www.vodafone-2cart.pp.ua
Open in
urlscan Pro
2a00:1450:4001:813::2013
Public Scan
Submission: On March 23 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on March 23rd 2023. Valid for: 3 months.
This is the only time www.vodafone-2cart.pp.ua was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a00:1450:400... 2a00:1450:4001:813::2013 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
5 15 | 146.75.116.193 146.75.116.193 | 54113 (FASTLY) (FASTLY) | |
4 | 185.66.200.222 185.66.200.222 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 185.66.201.8 185.66.201.8 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
3 | 185.66.200.127 185.66.200.127 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
32 | 12 |
ASN15169 (GOOGLE, US)
www.vodafone-2cart.pp.ua |
ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu
cdn-server.info |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu
ylx-i.advertica-cdn2.com | |
cdn.ebaaa.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
imgur.com
5 redirects
i.imgur.com — Cisco Umbrella Rank: 6247 |
102 KB |
4 |
cdn-server.info
cdn-server.info |
5 KB |
3 |
ebaaa.xyz
ebaaa.xyz — Cisco Umbrella Rank: 182213 cdn.ebaaa.xyz — Cisco Umbrella Rank: 681576 |
12 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2368 |
20 KB |
2 |
advertica-cdn2.com
ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 201813 |
28 KB |
2 |
gstatic.com
fonts.gstatic.com |
49 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
122 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783 |
83 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 673 |
33 KB |
1 |
pp.ua
www.vodafone-2cart.pp.ua |
5 KB |
32 | 11 |
Domain | Requested by | |
---|---|---|
15 | i.imgur.com |
5 redirects
www.vodafone-2cart.pp.ua
|
4 | cdn-server.info |
www.vodafone-2cart.pp.ua
cdn-server.info |
2 | ylx-i.advertica-cdn2.com |
cdn-server.info
|
2 | ebaaa.xyz |
cdn-server.info
ebaaa.xyz |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.googletagmanager.com |
www.vodafone-2cart.pp.ua
www.googletagmanager.com |
2 | fonts.googleapis.com |
www.vodafone-2cart.pp.ua
|
2 | maxcdn.bootstrapcdn.com |
www.vodafone-2cart.pp.ua
maxcdn.bootstrapcdn.com |
1 | cdn.ebaaa.xyz |
ebaaa.xyz
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | code.jquery.com |
www.vodafone-2cart.pp.ua
|
1 | www.vodafone-2cart.pp.ua | |
32 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.vodafone-2cart.pp.ua GTS CA 1D4 |
2023-03-23 - 2023-06-21 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.imgur.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-13 - 2024-03-12 |
a year | crt.sh |
cdn-server.info R3 |
2023-01-15 - 2023-04-15 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
ebaaa.xyz R3 |
2023-03-21 - 2023-06-19 |
3 months | crt.sh |
ylx-i.advertica-cdn2.com R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
cdn.ebaaa.xyz R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.vodafone-2cart.pp.ua/
Frame ID: 4FB53191C69766BB2F861492A23BCEB3
Requests: 24 HTTP requests in this frame
Frame:
https://cdn-server.info/bnr_xload.php?section=General&pub=533889&format=300x250&ga=g&xt=167960983257855&xtt=2575571
Frame ID: 00D81BE2103E4983D4823DC28A7C1798
Requests: 1 HTTP requests in this frame
Frame:
https://cdn-server.info/show.php?u75891679609832=true&ad=673873&f=300x250&a=395578&cri=0&s=YTE2OWY1N2U2NTZiNzk1MTFhYmY2OTRhMWFhNGRmNjE=&u=533889&si=878698217&di=46900965&ci=16&h=343db5dc4c63efd397c1556234bce9b2&cc=DE&https=1&useAf=loaded_string_76472ddb3bdc2f8ef3ba1c087913c4cc82e5b_2725272_1679609832.8696_14957&capSettings=Y2RuLXNlcnZlci5pbmZvfDEwMDAwMHwyNHw1NzM2Ng==&ar=aHR0cHM6Ly93d3cudm9kYWZvbmUtMmNhcnQucHAudWEv
Frame ID: 81D56E22BEEE5B42041555885CE35D66
Requests: 5 HTTP requests in this frame
Frame:
https://ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCjGjdkjZrGCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGZrdpijkCCrxi_34962&adApiR=loaded_string_76472ddb3bdc2f8ef3ba1c087913c4cc82e5b_2725272_1679609832.8696_14957&capSettings=Y2RuLXNlcnZlci5pbmZvfDEwMDAwMHwyNHw1NzM2Ng==&adApiR=loaded_string_76472ddb3bdc2f8ef3ba1c087913c4cc82e5b_2725272_1679609832.8696_14957&refferer=2267083899_aHR0cHM6Ly93d3cudm9kYWZvbmUtMmNhcnQucHAudWEv&width=300&height=250&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&randomA=1921386568410&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0=
Frame ID: 9C527A3B5A158ABF9D9B65C9A4E881E2
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
vodafone-egyDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://i.imgur.com/g6cV61A.png HTTP 302
- https://i.imgur.com/removed.png
- https://i.imgur.com/0UHB1f0.png HTTP 302
- https://i.imgur.com/removed.png
- https://i.imgur.com/sSMYbTT.png HTTP 302
- https://i.imgur.com/removed.png
- https://i.imgur.com/KTvWL6j.jpg HTTP 302
- https://i.imgur.com/removed.png
- https://i.imgur.com/85hSdGn.jpg HTTP 302
- https://i.imgur.com/removed.png
