![](/screenshots/a7a9f5fd-336d-4c61-9ee4-9f2c8f39578b.png)
rivuletqa.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Submission: On April 11 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on February 25th 2023. Valid for: 3 months.
This is the only time rivuletqa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
storage.googleapis.com |
ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: enviro.concept-websites.co.uk
emanhtap.arfiandi.me |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
rivuletqa.com
3 redirects
rivuletqa.com beacon.rivuletqa.com |
473 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
5 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 424 fonts.googleapis.com — Cisco Umbrella Rank: 47 |
3 KB |
4 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1666 ka-f.fontawesome.com — Cisco Umbrella Rank: 3207 |
24 KB |
3 |
virtualpushplatform.com
virtualpushplatform.com — Cisco Umbrella Rank: 514809 |
4 KB |
2 |
pushserve.xyz
pushserve.xyz — Cisco Umbrella Rank: 310145 |
2 KB |
2 |
arfiandi.me
1 redirects
emanhtap.arfiandi.me |
574 B |
1 |
google.nl
www.google.nl — Cisco Umbrella Rank: 8940 |
408 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 100 |
347 B |
1 |
gstatic.com
fonts.gstatic.com |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
44 KB |
1 |
povlandy.com
1 redirects
povlandy.com |
598 B |
1 |
herlingtz.com
herlingtz.com |
440 B |
33 | 14 |
Domain | Requested by | |
---|---|---|
7 | rivuletqa.com |
2 redirects
herlingtz.com
rivuletqa.com |
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com rivuletqa.com |
4 | fonts.googleapis.com |
rivuletqa.com
|
3 | beacon.rivuletqa.com |
1 redirects
rivuletqa.com
|
3 | virtualpushplatform.com |
rivuletqa.com
virtualpushplatform.com |
3 | ka-f.fontawesome.com |
kit.fontawesome.com
|
2 | pushserve.xyz |
virtualpushplatform.com
|
2 | emanhtap.arfiandi.me |
1 redirects
storage.googleapis.com
|
1 | www.google.nl | |
1 | www.google.com | |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googletagmanager.com |
rivuletqa.com
|
1 | kit.fontawesome.com |
rivuletqa.com
|
1 | povlandy.com | 1 redirects |
1 | herlingtz.com |
emanhtap.arfiandi.me
|
1 | storage.googleapis.com | |
33 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
storage.googleapis.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
herlingtz.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-06 - 2024-03-05 |
a year | crt.sh |
*.rivuletqa.com GTS CA 1P5 |
2023-02-25 - 2023-05-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-12 - 2023-08-12 |
a year | crt.sh |
beacon.rivuletqa.com R3 |
2023-03-05 - 2023-06-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
pushserve.xyz Sectigo RSA Domain Validation Secure Server CA |
2022-08-01 - 2023-08-01 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
*.google.nl GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Frame ID: BE6603254A050A2CD03E0A3943F3ED59
Requests: 32 HTTP requests in this frame
Screenshot
![](/screenshots/a7a9f5fd-336d-4c61-9ee4-9f2c8f39578b.png)
Page URL History Show full URLs
- https://storage.googleapis.com/nbvcdfghytre/mdsand2.html Page URL
- http://emanhtap.arfiandi.me/redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 Page URL
-
http://emanhtap.arfiandi.me/track/c19101XQgPP6531093gyNm68476OOi8009FgdG2777
HTTP 302
https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009 Page URL
-
https://povlandy.com/r/9a8aaa2d-9fe3-4524-ab57-00a951be4aab/472683/1357227730/2
HTTP 302
https://rivuletqa.com/sf/tpl38?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
http://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 Page URL
Detected technologies
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://storage.googleapis.com/nbvcdfghytre/mdsand2.html Page URL
- http://emanhtap.arfiandi.me/redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 Page URL
-
http://emanhtap.arfiandi.me/track/c19101XQgPP6531093gyNm68476OOi8009FgdG2777
HTTP 302
https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009 Page URL
-
https://povlandy.com/r/9a8aaa2d-9fe3-4524-ab57-00a951be4aab/472683/1357227730/2
HTTP 302
https://rivuletqa.com/sf/tpl38?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
http://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://emanhtap.arfiandi.me/track/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 HTTP 302
- https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009
- https://beacon.rivuletqa.com/g2/5c6d753b-9c3b-47b2-a266-5e7a7c0ddab3?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 302
