![](/screenshots/3a071882-73c4-43fd-9857-120e174ebad3.png)
creditoveloce.info
Open in
urlscan Pro
161.35.72.115
Public Scan
Effective URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Submission: On June 29 via api from IE — Scanned from IT
Summary
TLS certificate: Issued by R3 on June 10th 2022. Valid for: 3 months.
This is the only time creditoveloce.info was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-252-79.eu-west-1.compute.amazonaws.com
ct.tk2gk.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com |
ASN13335 (CLOUDFLARENET, US)
js-tag.zemanta.com | |
p1.zemanta.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 982 trc.taboola.com — Cisco Umbrella Rank: 672 trc-events.taboola.com — Cisco Umbrella Rank: 1600 |
19 KB |
3 |
spsk.cc
spsk.cc |
2 KB |
2 |
google.it
www.google.it — Cisco Umbrella Rank: 17199 |
655 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 8 |
655 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 |
2 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 96 |
500 B |
2 |
mgid.com
a.mgid.com — Cisco Umbrella Rank: 18547 |
6 KB |
2 |
zemanta.com
js-tag.zemanta.com — Cisco Umbrella Rank: 24138 p1.zemanta.com — Cisco Umbrella Rank: 12526 |
4 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49 |
20 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
110 KB |
2 |
creditoveloce.info
creditoveloce.info |
3 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126 |
15 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89 |
51 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741 |
22 KB |
1 |
elds.it
1 redirects
trk.elds.it |
678 B |
1 |
tk2gk.com
1 redirects
ct.tk2gk.com |
2 KB |
1 |
offertatua.it
1 redirects
news.offertatua.it |
289 B |
27 | 17 |
Domain | Requested by | |
---|---|---|
3 | spsk.cc |
www.googletagmanager.com
spsk.cc |
2 | www.google.it |
creditoveloce.info
|
2 | www.google.com |
creditoveloce.info
|
2 | www.facebook.com |
creditoveloce.info
|
2 | a.mgid.com |
creditoveloce.info
|
2 | www.google-analytics.com |
www.googletagmanager.com
creditoveloce.info |
2 | connect.facebook.net |
creditoveloce.info
connect.facebook.net |
2 | creditoveloce.info |
creditoveloce.info
|
1 | trc-events.taboola.com |
cdn.taboola.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | p1.zemanta.com |
creditoveloce.info
|
1 | trc.taboola.com |
cdn.taboola.com
|
1 | cdn.taboola.com |
creditoveloce.info
|
1 | js-tag.zemanta.com |
creditoveloce.info
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
creditoveloce.info
|
1 | maxcdn.bootstrapcdn.com |
creditoveloce.info
|
1 | trk.elds.it | 1 redirects |
1 | ct.tk2gk.com | 1 redirects |
1 | news.offertatua.it | 1 redirects |
27 | 21 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
creditoveloce.info R3 |
2022-06-10 - 2022-09-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-04-07 - 2022-07-06 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
spsk.cc R3 |
2022-05-29 - 2022-08-27 |
3 months | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-28 - 2022-12-29 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.google.it GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://creditoveloce.info/pre-landing-new/?ref=8-
Frame ID: 8B708AA709665D2EB60F0E6095B869F1
Requests: 26 HTTP requests in this frame
Screenshot
![](/screenshots/3a071882-73c4-43fd-9857-120e174ebad3.png)
Page Title
Finanziatiora | Prestito convezione INPS - Ex inpdap - NoiPAPage URL History Show full URLs
-
http://news.offertatua.it/re?l=D0Ilju300I683ktaxI1ITl4zfm45u&s=JHOKDGKLHLDCGPJC
HTTP 302
https://ct.tk2gk.com/aff_c?offer_id=921&aff_id=1024&file_id=5722&source=offertatua&aff_sub5=9394&... HTTP 302
https://trk.elds.it/click?pid=8&offer_id=80&ref_id=1023f1d6afb04a7d0f3390db61b006 HTTP 302
https://creditoveloce.info/pre-landing-new/?ref=8- Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://news.offertatua.it/re?l=D0Ilju300I683ktaxI1ITl4zfm45u&s=JHOKDGKLHLDCGPJC
HTTP 302
https://ct.tk2gk.com/aff_c?offer_id=921&aff_id=1024&file_id=5722&source=offertatua&aff_sub5=9394&url_id=8406&s=JHOKDGKLHLDCGPJC HTTP 302
https://trk.elds.it/click?pid=8&offer_id=80&ref_id=1023f1d6afb04a7d0f3390db61b006 HTTP 302
https://creditoveloce.info/pre-landing-new/?ref=8- Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
creditoveloce.info/pre-landing-new/ Redirect Chain
|
13 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
creditoveloce.info/pre-landing-new/styles/ |
539 B 451 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ |
141 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
