pages.groupme.com
Open in
urlscan Pro
54.205.71.136
Public Scan
Effective URL: https://pages.groupme.com/messages/2340348/930777845/0oLnGdVqftGO0NZG
Submission: On September 09 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Microsoft RSA TLS CA 01 on October 20th 2020. Valid for: a year.
This is the only time pages.groupme.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-71-136.compute-1.amazonaws.com
pages.groupme.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-250-110.compute-1.amazonaws.com
i.groupme.com |
ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
groupme.com
1 redirects
groupme.com pages.groupme.com i.groupme.com |
133 KB |
6 |
twitter.com
platform.twitter.com syndication.twitter.com |
148 KB |
3 |
mixpanel.com
api-js.mixpanel.com |
559 B |
2 |
facebook.com
www.facebook.com |
2 KB |
2 |
facebook.net
connect.facebook.net |
69 KB |
2 |
google-analytics.com
www.google-analytics.com |
20 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
20 KB |
1 |
mxpnl.com
cdn.mxpnl.com |
25 KB |
1 |
microsoft.com
wcpstatic.microsoft.com |
74 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
1 |
bit.ly
1 redirects
bit.ly |
278 B |
1 |
steadysafe.xyz
1 redirects
steadysafe.xyz |
767 B |
33 | 12 |
Domain | Requested by | |
---|---|---|
11 | pages.groupme.com |
pages.groupme.com
|
4 | platform.twitter.com |
pages.groupme.com
platform.twitter.com |
3 | api-js.mixpanel.com |
cdn.mxpnl.com
|
2 | syndication.twitter.com |
platform.twitter.com
|
2 | www.facebook.com |
connect.facebook.net
|
2 | connect.facebook.net |
pages.groupme.com
connect.facebook.net |
2 | www.google-analytics.com |
pages.groupme.com
www.google-analytics.com |
2 | i.groupme.com |
pages.groupme.com
|
2 | cdnjs.cloudflare.com |
pages.groupme.com
|
1 | cdn.mxpnl.com |
pages.groupme.com
|
1 | wcpstatic.microsoft.com |
pages.groupme.com
|
1 | ajax.googleapis.com |
pages.groupme.com
|
1 | groupme.com | 1 redirects |
1 | bit.ly | 1 redirects |
1 | steadysafe.xyz | 1 redirects |
33 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
groupme.com |
blog.groupme.com |
help.groupme.com |
status.groupme.com |
store.groupme.com |
dev.groupme.com |
nytm.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.groupme.com Microsoft RSA TLS CA 01 |
2020-10-20 - 2021-10-20 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
wcpstatic.microsoft.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-12 - 2022-06-12 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-07-15 - 2022-07-28 |
a year | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-05 - 2021-11-09 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
*.mixpanel.com GeoTrust RSA CA 2018 |
2020-04-20 - 2022-04-21 |
2 years | crt.sh |
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://pages.groupme.com/messages/2340348/930777845/0oLnGdVqftGO0NZG
Frame ID: BA8BC2E862427EB5F92308C44339F787
Requests: 29 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fpages.groupme.com
Frame ID: FB1AC692D95994EA4FE8696C7AE55FD3
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=120121578058249&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2581c0e8b624a4%26domain%3Dpages.groupme.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpages.groupme.com%252Ff186e493e9651c%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Ffacebook.com%2Fgroupme&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=true&width=450
Frame ID: 0C323B40E98FB30C35D629168C402C12
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: C81F5C4E75797FD5267A8FCFBB94F911
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
GroupMe | Group text messaging with GroupMePage URL History Show full URLs
-
https://steadysafe.xyz/
HTTP 301
https://bit.ly/RBm11f HTTP 301
https://groupme.com/messages/2340348/930777845/0oLnGdVqftGO0NZG HTTP 301
https://pages.groupme.com/messages/2340348/930777845/0oLnGdVqftGO0NZG Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
FingerprintJS (JavaScript libraries) Expand
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Moment.js (JavaScript Libraries) Expand
Detected patterns
- moment(?:\.min)?\.js
Twitter (Widgets) Expand
Detected patterns
- //platform\.twitter\.com/widgets\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Statement
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Status
Search URL Search Domain Scan URL
Title: Store
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: New York City
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://steadysafe.xyz/
HTTP 301
https://bit.ly/RBm11f HTTP 301
https://groupme.com/messages/2340348/930777845/0oLnGdVqftGO0NZG HTTP 301
https://pages.groupme.com/messages/2340348/930777845/0oLnGdVqftGO0NZG Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
0oLnGdVqftGO0NZG
pages.groupme.com/messages/2340348/930777845/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brochure.css
pages.groupme.com/stylesheets/ |
135 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ |
29 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ |
249 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.js
pages.groupme.com/javascripts/ |
38 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event.js
pages.groupme.com/javascripts/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages.js
pages.groupme.com/javascripts/ |
