www.qualifizierte-preise.de
Open in
urlscan Pro
185.3.185.190
Public Scan
Effective URL: https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=...
Submission Tags: falconsandbox
Submission: On January 30 via api from US
Summary
TLS certificate: Issued by R3 on December 4th 2020. Valid for: 3 months.
This is the only time www.qualifizierte-preise.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20773 (GODADDY, DE)
PTR: srv21.mailer-service.de
news.ultima-media.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-179.deploy.static.akamaitechnologies.com
static2.creative-serving.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-31-194.eu-central-1.compute.amazonaws.com
ads.creative-serving.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-36.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-234-105.eu-central-1.compute.amazonaws.com
ice.360yield.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-36-34.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-181-235.eu-central-1.compute.amazonaws.com
match.justpremium.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
qualifizierte-preise.de
www.qualifizierte-preise.de |
392 KB |
6 |
bidswitch.net
6 redirects
x.bidswitch.net |
3 KB |
6 |
creative-serving.com
1 redirects
static2.creative-serving.com ads.creative-serving.com |
26 KB |
4 |
fontawesome.com
kit.fontawesome.com ka-f.fontawesome.com |
23 KB |
3 |
id5-sync.com
2 redirects
id5-sync.com |
4 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net |
2 KB |
2 |
demdex.net
1 redirects
dpm.demdex.net |
2 KB |
2 |
360yield.com
2 redirects
ice.360yield.com |
1007 B |
2 |
1rx.io
sync.1rx.io |
374 B |
2 |
gstatic.com
fonts.gstatic.com |
22 KB |
1 |
justpremium.com
match.justpremium.com |
324 B |
1 |
sonobi.com
sync.go.sonobi.com |
532 B |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
ultima-media.com
1 redirects
news.ultima-media.com |
595 B |
27 | 14 |
Domain | Requested by | |
---|---|---|
9 | www.qualifizierte-preise.de |
www.qualifizierte-preise.de
|
6 | x.bidswitch.net | 6 redirects |
3 | id5-sync.com |
2 redirects
www.qualifizierte-preise.de
|
3 | ads.creative-serving.com |
1 redirects
www.qualifizierte-preise.de
|
3 | ka-f.fontawesome.com |
kit.fontawesome.com
|
3 | static2.creative-serving.com |
www.qualifizierte-preise.de
static2.creative-serving.com |
2 | cm.g.doubleclick.net | 2 redirects |
2 | dpm.demdex.net |
1 redirects
www.qualifizierte-preise.de
|
2 | ice.360yield.com | 2 redirects |
2 | sync.1rx.io |
www.qualifizierte-preise.de
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | match.justpremium.com |
www.qualifizierte-preise.de
|
1 | sync.go.sonobi.com |
www.qualifizierte-preise.de
|
1 | kit.fontawesome.com |
www.qualifizierte-preise.de
|
1 | fonts.googleapis.com |
www.qualifizierte-preise.de
|
1 | news.ultima-media.com | 1 redirects |
27 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.qualifizierte-preise.de R3 |
2020-12-04 - 2021-03-04 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
static2.creative-serving.com R3 |
2020-12-24 - 2021-03-24 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-13 - 2021-10-12 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA |
2019-03-27 - 2021-04-02 |
2 years | crt.sh |
*.1rx.io Sectigo RSA Domain Validation Secure Server CA |
2019-06-28 - 2021-06-27 |
2 years | crt.sh |
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2 |
2019-02-01 - 2021-02-04 |
2 years | crt.sh |
*.id5-sync.com R3 |
2020-12-26 - 2021-03-26 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
tracking.justpremium.com Amazon |
2020-11-26 - 2021-12-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich
Frame ID: 42A1D583AB66FED44BCD2D9C89E7EA04
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4
HTTP 302
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://news.ultima-media.com/red.php?r=671855113468252436&lid=1513436&ln=4
HTTP 302
https://www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/?source_pk=16001&partner_pk=1390&wingame_pk=138&freetest_pk=609&firstname=Michael&lastname=Hriberschek&email=michael.hriberschek@schulergroup.com&street=Gr%C3%BCne%20Mitte&zipcode=72585&city=Riederich Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://ads.creative-serving.com/pixel?id=3155415&type=jsonp&cb=syncResponse HTTP 302
- https://ads.creative-serving.com/ul_cb/pixel?id=3155415&type=jsonp&cb=syncResponse
- https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=402 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=402 HTTP 302
- https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=
- https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=573 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=573 HTTP 302
- https://sync.1rx.io/usersync/bidswitch/e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21?gdpr=&gdpr_consent=
- https://x.bidswitch.net/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=602 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=76e14bdf-7c2a-42c7-9210-000cc1b3532a&ssp=&expires=30&user_group=2&cb=602 HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21
- https://id5-sync.com/s/101/76e14bdf-7c2a-42c7-9210-000cc1b3532a/1.gif HTTP 302
- https://id5-sync.com/c/101/101/1/1.gif?puid=76e14bdf-7c2a-42c7-9210-000cc1b3532a&gdpr=1&gdpr_consent= HTTP 302
- https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOqsMlc7lYi9x1UcgunfA1SPYwGExJjPEib8oTsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