134 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
124547992575739
connect.facebook.net/signals/config/ |
288 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
spsk.cc/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zcpt.js
js-tag.zemanta.com/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1454286/ |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mgsensor.js
a.mgid.com/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1454286/trc/3/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
p1.zemanta.com/v2/p/js/41835/PAGE_VIEW/ |
26 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 443 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/750383324/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1x1.gif
a.mgid.com/ |
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.it/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/750383324/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.it/pagead/1p-user-list/750383324/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
spsk.cc/api/ |
16 B 291 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
event
spsk.cc/api/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1454286/log/3/ |
0 248 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| fbq function| _fbq function| selectJob function| getParameterByName object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| zemApi object| _tfa object| MgSensorData function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl object| spsk15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ct.tk2gk.com/ | Name: aff_ran_url_921 Value: 8406 |
|
ct.tk2gk.com/ | Name: enc_aff_session_921 Value: ENC03962145e6e8cb4e0b95e40185fd0f7fca185b56cc826094fb62d895433c53f1665e029c8eaf5fa92ae1a168423f4a92240e18d51908c89901914df8cb5525c656fb2d57a5413bec7cbdea30199885470dbc43b45bbe008c4eca57f10888315d8fc7af7229ae6d8e49c877aa5d4fec88f41823078ab363de04d1681b17eb865dbb09cd74e1 |
|
ct.tk2gk.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6Iml0LUlULGl0O3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 |
|
trk.elds.it/ | Name: afclick Value: 62bc263a78e8460001ba8253 |
|
trk.elds.it/ | Name: afoffers Value: {"80":1656497722} |
|
.creditoveloce.info/ | Name: _gcl_au Value: 1.1.1199783057.1656497723 |
|
.creditoveloce.info/ | Name: _fbp Value: fb.1.1656497723291.1625045923 |
|
.creditoveloce.info/ | Name: _ga Value: GA1.2.963234813.1656497723 |
|
.creditoveloce.info/ | Name: _gid Value: GA1.2.11371521.1656497723 |
|
.creditoveloce.info/ | Name: _dc_gtm_UA-124159496-2 Value: 1 |
|
.mgid.com/ | Name: __cf_bm Value: O.VdtCyXRW0Uz3dUAwHSxz_nEqgyhWkh2Jcpila3FU4-1656497723-0-AX9EVNBE2YZTmJwaJ1ILgqCwRfoQ+MhOwgfafZoNn6gQw4UW5KsDQuMyJr8z6qa804mllrZCbzRr4NrpY/g8IYI= |
|
creditoveloce.info/ | Name: MgidSensorNVis Value: 1 |
|
creditoveloce.info/ | Name: MgidSensorHref Value: https://creditoveloce.info/pre-landing-new/?ref=8- |
|
.facebook.com/ | Name: fr Value: 0osgqZv2Eqc6Tgqep..BivCY7...1.0.BivCY7. |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.mgid.com
cdn.taboola.com
connect.facebook.net
creditoveloce.info
ct.tk2gk.com
googleads.g.doubleclick.net
js-tag.zemanta.com
maxcdn.bootstrapcdn.com
news.offertatua.it
p1.zemanta.com
spsk.cc
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
trk.elds.it
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
104.19.133.78
141.226.228.48
142.250.186.130
151.101.193.44
161.35.72.115
164.90.162.187
2606:4700:10::ac43:247d
2606:4700::6812:acf
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:829::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
63.34.252.79
91.192.43.154
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18c1d67b135893b7225c17a1936683ba545544e4a41e495742405ddeb6f89c59
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f
60825542af928568913134c385a102f4be900e3dc6fc6ddeb5482c322936c201
707a1c5f8a523cba04451bdb18c5ad0a346e21a6b9b220c56dc3c6186a81d20a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a8eade12e56b34b811ba8234f93ed1ac9e90f0aac693c3841ac87a50d6394c2
a0257d60930766a47d709b7b367fb41d24b0b8e030fd3370a106cac6f302e9a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
bd5bc927756e63904cba5af00096d1f621b6c6e0f9c7ee80a476ca6f5aa78793
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
e36f377fa08adeacdb9342ef88a4c69d0b5d4d3e57335547197a63f57784bbf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eddcb0d86923705e2a08b16e7ba04dd216ae2cfd18c139a270c00a24cf4b6e1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f544686016d321990a3fd3980f14f77f4c07a7824ffd4f698b42bba59d8c7e4d