venadvstar.com
Open in
urlscan Pro
2606:4700:3032::ac43:d080
Public Scan
Effective URL: https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Submission: On March 27 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on February 10th 2023. Valid for: 3 months.
This is the only time venadvstar.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN4766 (KIXS-AS-KR Korea Telecom, KR)
PTR: www.gamejob.co.kr
www.gamejob.co.kr |
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: prepshoot.com
fullyfledgedsystem.com |
ASN2856 (BT-UK-AS BTnet UK Regional network, GB)
valleyutilityplay.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-54.fra60.r.cloudfront.net
api.pushnami.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-12-248.compute-1.amazonaws.com
trc.pushnami.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-183-48.compute-1.amazonaws.com
psp.pushnami.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 6053 trc.pushnami.com — Cisco Umbrella Rank: 6548 psp.pushnami.com — Cisco Umbrella Rank: 18541 |
20 KB |
4 |
ocmhood.com
sdk.ocmhood.com cdn.ocmhood.com t.ocmhood.com |
14 KB |
3 |
jukminung.com
lynku.jukminung.com |
17 KB |
2 |
cn-rtb.com
feed.cn-rtb.com t.cn-rtb.com |
865 B |
2 |
venadvstar.com
venadvstar.com |
15 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783 |
83 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 309 fonts.googleapis.com — Cisco Umbrella Rank: 31 |
31 KB |
1 |
g2afse.com
aditmedia.g2afse.com |
515 B |
1 |
777offers.net
1d6c9396fa1.777offers.net |
1 KB |
1 |
addlnk.com
cdn.addlnk.com |
1 KB |
1 |
gstatic.com
fonts.gstatic.com |
47 KB |
1 |
offer-connect.com
offer-connect.com |
10 KB |
1 |
valleyutilityplay.com
valleyutilityplay.com |
565 B |
1 |
fullyfledgedsystem.com
1 redirects
fullyfledgedsystem.com |
278 B |
1 |
gamejob.co.kr
www.gamejob.co.kr |
511 B |
29 | 15 |
Domain | Requested by | |
---|---|---|
3 | lynku.jukminung.com |
offer-connect.com
www.gamejob.co.kr lynku.jukminung.com |
2 | t.ocmhood.com |
sdk.ocmhood.com
|
2 | venadvstar.com |
venadvstar.com
|
2 | psp.pushnami.com |
api.pushnami.com
|
2 | trc.pushnami.com |
api.pushnami.com
|
2 | api.pushnami.com |
offer-connect.com
api.pushnami.com |
2 | maxcdn.bootstrapcdn.com |
offer-connect.com
maxcdn.bootstrapcdn.com |
1 | t.cn-rtb.com |
venadvstar.com
|
1 | cdn.ocmhood.com |
sdk.ocmhood.com
|
1 | sdk.ocmhood.com |
venadvstar.com
|
1 | feed.cn-rtb.com |
venadvstar.com
|
1 | aditmedia.g2afse.com | |
1 | 1d6c9396fa1.777offers.net |
lynku.jukminung.com
|
1 | cdn.addlnk.com |
lynku.jukminung.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
offer-connect.com
|
1 | ajax.googleapis.com |
offer-connect.com
|
1 | offer-connect.com |
valleyutilityplay.com
|
1 | valleyutilityplay.com |
www.gamejob.co.kr
|
1 | fullyfledgedsystem.com | 1 redirects |
1 | www.gamejob.co.kr | |
29 | 21 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
valleyutilityplay.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-15 - 2024-04-14 |
a year | crt.sh |
offer-connect.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-28 - 2023-07-23 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
*.pushnami.com Amazon RSA 2048 M01 |
2023-03-04 - 2024-04-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.777offers.net R3 |
2023-02-24 - 2023-05-25 |
3 months | crt.sh |
*.g2afse.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-08-04 - 2023-09-04 |
a year | crt.sh |
*.venadvstar.com GTS CA 1P5 |
2023-02-10 - 2023-05-11 |
3 months | crt.sh |
*.cn-rtb.com GTS CA 1P5 |
2023-02-22 - 2023-05-23 |
3 months | crt.sh |
ocmhood.com Cloudflare Inc ECC CA-3 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Frame ID: 288C918A2A2F3BC519D5426AF1B7345B
Requests: 25 HTTP requests in this frame
Frame:
https://api.pushnami.com/scripts/v1/hub
Frame ID: 4A42E628CD44BC73DF0013D30AA143E0
Requests: 1 HTTP requests in this frame
Frame:
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679918400
Frame ID: 8C4FE9AFA81D13384046C2D354D18092
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
offer-connectPage URL History Show full URLs
- http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz... Page URL
-
http://fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D
HTTP 302
https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-25... Page URL
- https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21... Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444 Page URL
- https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pubddbfc1062fd84526b27a7bdb17eff7d9&pu... Page URL
- https://aditmedia.g2afse.com/click?pid=1011&offer_id=17716&sub1=5ydi2rx1rdeipjbq3rpc0scg4,16703586,5,4379... Page URL
- https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&s... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Pushnami (Marketing automation) Expand
