![](/screenshots/8b3bc71c-35bc-47c9-a5da-db642023aa34.png)
2ad.ir
Open in
urlscan Pro
185.49.85.38
Public Scan
Effective URL: https://2ad.ir/RtAuf?google.com%3F21=
Submission: On December 25 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 26th 2020. Valid for: 3 months.
This is the only time 2ad.ir was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 63.135.90.71 63.135.90.71 | 33739 (MYSPACE) (MYSPACE) | |
22 | 185.49.85.38 185.49.85.38 | 43754 (ASIATECH) (ASIATECH) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 109.206.162.83 109.206.162.83 | 50245 (SERVEREL-AS) (SERVEREL-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:e633 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 185.166.104.3 185.166.104.3 | 202319 (CAFEBAZAAR) (CAFEBAZAAR) | |
1 | 151.139.128.11 151.139.128.11 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2600:1f18:510... 2600:1f18:510:800:47d:b712:3f09:ebd2 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 104.31.76.193 104.31.76.193 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
36 | 11 |
ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
2ad.ir |
ASN14618 (AMAZON-AES, US)
dcba.popcash.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
2ad.ir
2ad.ir |
168 KB |
5 |
yektanet.com
cdn.yektanet.com nfetch.yektanet.com ua.yektanet.com |
44 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
popcash.net
cdn.popcash.net dcba.popcash.net |
35 KB |
1 |
gstatic.com
www.gstatic.com |
135 KB |
1 |
mellowads.com
mellowads.com |
|
1 |
google.com
www.google.com |
746 B |
1 |
rukoval.com
rukoval.com |
26 KB |
1 |
googleapis.com
fonts.googleapis.com |
466 B |
1 |
mysp.ac
1 redirects
mysp.ac |
830 B |
36 | 10 |
Domain | Requested by | |
---|---|---|
22 | 2ad.ir |
2ad.ir
|
2 | ua.yektanet.com |
cdn.yektanet.com
2ad.ir |
2 | www.google-analytics.com |
2ad.ir
www.google-analytics.com |
2 | cdn.yektanet.com |
2ad.ir
cdn.yektanet.com |
1 | www.gstatic.com |
www.google.com
|
1 | nfetch.yektanet.com |
cdn.yektanet.com
|
1 | dcba.popcash.net |
cdn.popcash.net
|
1 | cdn.popcash.net |
2ad.ir
|
1 | mellowads.com |
2ad.ir
|
1 | www.google.com |
2ad.ir
|
1 | rukoval.com |
2ad.ir
|
1 | fonts.googleapis.com |
2ad.ir
|
1 | mysp.ac | 1 redirects |
36 | 13 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.2ad.ir Let's Encrypt Authority X3 |
2020-10-26 - 2021-01-24 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
rukoval.com R3 |
2020-12-03 - 2021-03-03 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-14 - 2021-08-14 |
a year | crt.sh |
cdn.yektanet.com Let's Encrypt Authority X3 |
2020-11-26 - 2021-02-24 |
3 months | crt.sh |
cdn.popcash.net Sectigo ECC Domain Validation Secure Server CA |
2020-11-16 - 2021-02-14 |
3 months | crt.sh |
*.popcash.net AlphaSSL CA - SHA256 - G2 |
2020-04-21 - 2021-04-22 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://2ad.ir/RtAuf?google.com%3F21=
Frame ID: 3B255FABDC8922532ABAD5B3B48ED48C
Requests: 34 HTTP requests in this frame
Frame:
https://mellowads.com/view/0A76E789C065
Frame ID: 012D29530A1625BFC15A6AFCB02E945E
Requests: 1 HTTP requests in this frame
Frame:
https://ua.yektanet.com/cookie/iframe/
Frame ID: 6FBAAC859A54554ED7E49056E5A7B757
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/8b3bc71c-35bc-47c9-a5da-db642023aa34.png)
Page URL History Show full URLs
-
https://mysp.ac/4kf8L?google.com?21
HTTP 302
https://2ad.ir/RtAuf?google.com%3F21= Page URL
Detected technologies
Detected patterns
- headers server /^LiteSpeed$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: کانال و پشتیبانی تلگرام
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mysp.ac/4kf8L?google.com?21
HTTP 302
https://2ad.ir/RtAuf?google.com%3F21= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
RtAuf
2ad.ir/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 466 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-font.min.css
2ad.ir/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wow.min.js
2ad.ir/vendor/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.css
2ad.ir/vendor/owl/ |
3 KB 974 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.theme.default.css
2ad.ir/vendor/owl/ |
1 KB 501 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
2ad.ir/ojen_theme/css/ |
141 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
2ad.ir/ojen_theme/css/ |
57 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
2ad.ir/ojen_theme/css/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anime.css
2ad.ir/ojen_theme/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.css
2ad.ir/ojen_theme/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
2ad.ir/vendor/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
brt.js
rukoval.com/t/9/fret/meow4/1754337/ |
63 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shetab.png
2ad.ir/ojen_theme/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zarinpal.png
2ad.ir/ojen_theme/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads.js
2ad.ir/ojen_theme/js/ |
106 B 175 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
2ad.ir/ojen_theme/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
2ad.ir/ojen_theme/js/ |
48 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
