![](/screenshots/606c3cd8-1f68-4eb8-b133-be431d743f04.png)
spinwithvegas.com
Open in
urlscan Pro
2606:4700:3030::6815:1567
Public Scan
Effective URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php
Submission: On March 02 via manual from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2020. Valid for: a year.
This is the only time spinwithvegas.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN55286 (SERVER-MANIA, CA)
PTR: mta4.galeriaseldorado.com
giantvisit.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
static.bouncepilot.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-114.fra56.r.cloudfront.net
static.traversedlp.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-108-68.compute-1.amazonaws.com
api.traversedlp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
spinwithvegas.com
2 redirects
spinwithvegas.com |
469 KB |
4 |
gstatic.com
fonts.gstatic.com |
38 KB |
4 |
traversedlp.com
static.traversedlp.com api.traversedlp.com Failed |
9 KB |
4 |
giantvisit.com
giantvisit.com |
12 KB |
2 |
yonyelinta.com
1 redirects
go.yonyelinta.com |
795 B |
2 |
offer-notavailable.com
offer-notavailable.com |
94 KB |
2 |
bouncepilot.com
static.bouncepilot.com |
62 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
59 KB |
1 |
googleapis.com
fonts.googleapis.com |
896 B |
1 |
rapid-cdn.com
1 redirects
rapid-cdn.com |
2 KB |
1 |
bit.ly
1 redirects
bit.ly |
282 B |
1 |
topicaplus.com
1 redirects
app.topicaplus.com |
254 B |
34 | 12 |
Domain | Requested by | |
---|---|---|
14 | spinwithvegas.com |
2 redirects
go.yonyelinta.com
spinwithvegas.com |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | giantvisit.com |
giantvisit.com
|
2 | go.yonyelinta.com |
1 redirects
offer-notavailable.com
|
2 | offer-notavailable.com |
giantvisit.com
offer-notavailable.com |
2 | api.traversedlp.com |
static.traversedlp.com
|
2 | static.traversedlp.com |
www.googletagmanager.com
|
2 | static.bouncepilot.com |
giantvisit.com
|
2 | www.googletagmanager.com |
giantvisit.com
|
1 | fonts.googleapis.com |
spinwithvegas.com
|
1 | rapid-cdn.com | 1 redirects |
1 | bit.ly | 1 redirects |
1 | app.topicaplus.com | 1 redirects |
34 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
vegas-redirect.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1O1 |
2021-02-17 - 2021-05-12 |
3 months | crt.sh |
*.bouncepilot.com Amazon |
2020-07-21 - 2021-08-21 |
a year | crt.sh |
*.traversedlp.com Go Daddy Secure Certificate Authority - G2 |
2020-12-29 - 2022-01-30 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-16 - 2021-07-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://spinwithvegas.com/landingpages/vv045_ny/index.php
Frame ID: 6517EBD72FD400374AA107216C59D803
Requests: 33 HTTP requests in this frame
Screenshot
![](/screenshots/606c3cd8-1f68-4eb8-b133-be431d743f04.png)
Page URL History Show full URLs
-
http://app.topicaplus.com/clicktrack.cgi?_u=QB1OHQNBVFcdWVlVdBABH0wfQ1ZIVkJZVG9dHVpERgISQE5bDgg2D1xLHw...
HTTP 303
https://bit.ly/3aFKmWe HTTP 301
http://giantvisit.com/afc6fcdb9d84618b5940f246fb131b7da/?sid1=t2g0303 Page URL
- http://giantvisit.com/afc6fcdb9d84618b5940f246fb131b7da/?newcid=4740&sid1=t2g0303&sid2=&sid3=&sid4... Page URL
- https://offer-notavailable.com/bettercontent/?utm_source=201318&utm_medium=27&utm_campaign=239&utm_content=127 Page URL
-
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=201318&vert=&cid=
HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=11771... Page URL
-
http://go.yonyelinta.com/match-6633/42429/109977769/1614717058/mf_138a4879-4d7e-488f-8b09-86d412ee408...
HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id={target.thru} HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_{target.thru... HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Get it
Search URL Search Domain Scan URL
Title: IA-L
Search URL Search Domain Scan URL
Title: BONI HOLEN
Search URL Search Domain Scan URL
Title: Zdobądź bonus
Search URL Search Domain Scan URL
Title: Забрать бонусы
Search URL Search Domain Scan URL
Title: Bonus TnC's
Search URL Search Domain Scan URL
Title: Regulamin bonusu
Search URL Search Domain Scan URL
Title: Bonusbedingungen
Search URL Search Domain Scan URL
Title: T&C Bonusuri
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://app.topicaplus.com/clicktrack.cgi?_u=QB1OHQNBVFcdWVlVdBABH0wfQ1ZIVkJZVG9dHVpERgISQE5bDgg2D1xLHwETJzEMIwlMPgwCBgYfDkwX
HTTP 303
https://bit.ly/3aFKmWe HTTP 301
http://giantvisit.com/afc6fcdb9d84618b5940f246fb131b7da/?sid1=t2g0303 Page URL
- http://giantvisit.com/afc6fcdb9d84618b5940f246fb131b7da/?newcid=4740&sid1=t2g0303&sid2=&sid3=&sid4=&dev_click= Page URL
- https://offer-notavailable.com/bettercontent/?utm_source=201318&utm_medium=27&utm_campaign=239&utm_content=127 Page URL
-
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=201318&vert=&cid=
HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1177128660216925652 Page URL
-
http://go.yonyelinta.com/match-6633/42429/109977769/1614717058/mf_138a4879-4d7e-488f-8b09-86d412ee4082/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1177128660216925652
HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id={target.thru} HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_{target.thru}&click_id=%7Bclick_id%7D HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://app.topicaplus.com/clicktrack.cgi?_u=QB1OHQNBVFcdWVlVdBABH0wfQ1ZIVkJZVG9dHVpERgISQE5bDgg2D1xLHwETJzEMIwlMPgwCBgYfDkwX HTTP 303
- https://bit.ly/3aFKmWe HTTP 301
- http://giantvisit.com/afc6fcdb9d84618b5940f246fb131b7da/?sid1=t2g0303
- http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=201318&vert=&cid= HTTP 307
- http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1177128660216925652
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
giantvisit.com/afc6fcdb9d84618b5940f246fb131b7da/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
75 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fp.php
giantvisit.com/ |
234 B 434 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retargeting.js
static.traversedlp.com/v1/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cookie
api.traversedlp.com/retargeting/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
giantvisit.com/afc6fcdb9d84618b5940f246fb131b7da/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gtm.js
www.googletagmanager.com/ |
75 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fp.php
giantvisit.com/ |
233 B 433 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retargeting.js
static.traversedlp.com/v1/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie
api.traversedlp.com/retargeting/v1/ |
18 B 407 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
enqueue
api.traversedlp.com/retargetinginclusion/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
enqueue
api.traversedlp.com/retargetinginclusion/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
offer-notavailable.com/bettercontent/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.png
offer-notavailable.com/bettercontent/images/ |
92 KB 93 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts464-internationalemail-general
go.yonyelinta.com/ Redirect Chain
|
496 B 562 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
spinwithvegas.com/landingpages/vv045_ny/ Redirect Chain
|
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 896 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
spinwithvegas.com/landingpages/vv045_ny/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preloader.svg
spinwithvegas.com/landingpages/vv045_ny/img/ |
626 B 735 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
71 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parters-pay-desk.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parters-pay-mob.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
spinwithvegas.com/landingpages/vv045_ny/js/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
spinwithvegas.com/landingpages/vv045_ny/js/ |
3 KB 1020 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-desk.jpg
spinwithvegas.com/landingpages/vv045_ny/img/ |
266 KB 266 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang-arr.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-light-1.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-light-2.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.traversedlp.com
- URL
- https://api.traversedlp.com/retargeting/v1/cookie
- Domain
- api.traversedlp.com
- URL
- https://api.traversedlp.com/retargetinginclusion/enqueue
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
spinwithvegas.com/ | Name: mongo_sess Value: bf55fc150b4cf8c041b2d25904949d5c |
|
.spinwithvegas.com/ | Name: __cfduid Value: d372208d01e68d8e967ff40b3be0495ef1614717059 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.traversedlp.com
app.topicaplus.com
bit.ly
fonts.googleapis.com
fonts.gstatic.com
giantvisit.com
go.yonyelinta.com
offer-notavailable.com
rapid-cdn.com
spinwithvegas.com
static.bouncepilot.com
static.traversedlp.com
www.googletagmanager.com
api.traversedlp.com
13.32.24.114
216.189.51.90
23.229.9.133
2600:9000:20d7:fc00:10:b308:84c0:93a1
2606:4700:3030::6815:1567
2606:4700:3031::6815:4a86
2606:4700:3035::ac43:c19a
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200a
2a00:1450:4001:827::2008
54.166.108.68
67.199.248.10
74.118.105.83
017febff1383f7bde113bf7d51281a041ce19123db0819fd6ee3fc8f5a89a45c
074b64ac2ed79a5265d2491093095d2fb66a442d769835bba4852eae0f70cde7
1040820c1d01550555ef5c1f05b0802240a5c92df9fbfed00b1e1c4c7aa69fad
13ea29ccb0918ecba263847499c3934d002ae3115c26a38ade16d80664079810
18f76fe4f21d84bcbb06982fff47b755f9c9085e9b821f31f736f9e84732d6e4
1b6ba2c51f0445367411b95457811094c44e7082199ff1d6723ec9ef5c44bea6
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
3485068c605242a0853e4e9dd60705ecbdd0128902b182792c196aaf63e96513
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
656ef62960b826072d6ef9775270694165cf09882b085fb7fb6134fb76885f32
7336654fb6e8cbdb1e42d0500d517bb676b6ec378163d2f1fba36f4f71dead28
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
79e8fb9f1b09d7d5b9d5170038881f7a9a98aed7994f3c3dbe7661267656ab5b
825ba4756bc69de5e66e3efe8ac89967ec3d9d6ee4f6f8c0d997198529f0378b
863d73671fbd18cf7f99a3ca0cf68adf879c43d3ba1bdbf67fe4beb68b49ddd2
8761b89b1651fbec89d13e54a99f67cb98bf899cbd7895633f785b8c3ec38647
92126e01e710beca2472d4ea728f0e7b432a7e0bb8c64d41b5bf0f9a177ce709
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
be769e2f0de448635109d6602a95c421ff9bf881e17c863371ee2f864fd20db2
d18166f68dcd0f68576c8798c01d17eac495848247f737d4fb02c83f5478ff40
d201e5a3fe0d50a3855f87d60a4dd66ef8c91aa7796c0cd97bdaecb16f0cfe3b
d88e33f01165a7085114a365de792cbda138af8875ab3e481750e24b0fb86eed
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68
f6a76fd53462b36f244f49125d9ceba93e71b234c56e62cbc4b4bc7cd5466c48