jeremyupdate.biz.id
Open in
urlscan Pro
2606:4700:3030::6815:32a2
Public Scan
Submission: On September 13 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on September 12th 2023. Valid for: 3 months.
This is the only time jeremyupdate.biz.id was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN5385 (RUSSMEDIA-IT, AT)
PTR: 194-183-143-025.tele.net
www.vol.at |
ASN24940 (HETZNER-AS, DE)
PTR: plesk1.werwolf.it
www.diebildschirmzeitung.de |
ASN16509 (AMAZON-02, US)
media04.meinbezirk.at |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.profitablecreativeformat.com |
ASN24940 (HETZNER-AS, DE)
PTR: www4.nachrichten.at
www4.nachrichten.at |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.7.120.34.bc.googleusercontent.com
www.noen.at |
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
www.merkur.de |
ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net
s4.histats.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
jeremyupdate.biz.id
jeremyupdate.biz.id |
330 KB |
3 |
profitablecreativeformat.com
www.profitablecreativeformat.com — Cisco Umbrella Rank: 64761 |
|
2 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 12396 s4.histats.com — Cisco Umbrella Rank: 12421 |
5 KB |
1 |
merkur.de
www.merkur.de — Cisco Umbrella Rank: 100689 |
89 KB |
1 |
ligaportal.at
static.ligaportal.at — Cisco Umbrella Rank: 744019 |
1 KB |
1 |
noen.at
www.noen.at — Cisco Umbrella Rank: 806433 |
390 KB |
1 |
b-cdn.net
5min.b-cdn.net |
36 KB |
1 |
news.de
media.news.de — Cisco Umbrella Rank: 545394 |
57 KB |
1 |
esports.ch
esports.ch — Cisco Umbrella Rank: 904505 |
107 KB |
1 |
nachrichten.at
www4.nachrichten.at |
131 KB |
1 |
meinbezirk.at
media04.meinbezirk.at — Cisco Umbrella Rank: 397253 |
413 KB |
1 |
diebildschirmzeitung.de
www.diebildschirmzeitung.de |
612 KB |
1 |
vol.at
www.vol.at — Cisco Umbrella Rank: 363901 |
1 MB |
1 |
yess-online.com
yess-online.com |
1 KB |
39 | 14 |
Domain | Requested by | |
---|---|---|
22 | jeremyupdate.biz.id |
jeremyupdate.biz.id
|
3 | www.profitablecreativeformat.com |
jeremyupdate.biz.id
|
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
jeremyupdate.biz.id
|
1 | www.merkur.de |
jeremyupdate.biz.id
|
1 | static.ligaportal.at |
jeremyupdate.biz.id
|
1 | www.noen.at |
jeremyupdate.biz.id
|
1 | 5min.b-cdn.net |
jeremyupdate.biz.id
|
1 | media.news.de |
jeremyupdate.biz.id
|
1 | esports.ch |
jeremyupdate.biz.id
|
1 | www4.nachrichten.at |
jeremyupdate.biz.id
|
1 | media04.meinbezirk.at |
jeremyupdate.biz.id
|
1 | www.diebildschirmzeitung.de |
jeremyupdate.biz.id
|
1 | www.vol.at |
jeremyupdate.biz.id
|
1 | yess-online.com |
jeremyupdate.biz.id
|
39 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
adorethemes.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.jeremyupdate.biz.id GTS CA 1P5 |
2023-09-12 - 2023-12-11 |
3 months | crt.sh |
yess-online.com GTS CA 1P5 |
2023-08-16 - 2023-11-14 |
3 months | crt.sh |
*.vol.at R3 |
2023-08-08 - 2023-11-06 |
3 months | crt.sh |
diebildschirmzeitung.de R3 |
2023-07-16 - 2023-10-14 |
3 months | crt.sh |
*.meinbezirk.at Sectigo RSA Organization Validation Secure Server CA |
2023-03-16 - 2024-04-15 |
a year | crt.sh |
profitablecreativeformat.com R3 |
2023-07-31 - 2023-10-29 |
3 months | crt.sh |
www4.nachrichten.at R3 |
2023-08-26 - 2023-11-24 |
3 months | crt.sh |
esports.ch R3 |
2023-08-30 - 2023-11-28 |
3 months | crt.sh |
*.news.de AlphaSSL CA - SHA256 - G2 |
2022-09-13 - 2023-10-15 |
a year | crt.sh |
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA |
2022-11-07 - 2023-11-11 |
a year | crt.sh |
noen.spunq.com GTS CA 1D4 |
2023-07-31 - 2023-10-29 |
3 months | crt.sh |
static.ligaportal.at R3 |
2023-08-12 - 2023-11-10 |
3 months | crt.sh |
merkur.de R3 |
2023-09-03 - 2023-12-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-13 - 2024-05-11 |
a year | crt.sh |
histats.com R3 |
2023-08-29 - 2023-11-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://jeremyupdate.biz.id/
Frame ID: 91FE3E0CCBBD4552276A741440BA07FE
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
