rogerupdate.biz.id
Open in
urlscan Pro
2606:4700:3037::6815:14b5
Public Scan
Submission: On September 13 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on September 13th 2023. Valid for: 3 months.
This is the only time rogerupdate.biz.id was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-68.fra60.r.cloudfront.net
www.bpmcdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-54.fra56.r.cloudfront.net
www.vmcdn.ca |
ASN16625 (AKAMAI-AS, US)
PTR: a23-67-130-142.deploy.static.akamaitechnologies.com
beta.ctvnews.ca |
ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net
s4.histats.com |
Domain | Requested by | |
---|---|---|
13 | rogerupdate.biz.id |
rogerupdate.biz.id
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.profitablecreativeformat.com |
rogerupdate.biz.id
|
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
rogerupdate.biz.id
|
1 | beta.ctvnews.ca |
rogerupdate.biz.id
|
1 | saltwire.imgix.net |
rogerupdate.biz.id
|
1 | www.vmcdn.ca |
rogerupdate.biz.id
|
1 | www.winnipegfreepress.com |
rogerupdate.biz.id
|
1 | www.yorkpress.co.uk |
rogerupdate.biz.id
|
1 | www.bpmcdn.com |
rogerupdate.biz.id
|
1 | www.operationsports.com |
rogerupdate.biz.id
|
1 | cloudinary.jpbgdigital.com |
rogerupdate.biz.id
|
1 | images.squarespace-cdn.com |
rogerupdate.biz.id
|
1 | static1.squarespace.com | 1 redirects |
1 | oilersnation.com |
rogerupdate.biz.id
|
1 | yess-online.com |
rogerupdate.biz.id
|
1 | fonts.googleapis.com |
rogerupdate.biz.id
|
35 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
superbthemes.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rogerupdate.biz.id GTS CA 1P5 |
2023-09-13 - 2023-12-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
yess-online.com GTS CA 1P5 |
2023-08-16 - 2023-11-14 |
3 months | crt.sh |
profitablecreativeformat.com R3 |
2023-07-31 - 2023-10-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-11 - 2024-04-10 |
a year | crt.sh |
jpbgdigital.com GTS CA 1P5 |
2023-08-24 - 2023-11-22 |
3 months | crt.sh |
operationsports.com GTS CA 1P5 |
2023-07-23 - 2023-10-21 |
3 months | crt.sh |
www.bpmcdn.com Amazon RSA 2048 M01 |
2023-05-16 - 2024-06-13 |
a year | crt.sh |
yorkpress.co.uk R3 |
2023-07-26 - 2023-10-24 |
3 months | crt.sh |
winnipegfreepress.com R3 |
2023-07-31 - 2023-10-29 |
3 months | crt.sh |
www.vmcdn.ca Amazon RSA 2048 M02 |
2023-08-21 - 2024-09-17 |
a year | crt.sh |
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1 |
2023-03-05 - 2024-04-05 |
a year | crt.sh |
news.bellmedia.ca Entrust Certification Authority - L1F |
2023-08-01 - 2024-09-01 |
a year | crt.sh |
histats.com R3 |
2023-08-29 - 2023-11-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rogerupdate.biz.id/
Frame ID: C69A4CF499BE6DAE01ACED6B0052A921
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Paulupdate - Top Headlines TodayDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Newspaperly WordPress Theme
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://static1.squarespace.com/static/59ee4da97131a5b48cf2c51b/t/6500f7dec96758438a69c3f0/1694563917590/header_backlund.jpg?format=1500w HTTP 301
- https://images.squarespace-cdn.com/content/59ee4da97131a5b48cf2c51b/1694562271029-HMMI8Y6YRQ1QISYRXQQN/header_backlund.jpg?format=1500w&content-type=image%2Fjpeg
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rogerupdate.biz.id/ |
55 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
rogerupdate.biz.id/wp-includes/css/dist/block-library/ |
102 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
rogerupdate.biz.id/wp-content/themes/newspaperly/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
rogerupdate.biz.id/wp-content/themes/newspaperly/ |
48 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
rogerupdate.biz.id/wp-includes/js/jquery/ |
85 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
rogerupdate.biz.id/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close.png
yess-online.com/ |
566 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
navigation.js
rogerupdate.biz.id/wp-content/themes/newspaperly/js/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
skip-link-focus-fix.js
rogerupdate.biz.id/wp-content/themes/newspaperly/js/ |
685 B 892 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.flexslider.js
rogerupdate.biz.id/wp-content/themes/newspaperly/js/ |
53 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
rogerupdate.biz.id/wp-content/themes/newspaperly/js/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
accessibility.js
rogerupdate.biz.id/wp-content/themes/newspaperly/js/ |
1 KB 994 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
frontend.min.js
rogerupdate.biz.id/wp-content/plugins/q2w3-fixed-widget/js/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
72ee93ba-2661-4979-a6af-4cc60ccafe8c
