![](/screenshots/4c9f3df3-700a-4b85-90c8-bfd76b1bad26.png)
www.confidencescourses.com
Open in
urlscan Pro
194.150.236.236
Public Scan
Submission: On December 16 via manual from BF — Scanned from FR
Summary
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.
This is the only time www.confidencescourses.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 12 | 194.150.236.236 194.150.236.236 | 44976 (HIWIT_AS) (HIWIT_AS) | |
19 | 185.119.26.1 185.119.26.1 | 203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS) | |
4 | 194.150.236.5 194.150.236.5 | 44976 (HIWIT_AS) (HIWIT_AS) | |
1 | 51.159.101.159 51.159.101.159 | 12876 (Online SAS) (Online SAS) | |
2 4 | 194.150.236.190 194.150.236.190 | 44976 (HIWIT_AS) (HIWIT_AS) | |
1 | 194.150.236.165 194.150.236.165 | 44976 (HIWIT_AS) (HIWIT_AS) | |
1 2 | 2606:4700:303... 2606:4700:3038::6815:ea1a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 3.101.8.205 3.101.8.205 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:400d:803::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200e | 15169 (GOOGLE) (GOOGLE) | |
42 | 11 |
ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.confidencescourses.com | |
www.biltoturf.com | |
www.millionturf.com | |
www.tagalataturf.com |
ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com |
ASN12876 (Online SAS, FR)
PTR: 17d9637a-13ac-43cc-99fb-9c6d17e34762.fr-par-2.baremetal.scw.cloud
static.blog4ever.com |
ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
zetop.info | |
www.zetop.info | |
www.turfsur.com | |
www.snprono.powa.fr |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-101-8-205.us-west-1.compute.amazonaws.com
gmu-apps.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
allopass.com
payment.allopass.com |
294 KB |
6 |
confidencescourses.com
www.confidencescourses.com |
1 MB |
4 |
allo-heberge.com
ns.allo-heberge.com |
|
3 |
millionturf.com
3 redirects
www.millionturf.com |
846 B |
2 |
gmu-apps.com
gmu-apps.com |
6 KB |
2 |
root-top.com
1 redirects
img.root-top.com |
5 KB |
2 |
zetop.info
1 redirects
zetop.info www.zetop.info |
11 KB |
2 |
biltoturf.com
www.biltoturf.com |
83 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29 |
20 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51 |
45 KB |
1 |
powa.fr
1 redirects
www.snprono.powa.fr |
282 B |
1 |
turfsur.com
www.turfsur.com |
12 KB |
1 |
levainqueur.com
www.levainqueur.com |
28 KB |
1 |
tagalataturf.com
www.tagalataturf.com |
6 KB |
1 |
blog4ever.com
static.blog4ever.com |
48 KB |
0 |
edenturf.com
Failed
www.edenturf.com Failed |
|
42 | 16 |
Domain | Requested by | |
---|---|---|
19 | payment.allopass.com |
www.confidencescourses.com
payment.allopass.com |
6 | www.confidencescourses.com |
www.confidencescourses.com
|
4 | ns.allo-heberge.com |
www.confidencescourses.com
|
3 | www.millionturf.com | 3 redirects |
2 | gmu-apps.com |
payment.allopass.com
www.confidencescourses.com |
2 | img.root-top.com |
1 redirects
www.confidencescourses.com
|
2 | www.biltoturf.com |
www.confidencescourses.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
payment.allopass.com
|
1 | www.snprono.powa.fr | 1 redirects |
1 | www.turfsur.com |
www.confidencescourses.com
|
1 | www.levainqueur.com |
www.confidencescourses.com
|
1 | www.zetop.info |
www.confidencescourses.com
|
1 | zetop.info | 1 redirects |
1 | www.tagalataturf.com |
www.confidencescourses.com
|
1 | static.blog4ever.com |
www.confidencescourses.com
|
0 | www.edenturf.com Failed |
www.confidencescourses.com
|
42 | 17 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
confidencescourses.com R3 |
2022-10-23 - 2023-01-21 |
3 months | crt.sh |
*.allopass.com Sectigo RSA Domain Validation Secure Server CA |
2022-10-07 - 2023-10-07 |
a year | crt.sh |
biltoturf.com R3 |
2022-10-17 - 2023-01-15 |
3 months | crt.sh |
static.blog4ever.com R3 |
2022-11-26 - 2023-02-24 |
3 months | crt.sh |
tagalataturf.com R3 |
2022-10-23 - 2023-01-21 |
3 months | crt.sh |
levainqueur.com R3 |
2022-12-04 - 2023-03-04 |
3 months | crt.sh |
turfsur.com R3 |
2022-12-02 - 2023-03-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
gmu-apps.com Amazon |
2022-01-31 - 2023-03-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.confidencescourses.com/
Frame ID: E8C7CEF7D2E5483B17146651B6E2CC75
Requests: 19 HTTP requests in this frame
Frame:
https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Frame ID: FDEDC3F40F69D8A5BF67E3539CB7E488
Requests: 23 HTTP requests in this frame
Screenshot
![](/screenshots/4c9f3df3-700a-4b85-90c8-bfd76b1bad26.png)
Page Title
CONFIDENCES COURSESUntitled DocumentDetected technologies
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
Title: EuropeTurf
Search URL Search Domain Scan URL
Title: ExpressTurf
Search URL Search Domain Scan URL
Title: GainsTurf
Search URL Search Domain Scan URL
Title: GenyTurf
Search URL Search Domain Scan URL
Title: GoldenTurf
Search URL Search Domain Scan URL
Title: TagalataTurf
Search URL Search Domain Scan URL
Title: LeSpecialisteduTierce
Search URL Search Domain Scan URL
Title: RepereduTurf
Search URL Search Domain Scan URL
Title: QuinteMagic
Search URL Search Domain Scan URL
Title: EruditCourse
Search URL Search Domain Scan URL
Title: COMMENT GAGNER AUX COURSES
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://www.millionturf.com/logos/turforiginal.gif HTTP 302
- https://ns.allo-heberge.com/
- https://www.millionturf.com/logos/repereduturf.gif HTTP 302
- https://ns.allo-heberge.com/
- https://www.millionturf.com/logos/eruditcourse.gif HTTP 302
- https://ns.allo-heberge.com/
- https://zetop.info/img/logo_zetop.gif HTTP 301
- https://www.zetop.info/img/logo_zetop.gif
- https://img.root-top.com/topsite/secreturf/banner.gif HTTP 302
- https://www.snprono.powa.fr/secreturf.gif HTTP 302
- https://ns.allo-heberge.com/
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.confidencescourses.com/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head.jpg
www.confidencescourses.com/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arriere-plan-1.jpg
