![](/screenshots/944d3b23-d011-48fa-9905-6adda387cef4.png)
www.turf-partenaire.c4s.online
Open in
urlscan Pro
46.105.57.169
Public Scan
Submission: On February 28 via manual from MA — Scanned from FR
Summary
This is the only time www.turf-partenaire.c4s.online was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 46.105.57.169 46.105.57.169 | 16276 (OVH) (OVH) | |
2 2 | 2606:4700:303... 2606:4700:3038::6815:ea1a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3038::6815:ea1b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3033::6815:4038 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:303... 2606:4700:3031::ac43:b060 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 185.119.26.1 185.119.26.1 | 203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS) | |
1 | 2606:4700::68... 2606:4700::6810:3965 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:830::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 54.176.158.96 54.176.158.96 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE) | |
41 | 9 |
ASN16276 (OVH, FR)
PTR: cluster020.hosting.ovh.net
www.turf-partenaire.c4s.online | |
www.pmuchampion.com |
ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-158-96.us-west-1.compute.amazonaws.com
gmu-apps.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
allopass.com
payment.allopass.com |
318 KB |
5 |
pronostic-facile.fr
1 redirects
www.pronostic-facile.fr |
12 KB |
5 |
c4s.online
www.turf-partenaire.c4s.online |
281 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
313 KB |
4 |
root-top.com
2 redirects
img.root-top.com |
11 KB |
2 |
gmu-apps.com
gmu-apps.com |
6 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
21 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 787 |
7 KB |
1 |
pmuchampion.com
www.pmuchampion.com |
9 KB |
0 |
letuyauturf.info
Failed
www.letuyauturf.info Failed |
|
0 |
topquinte.net
Failed
www.topquinte.net Failed |
|
41 | 11 |
Domain | Requested by | |
---|---|---|
19 | payment.allopass.com |
www.turf-partenaire.c4s.online
payment.allopass.com |
5 | www.pronostic-facile.fr |
1 redirects
www.turf-partenaire.c4s.online
www.pronostic-facile.fr static.cloudflareinsights.com |
5 | www.turf-partenaire.c4s.online |
www.turf-partenaire.c4s.online
|
4 | www.googletagmanager.com |
www.pronostic-facile.fr
payment.allopass.com www.googletagmanager.com |
4 | img.root-top.com |
2 redirects
www.turf-partenaire.c4s.online
|
2 | gmu-apps.com |
payment.allopass.com
www.turf-partenaire.c4s.online |
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | static.cloudflareinsights.com |
www.pronostic-facile.fr
|
1 | www.pmuchampion.com |
www.turf-partenaire.c4s.online
|
0 | www.letuyauturf.info Failed |
www.turf-partenaire.c4s.online
|
0 | www.topquinte.net Failed |
www.turf-partenaire.c4s.online
|
41 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.topquinte.net |
www.pmuchampion.com |
www.root-top.com |
www.letuyauturf.info |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pronostic-facile.fr GTS CA 1P5 |
2024-01-31 - 2024-04-30 |
3 months | crt.sh |
*.allopass.com Sectigo RSA Domain Validation Secure Server CA |
2023-10-06 - 2024-10-07 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
gmu-apps.com Amazon RSA 2048 M02 |
2023-12-02 - 2024-12-30 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://www.turf-partenaire.c4s.online/
Frame ID: 68408FB1B64C2E141E2B9796B5D3DBE8
Requests: 11 HTTP requests in this frame
Frame:
https://www.pronostic-facile.fr/widget/turfpartenaire/pf/all
Frame ID: 5F2CF9DD23613CB5A2F1391C26B7A202
Requests: 8 HTTP requests in this frame
Frame:
https://payment.allopass.com/buy/buy.apu?ids=342780&idd=1504287
Frame ID: 7ABBD357AF4B2F1B0C2616C302CE4CD2
Requests: 23 HTTP requests in this frame
Screenshot
![](/screenshots/944d3b23-d011-48fa-9905-6adda387cef4.png)
Page Title
::TURF-PARTENAIRE::Detected technologies
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 301
- https://img.root-top.com/topsite/pmuchampion/banner.gif
- http://img.root-top.com/topsite/walkerpmu/banner.gif HTTP 301
- https://img.root-top.com/topsite/walkerpmu/banner.gif
- http://www.pronostic-facile.fr/widget/turfpartenaire/script/pf HTTP 301
- https://www.pronostic-facile.fr/widget/turfpartenaire/script/pf
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.turf-partenaire.c4s.online/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
turf-partenaire.css
www.turf-partenaire.c4s.online/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo.gif
www.topquinte.net/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logogif-sm.gif
www.pmuchampion.com/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.gif
img.root-top.com/topsite/pmuchampion/ Redirect Chain
|
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.gif
img.root-top.com/topsite/walkerpmu/ Redirect Chain
|
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo.gif
www.letuyauturf.info/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pf
www.pronostic-facile.fr/widget/turfpartenaire/script/ Redirect Chain
|
246 B 819 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
images.jpg
www.turf-partenaire.c4s.online/banniere/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
turfpart.gif
www.turf-partenaire.c4s.online/banniere/ |