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.vodafone-2cart.pp.ua/ |
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 879 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ |
1 KB 382 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kjhlwOm.png
i.imgur.com/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
202wLiu.png
i.imgur.com/ |
58 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fxoIwSe.gif
i.imgur.com/ |
6 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr.php
cdn-server.info/ |
435 B 689 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 565 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 677 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 685 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Xuf2Txz.jpg
i.imgur.com/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7PWScYK.jpg
i.imgur.com/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 565 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
removed.png
i.imgur.com/ Redirect Chain
|
503 B 579 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
115 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DroidNaskh-Bold.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ |
40 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr_xload.php
cdn-server.info/ Frame 00D8 |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
218 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show.php
cdn-server.info/ Frame 81D5 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ebaaa.xyz/148bcf03fc/bb6bac9292/ Frame 81D5 |
1 KB 949 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame 81D5 |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_p_small.png
ylx-i.advertica-cdn2.com/ Frame 81D5 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cdn-server.info/trk/ Frame 81D5 |
43 B 268 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ebaaa.xyz/148bcf03fc/bb6bac9292/ Frame 9C52 |
723 B 922 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2997_94313EN-DW21-300x250.gif
cdn.ebaaa.xyz/generic/ Frame 9C52 |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless number| qs function| $ function| jQuery number| time number| likes number| comments number| shares string| text1 string| text2 string| link string| error string| cpa string| saved string| share object| swidth number| width function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ebaaa.xyz/148bcf03fc/bb6bac9292 | Name: total_impressions Value: 1 |
|
.cdn-server.info/ | Name: used_ad2725272 Value: 1 |
|
.cdn-server.info/ | Name: total_impressions Value: 1 |
|
.cdn-server.info/ | Name: cpa_673873 Value: 300x250_878698217_0 |
|
.vodafone-2cart.pp.ua/ | Name: _ga_2H0WXCQSF6 Value: GS1.1.1679609832.1.0.1679609832.0.0.0 |
|
.vodafone-2cart.pp.ua/ | Name: _ga Value: GA1.3.769859437.1679609833 |
|
.vodafone-2cart.pp.ua/ | Name: _gid Value: GA1.3.1335134362.1679609833 |
|
.vodafone-2cart.pp.ua/ | Name: _gat_gtag_UA_152330835_1 Value: 1 |
|
ebaaa.xyz/ | Name: used_ad2725272 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-server.info
cdn.ebaaa.xyz
code.jquery.com
ebaaa.xyz
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
maxcdn.bootstrapcdn.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.vodafone-2cart.pp.ua
ylx-i.advertica-cdn2.com
146.75.116.193
185.66.200.127
185.66.200.222
185.66.201.8
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:813::200a
2a00:1450:4001:813::2013
2a00:1450:4001:827::2008
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
1222f09bbe8f220ff684a0868bbcf7bd67969c203d300b35427dd651b982342f
17ef6d35d3b00c73242987291918d1b54253cdd5b3d66407fd0febb5b2831771
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3620882038f6fed1fdc8a204030af2107d0ddabc3b8ed47ff3b0b00964ff2d72
3bf667359356fafe2d656edaced3f3fdbd8279434739be05b192c8630ac73a03
4b6bb55159db46c2298f62204067e699aa774e3a5843ecabf9d274acd6c735b1
516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5eac9b243a56e7d3d00b3b75e88056baafee2bc3f1db13fa8a1c48db06e3f861
5ffa3f23f0c418fb96f873d2689aaef65c4335ed0a65fa84201570538caf4a6d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9741cb537162fb33b8305c686afb151d6ff3475d297ee654058e58c967aee4
6eb2423c0981fa2c1038013533600658c50cf6e06944cb1b4d5d7093f307a833
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
896e61e0cc2a43865bb93d59761a65f2841d7d705657eda0cf76c8c67c3bcea1
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93c75a3949295b28c2cfd5dc127f58be5b19f14b08b1cde8b358a0bf454641ea
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9bb4be4b28df16df4b591d6f784f73dbb2c8dc8b3a2e8fcc13c24003fe6f0ff5
adf493a44e64ae11e15e6288d20f296ccd3b552f6bf29ecb716f6087d0b01ce7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d4c4d5af24389f5ef15439957e39bb08f90c4b47af00dd2a4b8e28fdf1bf0a33
d62714071c1f3f5fba43cb6c27efa7952df69c6b6086cadbbd7b5e135e390dab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855