- https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOqsMlc7lYi9x1UcgunfA1SPYwGExJjPEib8oTsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F101%2F124%2F0%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
- https://id5-sync.com/cq/101/124/0/2.gif?puid=363a86a2-375b-43d7-bcba-0fbcecc3651c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
- https://dpm.demdex.net/ibs:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=76e14bdf-7c2a-42c7-9210-000cc1b3532a
- https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm=&google_sc=&google_tc= HTTP 302
- https://ads.creative-serving.com/gcm?google_gid=CAESEHP-n7U1dNyrPNRBawrSjSk&google_cver=1
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation-custom.css
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/ |
62 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mootools-core-1.4.5-full-compat-yc.js
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/ |
94 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/js/ |
2 KB 841 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0722a600ec.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prize.png
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ |
179 KB 179 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel_loader.js
static2.creative-serving.com/ |
527 B 847 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ |
3 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
www.qualifizierte-preise.de/_static/_supload/_prelander/138_609/images/ |
161 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.js
static2.creative-serving.com/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.pl
www.qualifizierte-preise.de/cgi-bin/ |
77 B 169 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id5-api.js
static2.creative-serving.com/ |
20 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
ads.creative-serving.com/ul_cb/ Redirect Chain
|
805 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21
sync.1rx.io/usersync/bidswitch/ Redirect Chain
|
0 187 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e67c2be9-5c47-4fea-a1f5-a44d9e1b9b21
sync.1rx.io/usersync/bidswitch/ Redirect Chain
|
0 187 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Redirect Chain
|
49 B 532 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.gif
id5-sync.com/cq/101/124/0/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p161
match.justpremium.com/match/ |
43 B 324 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gcm
ads.creative-serving.com/ Redirect Chain
|
43 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
91 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $pick function| $try function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type function| Hash function| Native function| $A function| $arguments function| $chk function| $clear function| $defined function| $each function| $empty function| $extend function| $H function| $merge function| $lambda function| $mixin function| $random function| $splat function| $time function| $type function| $unlink object| Browser function| $constructor function| $family function| $exec function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow object| Selectors function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Swiff function| show_next_question function| fadeing object| FontAwesomeKitConfig string| __to object| p161 string| para string| href function| get_url_parameters object| id5Script object| ID5 function| syncResponse function| fire0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.creative-serving.com
cm.g.doubleclick.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ice.360yield.com
id5-sync.com
ka-f.fontawesome.com
kit.fontawesome.com
match.justpremium.com
news.ultima-media.com
static2.creative-serving.com
sync.1rx.io
sync.go.sonobi.com
www.qualifizierte-preise.de
x.bidswitch.net
142.250.185.226
178.162.133.149
18.184.181.235
18.193.31.194
18.195.73.36
185.3.185.190
2.16.186.179
213.19.147.151
217.115.153.221
2606:4700::6812:1734
2606:4700:e6::ac40:cb1c
2a00:1450:4001:80e::200a
2a00:1450:4001:817::2003
2a00:1450:4001:82a::2002
51.89.7.198
52.29.234.105
54.228.36.34
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1ed5f2fc1e66035303acba9525aeae50f4b303e9dc137c6e1ced3c240048dddd
25e5545bc1316cb31f6552d9056dd436d4e1e68362e5d26dbfe1ff843d87b65b
4a29e008c684709e47187b56a861a81009d991926d5419987e4aa9257564acc2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60bc771e751017a6116e7223cef3bc5792b1f3c64044bf13141482edbed116ca
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e
8af245271d7ebe82f886d6bdbc092b3c9640c58660b9cd290b190b1940148c08
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a95f057038068689c4ac417e82203b34f1106500b3bd8ce6a8aa47e860bca445
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b2821ef489e0b363c0543b364635401c9e7d6163928b516f73404ef8176c3dc1
ba85596b84eccd6b23d0c66f63bdf0f8addeeba09d8454b9c41695d00e305d83
ce23e320279a9e57052e7479ca9c68a5aec6bbdb0fff4e31945e5d1d377547b4
ced36ed863c0a025cc4056236f3d3f7429246d2ce55f2dd3deba164ee95d80a3
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
dd09fdcb2259ab9499133f8fd5c508f3eb2ddf106f0ac997a9d671e28a2ecccc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5463fb7c6a2161201535da9345108d44be9b1a7f7612d84d5fa6f0c9648cd48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629