refind.com
Open in
urlscan Pro
23.23.161.16
Public Scan
Submission: On December 11 via manual from VN
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 6th 2019. Valid for: a year.
This is the only time refind.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-161-16.compute-1.amazonaws.com
refind.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-170.fra50.r.cloudfront.net
d2qsqwbsghr38c.cloudfront.net |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN15169 (GOOGLE - Google LLC, US)
apis.google.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
accounts.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cloudinary.com
res.cloudinary.com |
87 KB |
8 |
cloudfront.net
d2qsqwbsghr38c.cloudfront.net |
69 KB |
4 |
google.com
1 redirects
www.google.com apis.google.com accounts.google.com |
55 KB |
3 |
refind.com
refind.com |
9 KB |
2 |
facebook.net
connect.facebook.net |
60 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
facebook.com
staticxx.facebook.com |
|
1 |
google.de
www.google.de |
109 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
164 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
65 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
googleapis.com
fonts.googleapis.com |
708 B |
30 | 12 |
Domain | Requested by | |
---|---|---|
8 | res.cloudinary.com |
refind.com
d2qsqwbsghr38c.cloudfront.net |
8 | d2qsqwbsghr38c.cloudfront.net |
refind.com
d2qsqwbsghr38c.cloudfront.net |
3 | refind.com |
code.jquery.com
|
2 | connect.facebook.net |
d2qsqwbsghr38c.cloudfront.net
connect.facebook.net |
2 | apis.google.com |
code.jquery.com
apis.google.com |
2 | www.google-analytics.com |
1 redirects
d2qsqwbsghr38c.cloudfront.net
|
1 | accounts.google.com |
apis.google.com
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | www.google.de |
refind.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | maxcdn.bootstrapcdn.com |
refind.com
|
1 | code.jquery.com |
refind.com
|
1 | fonts.googleapis.com |
refind.com
|
30 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
nhadatgroup.vn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.refind.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-06 - 2020-10-05 |
a year | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.cloudinary.com Go Daddy Secure Certificate Authority - G2 |
2018-07-01 - 2020-06-22 |
2 years | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-11-06 - 2020-02-04 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://refind.com/batdongsan
Frame ID: 2EBE770A41DB1173F118D9987F1992E6
Requests: 29 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 23B374AABFA3400B43CC1828A39D06BA
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 82652938DE93C8A9307C105ADCB75648
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Erlang (Programming Languages) ExpandDetected patterns
- headers server /^Cowboy$/i
Cowboy (Web Frameworks) Expand
Detected patterns
- headers server /^Cowboy$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1286588466&t=pageview&_s=1&dl=https%3A%2F%2Frefind.com%2Fbatdongsan&ul=en-us&de=UTF-8&dt=B%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%20(batdongsan)%20on%20Refind&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=543073492&gjid=1501591146&cid=1588101321.1576028150&tid=UA-63624390-1&_gid=189916448.1576028150&_r=1&z=703745813 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63624390-1&cid=1588101321.1576028150&jid=543073492&_gid=189916448.1576028150&gjid=1501591146&_v=j79&z=703745813 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63624390-1&cid=1588101321.1576028150&jid=543073492&_v=j79&z=703745813 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63624390-1&cid=1588101321.1576028150&jid=543073492&_v=j79&z=703745813&slf_rd=1&random=3818146612
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
batdongsan
refind.com/ |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 708 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-eager-datauri.css
d2qsqwbsghr38c.cloudfront.net/assets/ |
25 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
refind-core-datauri.css
d2qsqwbsghr38c.cloudfront.net/assets/ |
219 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
d2qsqwbsghr38c.cloudfront.net/img/ |
876 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Flh3.googleusercontent.com%2Fa-%2FAAuE7mDfHSvBqr01_jTzRhxzSgZ0UdHFeB65QA5paBkIug
res.cloudinary.com/refind-inc/image/fetch/w_200,h_200,c_fill,q_auto,f_auto,d_refind:avatar.png/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dan_ariely.png
d2qsqwbsghr38c.cloudfront.net/img/testimonials/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-core.js
d2qsqwbsghr38c.cloudfront.net/assets/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
refind-core.js
d2qsqwbsghr38c.cloudfront.net/assets/ |
56 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logged-out-eager.js
d2qsqwbsghr38c.cloudfront.net/assets/ |
19 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
511 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
batdongsan
refind.com/ |
16 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fres.cloudinary.com%2Frefind-inc%2Fimage%2Ffetch%2Fw_340%2Ch_200%2Cc_fill%2Cg_faces%2Cq_auto%2Cf_auto%2Fhttps%253A%252F%252Fyt3.ggpht.com%252Fa%252FAGF-l7_ocDVHX-IhZOFrLeFLj-lte6W5bTt7...