Jacobupdate - Current Stories LiveDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Slick (JavaScript Libraries) Expand
Detected patterns
- (?:/([\d.]+))?/slick(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Adore Themes
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
jeremyupdate.biz.id/ |
52 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
jeremyupdate.biz.id/wp-includes/css/dist/block-library/ |
102 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c559dd98b21618513de77734581e1fa5.css
jeremyupdate.biz.id/wp-content/fonts/ |
6 KB 982 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.css
jeremyupdate.biz.id/wp-content/themes/random-news/assets/css/ |
1 KB 730 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.css
jeremyupdate.biz.id/wp-content/themes/random-news/assets/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks.min.css
jeremyupdate.biz.id/wp-content/themes/random-news/assets/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
jeremyupdate.biz.id/wp-content/themes/random-news/ |
146 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
jeremyupdate.biz.id/wp-content/themes/superior-news/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
endless-river.min.css
jeremyupdate.biz.id/wp-content/themes/random-news/assets/css/ |
538 B 623 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
jeremyupdate.biz.id/wp-includes/js/jquery/ |
85 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
jeremyupdate.biz.id/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close.png
yess-online.com/ |
566 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Max-und-MoritzIMG_20230907_121404-e1694518203278-4-3-500030002250-3000x2250.jpg
www.vol.at/2023/09/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
00_Das_einmaleins_des_C_Schauspielers_C_LTT_Mueller_900.jpg
www.diebildschirmzeitung.de/images/20leutkirch/23/09/ |
611 KB 612 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
36214584_XXL.jpg
media04.meinbezirk.at/article/2023/09/11/4/ |
412 KB 413 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
navigation.min.js
jeremyupdate.biz.id/wp-content/themes/random-news/assets/js/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slick.min.js
jeremyupdate.biz.id/wp-content/themes/random-news/assets/js/ |
43 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
endless-river.min.js
jeremyupdate.biz.id/wp-content/themes/random-news/assets/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
custom.min.js
jeremyupdate.biz.id/wp-content/themes/random-news/assets/js/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
frontend.min.js
jeremyupdate.biz.id/wp-content/plugins/q2w3-fixed-widget/js/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
086ace91-f7e6-4e70-a82a-d36365ab511c
https://jeremyupdate.biz.id/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.profitablecreativeformat.com/f8a827f3c32d9f00d4e1b90ff762fb19/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.profitablecreativeformat.com/f8a827f3c32d9f00d4e1b90ff762fb19/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
jeremyupdate.biz.id/wp-content/fonts/cabin/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.profitablecreativeformat.com/f8a827f3c32d9f00d4e1b90ff762fb19/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
jeremyupdate.biz.id/ |
52 KB 52 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
jeremyupdate.biz.id/wp-content/themes/random-news/assets/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
jeremyupdate.biz.id/wp-content/fonts/pt-serif/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-regular-400.woff2
jeremyupdate.biz.id/wp-content/themes/random-news/assets/webfonts/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www4.nachrichten.at/images/og_image/ |
131 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anothercrabstreasure.jpeg
esports.ch/wp-content/uploads/2023/09/ |
106 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ihr-bio--und-pollenflug-wetter-heute_857645578_1200x675_ffdf0cac3351248f95d07216f6cafcaf.jpg
