crehu.xyz
Open in
urlscan Pro
72.167.70.199
Public Scan
Effective URL: https://crehu.xyz/Supermercados-BH/
Submission: On May 09 via api from HU — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 17th 2024. Valid for: 3 months.
This is the only time crehu.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 199.70.167.72.host.secureserver.net
osgira.xyz | |
crehu.xyz |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-211.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-160.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net
s4.histats.com |
ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net |
ASN20940 (AKAMAI-ASN1, NL)
csp.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12783 csp.secureserver.net — Cisco Umbrella Rank: 12907 |
556 B |
6 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 7840 |
848 KB |
4 |
pages.dev
olului.pages.dev pamdas.pages.dev |
55 KB |
4 |
wsimg.com
2 redirects
img1.wsimg.com — Cisco Umbrella Rank: 10058 |
41 KB |
3 |
gstatic.com
encrypted-tbn0.gstatic.com fonts.gstatic.com |
34 KB |
2 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 13913 s4.histats.com — Cisco Umbrella Rank: 13947 |
5 KB |
2 |
udbaa.com
udbaa.com — Cisco Umbrella Rank: 839998 |
986 B |
2 |
crehu.xyz
crehu.xyz |
6 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 776 |
33 KB |
1 |
cdnmi.com
cdnmi.com — Cisco Umbrella Rank: 465841 |
61 KB |
1 |
blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 14945 |
43 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
703 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
14 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103 |
8 KB |
1 |
osgira.xyz
osgira.xyz |
759 B |
34 | 15 |
Domain | Requested by | |
---|---|---|
6 | i.imgur.com |
crehu.xyz
|
4 | csp.secureserver.net |
img1.wsimg.com
|
4 | img1.wsimg.com |
2 redirects
crehu.xyz
|
3 | olului.pages.dev |
crehu.xyz
|
2 | events.api.secureserver.net |
img1.wsimg.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | udbaa.com |
crehu.xyz
udbaa.com |
2 | crehu.xyz |
osgira.xyz
crehu.xyz |
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
crehu.xyz
|
1 | code.jquery.com |
crehu.xyz
|
1 | pamdas.pages.dev |
crehu.xyz
|
1 | cdnmi.com |
crehu.xyz
|
1 | 1.bp.blogspot.com |
crehu.xyz
|
1 | encrypted-tbn0.gstatic.com |
crehu.xyz
|
1 | fonts.googleapis.com |
crehu.xyz
|
1 | cdnjs.cloudflare.com |
crehu.xyz
|
1 | maxcdn.bootstrapcdn.com |
crehu.xyz
|
1 | osgira.xyz | |
34 | 19 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.osgira.xyz R3 |
2024-05-03 - 2024-08-01 |
3 months | crt.sh |
mail.crehu.xyz R3 |
2024-04-17 - 2024-07-16 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
olului.pages.dev GTS CA 1P5 |
2024-04-14 - 2024-07-13 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
*.imgur.com Sectigo RSA Domain Validation Secure Server CA |
2024-02-15 - 2025-02-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
misc-sni.blogspot.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
cdnmi.com GTS CA 1P5 |
2024-03-30 - 2024-06-28 |
3 months | crt.sh |
banners.udbaa.com R3 |
2024-04-15 - 2024-07-14 |
3 months | crt.sh |
pamdas.pages.dev GTS CA 1P5 |
2024-04-03 - 2024-07-02 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
s10.histats.com E1 |
2024-04-11 - 2024-07-10 |
3 months | crt.sh |
histats.com R3 |
2024-02-16 - 2024-05-16 |
3 months | crt.sh |
*.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-07-10 - 2024-08-10 |
a year | crt.sh |
*.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-10-10 - 2024-11-10 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://crehu.xyz/Supermercados-BH/
Frame ID: BB548F6A50BE0B971AE362FE1613DDA1
Requests: 31 HTTP requests in this frame
Frame:
https://udbaa.com/bnr_xload.php?section=aug2&pub=886613&format=300x50&ga=g&xt=171528864685400&xtt=8906539&dateStr=05/09/2024%2023:04:06
Frame ID: 570C4E08D51604F5F9039D64F290565E
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Super 1Page URL History Show full URLs
- https://osgira.xyz/premios-dia-das-maes/ Page URL
- https://crehu.xyz/Supermercados-BH/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
SweetAlert2 (JavaScript Libraries) Expand
Detected patterns
- sweetalert2(?:\.all)?(?:\.min)?\.js
- limonte-sweetalert2/([\d.]+)/sweetalert2(?:\.all)(?:\.min)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://osgira.xyz/premios-dia-das-maes/ Page URL
- https://crehu.xyz/Supermercados-BH/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
- https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
- https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
osgira.xyz/premios-dia-das-maes/ |
1 KB 759 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/ Redirect Chain
|
103 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
crehu.xyz/Supermercados-BH/ |
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sweetalert2.all.min.js
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/8.11.8/ |
64 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.css
olului.pages.dev/css/ |
33 B 558 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 703 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F9EZVyG.jpeg
i.imgur.com/ |
37 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images