res.cloudinary.com/refind-inc/image/fetch/w_340,h_200,c_fill,g_faces,q_auto,f_auto/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fres.cloudinary.com%2Frefind-inc%2Fimage%2Ffetch%2Fw_340%2Ch_200%2Cc_fill%2Cg_faces%2Cq_auto%2Cf_auto%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Ftrello%252Fimages%252Fog%252Ftrello-ico...
res.cloudinary.com/refind-inc/image/fetch/w_340,h_200,c_fill,g_faces,q_auto,f_auto/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
48 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_GB/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_GB/ |
194 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 23B3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ |
106 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 8265 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fwww.bandatnendongnai.vn%2Fwp-content%2Fuploads%2F2018%2F09%2Fbandatnendongnai.jpg
res.cloudinary.com/refind-inc/image/fetch/w_560,h_240,c_fill,g_faces,q_auto,f_auto/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
http%3A%2F%2Ffile.bdsdongnai.blog.shinobi.jp%2FImg%2F1568953155%2F
res.cloudinary.com/refind-inc/image/fetch/w_560,h_240,c_fill,g_faces,q_auto,f_auto/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fyt3.ggpht.com%2Fa%2FAGF-l7_ocDVHX-IhZOFrLeFLj-lte6W5bTt7d1g1oA%3Ds900-c-k-c0xffffffff-no-rj-mo
res.cloudinary.com/refind-inc/image/fetch/w_560,h_240,c_fill,g_faces,q_auto,f_auto/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fwww.canhointella.com%2Fwp-content%2Fuploads%2F2018%2F07%2Fdu-an-pearl-riverside-giang-dien.jpg
res.cloudinary.com/refind-inc/image/fetch/w_560,h_240,c_fill,g_faces,q_auto,f_auto/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.ffffff.svg
d2qsqwbsghr38c.cloudfront.net/i/img/svg/rewrite/placeholders/default/ |
11 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fs3.amazonaws.com%2Ftrello%2Fimages%2Fog%2Ftrello-icon.png%3Fv%3D2013-08-15
res.cloudinary.com/refind-inc/image/fetch/w_560,h_240,c_fill,g_faces,q_auto,f_auto/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
batdongsan
refind.com/ |
74 B 789 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| appStateDiv object| userId object| meta string| GoogleAnalyticsObject function| ga object| Elements object| Browser object| Refind object| App object| Helpers object| refind object| Validation object| Sites function| facebookAppConnected function| facebookAppLoggedIn object| LoadMore object| Groups object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| fbAsyncInit object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.refind.com/ | Name: _gat Value: 1 |
|
.refind.com/ | Name: _gid Value: GA1.2.189916448.1576028150 |
|
.refind.com/ | Name: _ga Value: GA1.2.1588101321.1576028150 |
