dailydeals-foryou.com
Open in
urlscan Pro
89.40.9.172
Public Scan
Effective URL: https://dailydeals-foryou.com/post/befr/?cep=tpK4orf-B7MQKhx-_ST6T-wAUvaqPmI-mvz5Qnl-2wnplYgbqI-k0lw1xRAYhe24lgHOEZUAnx4sGPlWC...
Submission: On April 23 via api from BE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 30th 2020. Valid for: a year.
This is the only time dailydeals-foryou.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a00:1450:400... 2a00:1450:4001:818::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:821::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 52.28.9.56 52.28.9.56 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 89.40.9.172 89.40.9.172 | 62282 (RACKRAY U...) (RACKRAY UAB Rakrejus) | |
3 | 35.244.137.202 35.244.137.202 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:e234 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3033::681b:b27f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 95.100.67.47 95.100.67.47 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
5 | 192.229.133.208 192.229.133.208 | 15133 (EDGECAST) (EDGECAST) | |
3 | 35.222.120.150 35.222.120.150 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:303... 2606:4700:3035::681f:592e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:26f0:310... 2a02:26f0:3100:2a0::19fd | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
28 | 13 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-9-56.eu-central-1.compute.amazonaws.com
treehouseclicks.com |
ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: 2k34.l.time4vps.cloud
dailydeals-foryou.com |
ASN15169 (GOOGLE, US)
PTR: 202.137.244.35.bc.googleusercontent.com
g.fastcdn.co |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com
use.typekit.net |
ASN15169 (GOOGLE, US)
PTR: 150.120.222.35.bc.googleusercontent.com
heatmap-events-collector.instapage.com | |
anthill.instapage.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
fastcdn.co
g.fastcdn.co v.fastcdn.co |
165 KB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
101 KB |
5 |
typekit.net
use.typekit.net p.typekit.net |
68 KB |
3 |
instapage.com
heatmap-events-collector.instapage.com anthill.instapage.com |
5 KB |
2 |
dailydeals-foryou.com
1 redirects
dailydeals-foryou.com |
20 KB |
1 |
mdsyzz.info
api.mdsyzz.info |
630 B |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
mdsyzz.com
api.mdsyzz.com |
1 KB |
1 |
onesignal.com
cdn.onesignal.com |
3 KB |
1 |
treehouseclicks.com
1 redirects
treehouseclicks.com |
1 KB |
1 |
page.link
postbpost.page.link |
11 KB |
28 | 11 |
Domain | Requested by | |
---|---|---|
5 | v.fastcdn.co |
dailydeals-foryou.com
|
4 | use.typekit.net |
dailydeals-foryou.com
|
3 | g.fastcdn.co |
dailydeals-foryou.com
|
3 | fonts.gstatic.com |
postbpost.page.link
dailydeals-foryou.com |
3 | www.gstatic.com |
postbpost.page.link
www.gstatic.com |
2 | heatmap-events-collector.instapage.com |
dailydeals-foryou.com
heatmap-events-collector.instapage.com |
2 | dailydeals-foryou.com |
1 redirects
www.gstatic.com
|
1 | anthill.instapage.com |
dailydeals-foryou.com
|
1 | p.typekit.net |
dailydeals-foryou.com
|
1 | api.mdsyzz.info |
api.mdsyzz.com
|
1 | fonts.googleapis.com |
dailydeals-foryou.com
|
1 | api.mdsyzz.com |
dailydeals-foryou.com
|
1 | cdn.onesignal.com |
dailydeals-foryou.com
|
1 | treehouseclicks.com | 1 redirects |
1 | postbpost.page.link | |
28 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
treehouseclicks.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.page.link GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
dailydeals-foryou.com Sectigo RSA Domain Validation Secure Server CA |
2020-03-30 - 2021-03-30 |
a year | crt.sh |
g.fastcdn.co Let's Encrypt Authority X3 |
2020-02-13 - 2020-05-13 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-04-06 - 2020-10-09 |
6 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
v.fastcdn.co DigiCert SHA2 Secure Server CA |
2017-10-24 - 2020-06-09 |
3 years | crt.sh |