2ad.ir/vendor/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
2ad.ir/ojen_theme/js/ |
2 KB 720 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appc.js
2ad.ir/ojen_theme/js/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
918 B 746 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() mellowads.com/view/ Frame 012D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-white.png
2ad.ir/ojen_theme/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRANSansWeb.woff2
2ad.ir/ojen_theme/fonts/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
native-2ad.ir.js
cdn.yektanet.com/js/2ad.ir/ |
131 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show.js
cdn.popcash.net/ |
104 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
2ad.ir/ojen_theme/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
znWaa3gu
dcba.popcash.net/ |
0 118 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publisher.js
cdn.yektanet.com/rg_woebegone/scripts_v3/Gx4wxUPc/ |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
nfetch.yektanet.com/api/v2/load/ |
83 B 1022 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ua.yektanet.com/cookie/iframe/ Frame 6FBA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__fake.gif
ua.yektanet.com/ |
3 B 390 B |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ |
364 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 381 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| WOW function| $ function| jQuery function| K5aa function| J0II function| r0ii function| I5aa undefined| handleException function| h0kk function| _cl7y5t34110ayuira56do8 string| uid string| wid string| pop_fback object| pop_tag object| app_vars string| popns number| pop_cdn boolean| N3 object| IOarzRhPlP number| pop_fcap object| __core-js_shared__ object| core boolean| yektanet_2ad.ir_native-2ad.ir_is_loaded object| ynWebpackJsonp object| e function| Popper object| bootstrap function| ClipboardJS function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| copIed function| setTooltip function| setCookie function| cookie_accept string| GoogleAnalyticsObject function| ga boolean| yektanet_ua-script-24263_is_loaded function| yektanet object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yektanet.com/ | Name: __cf_bm Value: 2f0b430925daaa4248125daf3ebf742077cd798d-1608908795-1800-ATNapzo1Rg/RR6lfyg4CNtcjdy79wQrxxTY9QmD+HbDd17snf06z3oJOvPtBQ6X+O+z4niIrufhZfgp08xofh0I= |
|
.2ad.ir/ | Name: _ga Value: GA1.2.1462892177.1608908797 |
|
2ad.ir/ | Name: ab Value: 2 |
|
2ad.ir/ | Name: yektanet_session_last_activity Value: 12/25/2020 |
|
2ad.ir/ | Name: _yngt_iframe Value: 1 |
|
2ad.ir/ | Name: analytics_session_token Value: c64768a1-d922-7d5f-92c9-dcc6fab575d7 |
|
2ad.ir/ | Name: analytics_token Value: 57966793-398e-84a7-963e-c3c1b034c8fe |
|
.2ad.ir/ | Name: _gat Value: 1 |
|
.2ad.ir/ | Name: _gid Value: GA1.2.75609085.1608908797 |
|
2ad.ir/ | Name: analytics_campaign Value: {%22source%22:%22direct%22%2C%22medium%22:null} |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2ad.ir
cdn.popcash.net
cdn.yektanet.com
dcba.popcash.net
fonts.googleapis.com
mellowads.com
mysp.ac
nfetch.yektanet.com
rukoval.com
ua.yektanet.com
www.google-analytics.com
www.google.com
www.gstatic.com
104.31.76.193
109.206.162.83
151.139.128.11
185.166.104.3
185.49.85.38
2600:1f18:510:800:47d:b712:3f09:ebd2
2606:4700::6810:e633
2a00:1450:4001:802::200a
2a00:1450:4001:809::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2004
63.135.90.71
02a62d14da490d9ec3abe10cbcf9dd90715da1041ed9bb80828bb961b57e1ef4
0337d3f5b2086e3fdd6ca3c21dfe31edb6a6dbaba1712ed8fd79d8b20f860be1
13812a30ddb5f43dee6b08795045e14f2463e6a54b0153f94c87d78e0ae2ca11
1e6f205f077fbc37d28acaa78f301ef8e2a799fe54a8cb36e3849c4f1485c813
2e1c6438ef38441c988bbfe871db2796fce5d2347461d4a014739578793f4363
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
679a1667967551b4b438dbf4dc8b5d71760f63d927e10aaf430a1a7a8966d330
79b18af33d3a5ef74b124a832b71ab46d563957b5ab979e98e540167d2e29c0f
97778b4ffa451edae2d54d345883b6cc937280ca8ee8db6de5085d6a46ad34ef
9893eac2f595d5f1bcb143573ef00b4d7c2f180c607db259aaae3a8521e9ffc5
9b37c68ea8d69f58c1eabce67ed611af0420a18ed352cec281c81d8997e426e4
9c5319300565ab132fa52f25af6cb3213ba65e8d53536d4945daccedb1b2944e
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a31d82c522e9f52a1cd187f5905bf9e6a4cb3629174cd75701a003d0e80ac451
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4
b9e651f9f87e827ce383bcd1accbd3f6441d160fb5ca56e4b24039e736cd1f18
c75f80593f1f326e56f74c059c0854f653da882ad076e1db2259947bb7ff3dd6
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
cfdceccefdf4e74cc021ae65f86507c1e529b50310d5623a03e96570263697f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e72153e433cb79df96dac0de4721b3654d530be58ba5758da4d464c8dca93bda
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec57324f11c244d438a9d6173ae4654b5f73217deffda8d30e79bda5ed2aa7cb
ef38f651b0cc8b1a4232fcb58c427a4347ee9dc89d949393bb1e9453b9f7b04c
f770a1bc3d67a50543fbf55333a835aab065346c3460f92145c9aa2ff1a34984
f90d0b6a571e8d4b9ec683cf79a6d0f7c0775de35ec289edf3a6a794c9b56ba7
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46