Detected patterns
- api\.pushnami\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D Page URL
-
http://fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D
HTTP 302
https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107 Page URL
- https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444 Page URL
- https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pubddbfc1062fd84526b27a7bdb17eff7d9&pubid=690444&pi=690444 Page URL
- https://aditmedia.g2afse.com/click?pid=1011&offer_id=17716&sub1=5ydi2rx1rdeipjbq3rpc0scg4,16703586,5,4379&sub2=4379 Page URL
- https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D HTTP 302
- https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Co_HomePage_Open.asp
www.gamejob.co.kr/List_GI/ |
147 B 511 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
489719797_80-255-7-107
valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/ Redirect Chain
|
252 B 565 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
offer-connect.com/ |
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 920 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63ed63298591f2001320edcc
api.pushnami.com/scripts/v1/pushnami-adv/ |
88 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
trc.pushnami.com/api/push/ |
2 B 168 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
trc.pushnami.com/api/push/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hub
api.pushnami.com/scripts/v1/ Frame 4A42 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
psp
psp.pushnami.com/api/ |
2 B 224 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
psp
psp.pushnami.com/api/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9e8aef8068
lynku.jukminung.com/rc/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 8C4F |
27 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8C4F |
7 KB 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1d6c9396fa1.777offers.net// |
945 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
7ae8ca2add4e2bd1
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8C4F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click
aditmedia.g2afse.com/ |
249 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/ |
29 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AFU1kAAPatM
feed.cn-rtb.com/v1/native/ |
663 B 865 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conf.json
venadvstar.com/hood/dmVuYWR2c3Rhci5jb20=/ |
49 B 417 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
748 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ht.js
sdk.ocmhood.com/sdk/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js
cdn.ocmhood.com/tag/ |
191 B 717 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
activity
t.ocmhood.com/v2/ |
0 271 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
activity
t.ocmhood.com/v2/ |
0 304 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imp
t.cn-rtb.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- lynku.jukminung.com
- URL
- https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7ae8ca2add4e2bd1
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| $ function| jQuery function| showSecondStep boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.gamejob.co.kr/ | Name: ASPSESSIONIDQQBDRSTD Value: KHNCGLLAOOBPECIIABEJGJOL |
|
valleyutilityplay.com/ | Name: uid15295 Value: 1333903852-20230327115026-0ecbe18cc764c84426ae0484675fc259- |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d6c9396fa1.777offers.net
aditmedia.g2afse.com
ajax.googleapis.com
api.pushnami.com
cdn.addlnk.com
cdn.ocmhood.com
feed.cn-rtb.com
fonts.googleapis.com
fonts.gstatic.com
fullyfledgedsystem.com
lynku.jukminung.com
maxcdn.bootstrapcdn.com
offer-connect.com
psp.pushnami.com
sdk.ocmhood.com
t.cn-rtb.com
t.ocmhood.com
trc.pushnami.com
valleyutilityplay.com
venadvstar.com
www.gamejob.co.kr
lynku.jukminung.com
100.26.12.248
121.189.48.181
13.32.99.54
172.67.197.244
2606:4700:20::681a:7e4
2606:4700:20::ac43:4809
2606:4700:3030::6815:4a8d
2606:4700:3032::6815:1cae
2606:4700:3032::ac43:d080
2606:4700::6812:acf
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
34.141.179.97
38.102.245.195
5.199.130.138
54.167.183.48
81.128.197.187
94.237.99.118
14f1c8a7c64537b3d447b87d13c50d9bd8525a9dbae38e6b38471905cc9736eb
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
61835d2463a910e0a5c69632b6d97f400b13dadbd3514e2c4b588293242ec79b
6fbff55fe9991ccc8f2aa975fcdd78e711b3dd856caefc230d54efa4b172f72e
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a94a3a820c8a2febf507c498d7ea5a0cc6e54eb5f3600431d3fd871e7d62a13
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f
ce8f2567c59118ebc5357981a56fa1fb07c39d7f1cc27bca2fbfd1d82f92d99f
cf1cfd435c6ac3d2468e0ae8abf4383ffe5b7d1110a8e180f59fab8f36874bdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc