7e4c471d1a00189b8ff74
6043cdc59422e5f912eebcc1a76a84f8f3e1358aa0095103e6530505d0a4923d
61cf2a6f18269e25ce1d4d68b1d2c6831a8efdb1816c03960b7bccd213fa2087
6aaf9da0a16e9700f2d2f2607a484449f2d595a4957d9323ac5e83e4f14116c6
6f2aee605a064d93af8814fe867674c22e2b2686cc05a49fd96e958f32cac7a4
6f6e65cf063a3c39bd7cb6261299b5160230072fdbb064bd531a9c7767229d53
70cdcf4d89783a8f98b4eba8dc03f25d834b1f2c2d1e54a8ce884ab1c4561604
793c110c0182307e1fc8de64945f9e5e96626ad1eee7df977d4e8af1cf3fd736
7df596d30a34f6e8d5e7d89c8726053567e66000d07a6ee5fb9cbecbb3710088
900f8eaedae9172212407918d88ac4890583377b71979d1d8c911e2a08cc887c
a3550c9746bf5d44f50b5d66cd24ed7b96a90bc5282ca8fbaf2b5ba0d55865b7
ac0951c3e375c232293cdf09efe512a612e5b747f4bfa294d47a5eac809f23b5
b3c3f0f41f7acd5a80b658927ef160c2a7d3f996d0a8da046cb451ad417f8a15
c569ff006ab6a5deffb2b22aa1c3b9f741faccbc3d75635c79e3c9463c465ec4
c6216956b972cd4f4027295c5a23a5d1ecd118d71a4c79aaf26d6ce681c5e7af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
e9e7c8eb60cee60ffb17714a57dc80fe0d06559de89a6db83f3055335c8d02e0
ee1f084f52241e7d4262acfaa14c15329669d2af52991d1e4b7407d4ec55db92
f264bd9429ca7ab5212682f38c31f30f359b79e85672c5276817c741e43705db
f33fefdb7e000918da9fa760f7766341ce64b435374db2afe54ed6f2df80d276
fa4f719b9076356e9d73b50bebecebd52c159ab2ef9cd8b1519f84f872e3341f