heatmap-events-collector.instapage.com Let's Encrypt Authority X3 |
2020-03-03 - 2020-06-01 |
3 months | crt.sh |
anthill.instapage.com Let's Encrypt Authority X3 |
2020-03-19 - 2020-06-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dailydeals-foryou.com/post/befr/?cep=tpK4orf-B7MQKhx-_ST6T-wAUvaqPmI-mvz5Qnl-2wnplYgbqI-k0lw1xRAYhe24lgHOEZUAnx4sGPlWCll2sFVUL8QIsYWoSSuimXBb7Wr57O0W-eXKHLGGottmhUCudmc0cvX_vsElroCqFatIwH-MPabPiHe7WKiim3Pkw3IN62iR9apIbtYYZ-I1h3HCp0z6XsgO95KJTJgyfpNy_303Vp40W9w2GzFwTG-DNwahoRH7ohBoS-uLrXHZLvVEWU17oa2VFRBxH7TyZXN6jCMVC9J1p-eGB88CaZqgXpEgII1OvLmmZ90beVb7O5LNeQV3pP3V-151xaLE8ftQMJd5a6C3pS5YIoCt2R0oVWzBkN1PflC_K5tQSyrHPwjG&lptoken=1504877e680359227031
Frame ID: 9101348420E856E2587E2B855ECF9EA3
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://postbpost.page.link/jTpt Page URL
-
https://treehouseclicks.com/c006af93-192f-4428-aa88-9eaf77d57bbe
HTTP 302
https://dailydeals-foryou.com/post/befr?cep=tpK4orf-B7MQKhx-_ST6T-wAUvaqPmI-mvz5Qnl-2wnplYgbqI-k0lw1xRAYhe... HTTP 301
https://dailydeals-foryou.com/post/befr/?cep=tpK4orf-B7MQKhx-_ST6T-wAUvaqPmI-mvz5Qnl-2wnplYgbqI-k0lw1xRAYh... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://postbpost.page.link/jTpt Page URL
-
https://treehouseclicks.com/c006af93-192f-4428-aa88-9eaf77d57bbe
HTTP 302
https://dailydeals-foryou.com/post/befr?cep=tpK4orf-B7MQKhx-_ST6T-wAUvaqPmI-mvz5Qnl-2wnplYgbqI-k0lw1xRAYhe24lgHOEZUAnx4sGPlWCll2sFVUL8QIsYWoSSuimXBb7Wr57O0W-eXKHLGGottmhUCudmc0cvX_vsElroCqFatIwH-MPabPiHe7WKiim3Pkw3IN62iR9apIbtYYZ-I1h3HCp0z6XsgO95KJTJgyfpNy_303Vp40W9w2GzFwTG-DNwahoRH7ohBoS-uLrXHZLvVEWU17oa2VFRBxH7TyZXN6jCMVC9J1p-eGB88CaZqgXpEgII1OvLmmZ90beVb7O5LNeQV3pP3V-151xaLE8ftQMJd5a6C3pS5YIoCt2R0oVWzBkN1PflC_K5tQSyrHPwjG&lptoken=1504877e680359227031 HTTP 301
https://dailydeals-foryou.com/post/befr/?cep=tpK4orf-B7MQKhx-_ST6T-wAUvaqPmI-mvz5Qnl-2wnplYgbqI-k0lw1xRAYhe24lgHOEZUAnx4sGPlWCll2sFVUL8QIsYWoSSuimXBb7Wr57O0W-eXKHLGGottmhUCudmc0cvX_vsElroCqFatIwH-MPabPiHe7WKiim3Pkw3IN62iR9apIbtYYZ-I1h3HCp0z6XsgO95KJTJgyfpNy_303Vp40W9w2GzFwTG-DNwahoRH7ohBoS-uLrXHZLvVEWU17oa2VFRBxH7TyZXN6jCMVC9J1p-eGB88CaZqgXpEgII1OvLmmZ90beVb7O5LNeQV3pP3V-151xaLE8ftQMJd5a6C3pS5YIoCt2R0oVWzBkN1PflC_K5tQSyrHPwjG&lptoken=1504877e680359227031 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
jTpt
postbpost.page.link/ |
36 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=_b,_tp
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.zxB4ML5eNyU.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP7SJBd66lAGWKgE5FpYONp0Aqb95w/ |
142 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=wmwg8b
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.zxB4ML5eNyU.es5.O/ck=boq-devplatform.DurableDeepLinkUi.o45UxxXIxxs.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd... |
34 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=DvZ6Wd
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.zxB4ML5eNyU.es5.O/ck=boq-devplatform.DurableDeepLinkUi.o45UxxXIxxs.L.B1.O/am=BA/d=1/exm=_b,_tp,wmwg8b/excm=_b,_t... |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
dailydeals-foryou.com/post/befr/ Redirect Chain
|
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.d4e75f3dc5d1a2cf48bb.js
g.fastcdn.co/js/ |
33 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cradle.583c39f07a28c94cf005.js
g.fastcdn.co/js/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LazyImage.8c92b48f31cf14c24322.js
g.fastcdn.co/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auto-push.min.js
api.mdsyzz.com/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
28 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mzb2bdj.css
use.typekit.net/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50473255-0-bpost.png
v.fastcdn.co/u/f7547bd3/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49058780-0-delivery.png
v.fastcdn.co/u/f7547bd3/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49175435-0-psotoffice.png
v.fastcdn.co/u/f7547bd3/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49058765-0-box-1.png
v.fastcdn.co/u/f7547bd3/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib.js
heatmap-events-collector.instapage.com/static/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f21b755c-d63b-44dc-ae0d-d1657ae61fda
api.mdsyzz.info/rest/v1/p-apps/get-id/ |
117 B 630 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.css
p.typekit.net/ |
5 B 334 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50473300-0-bpost-mand.png
v.fastcdn.co/u/f7547bd3/ |
73 KB 73 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/8e698b/00000000000000003b9b13b3/27/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/73e1a8/00000000000000003b9b13b9/27/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/aad4b2/00000000000000003b9b13b6/27/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visit
anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/ |
35 B 280 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
raw-data
heatmap-events-collector.instapage.com/api/ |
33 B 375 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| OneSignal function| InitializePush function| CheckImageAndReplace function| httpGetAsync function| getUrlVars function| getUrlParam object| __variantsData number| __page_id number| __default_experience_id number| __version string| __variant string| __variant_custom_name boolean| __preview number| __page_type string| __variant_hash string| __page_domain number| __predator_throttle object| __predator_blacklist boolean| __page_generator object| _Translate object| webpackJsonp object| core object| __core-js_shared__ object| __eventBus object| __config number| __workspaceWidth object| __session boolean| __cradleReady object| __featuresReady object| _htmp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'report-sample' 'nonce-ABrmA2TZYbhOVS0fUKVpxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-ABrmA2TZYbhOVS0fUKVpxw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
anthill.instapage.com
api.mdsyzz.com
api.mdsyzz.info
cdn.onesignal.com
dailydeals-foryou.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
heatmap-events-collector.instapage.com
p.typekit.net
postbpost.page.link
treehouseclicks.com
use.typekit.net
v.fastcdn.co
www.gstatic.com
192.229.133.208
2606:4700:3033::681b:b27f
2606:4700:3035::681f:592e
2606:4700::6812:e234
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:818::200e
2a00:1450:4001:821::2003
2a02:26f0:3100:2a0::19fd
35.222.120.150
35.244.137.202
52.28.9.56
89.40.9.172
95.100.67.47
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
11c327eab20a6aa9787a679a95aa73685ce83524d70d7985bbdc8811efbda1cc
197ecf4bd42f69531c809e40dccf87569034689107ae7ebbf2ccfd8cbfb896d2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
3567be6828f3a6e9117a7099fd8d857c4eb58781e9a9068947679e0702f59254
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
486a504e636616c6676fa82f23095ada3af6aa1f145b4e04051bd90b270696fe
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f33ce26a4bdaece7c1c98289ad21dbe60b540046f588711d3d8f3d89eff5401
724ddf03703375b0444e143b114be4cfd6033750e0dedd6e7fa9dccbcc8cbbf9
729e42132233d2bcf3b00b28cc256aa2a6873f3db36987968e666c82c1248920
7f463327ea12836d5e4298a125e048d8fb11100da4de3cdb4c1c5faaaea9053c
8d468f94db8ecd011ece54c44c20af3c8180bc30529b4e78877c7a4fd91261b6
900cc483af61454d3becb5b2f6d922ccd01a59824a260d1f018f3a9f500b513d
94df22701bd80fca42c776b7064a4505986161b616007963e1ba60adba6f84d5
9d6065b3abaca8b1e0377cf754ccf2955cd5216288ec8376a3400f2af35012d7
9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
b10d3bc2346df4d6e83d9c66f43cdfa42a882e7d0caee0ffdf07d30dbe108a08
b8959f700b29dd6e7c074bc0c4f5da3a7164bbc3c00c34ab04b92362cb1b3ca6
ba39ba13613979500b689ca7cc49c197d6ad07755fa873f6c2279e17d56999be
be39b0b3216a46cf7655d6f3451d92f3d8b2f3626c1b448721fa0223f24b829f
d523e3c7fa0c5e175059f305a16fd629e0f5c5e93c9bab849a9595b1dafd162e
e2f5a5cb749b9ac6d6b024f995371e450eaadcf2cd6028e5b6fc277c78526936
fa275eacbc9265313872f3e40abd9a3036b7e5562d58bba6674e206728fba279