bellinhealth.rsupartner.com
Open in
urlscan Pro
3.210.169.147
Public Scan
Effective URL: https://bellinhealth.rsupartner.com/?utm_source=bellinwomenshalfcom
Submission: On August 10 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 2nd 2020. Valid for: 3 months.
This is the only time bellinhealth.rsupartner.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 184.168.131.241 184.168.131.241 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
2 | 3.210.169.147 3.210.169.147 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE) | |
13 | 13.226.156.217 13.226.156.217 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.226.155.18 13.226.155.18 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.226.156.161 13.226.156.161 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 13.226.155.12 13.226.155.12 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 34.194.61.140 34.194.61.140 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6 | 15133 (EDGECAST) (EDGECAST) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.242.18 162.247.242.18 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
29 | 11 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
bellinwomenshalf.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-169-147.compute-1.amazonaws.com
bellinhealth.rsupartner.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-217.dus51.r.cloudfront.net
d368g9lw5ileu7.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-18.dus51.r.cloudfront.net
iad-dynamic-assets.runsignup.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-161.dus51.r.cloudfront.net
d3dq00cdhq56qd.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-12.dus51.r.cloudfront.net
cdnjs.runsignup.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-61-140.compute-1.amazonaws.com
runsignup.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
cloudfront.net
d368g9lw5ileu7.cloudfront.net d3dq00cdhq56qd.cloudfront.net |
308 KB |
7 |
runsignup.com
iad-dynamic-assets.runsignup.com cdnjs.runsignup.com runsignup.com |
124 KB |
2 |
nr-data.net
bam.nr-data.net |
340 B |
2 |
rsupartner.com
bellinhealth.rsupartner.com |
15 KB |
1 |
newrelic.com
js-agent.newrelic.com |
10 KB |
1 |
twimg.com
pbs.twimg.com |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
11 KB |
1 |
googleapis.com
fonts.googleapis.com |
755 B |
1 |
bellinwomenshalf.com
1 redirects
bellinwomenshalf.com |
258 B |
29 | 9 |
Domain | Requested by | |
---|---|---|
13 | d368g9lw5ileu7.cloudfront.net |
bellinhealth.rsupartner.com
|
4 | cdnjs.runsignup.com |
bellinhealth.rsupartner.com
|
2 | bam.nr-data.net |
js-agent.newrelic.com
bellinhealth.rsupartner.com |
2 | runsignup.com |
bellinhealth.rsupartner.com
runsignup.com |
2 | bellinhealth.rsupartner.com |
bellinhealth.rsupartner.com
|
1 | js-agent.newrelic.com |
bellinhealth.rsupartner.com
|
1 | pbs.twimg.com |
bellinhealth.rsupartner.com
|
1 | fonts.gstatic.com |
bellinhealth.rsupartner.com
|
1 | d3dq00cdhq56qd.cloudfront.net |
bellinhealth.rsupartner.com
|
1 | iad-dynamic-assets.runsignup.com |
bellinhealth.rsupartner.com
|
1 | fonts.googleapis.com |
bellinhealth.rsupartner.com
|
1 | bellinwomenshalf.com | 1 redirects |
29 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
d368g9lw5ileu7.cloudfront.net |
www.bellinrun.com |
www.bellin.org |
twitter.com |
pbs.twimg.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rsupartner.com Let's Encrypt Authority X3 |
2020-08-02 - 2020-10-31 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
dynamic-assets.runsignup.com Amazon |
2020-01-10 - 2021-02-10 |
a year | crt.sh |
cdnjs.runsignup.com Amazon |
2020-05-13 - 2021-06-13 |
a year | crt.sh |
runsignup.com Let's Encrypt Authority X3 |
2020-07-17 - 2020-10-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-11-18 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-07-22 - 2021-05-07 |
10 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://bellinhealth.rsupartner.com/?utm_source=bellinwomenshalfcom
Frame ID: 944F40E13455CFE09C978E593E0CA85E
Requests: 28 HTTP requests in this frame
Frame:
https://runsignup.com/Race/Sponsors/WI/GreenBay/BellinWomensHalfMarathon?hideTabs=T&hideTopLinks=T&hideRaceTopDetails=T&transparent=T&hideSocial=T&bgColor=FFFFFF&headerColor=106487&subHeaderColor=666666&captionColor=989898&textColor=666666&buttonColor=00B9F1&buttonTextColor=FFFFFF&buttonHoverColor=2D90AF&labelColor=333333&inputTextColor=000000&tableHeaderColor=176585&tableHeaderTextColor=FFFFFF&tableSubHeaderColor=FD9435&tableSubHeaderTextColor=006387&tableColor=FFFFFF&tableTextColor=2F84A5&highlightedRowColor=FFF4EA&dropDownMenuColor=7EB737&dropDownMenuHoverColor=63B346&color_scheme_id=9665&reportedRaceId=53124&widget2&url=https%3A%2F%2Fbellinhealth.rsupartner.com%2F%3Futm_source%3Dbellinwomenshalfcom&widgetRand=793412&availableWidgetWidth=1170
Frame ID: B91AF606836F39CE1A86B437C3A7DC0D
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bellinwomenshalf.com/
HTTP 301
https://bellinhealth.rsupartner.com/?utm_source=bellinwomenshalfcom Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: click here
Search URL Search Domain Scan URL
Title: 2020 Bellin Women's Events Registration Now Open!
