bankmoshtari.com
Open in
urlscan Pro
185.141.168.131
Public Scan
Submitted URL: https://www.irangarditour.bankmoshtari.com/
Effective URL: https://bankmoshtari.com/irangarditour/
Submission: On June 15 via automatic, source certstream-suspicious
Effective URL: https://bankmoshtari.com/irangarditour/
Submission: On June 15 via automatic, source certstream-suspicious
Summary
This website contacted 9 IPs
in 3 countries
across 6 domains to perform 27 HTTP transactions.
The main IP is 185.141.168.131, located in
Iran, Islamic Republic Of and
belongs to ASIATECH, IR.
The main domain is bankmoshtari.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 18th 2020. Valid for: 3 months.
This is the only time bankmoshtari.com was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on May 18th 2020. Valid for: 3 months.
This is the only time bankmoshtari.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 18 | 185.141.168.131 185.141.168.131 | 43754 (ASIATECH) (ASIATECH) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:814::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 13.225.87.21 13.225.87.21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 172.67.174.163 172.67.174.163 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 27 | 9 |
18
185.141.168.131
(Iran, Islamic Republic Of)
ASN43754 (ASIATECH, IR)
PTR: ir96.talahost.com
ASN43754 (ASIATECH, IR)
PTR: ir96.talahost.com
| www.irangarditour.bankmoshtari.com | |
| bankmoshtari.com |
1
13.225.87.21
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-21.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-21.fra2.r.cloudfront.net
| cdn.linearicons.com |
4
172.67.174.163
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| cdn.yektanet.com | |
| audience.yektanet.com | |
| ua.yektanet.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 18 |
bankmoshtari.com
1 redirects
www.irangarditour.bankmoshtari.com bankmoshtari.com |
638 KB |
| 4 |
yektanet.com
cdn.yektanet.com audience.yektanet.com ua.yektanet.com |
9 KB |
| 2 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
137 KB |
| 2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
34 KB |
| 1 |
linearicons.com
cdn.linearicons.com |
2 KB |
| 1 |
google.com
www.google.com |
616 B |
| 27 | 6 |
| Domain | Requested by | |
|---|---|---|
| 17 | bankmoshtari.com |
bankmoshtari.com
ajax.googleapis.com |
| 2 | ua.yektanet.com |
cdn.yektanet.com
|
| 1 | audience.yektanet.com |
cdn.yektanet.com
|
| 1 | fonts.gstatic.com |
bankmoshtari.com
|
| 1 | cdn.yektanet.com |
bankmoshtari.com
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | cdn.linearicons.com |
bankmoshtari.com
|
| 1 | www.google.com |
bankmoshtari.com
|
| 1 | ajax.googleapis.com |
bankmoshtari.com
|
| 1 | fonts.googleapis.com |
bankmoshtari.com
|
| 1 | www.irangarditour.bankmoshtari.com | 1 redirects |
| 27 | 11 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.facebook.com |
| instagram.com |
| plus.google.com |
| telegram.me |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| bankmoshtari.ir Let's Encrypt Authority X3 |
2020-05-18 - 2020-08-16 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| www.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| cdn.linearicons.com Amazon |
2020-03-20 - 2021-04-20 |
a year | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-16 - 2020-10-09 |
8 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://bankmoshtari.com/irangarditour/
Frame ID: 2F933529DC74E4D34B8206AB4FC15215
Requests: 27 HTTP requests in this frame
Frame:
https://ua.yektanet.com/cookie/iframe/
Frame ID: 89D3E7D9C2F47D11246FF08391C7CD8E
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.irangarditour.bankmoshtari.com/
HTTP 301
https://bankmoshtari.com/irangarditour/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://www.facebook.com/
Search URL Search Domain Scan URL
URL: https://instagram.com/bankmoshtari
Search URL Search Domain Scan URL
URL: https://plus.google.com/
Search URL Search Domain Scan URL
URL: https://telegram.me/bankmoshtari
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.irangarditour.bankmoshtari.com/
HTTP 301
https://bankmoshtari.com/irangarditour/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
bankmoshtari.com/irangarditour/ Redirect Chain
|
46 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
47 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
720c6d959df4f815a0062b7460fec3d5.css
bankmoshtari.com/wp-content/cache/min/1/ |
805 KB 134 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ |
91 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
674 B 616 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
613499b460278b18af19a681ca4ff5c5.js
bankmoshtari.com/wp-content/cache/min/1/ |
191 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-font.min.css
cdn.linearicons.com/free/1.0.0/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cp_logo_black.png
bankmoshtari.com/wp-content/themes/bank-moshtari/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
468-60.gif
bankmoshtari.com/wp-content/uploads/2017/11/ |
40 KB 40 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.jpg
bankmoshtari.com/wp-content/uploads/2020/06/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
07ee7434b7b70e1be7237e6be9e74116.js
bankmoshtari.com/wp-content/cache/min/1/ |
498 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/ |
339 KB 126 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dashicons.min.css
bankmoshtari.com/wp-includes/css/ |
46 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
bankmoshtari.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ |
86 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IRANSans-web.woff2
bankmoshtari.com/wp-content/themes/bank-moshtari/fonts/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IRANSansWeb_UltraLight.woff2
