nordicchoicecampaigns.com
Open in
urlscan Pro
146.148.23.211
Public Scan
Effective URL: https://nordicchoicecampaigns.com/bursdagsspill/?utm_medium=Email&utm_source=email_prog&utm_campaign=email_no_bursdag&utm_content=...
Submission: On April 02 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 31st 2020. Valid for: 3 months.
This is the only time nordicchoicecampaigns.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 185.35.203.243 185.35.203.243 | 50304 (BLIX) (BLIX) | |
11 | 146.148.23.211 146.148.23.211 | 15169 (GOOGLE) (GOOGLE) | |
17 | 104.111.215.74 104.111.215.74 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
7 | 52.95.149.88 52.95.149.88 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 2600:1901:0:9... 2600:1901:0:94b6:: | 15169 (GOOGLE) (GOOGLE) | |
46 | 6 |
ASN50304 (BLIX, NO)
PTR: s18535203243.hovedkvarteret.no
nordicchoicehotelsdialog.com |
ASN15169 (GOOGLE, US)
PTR: 211.23.148.146.bc.googleusercontent.com
nordicchoicecampaigns.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com
use.typekit.net | |
p.typekit.net |
ASN16509 (AMAZON-02, US)
PTR: s3.eu-west-2.amazonaws.com
s3-eu-west-2.amazonaws.com |
ASN15169 (GOOGLE, US)
engage-4c58e.firebaseio.com | |
s-usc1c-nss-286.firebaseio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
typekit.net
use.typekit.net p.typekit.net |
459 KB |
11 |
nordicchoicecampaigns.com
nordicchoicecampaigns.com |
828 KB |
9 |
firebaseio.com
engage-4c58e.firebaseio.com s-usc1c-nss-286.firebaseio.com |
3 KB |
7 |
amazonaws.com
s3-eu-west-2.amazonaws.com |
805 KB |
1 |
nordicchoicehotelsdialog.com
nordicchoicehotelsdialog.com |
371 B |
46 | 5 |
Domain | Requested by | |
---|---|---|
16 | use.typekit.net |
nordicchoicecampaigns.com
use.typekit.net |
11 | nordicchoicecampaigns.com |
nordicchoicehotelsdialog.com
nordicchoicecampaigns.com |
8 | s-usc1c-nss-286.firebaseio.com |
nordicchoicecampaigns.com
|
7 | s3-eu-west-2.amazonaws.com |
nordicchoicecampaigns.com
|
1 | engage-4c58e.firebaseio.com |
nordicchoicecampaigns.com
|
1 | p.typekit.net |
nordicchoicecampaigns.com
|
1 | nordicchoicehotelsdialog.com | |
46 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nordicchoicehotelsdialog.com Buypass Class 2 CA 2 |
2019-10-11 - 2020-10-11 |
a year | crt.sh |
nordicchoicecampaigns.com Let's Encrypt Authority X3 |
2020-03-31 - 2020-06-29 |
3 months | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
*.s3.eu-west-2.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2020-05-20 |
6 months | crt.sh |
firebaseio.com GTS CA 1O1 |
2020-02-20 - 2021-02-18 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://nordicchoicecampaigns.com/bursdagsspill/?utm_medium=Email&utm_source=email_prog&utm_campaign=email_no_bursdag&utm_content=email_knapp
Frame ID: 7854B2307062F9BAD9AB5DB38EEB84A9
Requests: 37 HTTP requests in this frame
Frame:
https://engage-4c58e.firebaseio.com/.lp?start=t&ser=96878246&cb=1&v=5
Frame ID: 9754605425257326A3B07F50AA5F51FB
Requests: 8 HTTP requests in this frame
Frame:
https://s-usc1c-nss-286.firebaseio.com/.lp?dframe=t&id=11263688&pw=tkffHuzB3p&ns=engage-4c58e
Frame ID: 24CAE7AC4EFE77335F26E0E8A94AA821
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://nordicchoicehotelsdialog.com/url/?9720.83716.8719.4483562.1.https://nordicchoicecampaigns.com/bursdagsspi... Page URL
- https://nordicchoicecampaigns.com/bursdagsspill/?utm_medium=Email&utm_source=email_prog&utm_campaign=email_no_... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://nordicchoicehotelsdialog.com/url/?9720.83716.8719.4483562.1.https://nordicchoicecampaigns.com/bursdagsspill/?utm_medium=Email&utm_source=email_prog&utm_campaign=email_no_bursdag&utm_content=email_knapp Page URL
- https://nordicchoicecampaigns.com/bursdagsspill/?utm_medium=Email&utm_source=email_prog&utm_campaign=email_no_bursdag&utm_content=email_knapp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
nordicchoicehotelsdialog.com/url/ |
210 B 371 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
nordicchoicecampaigns.com/bursdagsspill/ |
35 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6fd9c862.chunk.css
nordicchoicecampaigns.com/wp-content/plugins/evoketools-next/app/build/static/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.cd205803.chunk.js