|
refind.com/ | Name: rack.session Value: BAh7CkkiD3Nlc3Npb25faWQGOgZFVEkiRTE5OWY3OTc4MDA3MGI0YjQ3Y2Nh%0AYThhYWVjNGM2NTk0NDk2N2FjMzZhMGRlOTExOGJiYjc5ZWMxOWZhZmQ3YWIG%0AOwBGSSIOX19GTEFTSF9fBjsARnsASSINcmVmZXJyZXIGOwBGSSINZXZlcnlv%0AbmUGOwBUSSIYdXNlcl9pbnZpdGVfcGFnZV9zbgY7AEZJIg9iYXRkb25nc2Fu%0ABjsAVEkiI3VzZXJfaW52aXRlX3BhZ2Vfc25fZXhwaXJlc19hdAY7AEZJIh4y%0AMDE5LTEyLTExIDAxOjQ1OjQ5ICswMDAwBjsARg%3D%3D%0A--132ec003f911be3f3cd414c908ee9417c0b098b7 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
apis.google.com
code.jquery.com
connect.facebook.net
d2qsqwbsghr38c.cloudfront.net
fonts.googleapis.com
maxcdn.bootstrapcdn.com
refind.com
res.cloudinary.com
staticxx.facebook.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
143.204.98.170
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
23.23.161.16
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81b::200d
2a00:1450:4001:820::200e
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:3::393
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
278616fc6e26ce14b8dffebfc3e7c28b6bee2452c7f773ef60c02dc9db87810b
3752aa6373c6cffb52d27da513bdd2f0b543bbe61b3ae7d56fd0c27c74367fd2
50a1ed024633a8e9781169d716eef82966cb48ce594166c5f987dc77958c6530
5b6ebe3817f92b7dafe92bbad19fc67d68174386ffa50a996db4fc41ba510151
60dc84a1a761097eaeeaad51cbdb8fddf0f47d3d1ef183ef8f5c0e44514925ef
6605c5360b10d7eae87ba4d4d41a6c7f3997425c089c56f0c324ab421525fa13
75c5d9b47a5d656cbc9c593ef6169242d8bdbbbfd66ec1d80af66db5393d834b
79f1c4005a3a17e75b1cdc30296ddfaa009e40c1c42782704469193de406c5dc
79f5a086e572d7dcafd52e7ff4136aea22f8de352f6aae3cb39d6952685760f1
85d813699c5e6e3889c66884b951dfb8bb89175e89421df406ca7ed9e45a8088
8e8e8e5fb0ab2e4293e41f5f1e9cc7d58c3128c6fe6b3936290077458fe66cd1
9713d5f9483a6f75ddc6fc032efcccd16828ba02a7d834bb021c89fb067a19d4
a599d6c4adda82ecf4d97f20c9dae366ce0180e435b08dedf3b8d10d7c5e9b6b
a6645685180e8b2dddbb4a82c7a8084ed9c37deac806b83424549275389494de
b1f94148c0149e1c352e9504c299d542f3a1cbf0be775e615c9f4d842263656f
b5849ad2504a72ab3bc4b5b2bbf1593f01378deefc4c2b55899c5bc3b27ae6a7
b7680cf0ac6893bfa22d7071d991bfb13de32d28e5ffa2185dc0d5cea3ff731a
c3f4b29b32804a98c95b9c0fd5f0d4673ca78c953862d6eb0d921183f3ab4342
c6bf3fc4275511c488310fbf62e94db5554d8e2c6a3a5ff7a397829ed513a229
d09e5a01345033f0017ca2840f47e6a0f3f7ddbc935c6dda0678943dfc14b1e1
d482ba2b30ea2977edef486857e77d7b3fa6fbaf1b56ec66810f8729fa107d0b
d7f4031ed4bab4fc4617546d40f2d98012a11b99ec02ffc3ba86182e88719983
d82855c11bb61422a21e4d08ab6a3b1c0217a4b0576efe171a1e18629bb9bc29
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f66daf05ee758de79380eb7b0e360c2be4fdceeb5e484116a8641d68d8f87eba
fad962d36a89544856931b96f328a9440313f1b540bd5643800919e3a4df85cc
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995