kn.mpesaken.gifts
Open in
urlscan Pro
198.54.116.12
Public Scan
Effective URL: https://kn.mpesaken.gifts/q4svgrc
Submission: On March 17 via manual from KE — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 13th 2022. Valid for: a year.
This is the only time kn.mpesaken.gifts was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.0.235.4 162.0.235.4 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
5 | 198.54.116.12 198.54.116.12 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
1 | 143.204.96.118 143.204.96.118 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.216.229.221 52.216.229.221 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:82a::2001 | 15169 (GOOGLE) (GOOGLE) | |
3 | 139.45.197.252 139.45.197.252 | 9002 (RETN-AS) (RETN-AS) | |
1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
1 | 46.105.201.240 46.105.201.240 | 16276 (OVH) (OVH) | |
1 | 192.99.0.58 192.99.0.58 | 16276 (OVH) (OVH) | |
34 | 15 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server292-2.web-hosting.com
ke.safproms.gifts |
ASN22612 (NAMECHEAP-NET, US)
PTR: server196-4.web-hosting.com
kn.mpesaken.gifts |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-96-118.fra50.r.cloudfront.net
cdn-images.mailchimp.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 5401 |
861 KB |
5 |
mpesaken.gifts
kn.mpesaken.gifts |
150 KB |
3 |
choogeet.net
choogeet.net — Cisco Umbrella Rank: 698731 |
49 KB |
3 |
blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 8530 |
58 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251 |
32 KB |
2 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 17418 s4.histats.com — Cisco Umbrella Rank: 14980 |
5 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 |
38 KB |
1 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10613 |
546 B |
1 |
amazonaws.com
s3.amazonaws.com |
140 KB |
1 |
mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 4444 |
2 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 620 |
20 KB |
1 |
safproms.gifts
ke.safproms.gifts |
914 B |
34 | 12 |
Domain | Requested by | |
---|---|---|
11 | i.imgur.com |
kn.mpesaken.gifts
|
5 | kn.mpesaken.gifts |
ke.safproms.gifts
kn.mpesaken.gifts |
3 | choogeet.net |
kn.mpesaken.gifts
choogeet.net |
3 | 1.bp.blogspot.com |
kn.mpesaken.gifts
|
2 | cdnjs.cloudflare.com |
kn.mpesaken.gifts
cdnjs.cloudflare.com |
2 | fonts.googleapis.com |
kn.mpesaken.gifts
|
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
kn.mpesaken.gifts
|
1 | my.rtmark.net |
choogeet.net
|
1 | s3.amazonaws.com |
kn.mpesaken.gifts
|
1 | cdn-images.mailchimp.com |
kn.mpesaken.gifts
|
1 | ajax.googleapis.com |
kn.mpesaken.gifts
|
1 | maxcdn.bootstrapcdn.com |
kn.mpesaken.gifts
|
1 | ke.safproms.gifts | |
34 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ke.safproms.gifts Sectigo RSA Domain Validation Secure Server CA |
2022-02-07 - 2023-02-07 |
a year | crt.sh |
kn.mpesaken.gifts Sectigo RSA Domain Validation Secure Server CA |
2022-03-13 - 2023-03-13 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
cdn-images.mailchimp.com Amazon |
2021-07-21 - 2022-08-19 |
a year | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-06-23 - 2022-07-24 |
a year | crt.sh |
misc-sni.blogspot.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
choogeet.net R3 |
2022-01-17 - 2022-04-17 |
3 months | crt.sh |
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA |
2021-11-20 - 2022-11-26 |
a year | crt.sh |
histats.com R3 |
2022-01-21 - 2022-04-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kn.mpesaken.gifts/q4svgrc
Frame ID: 425C9C9B15EBB3F7FE7D6D09C3BD7FA4
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Safaricom Mpesa Gifts!Page URL History Show full URLs
- https://ke.safproms.gifts/7000mpesa Page URL
- https://kn.mpesaken.gifts/q4svgrc Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
MailChimp (Marketing Automation) Expand
Detected patterns
- s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
- cdn-images\.mailchimp\.com/[^>]*\.css
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ke.safproms.gifts/7000mpesa Page URL
- https://kn.mpesaken.gifts/q4svgrc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
7000mpesa
ke.safproms.gifts/ |
2 KB 914 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
q4svgrc
kn.mpesaken.gifts/ |
68 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 936 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/ |
80 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 598 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CUN5lgs.png
i.imgur.com/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XDksoVa.png
i.imgur.com/ |
250 KB 250 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
classic-10_7_dtp.css
cdn-images.mailchimp.com/embedcode/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ |
140 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ouJgS71.gif
i.imgur.com/ |
49 KB 50 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z4Wdyix.jpg
i.imgur.com/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kNovlqO.jpg