https://rogerupdate.biz.id/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.profitablecreativeformat.com/f8a827f3c32d9f00d4e1b90ff762fb19/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.profitablecreativeformat.com/f8a827f3c32d9f00d4e1b90ff762fb19/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.profitablecreativeformat.com/f8a827f3c32d9f00d4e1b90ff762fb19/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
oilersnation.com/_next/ |
98 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_backlund.jpg
images.squarespace-cdn.com/content/59ee4da97131a5b48cf2c51b/1694562271029-HMMI8Y6YRQ1QISYRXQQN/ Redirect Chain
|
194 KB 195 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6500f477023d160baa710f3ejpeg.jpg
cloudinary.jpbgdigital.com/dmlwdg4vj/image/fetch/w_1200,h_675/https://s3.amazonaws.com/socast-superdesk/media/20230912230928/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nhl-24.png
www.operationsports.com/wp-content/uploads/2023/09/ |
302 KB 302 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web1_220330-gng-viewroyal-grantsinaid-filepics_6.jpg;w=1200;h=800;mode=crop
www.bpmcdn.com/f/files/shared/feeds/gps/2023/09/ |
205 KB 206 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.yorkpress.co.uk/resources/images/16543860/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20230831230856-64f1615ea1bfc64eed97eb9ejpeg.jpg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2023/09/ |
58 KB 58 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vpd.jpg;w=1200;h=800;mode=crop
www.vmcdn.ca/f/files/via/images/police/stock-police-photos/ |
165 KB 165 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sutherland_roy_scott_a_rgbjpg2023-09-13-0015067084430000.jpg
saltwire.imgix.net/2023/9/13/ |
19 KB 20 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_6224351.jpg
beta.ctvnews.ca/content/dam/ctvnews/images/2023/9/12/ |
203 KB 204 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-emoji-release.min.js
rogerupdate.biz.id/wp-includes/js/ |
18 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
48 B 182 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| atOptions object| _Hasync object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded function| chfh function| chfh2 string| _HST_cntval object| Histats object| twemoji object| wp object| _HistatsCounterGraphics_0_setValues7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rogerupdate.biz.id/ | Name: HstCfa4799799 Value: 1694576211670 |
|
rogerupdate.biz.id/ | Name: HstCla4799799 Value: 1694576211670 |
|
rogerupdate.biz.id/ | Name: HstCmu4799799 Value: 1694576211670 |
|
rogerupdate.biz.id/ | Name: HstPn4799799 Value: 1 |
|
rogerupdate.biz.id/ | Name: HstPt4799799 Value: 1 |
|
rogerupdate.biz.id/ | Name: HstCnv4799799 Value: 1 |
|
rogerupdate.biz.id/ | Name: HstCns4799799 Value: 1 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beta.ctvnews.ca
cloudinary.jpbgdigital.com
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
oilersnation.com
rogerupdate.biz.id
s10.histats.com
s4.histats.com
saltwire.imgix.net
static1.squarespace.com
www.bpmcdn.com
www.operationsports.com
www.profitablecreativeformat.com
www.vmcdn.ca
www.winnipegfreepress.com
www.yorkpress.co.uk
yess-online.com
13.32.121.68
149.56.240.130
151.101.0.238
151.101.192.238
173.233.137.52
18.66.112.54
23.67.130.142
2606:4700:10::6814:91f
2606:4700:20::ac43:46d4
2606:4700:3036::ac43:8820
2606:4700:3037::6815:14b5
2606:4700::6812:1e0f
2606:4700::6812:aa5
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a04:4e42:8d::720
2a04:fa87:fffd::c000:4221
93.174.10.103
0ec1bcb240a53aa0a9652b960b56db9e79d1b380f7e8ecb67be7522462798a85
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
206002f1379d963912a5c6a7aea04bbcb08f75025e2fa3874efd2d20d1acd240
20ef2c99ddadc8c119dd5b243fb8f9f2c75548cce0ced2f58c60436d5b096c1a
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2d0b3654a4dedf62280d3bb395fa0ec5bba302a79d8b87242bd9876273a07c4a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3607065629dc85c928677d972f541e82f7da6aa6d645f3e8e90fd1f1dfaa53b8
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4d903af94c56af30e4680c115f6ecd0087b9b2c1bedc2eb4f34d507ca8073dff
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ccf3accdb87668a16e8dcb41a1458187dd640ef7350edfaf67f03932ad7be94
62255b86df2897ca48a988c9cec452c56e23c567bebe781e6458f94763b5fc8f
63314cbd8cedfe460c49f2ffa83f639b447436931891c8a612a9fcb208acfd7b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6e05025c55d9e6af0a1809b07843e2a8f016e7dabe67f8a9cdaa9e4c637977ce
70dde93bfc1bc64d28da0dddb05c73a418acf5eaf438cb3769b17e91b49c672c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79fea2d4283fc0e81c65f642db9f567f9a97b1473aeb1319aae6a1b6638976f9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9325c288a7712b87704e285a964fbd2a650fdf40bf10691c5058d0b99849076d
9379d5bf6104530deea46470f6735f378c6d730c6c3d921d7fa936a4c97b7163
9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
fbb7cc1a7d1fa43c59e9a8db86455c5879017827abaa65fd1a912ab2cb879f71
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fed02fb04d467ddb57259137f0a1796303d00b533c403ffe5534bdff1ed75d7a