267 KB 267 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTN.png
www.turf-partenaire.c4s.online/bouton/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all
www.pronostic-facile.fr/widget/turfpartenaire/pf/ Frame 5F2C |
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buy.apu
payment.allopass.com/buy/ Frame 7ABB |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rocket-loader.min.js
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 5F2C |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 5F2C |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 5F2C |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 5F2C |
193 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
www.pronostic-facile.fr/cdn-cgi/ Frame 5F2C |
0 147 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame 7ABB |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
payment.allopass.com/static/css/ Frame 7ABB |
81 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel.css
payment.allopass.com/static/css/ Frame 7ABB |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame 7ABB |
56 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame 7ABB |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.js
payment.allopass.com/onetime/scripts/ Frame 7ABB |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame 7ABB |
51 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top.js
gmu-apps.com/js/ Frame 7ABB |
54 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fr.png
payment.allopass.com/icons/flags/24x24/ Frame 7ABB |
536 B 774 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check-codes.js
payment.allopass.com/static/js/ Frame 7ABB |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame 7ABB |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-down.png
payment.allopass.com/static/css/images/ Frame 7ABB |
315 B 553 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel.js
payment.allopass.com/static/js/ Frame 7ABB |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ Frame 7ABB |
171 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 5F2C |
233 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 5F2C |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
duration.css
payment.allopass.com/static/css/ Frame 7ABB |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame 7ABB |
181 B 418 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sms-logo-new-1.jpg
payment.allopass.com/static/images/payment-solutions/ Frame 7ABB |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
field.png
payment.allopass.com/static/css/images/ Frame 7ABB |
170 B 407 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame 7ABB |
116 KB 116 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame 7ABB |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
destination
www.googletagmanager.com/gtag/ Frame 7ABB |
296 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
chk.php
gmu-apps.com/ Frame 7ABB |
0 94 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.topquinte.net
- URL
- http://www.topquinte.net/img/logo.gif
- Domain
- www.letuyauturf.info
- URL
- http://www.letuyauturf.info/logo.gif
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
payment.allopass.com/ | Name: ShopSessionId Value: 33411cf3-4d54-48a0-a3a4-54243926e1f4 |
|
.allopass.com/ | Name: AP_CUSK Value: 3644895075 |
41 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gmu-apps.com
img.root-top.com
payment.allopass.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.letuyauturf.info
www.pmuchampion.com
www.pronostic-facile.fr
www.topquinte.net
www.turf-partenaire.c4s.online
www.letuyauturf.info
www.topquinte.net
185.119.26.1
2606:4700:3031::ac43:b060
2606:4700:3033::6815:4038
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2606:4700::6810:3965
2a00:1450:4001:808::200e
2a00:1450:4001:830::2008
46.105.57.169
54.176.158.96
12b709aae053cf8ca0f12a9b95902404ff845f25cebec95ed1648f38bab28182
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
4683f766bc2317ad7b158657037cda795a33ba8dca66c0877ee05e2f7dbace17
4bb850bcd37e225621eccfda0c7fd239a5b2db90ca95b39f13f05a7c1a3a9688
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
55f3d3eddce2c6473e46af0cbfd5b7e1d1d2b072f7fe9379281134b0983654a5
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
60939b38747c64a442ad730a082033b27664c914bddeaea2b6d74543606eaf04
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
76450a49dafbf426daa256e7b4dbc2f289262f1fb68ee76ce0cc4b6d7d9df1b2
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
81917a5a53b2ad6eb396e6217b81d167eca748ae16678b26694385e47c7e4a0a
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
9087e4c392cfad71d92fb616096a180cc74dc58965419fe6a411088052595977
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
a25e425429748255fad57929e94ff7dabe596a2c25b1c76d31106257f44aab75
a39d6fdea08dda017078c47c47a551ff9db853e4db44a631ffee8ccd767a4937
a7d7a49e6264f3bf0677b7d65cfda19874231c9e118a6f65cad54e45046b2195
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
b192da5d4edf75063d73227c047b0dfa3eeb53d658d5d126d59eadd262834488
b6ed4181512a318b3f51a2dc240ec5966355202ff0ed70f65b1a720f6abaf9d9
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f8e7cca5d725305e0a7c5932bc1e70a4e22abd39bbddcecd52ae3caaa531606b
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7