- https://beacon.rivuletqa.com/s/7bc7994c-19ec-46f2-8f84-5a4907959182?&requestid=fggkWwJu6R&destinationid=3961396631&item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
mdsand2.html
storage.googleapis.com/nbvcdfghytre/ |
274 B 762 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c19101XQgPP6531093gyNm68476OOi8009FgdG2777
emanhtap.arfiandi.me/redirect.php/ |
253 B 370 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6531093-68476-8009
herlingtz.com/1003dfa41e48c610800/2/2777-19101/ Redirect Chain
|
142 B 440 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
rivuletqa.com/sf/tpl38/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 915 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
268a7048dd.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
700 B 774 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.2d9c55de897bc59d50b7.css
rivuletqa.com/sf/tpl38/ |
75 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
apple_logo.png
rivuletqa.com/sf/tpl38/public/ |
51 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
11.a4ba6d6e.chunk.js
rivuletqa.com/sf/tpl38/js/ |
360 KB 118 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.a57bdeb1.js
rivuletqa.com/sf/tpl38/js/ |
673 KB 127 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 495 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ace-push.js
virtualpushplatform.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
summary
beacon.rivuletqa.com/geo/ |
117 B 563 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7bc7994c-19ec-46f2-8f84-5a4907959182
beacon.rivuletqa.com/s/ Redirect Chain
|
212 KB 158 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 143 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
visit
pushserve.xyz/api/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit
pushserve.xyz/api/v1/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.nl/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log-client-error
virtualpushplatform.com/api/v1/visit/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
log-client-error
virtualpushplatform.com/api/v1/visit/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| FontAwesomeKitConfig function| gtag object| dataLayer object| webpackJsonp object| regeneratorRuntime function| _ object| core function| ScratchCard object| SCRATCH_TYPE object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
herlingtz.com/ | Name: uid24373 Value: 1357227730-20230411130305-f4df1f7f4abac5d34adec0e3401aaa96-3319 |
|
.rivuletqa.com/ | Name: _ga Value: GA1.2.230397218.1681236188 |
|
.rivuletqa.com/ | Name: _gid Value: GA1.2.1725440552.1681236188 |
|
.rivuletqa.com/ | Name: _gat_gtag_UA_148357412_1 Value: 1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beacon.rivuletqa.com
emanhtap.arfiandi.me
fonts.googleapis.com
fonts.gstatic.com
herlingtz.com
ka-f.fontawesome.com
kit.fontawesome.com
povlandy.com
pushserve.xyz
rivuletqa.com
stats.g.doubleclick.net
storage.googleapis.com
virtualpushplatform.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
156.96.157.98
167.114.163.200
20.50.64.3
2606:4700:3032::ac43:b158
2606:4700::6812:1634
2606:4700:e4::ac40:a916
2a00:1450:4001:80e::2010
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0d::9c
2a06:98c1:3120::3
45.55.126.207
94.102.4.223
01124a250103c3a9da4b8879c491112b204e14c3ca836f9d40f7dc3b1b6075b9
1095d32ef61d9ac04d1a07392d57ebcfc394a75649b196e7f0fdb0cb9d18332d
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1b2f88142c19df560f487368810bba2d41c5d6948df584abaa2e0091c0b2245b
4cd5d9b9721d6b1bfc18d8c81562508902e01c61e2d2058485cc31fad4222c7d
533ff0001abcabb51689c162adf7ea293747feefb41d530918393e09e03a46bc
570f97cd079671d3e6b969adca906125e3b97adfa66582b07779e2ad709ead07
575df15a3fff013c571ab99d22fa93641e0d21479905a74338fe6b0a197c1d44
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e125f35a0e6e268bb685f8dfa009cc7322bdbb91902504128a8af8d01257dde
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7ed071de25afe945a3c80724a3a6623f28b2092c642102b85a77cdc5fdbd2b5e
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f8fcd47b243d2fbd3ae636452b456039defe20ee0f241760992050078ca9dc
8da4430244ddb3ff5741579fdc376e2dd219adbed78c2fb90263efb1ab7bc081
98be2dbd8c34830491c94f202211013cc1d15377cf30959d17ee4ea571ed4019
9df2da5cb0badfa89929364402fa3adcd1638e2c0be1b5ec1a963d1181a94b02
c911afacd64e9c0f7ab908077b532a201f0f3358b553f14839e8d479c443e1cf
cf3d34041e665d64895d9d6bff29804c011795a32ee500288266da578a761d5e
d02cabba45f295ece38d60d4b176fee816d969ee29865ee606b37ad8285f81e1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda