![](/screenshots/66bea09a-60bd-4cbe-b546-2a73fd4ccc7e.png)
knuden.hoopla.no
Open in
urlscan Pro
151.101.2.133
Public Scan
Effective URL: https://knuden.hoopla.no/sales
Submission: On September 18 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 26th 2021. Valid for: 3 months.
This is the only time knuden.hoopla.no was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 194.63.248.52 194.63.248.52 | 12996 (DOMENESHO...) (DOMENESHOP Oslo) | |
1 5 | 151.101.2.133 151.101.2.133 | 54113 (FASTLY) (FASTLY) | |
1 | 142.250.184.234 142.250.184.234 | 15169 (GOOGLE) (GOOGLE) | |
6 | 143.204.101.99 143.204.101.99 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 151.101.131.9 151.101.131.9 | 54113 (FASTLY) (FASTLY) | |
3 | 172.217.16.142 172.217.16.142 | 15169 (GOOGLE) (GOOGLE) | |
1 | 31.13.92.14 31.13.92.14 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 142.250.181.232 142.250.181.232 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.185.99 142.250.185.99 | 15169 (GOOGLE) (GOOGLE) | |
1 | 143.204.99.83 143.204.99.83 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 74.125.133.157 74.125.133.157 | 15169 (GOOGLE) (GOOGLE) | |
12 | 151.101.114.208 151.101.114.208 | 54113 (FASTLY) (FASTLY) | |
1 | 172.217.23.100 172.217.23.100 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.210.41.193 34.210.41.193 | 16509 (AMAZON-02) (AMAZON-02) | |
37 | 13 |
ASN12996 (DOMENESHOP Oslo, Norway, NO)
PTR: bristol.domeneshop.no
www.billett.knuden.no |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-99.fra50.r.cloudfront.net
d16s6o6uu491xt.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net
cdn.segment.com |
ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f100.1e100.net
www.google.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
api.segment.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
imgix.net
hoopla.imgix.net |
29 KB |
6 |
cloudfront.net
d16s6o6uu491xt.cloudfront.net |
410 KB |
5 |
hoopla.no
1 redirects
knuden.hoopla.no |
7 KB |
4 |
split.io
sdk.split.io |
1 KB |
3 |
google-analytics.com
www.google-analytics.com |
21 KB |
1 |
segment.io
api.segment.io |
143 B |
1 |
google.com
www.google.com |
522 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
462 B |
1 |
segment.com
cdn.segment.com |
54 KB |
1 |
gstatic.com
fonts.gstatic.com |
23 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
63 KB |
1 |
facebook.net
connect.facebook.net |
26 KB |
1 |
googleapis.com
fonts.googleapis.com |
943 B |
1 |
knuden.no
1 redirects
www.billett.knuden.no |
148 B |
37 | 14 |
Domain | Requested by | |
---|---|---|
12 | hoopla.imgix.net |
knuden.hoopla.no
|
6 | d16s6o6uu491xt.cloudfront.net |
knuden.hoopla.no
d16s6o6uu491xt.cloudfront.net |
5 | knuden.hoopla.no |
1 redirects
d16s6o6uu491xt.cloudfront.net
|
4 | sdk.split.io |
d16s6o6uu491xt.cloudfront.net
|
3 | www.google-analytics.com |
d16s6o6uu491xt.cloudfront.net
www.google-analytics.com |
1 | api.segment.io |
d16s6o6uu491xt.cloudfront.net
|
1 | www.google.com |
knuden.hoopla.no
|
1 | stats.g.doubleclick.net |
d16s6o6uu491xt.cloudfront.net
|
1 | cdn.segment.com |
knuden.hoopla.no
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googletagmanager.com |
knuden.hoopla.no
|
1 | connect.facebook.net |
d16s6o6uu491xt.cloudfront.net
|
1 | fonts.googleapis.com |
knuden.hoopla.no
|
1 | www.billett.knuden.no | 1 redirects |
37 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.knuden.no |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.hoopla.no R3 |
2021-08-26 - 2021-11-24 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-09-09 - 2021-12-08 |
3 months | crt.sh |
*.split.io GlobalSign Atlas R3 DV TLS CA 2020 |
2021-03-22 - 2022-04-23 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.segment.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-19 - 2022-08-09 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-05-10 - 2022-06-11 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://knuden.hoopla.no/sales
Frame ID: 20D24FE1B6DA012A386CB3FE5061D50D
Requests: 35 HTTP requests in this frame
Screenshot
![](/screenshots/66bea09a-60bd-4cbe-b546-2a73fd4ccc7e.png)
Page Title
Knuden - Kristiansand kulturskole | Se arrangementer og kjøp billetter | HooplaPage URL History Show full URLs
-
https://www.billett.knuden.no/
HTTP 301
http://knuden.hoopla.no/sales HTTP 301
https://knuden.hoopla.no/sales Page URL
Detected technologies
![](/vendor/wappa/icons/React.png)
Detected patterns
- <[^>]+data-react
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
![](/vendor/wappa/icons/Segment.png)
Detected patterns
- cdn\.segment\.com/analytics\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Arrangørens hjemmeside
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.billett.knuden.no/
HTTP 301
http://knuden.hoopla.no/sales HTTP 301
https://knuden.hoopla.no/sales Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
sales
knuden.hoopla.no/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 943 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.production.js
d16s6o6uu491xt.cloudfront.net/sales-3/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.sales.production.js
d16s6o6uu491xt.cloudfront.net/sales-3/daab2bb/ |
831 KB 240 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.sales.production.css
d16s6o6uu491xt.cloudfront.net/sales-3/daab2bb/ |
75 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5f5a80f5-65bf-4ae9-8f4b-c5150d50157b
sdk.split.io/api/mySegments/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
splitChanges
sdk.split.io/api/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.2.production.js
d16s6o6uu491xt.cloudfront.net/sales-3/daab2bb/ |
61 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
187 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f5a80f5-65bf-4ae9-8f4b-c5150d50157b
sdk.split.io/api/mySegments/ |
17 B 253 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splitChanges
sdk.split.io/api/ |
2 KB 995 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ecommerce.js
www.google-analytics.com/plugins/ua/ |
1 KB 890 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
526730746
knuden.hoopla.no/api/v2.0/public/organizations/ |
1 KB 867 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
terms
knuden.hoopla.no/api/v2.0/public/organizations/526730746/ |
2 B 117 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events
knuden.hoopla.no/api/v2.0/public/organizations/526730746/ |
19 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/urhwfPoIIkrnOSbWEM2nuuvucZRZeIwz/ |
348 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 462 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_4549.1628598412.jpg
hoopla.imgix.net/production/526730746/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
melodiverksted.1631521425.png
hoopla.imgix.net/production/526730746/ |
916 B 1015 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tiktokdansekurs.1631866476.png
hoopla.imgix.net/production/526730746/ |
912 B 1006 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dood_ukulele.1631521312.png
hoopla.imgix.net/production/526730746/ |
820 B 948 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
teaterkurs.1631521384.png
hoopla.imgix.net/production/526730746/ |
748 B 847 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dood_ukulele.1631521513.png
hoopla.imgix.net/production/526730746/ |
850 B 978 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
teaterkurs.1631521472.png
hoopla.imgix.net/production/526730746/ |
746 B 846 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kjenningsmelodien.1631521649.png
hoopla.imgix.net/production/526730746/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dansekurs.1631521599.png
hoopla.imgix.net/production/526730746/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dansekurs.1631521701.png
hoopla.imgix.net/production/526730746/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
musikalkonsert-med-sangelever.1631184779.png
hoopla.imgix.net/production/526730746/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 522 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.9.production.js
d16s6o6uu491xt.cloudfront.net/sales-3/daab2bb/ |
96 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knuden_logobilde16.1570610379.jpg
hoopla.imgix.net/production/526730746/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.woff
d16s6o6uu491xt.cloudfront.net/sales-3/daab2bb/public/fonts/ |
102 KB 103 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 143 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster string| ORGANIZATION_ID string| ORGANIZATION_GOOGLE_ANALYTICS string| ORGANIZATION_FB_PIXEL object| SPLITIO_SERVER_TREATMENTS function| webpackJsonp object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| analytics function| normalize5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
knuden.hoopla.no/ | Name: split_uid Value: 5f5a80f5-65bf-4ae9-8f4b-c5150d50157b |
|
.knuden.hoopla.no/ | Name: _ga Value: GA1.3.1346156909.1631946679 |
|
.knuden.hoopla.no/ | Name: _gid Value: GA1.3.2041255126.1631946679 |
|
.knuden.hoopla.no/ | Name: _gat_UA243664956 Value: 1 |
|
.hoopla.no/ | Name: ajs_anonymous_id Value: %228f757471-f608-4bd9-bf39-4f203318127e%22 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.segment.io
cdn.segment.com
connect.facebook.net
d16s6o6uu491xt.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hoopla.imgix.net
knuden.hoopla.no
sdk.split.io
stats.g.doubleclick.net
www.billett.knuden.no
www.google-analytics.com
www.google.com
www.googletagmanager.com
142.250.181.232
142.250.184.234
142.250.185.99
143.204.101.99
143.204.99.83
151.101.114.208
151.101.131.9
151.101.2.133
172.217.16.142
172.217.23.100
194.63.248.52
31.13.92.14
34.210.41.193
74.125.133.157
0e1b4bcdafc6cf353dd8feebaf8defb528768e9e48cb83c7a9f1fccc4e2c61c4
0e90b2b6413fc3096c18b952a31e755d42165cbd132ee421ae838934dc1a6e1a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1a4fe975d575629f73554db5469dfb962f64e07d9ad68d1f4bd8ebaa6e34d4e7
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
2ce1722493f24435698bccf721514f4cbca04744bf284d05d87d10205fafb853
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3c700c5d18f88013f60a11ddd2ce9b8e44eccfbee5e77dc66575abe64c89e5e6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
672aa1ee9a3c7319b79330f6f599a8e604a90b7324eecc3bcc5cbd7e6f89629d
7f6b3ab0eceadab9aa72c08776b18a1eeff05ed1900a8441f116825df88c708a
81df283e6bdb011a6587df7dc50ffc32bb55828030a7f7088b3cbbeaf8cd8265
864c8442c0f0e1e9c4f6af64d35093a755f5a08f8266d8e3059ce7f9d1101289
88c216fadd4f13f678035809b8ed137f61cf34a855859310ed4b53b44d8e085d
8b5ab6e44a3ad0620adc4e928ded46f4d8114712d1c1a9b050af2371748ae977
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
90ce39bfc8fc6bdd6094f83e539dadb4e7efeef258968afe7d7639c3db59d55b
96e7f77e8afda31b8b506a35de6c1458e73e81f89698980d0d5f245ef428e41b
99638297dc0566bcd47f7bbfe2d2a5bab6bb0130ef493299f98a0513360a6230
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08e794e985fc88f58ad144420f9f5558ae4d2a62e9d49254ac85791087a4a55
b2051714dbb2bb79da7fae1ce270bf63957033a3ea11a40465b021a3fe8ffeb9
ba24394b4249c7938076541a79b70f51fbd3ec5d3a09f4ea9dffa4241c7e3afc
ba9c5fc65782b55b3b35ffafe8f7ffecf6953a9b4713c06928d4af4d89c74d9b
be913c40ccdb9b087752b369769558c84802209b937ffbfe72ef0991f5fedc19
c22c2334efe58820f25d3535c394908bd18700376b98dab7ae65ed84ced8f0eb
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d5f1c76620875851a634bc5349bc3177c262f6bfbfb5fcfa7c7b1ff91d1bd36d
dff09417714c9d59b9d5dcd51fb1cb74eb43837f437ab50c2d50800e5b61b31b
e29f95ade4421680bd91f1b97d107a0ca96c54cccc1bf9ee6af4c76a4d2cef28
e89710435db87a03861e96119a94faaea4a4673215157671c3094c3a63d936c3
ea8337f4a39842eac0a4afec6bc4f9bce84107b2c4387667067f7b41e2cf320e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62