www.confidencescourses.com/ |
487 KB 488 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tarpmenu.png
www.confidencescourses.com/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buy.apu
payment.allopass.com/buy/ Frame FDED |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
diapo.gif
www.confidencescourses.com/ |
375 KB 376 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img1.jpg
www.confidencescourses.com/ |
100 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quintemagic2.gif
www.biltoturf.com/logos/ |
77 KB 77 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ns.allo-heberge.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
basefiable.gif
www.edenturf.com/logos/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ns.allo-heberge.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.gif
www.biltoturf.com/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ns.allo-heberge.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gaz0_9032214.gif
static.blog4ever.com/2021/06/864279/ |
48 KB 48 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logobilto.gif
www.tagalataturf.com/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_zetop.gif
www.zetop.info/img/ Redirect Chain
|
11 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.gif
www.levainqueur.com/ |
28 KB 28 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.gif
www.turfsur.com/img/ |
11 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ns.allo-heberge.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.gif
img.root-top.com/topsite/turfplus/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame FDED |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
payment.allopass.com/static/css/ Frame FDED |
81 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel.css
payment.allopass.com/static/css/ Frame FDED |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame FDED |
56 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame FDED |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.js
payment.allopass.com/onetime/scripts/ Frame FDED |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame FDED |
51 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top.js
gmu-apps.com/js/ Frame FDED |
54 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fr.png
payment.allopass.com/icons/flags/24x24/ Frame FDED |
536 B 774 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check-codes.js
payment.allopass.com/static/js/ Frame FDED |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame FDED |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-down.png
payment.allopass.com/static/css/images/ Frame FDED |
315 B 553 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel.js
payment.allopass.com/static/js/ Frame FDED |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame FDED |
115 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
duration.css
payment.allopass.com/static/css/ Frame FDED |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame FDED |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame FDED |
181 B 418 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
field.png
payment.allopass.com/static/css/images/ Frame FDED |
170 B 407 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-mobiyo-small.png
payment.allopass.com/static/css/images/ Frame FDED |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame FDED |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel-row.png
payment.allopass.com/static/css/images/ Frame FDED |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
chk.php
gmu-apps.com/ Frame FDED |
0 94 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.edenturf.com
- URL
- https://www.edenturf.com/logos/basefiable.gif
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.confidencescourses.com/ | Name: PHPSESSID Value: 0276382c812b9e2cd7173563598c668a |
|
payment.allopass.com/ | Name: ShopSessionId Value: abd96adf-77a8-4005-8925-c4fd51ec0b6c |
|
.allopass.com/ | Name: AP_CUSK Value: 3598859806 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gmu-apps.com
img.root-top.com
ns.allo-heberge.com
payment.allopass.com
static.blog4ever.com
www.biltoturf.com
www.confidencescourses.com
www.edenturf.com
www.google-analytics.com
www.googletagmanager.com
www.levainqueur.com
www.millionturf.com
www.snprono.powa.fr
www.tagalataturf.com
www.turfsur.com
www.zetop.info
zetop.info
www.edenturf.com
185.119.26.1
194.150.236.165
194.150.236.190
194.150.236.236
194.150.236.5
2606:4700:3038::6815:ea1a
2a00:1450:4001:82b::200e
2a00:1450:400d:803::2008
3.101.8.205
51.159.101.159
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
336e041b7c299275c3ec89cc251c339ea2ec1870b70dc4ef25ba308e972be005
376297fb4552940ad33a55d2dac1dc81654c5eb5ad355f856d9ce7c97a9aa285
3826392fad8affe0e8f105c96299f4b3550fdd588c90603a12cc3db9b8e529c0
544350db3c92d22d0be34cae63d5ef64e2304ee943959297ee777626359c64b0
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
56b137612eb9e7e11421f576f02d3ea90e604fd12ab5873e6ff90aa9101e28db
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7
653157402e7854734f65c4f112eae10ae42d1f093a40374d34c52c1374e9e077
7285258c7399c5b4a715fd2a2727c71c1ffa77e0f31ad5dc782fa6bc37d7e7c7
7c9a501ff24c88a1c67c41a92315b5c7b94e19bed6381da81631f691e501a8be
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
86717ee9b44cbb4a42372ec7d062f97e3e89d2ee3c0382764e8ee54abe266427
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896
a9ff537d881c618b1a89e3caa40fb54cf54c7807abf37887c7cd5053c3cbb442
adfe383e215844ddafe2b7149d13c92118cc519a174bf6035494bab363034f4c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c5d79f6cfc265658d7edbe1676ee8a37617e18aeeb5be8bbbf678dcdefa86f7e
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
e015316158b9f23e0a8e73f84f6e7711561ea6183846d837e6cc47082dfce79b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
eec262c31789885983eaeec5365d8544b4ea876645570edf1e9548c33c509900
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7