encrypted-tbn0.gstatic.com/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Brazil_outbox.png
1.bp.blogspot.com/-yL43MBphNiY/YKpjeqFPZgI/AAAAAAAABcU/I15IrSTgzk48ZVAPgJuzBWE3xhU_Qpr2ACLcBGAsYHQ/s16000/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
477m1zM.jpeg
i.imgur.com/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Supermercados.zz.jpg
cdnmi.com/upload/ |
60 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
checked.png
olului.pages.dev/img/landers/survey-pick-a-box/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spinner.gif
olului.pages.dev/img/landers/survey-pick-a-box/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nNsMlUb.jpeg
i.imgur.com/ |
250 KB 251 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oxp6MNP.jpeg
i.imgur.com/ |
218 KB 218 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Wr35Sly.jpg
i.imgur.com/ |
188 KB 188 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RrrJ67w.jpg
i.imgur.com/ |
132 KB 133 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr.php
udbaa.com/ |
732 B 986 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
crehu.xyz/Supermercados-BH/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wow.js
pamdas.pages.dev/ |
148 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/ Redirect Chain
|
103 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr_xload.php
udbaa.com/ Frame 570C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
51 B 185 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 278 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 278 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
eventbus
csp.secureserver.net/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
eventbus
csp.secureserver.net/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal number| qs object| date string| dateStr object| view function| go object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 function| $ function| jQuery string| text1 string| text2 string| text3 string| error string| cpa string| cpa1 string| cpa2 string| saved string| share string| tiaoban number| hour string| minute string| second string| mytime string| tb object| swidth number| width function| tipn object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| _trfq15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
457qq.world/1837797e66/fed1537d80 | Name: total_impressions Value: 1 |
|
.crehu.xyz/ | Name: _tccl_visitor Value: 25d76a76-cf08-4bed-beb0-e56db736f196 |
|
.crehu.xyz/ | Name: _tccl_visit Value: 25d76a76-cf08-4bed-beb0-e56db736f196 |
|
.crehu.xyz/ | Name: _scc_session Value: pc=1&C_TOUCH=2024-05-09T21:04:06.574Z |
|
.udbaa.com/ | Name: used_ad2938270 Value: 1 |
|
.udbaa.com/ | Name: total_impressions Value: 1 |
|
crehu.xyz/ | Name: HstCfa3315315 Value: 1715288646820 |
|
crehu.xyz/ | Name: HstCla3315315 Value: 1715288646820 |
|
crehu.xyz/ | Name: HstCmu3315315 Value: 1715288646820 |
|
crehu.xyz/ | Name: HstPn3315315 Value: 1 |
|
crehu.xyz/ | Name: HstPt3315315 Value: 1 |
|
crehu.xyz/ | Name: HstCnv3315315 Value: 1 |
|
crehu.xyz/ | Name: HstCns3315315 Value: 1 |
|
crehu.xyz/ | Name: c_ref_3315315 Value: https%3A%2F%2Fosgira.xyz%2F |
|
457qq.world/ | Name: used_ad2938270 Value: 1 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.bp.blogspot.com
cdnjs.cloudflare.com
cdnmi.com
code.jquery.com
crehu.xyz
csp.secureserver.net
encrypted-tbn0.gstatic.com
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
img1.wsimg.com
maxcdn.bootstrapcdn.com
olului.pages.dev
osgira.xyz
pamdas.pages.dev
s10.histats.com
s4.histats.com
udbaa.com
104.17.24.14
104.18.10.207
146.75.116.193
149.56.240.128
172.66.47.203
185.66.200.220
188.114.97.3
23.53.42.160
23.53.42.211
2606:4700:10::6814:4373
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:831::2003
2a02:26f0:3500:18::1724:a292
2a02:26f0:3500:89a::228b
2a04:4e42:400::649
72.167.70.199
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3630bf9af5efb7e3d699e718f1bd8d98182585283198223d0ddbc1492514a5be
3d96e967587f5e2ccc87a8d51bc59c47ff3e2e88dc572cb1d0ad0dd83f510993
4ee163348f0eb63f1fc5c7682f03d2a3a0449d240b32e2cae52a8e076b1d3a6e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6f99575b41cba06c61307f5febbb11e94244207f697a5394e62c717072c5b262
756c8056c66a968be1f3109fd1d6b50857d1de285159ecadcb41e427e400f28b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b54547251c9aeaaf00861f8e6ece9e4cc51f044f0a19e95c63e6cb6dcbf2756
8583fe7e9ef66e892e971a23b328420e785da9f0c9ac85fb5314ce9f56faffed
9e89ba2525b9badd7d18be1b8137803f52f85b5d005ed4ea510104f122d535c6
a00fe63549f18709623f17d396cdb43d946f8b8cd30f59b25b4852d20de55b58
ab834bfb8eeb43e3703eabad89e11a0cd906155d6cea60205cd69e443cc9adcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6b3d59a4ead8bdd8106a756949b2a71a4f506345b53b8d449be165236f90d43
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
b8e2e6735e4137f85cb5d0823e8576ca2081e1c8dadce15544335416b268c045
d08886e8a724d490ec4f86229c38a1856ef782d7e56d80f6dd042a76da6dec2e
d292b707f23a9fd59e44931882194a214db96bdc366bab4114196da077f56e37
d914b553a50d65d2d2d0173dcf6becbd5e322c86c934ac720389abc79ba8b2c9
e562bdb06f9ecac721b8ea92de8e21725876d29c14feefc953ccee141e591a51
f53ea85c5c672e4e7aee46a59f6726d31b55bb4434a2e9245e728e586b6c94aa
fb86458fd04a478832fc82cf02d65c15af4aecf76722c4cb91d002da21666259