Search URL Search Domain Scan URL
Title: Planning for 2020 Bellin Women's Events
Search URL Search Domain Scan URL
Title: Call to Artists! Design our 2020 Commemorative Print
Search URL Search Domain Scan URL
Title: Bellin Women's Events Draw 1,600-Plus
Search URL Search Domain Scan URL
Title: From the Race Director: Banish the 'But'
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: @BellinWomen
Search URL Search Domain Scan URL
Title: 6h
Search URL Search Domain Scan URL
Title: #MotivationalMonday
Search URL Search Domain Scan URL
Title: https://t.co/YJj4cRdRkD
Search URL Search Domain Scan URL
Title: Aug 06
Search URL Search Domain Scan URL
Title: https://t.co/t9eOlVHatx
Search URL Search Domain Scan URL
Title: Aug 04
Search URL Search Domain Scan URL
Title: https://t.co/mFIXU7pl7z
Search URL Search Domain Scan URL
Title: Jul 30
Search URL Search Domain Scan URL
Title: #TBT
Search URL Search Domain Scan URL
Title: https://t.co/os8XD22M5m
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bellinwomenshalf.com/
HTTP 301
https://bellinhealth.rsupartner.com/?utm_source=bellinwomenshalfcom Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bellinhealth.rsupartner.com/ Redirect Chain
|
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 755 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrapGrid.min.bwo7UC.css
d368g9lw5ileu7.cloudfront.net/css/opensource/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.scss.rsu.min.bFhTc9.css
d368g9lw5ileu7.cloudfront.net/css/ |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popups.scss.rsu.min.bFiE4G.css
d368g9lw5ileu7.cloudfront.net/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.scss.rsu.min.bFgRYM.css
d368g9lw5ileu7.cloudfront.net/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
iad-dynamic-assets.runsignup.com/us-east-1-src/prod/iconfonts/4d695f67d6e947cfb9371a64130a8c04/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.by_2-q.css
d368g9lw5ileu7.cloudfront.net/css/partnerWebsites/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partnerWebsiteUI.scss.css
d3dq00cdhq56qd.cloudfront.net/d1.bFivmu.bv5sla/partnerwebsite-1cfabe/661/ |
149 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.runsignup.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
cdnjs.runsignup.com/ajax/libs/jqueryui/1.12.1/ |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.min.bFbkXz.js
d368g9lw5ileu7.cloudfront.net/js/ |
24 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdnjs.runsignup.com/ajax/libs/twitter-bootstrap/3.4.0/js/ |
37 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partner661-partnerwebsitelogo-0.bE_Hx7.png
d368g9lw5ileu7.cloudfront.net/uploads/partners/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partnerWebsite661-customSectionFullAttachment-5aaee55657f825.13574486.jpg
d368g9lw5ileu7.cloudfront.net/uploads/partnerWebsites/ |
171 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-pdf.bwo7Y7.png
d368g9lw5ileu7.cloudfront.net/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partnerWebsite661-customSectionFullAttachment-5d67ebf3c606c3.66081238.jpg
d368g9lw5ileu7.cloudfront.net/uploads/partnerWebsites/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitterMedia.min.bB4D5w.js
d368g9lw5ileu7.cloudfront.net/js/partners/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitterLogo.bwEWSu.png
d368g9lw5ileu7.cloudfront.net/img/twitter/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blueimp-gallery.min.js
cdnjs.runsignup.com/ajax/libs/blueimp-gallery/2.37.0/js/ |
33 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget2.js
runsignup.com/js/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.min.bD5rw3.css
d368g9lw5ileu7.cloudfront.net/css/ |
702 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BellinWomensHalfMarathon
runsignup.com/Race/Sponsors/WI/GreenBay/ Frame B91A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter
bellinhealth.rsupartner.com/reserved/ |
13 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SkJVLxhg_normal.jpg
pbs.twimg.com/profile_images/1271088503821139969/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1173.min.js
js-agent.newrelic.com/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
828ac3b705
bam.nr-data.net/1/ |
57 B 146 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
828ac3b705
bam.nr-data.net/events/1/ |
24 B 194 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