nordicchoicecampaigns.com/wp-content/plugins/evoketools-next/app/build/static/js/ |
2 MB 451 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.32921f85.js
nordicchoicecampaigns.com/wp-content/plugins/evoketools-next/app/build/static/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.1a3ab11f.chunk.js
nordicchoicecampaigns.com/wp-content/plugins/evoketools-next/app/build/static/js/ |
52 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-js.css
nordicchoicecampaigns.com/wp-content/plugins/evoketools-next/public/css/ |
45 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video.js
nordicchoicecampaigns.com/wp-content/plugins/evoketools-next/public/js/ |
848 KB 156 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
engage.css
nordicchoicecampaigns.com/wp-content/themes/evokekit/engage/ |
31 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
et_quiz.css
nordicchoicecampaigns.com/wp-content/themes/choiceclub/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fdw6eqi.js
use.typekit.net/ |
23 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
276d2f13-7892-4737-994b-0afd5bf0505a
https://nordicchoicecampaigns.com/ |
31 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
birthday_gold.jpg
s3-eu-west-2.amazonaws.com/evoketools/wp-content/uploads/sites/6/2018/10/01150123/ |
630 KB 631 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/bfb7a7/000000000000000000015e4c/27/ |
30 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/b12265/000000000000000000015e4d/27/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/8def6a/000000000000000000015e4e/27/ |
29 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/4f1861/000000000000000000015e4f/27/ |
31 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/a6f99d/000000000000000000015e50/27/ |
30 KB 30 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/4bfcc4/000000000000000000013108/27/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/b28fd9/000000000000000000013105/27/ |
56 KB 56 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/8742f3/000000000000000000013103/27/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/6946b9/000000000000000000013104/27/ |
57 KB 57 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/e984ad/0000000000000000000118b5/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/4ba6ef/0000000000000000000118b7/27/ |
14 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/a2031c/0000000000000000000118b9/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/2d0302/0000000000000000000118b6/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/00041c/0000000000000000000118b8/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/ce6b1d/0000000000000000000118ba/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
standard-quiz-background.jpg
nordicchoicecampaigns.com/wp-content/themes/choiceclub/et_quiz/et_quiz_images/ |
174 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nch-logo.svg
nordicchoicecampaigns.com/wp-content/themes/choiceclub/et_quiz/et_quiz_images/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
balloon-bush-nature-blue-nordic-choice-club-150x150.jpg
s3-eu-west-2.amazonaws.com/evoketools/wp-content/uploads/sites/6/2018/09/01144816/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sleeping-man-crown-gold.nordic-choice-club-150x150.jpg
s3-eu-west-2.amazonaws.com/evoketools/wp-content/uploads/sites/6/2018/09/01144824/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
food-chocolate-all-levels-members-blue-silver-gold-platinum-nordic-choice-club-150x150.jpg
s3-eu-west-2.amazonaws.com/evoketools/wp-content/uploads/sites/6/2018/09/01144828/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
closeup-glitter-jacket-silver-platinumhelmet-silver-nordic-choice-club-150x150.jpg
s3-eu-west-2.amazonaws.com/evoketools/wp-content/uploads/sites/6/2018/09/15084756/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
speech-bubble-food-restaurant-sign-glitter-gold-nordic-choice-club-150x150.jpg
s3-eu-west-2.amazonaws.com/evoketools/wp-content/uploads/sites/6/2018/09/15084759/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
crown-gold-nordic-choice-club-150x150.jpg
s3-eu-west-2.amazonaws.com/evoketools/wp-content/uploads/sites/6/2018/09/15084802/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