840 B 492 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanelEvents.js
pages.groupme.com/javascripts/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
pages.groupme.com/images/media_landing_page/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
div.png
pages.groupme.com/images/media_landing_page/ |
990 B 854 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ios_icon.png
pages.groupme.com/images/media_landing_page/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stars.png
pages.groupme.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
898d5560004a013049c81231381fff99.preview
i.groupme.com/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nip.png
pages.groupme.com/images/media_landing_page/ |
1 KB 989 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9518c7c007680130722012313b100d06
i.groupme.com/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
75 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api-js.mixpanel.com/decide/ |
65 B 140 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 72 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
222 KB 66 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame FB1A |
319 KB 103 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 347 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame FB1A |
232 B 432 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 0C32 |
0 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame C81F |
32 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame C81F |
822 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jot
syndication.twitter.com/i/ |
43 B 375 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| Fingerprint2 function| WcpConsent function| mscc function| moment object| jQuery18308769578347825586 string| GoogleAnalyticsObject function| ga string| mixpanel_token object| mixpanel string| public_ip function| dismiss function| fbAsyncInit string| device_id object| option object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB object| __twttrll object| twttr object| __twttr9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
steadysafe.xyz/ | Name: PHPSESSID Value: ur75vfnse720084ufa2gcdjtgg |
|
steadysafe.xyz/ | Name: SESSION Value: GJ1GTGWBVd7Oe0CFFsDSYn0Hy0UiksAFRaGaefjem9Sx3wOM |
|
.bit.ly/ | Name: _bit Value: l89nnS-a3fe47a6b1e532a509-00h |
|
.groupme.com/ | Name: ARRAffinity Value: 0d1e459bb5d6c6808102edc6d04a6eec01db5d141feaf9f67fa867b33f5b8ce2 |
|
.groupme.com/ | Name: ARRAffinitySameSite Value: 0d1e459bb5d6c6808102edc6d04a6eec01db5d141feaf9f67fa867b33f5b8ce2 |
|
.groupme.com/ | Name: _ga Value: GA1.2.50625336.1631229836 |
|
.groupme.com/ | Name: _gid Value: GA1.2.1763201509.1631229836 |
|
.groupme.com/ | Name: _gat Value: 1 |
|
.groupme.com/ | Name: mp_54a7f6d9805cf997975d3f645e43ff3d_mixpanel Value: %7B%22distinct_id%22%3A%20%2264a2d8d3cb6a10cad1d28b9bae30adb8%22%2C%22%24device_id%22%3A%20%2217bccdff963151-01a08d539a8d33-c343365-1d4c00-17bccdff964889%22%2C%22Platform%22%3A%20%22web%22%2C%22GroupMe%20Client%20Type%22%3A%20%22SMS%22%2C%22Language%22%3A%20%22en-US%22%2C%22IP%20Address%22%3A%20%22194.36.108.18%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%2264a2d8d3cb6a10cad1d28b9bae30adb8%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api-js.mixpanel.com
bit.ly
cdn.mxpnl.com
cdnjs.cloudflare.com
connect.facebook.net
groupme.com
i.groupme.com
pages.groupme.com
platform.twitter.com
steadysafe.xyz
syndication.twitter.com
wcpstatic.microsoft.com
www.facebook.com
www.google-analytics.com
104.244.42.136
130.211.34.183
184.73.250.110
2600:1901:0:498c::
2606:2800:234:59:254c:406:2366:268c
2606:4700:3035::ac43:94ea
2606:4700::6810:125e
2620:1ec:46::42
2a00:1450:4007:80c::200a
2a00:1450:4007:819::200e
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f12c:183:face:b00c:0:25de
40.84.59.174
54.205.71.136
67.199.248.10
05f65d2faedbd54ce8a8218d4f8bd35eabf5df4e0122d6989bd0b0464be3d942
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
10dd7e7a2335702f727e6642c2771c430a81e1c71a89f76571aba3b21c0df360
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17d5b4445622f32f4a88cf17c3b6cf9aa1d0758e5871c3664d8b1e0d562e2481
208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294
248e8cb1da56555807b375613cacefc2d03be40f3255b68e41b3fb61349e7e4a
2ab9a5ba6bd2bdb5bd5cf7da6886f7eed76737dbad5418990339f53fd2b78bd8
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
5b25d03997fd1e6ee9bcd7e8209719f6a535d65fcaa0cdfcaeeeecc86cf87dc6
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
8d3f8977be1dbe3cd93894ef1b263d6ef7b328eacd96abc3f19bb8f705857c44
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
9825aa4b815bd0d906e453f697e181812095b24c5746f515953def668a6ec65c
9e6944912de9893a3cf086b41b42fbb26c27b612d8ec406f69a385a3f01099c3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a46d87ddb0086af9d29b2de54e910e742e400bc58dd37516049ac14e881ec838
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
d861d69ed512e710fd98336a6774f053f70f940628a7af27b5bd26d2729a70b3
e1a4f262435f4349bf95855ba6c70035281f0c799ca9b76fb19c7b90819eafc5
e36fc20507826ae17f7c4d5a803e9bb4d069990fdea47810e959bd2dac9d6577
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e652aa0105b22eb06a29dc4e18a008abf64eef133dacd11c81922b275fc9a01e
fb5dc069242f2c410c48deefe721eb0e447762384ba5d09c06ec6ac4e656f8a6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62