84 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NREUM object| newrelic function| __nr_require function| $ function| jQuery function| urlAddSessionParams function| urlRemoveSessionParams function| getUrlParameters function| urlAddParam function| decodeURIComponentRFC1738 function| addUrlParamsToForm function| clearFileInput function| clearFileInputByDom function| focusInput function| moneyFormat function| number_format function| percentage_format function| setCookie function| getCookie function| arrayToCsv function| parseCsv function| computeAge object| initialStateSelectOptions function| setupCountryAndStateDropdown2 function| htmlspecialchars function| setupPlaceholders function| fillInPlaceholders function| flattenErrorArray function| flattenDataArrayToNames function| moveElementUp function| moveElementDown function| toggleDetails function| easeToggle function| isInputTypeSupported function| convertHtml5DateToUs function| convertUsDateToHtml5 function| updateClonedDatepickers function| updateHtml5Dates function| setZIndexAbove function| showBlackOverlay function| showError function| showConfirmation function| showPopupMessage function| updateSiteSuccessMsg function| addDialogStyle1Opts function| showStyle1Popup function| showAbandonmentPopup function| showAbandonmentPopupSlideIn function| mysqlDate2JsDate function| userInputDate2JsDate function| setupUnsavedChangesWarning function| bindWindowLeavePageWarning function| unbindWindowLeavePageWarning function| showLoginWindow function| markInputAsChanged function| validateEmail function| setupSortColumns function| sendJsAdminEmail function| binarySearch function| ucwords function| sortTableCol function| sendPswdReset function| shouldPreventFormHiding function| updateCloneIds function| getNaturalWidth function| debounce function| openWindow function| openWindowNoParams function| setWindowLocation function| reloadWindowOnInputChange number| serverTsOffset object| TwitterMedia object| blueimp number| width string| transparent string| rsuUrl string| bgColor object| style object| height string| page boolean| useStubWidth string| rsuStubId object| rsuUrlMatch string| key5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
runsignup.com/ | Name: analytics Value: {"asset":"30b20822-0480-48b4-aefd-eecd99921704","source":1,"medium":1} |
|
runsignup.com/ | Name: winWidth Value: 1170 |
|
.runsignup.com/ | Name: _gat_rsu Value: 1 |
|
.runsignup.com/ | Name: _gid Value: GA1.2.1685586537.1597096154 |
|
.runsignup.com/ | Name: _ga Value: GA1.2.2111299663.1597096154 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
bellinhealth.rsupartner.com
bellinwomenshalf.com
cdnjs.runsignup.com
d368g9lw5ileu7.cloudfront.net
d3dq00cdhq56qd.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
iad-dynamic-assets.runsignup.com
js-agent.newrelic.com
pbs.twimg.com
runsignup.com
13.226.155.12
13.226.155.18
13.226.156.161
13.226.156.217
151.101.114.110
162.247.242.18
184.168.131.241
2606:2800:134:1a0d:1429:742:782:b6
2a00:1450:4001:81d::2003
2a00:1450:4001:825::200a
3.210.169.147
34.194.61.140
0182a79d0c16746136db1c9dc2369b8f9657f2bd79488ab1d9b52fbf126d90e1
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e1c8214092dac3ca9bbb69f07fdb941c304bae5fddebb70e2e3d3b93423145c
1bf8a2ae6a2e76a0f7321de54edce5282ca656bb02732e4b69a471f2740dac58
233601083eb81be7955642ec8a2cfb66d08c2571e18b2e7ba3c067280c614eff
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
45fae5172390d13346086ed75512aa93b1c4d0caed918fa2cd56e8453b2f4844
4f9b17adda9295a8df593032a65922776c14060d7ea337914a29d518855b880c
5adee2c2bdb2b84c0d5e5212b9d5845b889aa2ff4f579dee7cc5829735af1cdb
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
70c1055501636691f6580e8451e08500d759162d95b4844c1a062fd1b777e817
70ff610078ab5f58990d715bc7f1506925f76216b268dbab2de1e65cc3f57fa3
72af7a346437bf7862d95c379678e03e09d231abdcedd4b27608fab85f1aa958
7913475d8b7dac89f7696353e542ca2111ad87e27e52ea35a70ac94d4e23be46
7f1e30ae2e5cb7937d3478d0cc7d9211383a07450b7f028ff9ee99382022b372
7f4c869d812dcf97fbe97f012b7cdfe3d5457506e1e818f83956987854057c34
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36
a08d3174010e7cdd86a81e4c274c73fdaa3f85bdcccf07d4ac41e91d91070c61
bd23b3cc790e847c1519217382ed368d77c0824c333763bc96f293cc18b57087
c9837f9a809aef76962e29c3152e3d41887ecfe555e88c5a5b1bcd74facb947a
cb91f4bd7ea91c6ef5d9f48f0bd22325a2728685571c934ad4bfa4a901852de4
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d64d8d739294489d389ae804b4f89e31c8e74af90865a1e6ff3e0e32b7f8fb89
d675c5effbbc52b36e463fb4db226e6eb9380fc2f12343aa3f18cff6526afa2b
d7d8bb0d0a76d0a2b23435ae1725daaa4617358a73184dad7fe9a99721b55434
ee0f4a2428bab1a215d3b974ca5435af46c7dbaccaa09011f777c211ff228e4f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d