media.news.de/images/857645578/images/74/cc/13c2117bf18169a4053d83ddeca1/nopic/no_pic/1200/675/1/1/-/-/1024/576/-/-/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Angelobung-02-1024x683.jpg
5min.b-cdn.net/wp-content/uploads/2023/09/ |
35 KB 36 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-BMtEG4lmIU0u6mrx.jpeg
www.noen.at/image/1920x1080-c-jpg/4951007/ |
389 KB 390 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btc.png
static.ligaportal.at/images/promo/bitpanda/ |
953 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
32677822-hans-sigl-starnacht-kritik-1Ufe.jpg
www.merkur.de/bilder/2023/09/12/92514980/ |
89 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-emoji-release.min.js
jeremyupdate.biz.id/wp-includes/js/ |
18 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
48 B 182 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _wpemojiSettings function| $ function| jQuery object| atOptions object| _Hasync object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded function| chfh function| chfh2 string| _HST_cntval object| Histats object| twemoji object| wp object| _HistatsCounterGraphics_0_setValues7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jeremyupdate.biz.id/ | Name: HstCfa4788362 Value: 1694566373548 |
|
jeremyupdate.biz.id/ | Name: HstCla4788362 Value: 1694566373548 |
|
jeremyupdate.biz.id/ | Name: HstCmu4788362 Value: 1694566373548 |
|
jeremyupdate.biz.id/ | Name: HstPn4788362 Value: 1 |
|
jeremyupdate.biz.id/ | Name: HstPt4788362 Value: 1 |
|
jeremyupdate.biz.id/ | Name: HstCnv4788362 Value: 1 |
|
jeremyupdate.biz.id/ | Name: HstCns4788362 Value: 1 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5min.b-cdn.net
esports.ch
jeremyupdate.biz.id
media.news.de
media04.meinbezirk.at
s10.histats.com
s4.histats.com
static.ligaportal.at
www.diebildschirmzeitung.de
www.merkur.de
www.noen.at
www.profitablecreativeformat.com
www.vol.at
www4.nachrichten.at
yess-online.com
136.243.33.98
149.56.240.27
192.243.61.225
193.218.202.149
194.183.143.25
2400:52e0:1e00::865:1
2600:9000:225e:fa00:6:a2e5:17c0:93a1
2606:4700:10::6814:91f
2606:4700:3030::6815:32a2
2606:4700:3034::6815:4eac
2a00:d70:0:b:2002:0:d91a:328f
34.120.7.176
62.141.58.43
65.21.96.225
94.130.69.97
1e2f7a8285f7426c9bf110aa3ccd9372c316919fb6e89a488918717a939e81ce
2048fb998717603b003836b3fa014281060498d3771ba3073e409a35a0240bb4
20ef2c99ddadc8c119dd5b243fb8f9f2c75548cce0ced2f58c60436d5b096c1a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a69d140d74767ade1be69e6aa2ce31cdd7ec440418a4bc4ecdfe02edd8f761b
70358c3abe9e97cd3fb3bb32bce5159331295d2d0dbd90504f1401d39203c718
78f5c4399ca4dab6d77186fb12a19d21faaf7bc02876100ce61838c29d6ec3aa
7bc1e39cb2163a12af2fb002cae96e9c5ee700ae00e4643750def5f3eefb471a
7d69f8ab83c2dc788f3528bbf17ea67d86ab95c191e9a5802d39b47db3b66d43
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9ae3a9cc8a55331d774be4c6bdf730a90c38c095ff6f8f7129e3684dba06282a
a1a49c85ae2db19ca7ad2bd54a706a632f8c9534c609acee3388f116df3bc53d
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a813715af61fd86a2a63153aa5deae149f37bc344f062545ebd34fbd85f4c69a
af8e228d0e1f26bdccc4cc9f575c7c028e752775568623eb3a48c974dcd46a20
b2f31f93a86b179392682429febad1e5316863f34b26a9e85c9197d6bd029e51
b5973ccb06586f919320afac1b6f38258a4cfa7916a9667d52f1c456993ffe36
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
b7f7a1c3b3d435879a2fbb69b398dd08d03d78854f35ce3d9cdfc7032ffca393
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c7739ef2dd5325e2d7d8692ec1585aa31b4dde734ae3be54212ec52aa3508843
caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1
d5a83c3e8b16a413b378fdb33380787e81c7363f76f0c41ddd39c3c407098b1c
d83ec008f1c2766bcf70d58fe3204937f02eef63ea805762f58c76a26b93b1fe
dbaf719b79ad5dc5eeb08a4b32bdf1efc8645a980bfabb9120007fc00fe890bc
dd24f93d60534fe1d0287350b6da43672244e7fc2d04fef454a4ad9a7dcd1638
df4c28cc9cbaea711348a4efeb70f3bed5d72535e43f41b2a4ab11ac6de17941
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a7f04a7ee5039f882bc018d3f8123784cb1e6039be786e139a8df36d55621
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca