![](/screenshots/7c5be1f2-33f9-4778-bcf2-9685b5a8c35c.png)
thriftyautosaving.club
Open in
urlscan Pro
2606:4700:30::681b:9cc7
Public Scan
Effective URL: https://thriftyautosaving.club/
Submission: On October 29 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 29th 2019. Valid for: a year.
This is the only time thriftyautosaving.club was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 2606:4700:30:... 2606:4700:30::681b:9cc7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2606:4700:20:... 2606:4700:20::6819:7f6e | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
6 | 2a02:6b8::173 2a02:6b8::173 | 13238 (YANDEX) (YANDEX) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
6 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
37 | 8 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
thriftyautosaving.club |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.useproof.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
thriftyautosaving.club
1 redirects
thriftyautosaving.club |
1 MB |
6 |
gstatic.com
fonts.gstatic.com |
116 KB |
6 |
yandex.ru
api-maps.yandex.ru |
392 KB |
2 |
facebook.com
www.facebook.com |
504 B |
2 |
facebook.net
connect.facebook.net |
88 KB |
2 |
useproof.com
cdn.useproof.com |
126 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
37 | 8 |
Domain | Requested by | |
---|---|---|
17 | thriftyautosaving.club |
1 redirects
thriftyautosaving.club
|
6 | fonts.gstatic.com |
thriftyautosaving.club
|
6 | api-maps.yandex.ru |
thriftyautosaving.club
api-maps.yandex.ru |
2 | www.facebook.com |
thriftyautosaving.club
|
2 | connect.facebook.net |
thriftyautosaving.club
connect.facebook.net |
2 | cdn.useproof.com |
thriftyautosaving.club
cdn.useproof.com |
2 | fonts.googleapis.com |
thriftyautosaving.club
|
1 | code.jquery.com |
thriftyautosaving.club
|
37 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-10-29 - 2020-10-09 |
a year | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
ssl372660.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-09-18 - 2020-03-26 |
6 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
api-maps.yandex.ru Yandex CA |
2019-10-09 - 2020-04-06 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-09-22 - 2019-12-20 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://thriftyautosaving.club/
Frame ID: B94AC5F449B7129AA0EA8FD4D24CF646
Requests: 36 HTTP requests in this frame
Frame:
https://cdn.useproof.com/proxy/index.html
Frame ID: B290C38BA3E79E1421F0EFD7C00EC745
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/7c5be1f2-33f9-4778-bcf2-9685b5a8c35c.png)
Page URL History Show full URLs
-
http://thriftyautosaving.club/
HTTP 302
https://thriftyautosaving.club/ Page URL
Detected technologies
Detected patterns
- headers server /^cloudflare$/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://thriftyautosaving.club/
HTTP 302
https://thriftyautosaving.club/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
thriftyautosaving.club/ Redirect Chain
|
55 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
87fce025418dc2e1d167f122ad6ff872-1571944587
thriftyautosaving.club/combine/ |
144 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
25 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 695 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proof.js
cdn.useproof.com/ |
486 KB 126 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
thriftyautosaving.club/themes/website/assets/medicare2/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mail.svg
thriftyautosaving.club/themes/website/assets/medicare2/images/ |
343 B 316 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.svg
thriftyautosaving.club/themes/website/assets/medicare2/images/ |
392 B 322 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flipboard.svg
thriftyautosaving.club/themes/website/assets/medicare2/images/ |
671 B 314 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.svg
thriftyautosaving.club/themes/website/assets/medicare2/images/ |
719 B 483 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.svg
thriftyautosaving.club/themes/website/assets/medicare2/images/ |
297 B 325 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
thriftyautosaving.club/themes/website/assets/medicare2/images/fivecostlymistakespage/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.jpg
thriftyautosaving.club/themes/website/assets/medicare2/images/fivecostlymistakespage/ |
114 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.jpg
thriftyautosaving.club/themes/website/assets/medicare2/images/fivecostlymistakespage/ |
130 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.jpg
thriftyautosaving.club/themes/website/assets/medicare2/images/fivecostlymistakespage/ |
112 KB 112 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.jpg
thriftyautosaving.club/themes/website/assets/medicare2/images/fivecostlymistakespage/ |
229 KB 230 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.jpg
thriftyautosaving.club/themes/website/assets/medicare2/images/fivecostlymistakespage/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.jpg
thriftyautosaving.club/themes/website/assets/medicare2/images/fivecostlymistakespage/ |
172 KB 172 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
48c2a1224d06439bd1d6c02787dc67f4-1571944593
thriftyautosaving.club/combine/ |
178 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api-maps.yandex.ru/2.0/ |
71 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ |
59 KB 60 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
cdn.useproof.com/proxy/ Frame B290 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
520410992066571
connect.facebook.net/signals/config/ |
281 KB 65 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
combine
api-maps.yandex.ru/2.0/ |
1 MB 369 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 358 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ef50ac9e93aaebe3299791c79f277f8e.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3ce22e999d54bb9ca8150a59207f9d3e.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4965b66fe115b2f2ed500ece66514d86.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
77492cf358d8b12629399322926c93f2.cur
api-maps.yandex.ru/2.0/images/ |
326 B 651 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| atcEvent function| fbq function| _fbq function| setImmediate function| clearImmediate function| $ function| jQuery function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this boolean| ios function| cash object| M object| Waves object| ymaps object| YMaps function| merge object| provider object| states4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.useproof.com/ | Name: __cfduid Value: da07423d87945b87d0094eb1a165edd861572379577 |
|
.thriftyautosaving.club/ | Name: _fbp Value: fb.1.1572379577943.335201114 |
|
thriftyautosaving.club/ | Name: october_session Value: eyJpdiI6IkZCUmh2Umx6T0x0aEhkZFphblZGRnc9PSIsInZhbHVlIjoiV1lDSHRhdU80STFRUUlxRnM2alFVbHBwZWtvSXRGd0FBWmtZRTJrS1Z4SEFySmVlRFg5Zkx4eEZLUEZ3SUFxYTUya25UWENKeFk2czY1bENORXZQOWc9PSIsIm1hYyI6ImU1NDAxMTNiNzcxZWIyMTA2MGZjMDc3NDJkYmU4MzNjMWExMTM5NmYzMTgyZWFmMmRiZmRkNTgyN2M5OWRiYjgifQ%3D%3D |
|
.thriftyautosaving.club/ | Name: __cfduid Value: d021a463f3e1e182941d5a1303ed0d7fc1572379577 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-maps.yandex.ru
cdn.useproof.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
thriftyautosaving.club
www.facebook.com
2001:4de0:ac19::1:b:1b
2606:4700:20::6819:7f6e
2606:4700:30::681b:9cc7
2a00:1450:4001:815::2003
2a00:1450:4001:820::200a
2a02:6b8::173
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0edd75154d387bf3f2a42f63c88f7e3ae4e2aa0aaca4e08cb80af5235820b1ef
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
21886b00e8ab43aaf4133732fa6df101c6be4150a77fd0aa58f47ca07d99a93e
28c396888bc06415aaf87ea07c652b5ac265fbd82f3bb301e2d8ba1d6732e3f5
37e841840595e22f9c3e2deb8faa3f2071110419d7a11a248fddea3b36b3c172
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3e40f24ad2a22721c895a423ef5dc0e4d330a1bbcdee7435efe835b39ad254b8
429864f5de85b15fc28ba60a4f575537d7bb41a25e2b9bc93ac9faf9efc73858
47d242cf101ab7623a8637f5a179c3c6584d319f2a15793b5899a1cc59a127ea
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6342568b3361f2aa88d09c271ef6366620849901484158b9ac1b69faee8e2449
8a0b78bec83a162871a543638bd723fc5c02daa419c754b51761fee336acd22f
8a5c4c625c94ed1cca7500a877a5b6f1ac21586b354f906a9c7db3d2ed5c5ba9
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
96c4e4ff1efaabdec52be086c84d13529ad291025c40b7917763fb2abb4b9ad8
a055c9f418f11e12d06db366d561eda15aca47979040f2e3c379f9a799849861
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
aa7f082c52d932651cae08fa64f6282a0d25cf8c267852f931dbf65cbcf4fe8f
b02eb6a63bca577aa26a3d54c450cd179dab7b63e08cb8830411bca8f853c002
b406699674a42aadfe84325efdf33866af896f858165cb0cb36c2b485140db3e
b55244a821da4ebaaafeb426753f159086098e94d0fdd29d59cdf8aad5cf4748
caa634144fdf6573cfee7941e802cd8c06bd0bd321ef1131022bfdea2b84736a
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf0531c87b5b3060c69a56860a3708f51ce4fac4bc14c7d009ccd81e4964423c
daacb9e2f6bed0d1f115d7ea06cef6dde5943b214d8f8c697b93ba2cf56602d1
dac93594910ce7324ddc33b0f24be26d6fd3b9f38d2e2055552a44d9c854768a
dc914eed11a61b47bcfe286d813182975080b18744122d997abe7dd0ccdb7286
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872