engage-4c58e.firebaseio.com/ Frame 9754 |
423 B 665 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 24CA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 9754 |
15 B 256 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 9754 |
58 B 299 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 9754 |
58 B 299 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 9754 |
58 B 299 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 9754 |
15 B 256 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 9754 |
47 B 288 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-286.firebaseio.com/ Frame 9754 |
96 B 337 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| engage_quiz_data object| webpackJsonpevoketools-next object| regeneratorRuntime function| _ object| vttjs function| WebVTT function| evoketools_render_quiz function| videojs function| renderQuizzes object| Typekit function| letMeGetVar boolean| ggo undefined| target undefined| buttonContent boolean| getAdmin undefined| x function| pLPCommand1 function| pRTLPCB10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
engage-4c58e.firebaseio.com
nordicchoicecampaigns.com
nordicchoicehotelsdialog.com
p.typekit.net
s-usc1c-nss-286.firebaseio.com
s3-eu-west-2.amazonaws.com
use.typekit.net
104.111.215.74
146.148.23.211
185.35.203.243
2600:1901:0:94b6::
52.95.149.88
1303f6ae4465b02576a94af8ff2fa3050d959c281292c0c8092ea51b2eefcb4f
1690098d91976fc03b9c2e0126889a7e251adf3fdf6cfec9fde26035591d0c24
18f3c5811c3e407f686e7c61cd214f85889e4fb6b7a485bb5e57298d7dea8ff4
1f4ed5acb4ca348711181667ad3441583d0b6f70025153676b0d4d5b5573ca09
207306b818b0d319b88564f77ca3cdf4d17fba06b9eda9f91e8ffa1c36e4c3eb
2637f1071a6c96e4ffeba87a44c82a48de0d2101e4cc5c99ecc441c997788b00
277ee91759291b209633bcd3a794d637ead23891f0244570dbc910442d7862db
2b5e07489b9fd0f806b162e5b85c95aed986b047482072401d57e8c79b528e02
2d9c792b73d5a27b03e797047e9cb7c094d5f428d4af9aca4b1126eeb6c55cdf
30bd0120e57f70174a17629a1703bb0d29bd1660f244aa45d0542637d5b960d7
3f3f16ce1ff57ed82824156e9c92c79573aea72cace9943cd891ca2b1a022d74
416ebdae1319a43b48e3caf0a24100ab786aa6432e276fb735da780aa435b300
45f837c1c225d528ca6eaeb5db4485a0f8093444f3c47e04ed0c5a14b3e45ac7
46daad07652913885f15b9e5720e07e06005bd48cc6ad59e79c208773d96ecd3
51572d0320994bba78b0387ab2f255fc722185b6933e775820f7e51dc4d99f24
550c3b92f46036baa7497695193743d1e7fea32e8590cc1586b66ea5725b9fc6
645b8aba7858c0cda47c4c79ea76cfda8d81f26c6118a49b4a765052814fc3d4
68038b68e6e83f1beca735ce9d790f5992ff27aec78d2f1b7d80801e5d356367
697c7b1b5f4145525579fd20ed425fee7835742c3ccbce5cd7541e11b2ad2896
712d6d4de72cccd1e89edb05c59b37a548fc8b5f5744c09e8b413506ca87cdcb
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77e521587cdc1a3f85c09bd758af9fe543224947cda8c311f01856b98fbf8085
8c3f12d92d2643cba4f14cc8f8e5d6068e9491a34e505fb3b0559fd5fd838c80
94a85d4b8d28e9632c775bc0638257fc25b2caf13d77451bfb2776c6907ca2d9
960b13bdbaf20931a8a26e610291c0c9031341094fd5e12e4dd9981c6e953db9
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c03daee44e62cc3f9f47c524e0cf123ec3ae6d11df89ab4ae54f4d2455c07ef
a5f4f5257f4d9e7e196feafcda256a6a871682dd5072c788a83860f8305b90d1
ae3ecf55f3ef645ef76464e8904216a6aa94a6a4269a217cda16501c0d350647
b6c57e2228023086bb039b95858507b9ae727f2899d7de45793fe8cff74cd970
b710cd051ef83222155e0a5bf5e221372a4a5b9311283bfcb65f4b641eba07bf
c3382dc12158bf55625109373558deffd683ed450ab00c27bad8a4b4a4f39271
c48c6a28a686f81b8a586910fb1096f1cc3168aacfffb0bcafef808a5b17cb7b
cf776435b07a0b7ccaba146eb163c4aecde481c03ad4208f7e9ed2ff8fcc075d
d022fb4ca469a4d43a98529428c993e081753cc7f600f0ce3c169b6d86ca90db
d865751246824a3c0b2e48d30c6abee6763f5aa6664c8e57eb17e6db0390eb36
dea8f078f4273476b80c97a2779f0a09c2cd74d0bcb17539c7a08f995e567be5
df3fe5dbba02fc096c7622e956375257f4273915d2060ddd7e18c3526090be3e
e1297a5472f04060cb54d32626c70a6377002416a96e2b6d007f5aeb4f7f560e
e21d77cb41df9da1d26ad77254dc030edbe473b19457cfefd9e513d2cd4452a3
e3f0dfd6f12edfefe4e2bd20f1cfb3c1da7b76adf9bc471b74cfe2a118e8fa80
ec4af7b7284e304ab1003120b00255a35203c69643ecee591f882d9424699545
ef3e9686cfa91143c5141f0dfa4c422998cce8f1b4e7825e6634612011b552bf
ef7cb75ff2082bcc86dee6aa0caaf010f7983e636b583b5c0b6da4acc882f7b9
f2723dfc7fffbe37ff6940259468d68c50b7d2894b23d63835805538369d0726