i.imgur.com/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uX9vrSN.jpg
i.imgur.com/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jdqoSTy.png
i.imgur.com/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twwr.jpg
1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aP4hWCC.jpg
i.imgur.com/ |
123 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ettte.jpg
1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lz7ilfE.jpg
i.imgur.com/ |
178 KB 178 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uMlXz9m.png
i.imgur.com/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gy.jpg
1.bp.blogspot.com/-8b8Dz7vkxYA/YKKfcPgq6MI/AAAAAAAAB3c/FfLq7idbQLoDLcNVA1aU7NOvOK-LGyPtACLcBGAsYHQ/s200/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AIcpwae.jpg
i.imgur.com/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
choogeet.net/pfe/current/ |
139 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
zone
choogeet.net/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 546 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zone
choogeet.net/ |
737 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.png
kn.mpesaken.gifts/img/f/ |
68 KB 68 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bubble.png
kn.mpesaken.gifts/img/f/ |
68 KB 68 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tahoma-Bold.ttf
kn.mpesaken.gifts/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/ |
23 KB 23 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tahoma.ttf
kn.mpesaken.gifts/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
51 B 185 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery number| timer_start string| redirectURL string| WhatsApp_share_message string| Share_link string| alert_text number| total number| ii number| iy function| hidepop object| regeneratorRuntime object| ntfcSDK object| zfgformats object| mc function| $mcj object| fnames object| ftypes function| incrementValue1 function| incrementValue_i boolean| spin2enabled number| ob function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| lasthtml function| dapp function| dappp function| record string| j string| randomcode string| klast string| banner string| dl string| dl2 object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
my.rtmark.net/ | Name: ID Value: d51f7869e59f46d88dc60fbf30898b58 |
|
kn.mpesaken.gifts/ | Name: null Value: null |
|
kn.mpesaken.gifts/ | Name: 50 Value: 50 |
|
kn.mpesaken.gifts/ | Name: HstCfa4590856 Value: 1647505370308 |
|
kn.mpesaken.gifts/ | Name: HstCla4590856 Value: 1647505370308 |
|
kn.mpesaken.gifts/ | Name: HstCmu4590856 Value: 1647505370308 |
|
kn.mpesaken.gifts/ | Name: HstPn4590856 Value: 1 |
|
kn.mpesaken.gifts/ | Name: HstPt4590856 Value: 1 |
|
kn.mpesaken.gifts/ | Name: HstCnv4590856 Value: 1 |
|
kn.mpesaken.gifts/ | Name: HstCns4590856 Value: 1 |
|
kn.mpesaken.gifts/ | Name: c_ref_4590856 Value: https%3A%2F%2Fke.safproms.gifts%2F |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.bp.blogspot.com
ajax.googleapis.com
cdn-images.mailchimp.com
cdnjs.cloudflare.com
choogeet.net
fonts.googleapis.com
i.imgur.com
ke.safproms.gifts
kn.mpesaken.gifts
maxcdn.bootstrapcdn.com
my.rtmark.net
s10.histats.com
s3.amazonaws.com
s4.histats.com
139.45.195.8
139.45.197.252
143.204.96.118
151.101.112.193
162.0.235.4
192.99.0.58
198.54.116.12
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
46.105.201.240
52.216.229.221
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
48f56998939a3a5acbc227f96c4bb57a32dcdd60fad55a7ab2c2766356f1eb9a
49d6bae97173f6da39655ad238384a8b8c103adebf4ff750fe6fb29281d6c8d0
4aa7af1442f6f006f5fc0cc0550ce8d2246d4ec52f8c6dfc00de75702d878ee4
5b0e7fc58f69d9f96da53cf06b12e133d1a6a3f5b5ca296a6fe1c21ac57c68fb
5bb505919c390a51598036b1e5691ea2ff28cc3babc2475204ad7058734f8af2
60163ceba06c0fb67f3898558b9b7e8f0bcb654912c1a76e19ed4b22cd6ea2e5
633f4cf325805cc9f5b5276acec34fbd08f5fa97b35214ab44fa977ac047d6ac
6b49f8fa3c9496523f289e71501541f4917117a4416c067a74366cc18d327b46
6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
82885afcc2e2041cc0bd59eb6551859107165126b2cb0b89fc6ed9c1f484a8e3
9c8422d5613999e44fd77a0d46e2161faf8de4fd967265da030323f0b1b48eea
9f0a40b05f1980c6af2ecef8e637275e50b24f441300a43b8858a61737723088
ac11fde0e4d7ed23f4ab22ecf31a25196e9077d554cad693b6c30ddc50581b26
b0d3e95d9ae6d861a6735dba876fe73ff082293d8663233cc19f54776f2912e4
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b4dab6a044bee7dcfbc7d969f3e855b3bd29846bd35865b4f6d38ed12b73256a
b5395e4a225c849aee7a44c7ba55bfa603228758d38bd680f9c6c3059d231998
b797eacb86451e087be79261d218181df6b89059995faa87e481f5bc388a39db
c0b90a38d57e425c78b77701e9a6be73194f05b00b6df348eaa3e1465d1614b2
ccd057614298e00b5b7a8e8fd626e033e1dd611fa7b024b49f7afc0513ef580b
df256b03cb313a930810440c59b9ee68f6100e4ff6a2e2561e9b48b4b885c05d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea05e6c716c1e72e7aab7abde872bd5dd45acf4142bd4ad198ebfc74989b0880
eaf8234ca8c7fff8fce1a268275806efb63012087837263f2d6f5a0ae17e1973
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c