bankmoshtari.com/wp-content/plugins/mihanpanel/css/fonts/woff2/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IRANSans-Medium-web.woff2
bankmoshtari.com/wp-content/themes/bank-moshtari/fonts/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v2/yn-6475-adv/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sn.png
bankmoshtari.com/wp-content/themes/bank-moshtari/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IRANSans-Bold-web.woff2
bankmoshtari.com/wp-content/themes/bank-moshtari/fonts/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
select.png
bankmoshtari.com/wp-content/themes/bank-moshtari/images/ |
1003 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
overlay.png
bankmoshtari.com/wp-content/themes/bank-moshtari/theme-framework/js/colorbox/images/ |
115 B 178 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
audience.yektanet.com/api/v1/scripts/preview/validate/ |
5 B 192 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
ua.yektanet.com/cookie/iframe/ Frame 89D3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
__fake.gif
ua.yektanet.com/ |
3 B 341 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IRANSansWeb_Bold.woff2
bankmoshtari.com/wp-content/plugins/mihanpanel/css/fonts/woff2/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
114 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| validateL10n object| classipress_params object| gform_gravityforms string| yektanetAnalyticsObject function| yektanet object| gf_global object| uiAutocompleteL10n object| heartbeatSettings object| gf_partial_entries_strings_14 object| elementorFrontendConfig function| $ function| jQuery string| defaultSettings function| cp_tab_control function| imagePreview function| unescapeHtml function| addRemoveCheckboxValues function| trim function| enableNextImage function| cp_currency_position function| cp_show_price_slider function| cp_reposition_widgets function| confirmBeforeDeleteAd function| cp_handle_form_category_select function| cp_get_subcategories function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile function| gformIsHidden function| gformCalculateTotalPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformToggleIcons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| renderRecaptcha function| gformValidateFileSize function| gformInitSpinner function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar object| _gformPriceFields undefined| _anyProductSelected function| GFCalc object| gform undefined| __gf_keyup_timeout boolean| MXI_DEBUG function| origParseInt function| origParseFloat object| footable object| gfMultiFileUploader object| moxie object| mOxie object| o object| plupload object| recaptcha object| addComment object| wp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| jQuery11020928555783899307 object| GF_Partial_Entries object| elementorModules object| DialogsManager function| Waypoint function| Swiper function| ShareLink object| elementorFrontend string| waypointContextKey object| ynWebpackJsonp boolean| yektanet_ua-script-yn-6475-adv_is_loaded9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .yektanet.com/ | Name: _yngt Value: a5319a95-5b78-4b39-cb52-dc89c5b31701 |
|
| .yektanet.com/ | Name: __cf_bm Value: 5f1318661096864534963eee7610d076d98aa380-1592239506-1800-AW5ufdkbX3BlnSHAjxeDKWbIukfKTzF7H/zP3Hgv9zJCY1TYceb1bZTsG/19M5FOM+PdpvEmQUoFS9x4xAdcb9k= |
|
| .yektanet.com/ | Name: analytics_global_token Value: a5319a95-5b78-4b39-cb52-dc89c5b31701 |
|
| .yektanet.com/ | Name: gearbox_ad_token Value: a5319a95-5b78-4b39-cb52-dc89c5b31701 |
|
| bankmoshtari.com/ | Name: _yngt Value: a5319a95-5b78-4b39-cb52-dc89c5b31701 |
|
| bankmoshtari.com/ | Name: yektanet_session_last_activity Value: 6/15/2020 |
|
| bankmoshtari.com/ | Name: analytics_session_token Value: fafc742f-991e-3ed5-e59f-73702dc9d955 |
|
| bankmoshtari.com/ | Name: analytics_token Value: 02f33893-946c-8320-77a9-7d70dffc7263 |
|
| bankmoshtari.com/ | Name: analytics_campaign Value: {%22source%22:%22direct%22%2C%22medium%22:null} |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
audience.yektanet.com
bankmoshtari.com
cdn.linearicons.com
cdn.yektanet.com
fonts.googleapis.com
fonts.gstatic.com
ua.yektanet.com
www.google.com
www.gstatic.com
www.irangarditour.bankmoshtari.com
13.225.87.21
172.67.174.163
185.141.168.131
2a00:1450:4001:802::200a
2a00:1450:4001:814::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1e02e78f5ad2cc90685fce81d2b6380d7b54ec297c3c71581496379bd4a5dc56
1e7f3a50d05bce06373b7fd8e3c957ac0591cad88af23d2c118c783431d15de3
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
451982b237158f3f60fbb8b63f0b3047288491afcf4909f34cad552a5a7cc6f2
48cec3943b7e93c3a0f51fb7a5b66eb7b1c7ce4ab3a30fc6c3365d84d13c70e2
4f679b4aa455d4216bfa5e961927cbf1883f8a99607c708f45b67140290dce81
63bfd32beb90545a741145fed03392c86205a9033268acdacca8833dfd85680e
642f9a38636aabecbe30b299570ec00039a4c2874df5b9148792a9ad6a279dc5
643dcd0b0e30163ccf6e04d583fe964a1938c6e4be027b3045d756826420f5dd
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
752df758c0fc34e6a6c0459a43d88fc37d622528b45468b6be5db2e95a0b86cd
83f2088182a1c38208b59ea971a02dac54f9f0e82af6d4ba938532456f88e51a
84983d6680020e8f8dde4c6073df7d187b0c160be7ddb185460bb0d6a69ee277
87ee11c39967bd54cf0f7701436f912967d47f4b96c8af912efa4f13d2502b87
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b342eab6ea51af14f0faf573725c06a0805513696dad230a531044e726457bb
a068d909851e4b57d0847b6c35457ab980463710e124a7e5e26b642e7f9f64fa
af86b890070fab2cf95d1cdd277f5f477c97e3c6538fdbd5744483d8cb4cfbe8
b6ca0ded56540f9d891bbec1f2f9c0ea38a9ae9c774efc700ffd1c1c3bc85014
c068a89ef837ef5834df686b8f32a8705599f1f5fa5168ae97087b2eee31955e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d51ddf375328107f85c23b2de73865954ad764d874dca0ceea8277dd60115f6e
d98154def0bdb2cd7299b5a38f7dcbcd3a22cc1072271d7f4902964b5823a0c6
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa