www.getsmoney.site
Open in
urlscan Pro
193.106.174.168
Public Scan
Submission: On July 08 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on July 8th 2021. Valid for: 3 months.
This is the only time www.getsmoney.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 193.106.174.168 193.106.174.168 | 50465 (IQHOST) (IQHOST) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 135.148.65.134 135.148.65.134 | 16276 (OVH) (OVH) | |
3 9 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c08::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
37 | 10 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
getsmoney.site
www.getsmoney.site |
1 MB |
7 |
yandex.com
2 redirects
mc.yandex.com |
2 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
yandex.ru
1 redirects
mc.yandex.ru |
71 KB |
2 |
google.com
www.google.com |
724 B |
1 |
google.de
www.google.de |
107 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
90 B |
1 |
belmoney.work
belmoney.work |
|
1 |
gstatic.com
www.gstatic.com |
133 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
36 KB |
37 | 10 |
Domain | Requested by | |
---|---|---|
22 | www.getsmoney.site |
www.getsmoney.site
|
7 | mc.yandex.com |
2 redirects
www.getsmoney.site
mc.yandex.ru |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | mc.yandex.ru |
1 redirects
www.getsmoney.site
|
2 | www.google.com |
www.getsmoney.site
|
1 | www.google.de |
www.getsmoney.site
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | belmoney.work |
www.getsmoney.site
|
1 | www.gstatic.com |
www.google.com
|
1 | www.googletagmanager.com |
www.getsmoney.site
|
37 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
president.gov.by |
Subject Issuer | Validity | Valid | |
---|---|---|---|
getsmoney.site R3 |
2021-07-08 - 2021-10-06 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
belmoney.work R3 |
2021-06-02 - 2021-08-31 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2021-02-27 - 2021-08-09 |
5 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.getsmoney.site/
Frame ID: 2C10177A04BBB63AB67789FCE1E4F92C
Requests: 37 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
reCAPTCHA (Captchas) Expand
Detected patterns
- html /<div[^>]+class="g-recaptcha"/i
- script /\/recaptcha\/api\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Ссылка на указ: указ № 325
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9328.LJ3qC4f_zOJhiFy628WeVg9k_hhoAsczlS2g7s5SAiMNlP4n3CbeixQmp_A5IvCZ.a2Z5i_ozbjhMu-i2s68ks8zuqbI%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9328.vRgQ7WPiHl4wX9rhO1sYFG1RA3y5MpSbin6h2kRw71PmkAJYmeoTYM0SkONeJaYAfzsQF0OO04ezS4qNri70cw%2C%2C.rk14m424jC3reCvmgyrWVat3uKY%2C
- https://mc.yandex.com/watch/56931808?wmode=7&page-url=https%3A%2F%2Fwww.getsmoney.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A524%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A374226877935%3Ahid%3A327107718%3Az%3A120%3Ai%3A20210708213254%3Aet%3A1625772774%3Ac%3A1%3Arn%3A524215814%3Au%3A1625772774557439707%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625772773721%3Ads%3A66%2C91%2C93%2C1%2C1%2C0%2C%2C315%2C0%2C%2C%2C%2C570%3Adsn%3A66%2C91%2C92%2C1%2C0%2C0%2C%2C317%2C1%2C%2C%2C%2C569%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625772775%3At%3A%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%20%D0%B2%20%D0%94%D0%BE%D0%BB%D0%B3%20%3A%20%D0%A1%D0%95%D0%93%D0%9E%D0%94%D0%9D%D0%AF%20! HTTP 302
- https://mc.yandex.com/watch/56931808/1?wmode=7&page-url=https%3A%2F%2Fwww.getsmoney.site%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A524%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A374226877935%3Ahid%3A327107718%3Az%3A120%3Ai%3A20210708213254%3Aet%3A1625772774%3Ac%3A1%3Arn%3A524215814%3Au%3A1625772774557439707%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625772773721%3Ads%3A66%2C91%2C93%2C1%2C1%2C0%2C%2C315%2C0%2C%2C%2C%2C570%3Adsn%3A66%2C91%2C92%2C1%2C0%2C0%2C%2C317%2C1%2C%2C%2C%2C569%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625772775%3At%3A%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%20%D0%B2%20%D0%94%D0%BE%D0%BB%D0%B3%20%3A%20%D0%A1%D0%95%D0%93%D0%9E%D0%94%D0%9D%D0%AF%20%21
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.getsmoney.site/ |
30 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frameworks.minc9ef.css@a.css
www.getsmoney.site/templates/default/css/ |
150 KB 150 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.minc9ef.css@a55.css
www.getsmoney.site/templates/default/css/ |
65 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
optionalc9ef.css@a33.css
www.getsmoney.site/templates/default/css/ |
236 B 518 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mod_rtad_comments.app.min.css
www.getsmoney.site/modules/mod_rtad_comments/css/ |
22 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 661 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privilege_1.png
www.getsmoney.site/images/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privilege_2.png
www.getsmoney.site/images/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privilege_3.png
www.getsmoney.site/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
howget_1.png
www.getsmoney.site/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
howget_2.png
www.getsmoney.site/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
howget_3.png
www.getsmoney.site/images/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
howget_4.png
www.getsmoney.site/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visa_mastercard_belcart.png
www.getsmoney.site/images/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
91 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ |
341 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-background2.jpg
www.getsmoney.site/images/ |
462 KB 462 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
belmoney.work/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone_icon_green.png
www.getsmoney.site/images/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
semibold.woff
www.getsmoney.site/templates/default/fonts/ |
55 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
light.woff
www.getsmoney.site/templates/default/fonts/ |
55 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
black.woff
www.getsmoney.site/templates/default/fonts/ |
55 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
green_arrow.png
www.getsmoney.site/images/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
li_arrow.png
www.getsmoney.site/images/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qiwi_automat.png
www.getsmoney.site/images/ |
167 KB 167 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner_background.jpg
www.getsmoney.site/images/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
221 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 90 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/56931808/ Redirect Chain
|
335 B 417 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
56931808
mc.yandex.com/webvisor/ |
43 B 73 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
56931808
mc.yandex.com/webvisor/ |
43 B 157 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| validateRecaptcha function| ym object| phone object| mail object| searchString object| clickid function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter569318086 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.getsmoney.site/ | Name: _ym_isad Value: 2 |
|
.getsmoney.site/ | Name: _ym_uid Value: 1625772774557439707 |
|
.getsmoney.site/ | Name: _ym_d Value: 1625772774 |
|
.getsmoney.site/ | Name: _gat_gtag_UA_157160122_2 Value: 1 |
|
.getsmoney.site/ | Name: _gid Value: GA1.2.259953736.1625772774 |
|
.getsmoney.site/ | Name: _ga Value: GA1.2.1238201274.1625772774 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
belmoney.work
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
www.getsmoney.site
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
135.148.65.134
193.106.174.168
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9c
2a02:6b8::1:119
0145dc21803c001f3238b93f31c91b737f34e6c066c1ab8b1b3072121c8fec4c
048a20ff88a81d2aa41ac5e7f1e2e2e6d9f3b398ae03d58b8d8404e7e640c817
1477162c6aa9e78199821b45f499d152e89030415031ed90cb5f4437787e0d7a
25ef65dde5240a9335b1184c88c2112218bbce517b8d1974e1bb142054d7adaf
266bdf5c5b873d71b2aec082ecdf7d1e095bba24ecddb3870a262499f45fd436
26eb010b1054cf073fc6b6a3ce77245ad38a0d0e30dbb14e0ae2973d26b6b734
2d21fad316cfc9caaf8b64bc16ea7f86e92833980d1b52ba46d5ff233a9e7a7c
363e16214179c3bcbbb59ad79494666ea753743d791d895462597aaf7f6cb26c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587de7c11a942aeb9aaff2e76cccf22e148b7bbded405c6fc5a79ab603d1edf4
6ee54d05d56a82eb3381a2d6f42696a40e6a799563ce9ba3201a96c9735b7563
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
79633644ab2414db2c0f6c954455ab9ccf16a5c7b5fd0959511fb94243c3566e
7c1ead38109658b6674e029aa898acdb5a25ade803029cc426064cb88442ddfb
8055b32ee274a98d1f2c99e0c2a4c6e3f403315b0a46cb0d1e0a18c5e435a700
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9e73a287591f2c5ff17ce8f4766068474792fb7ab55b7f1ce9c4b7474c398ffc
9ec6e1a0818e4c39588aef33e0ac15e1c43a6c961da7a7628fbd4b0e8d5c1590
9f1d4e6a0b9383f1049df033c7dac7b840558a4162c4547622762b01fc102dcc
ac0ebb80cc23977a364955d1be04438b5ede083f1c0a02fc5832ee1d57bf637a
b0fd716d655fb4a1b4c354afe67b7369d01939021c58a381e4f5f4a4463ab107
b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3
b6681103c4e86f6730e11330f508a993b06107b6c97aff8f9499935ad4b96efa
bbfb327b8e5a23f0d57551c3a2da571aa53cd813b7fb783b58c4a84e5ef7cb2f
c10342dae06588e3f353d3f3d3e74a38f46ac7f67288aa159930e86eda55814f
ce1eb5232bc5b45fcf1bc30d2bc6a7152c1a256ad7d93e724de0f4ed3c88f846
d78f5883fda92c32e936d73de808ecff788aa4243372be5a87cc75a679444be6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a89d118172a002a534231acb90d750c42f09d1e620939d660217ea08b7da7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb42d627d106dfd9f62eb8dc96c7ac99e4d4b3aee3554a173a4f5d7c698fc3fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629