![](/screenshots/bb2120c6-9513-4a14-8b95-40d225d55382.png)
app.wellnesscoach.live
Open in
urlscan Pro
18.119.7.141
Public Scan
Submission: On September 01 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 2nd 2022. Valid for: a year.
This is the only time app.wellnesscoach.live was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 18.119.7.141 18.119.7.141 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700:21:... 2606:4700:21::681b:c258 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200e | 15169 (GOOGLE) (GOOGLE) | |
5 | 151.101.64.176 151.101.64.176 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 2a00:1450:400... 2a00:1450:4001:809::200d | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 54.187.119.242 54.187.119.242 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.187.48.204 54.187.48.204 | 16509 (AMAZON-02) (AMAZON-02) | |
33 | 10 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-7-141.us-east-2.compute.amazonaws.com
app.wellnesscoach.live |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-48-204.us-west-2.compute.amazonaws.com
m.stripe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
wellnesscoach.live
app.wellnesscoach.live |
4 MB |
7 |
stripe.com
js.stripe.com — Cisco Umbrella Rank: 1080 q.stripe.com — Cisco Umbrella Rank: 7709 m.stripe.com — Cisco Umbrella Rank: 1025 |
82 KB |
5 |
google.com
apis.google.com — Cisco Umbrella Rank: 110 accounts.google.com — Cisco Umbrella Rank: 80 |
44 KB |
2 |
stripe.network
m.stripe.network — Cisco Umbrella Rank: 1166 |
17 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 154 |
87 KB |
1 |
gstatic.com
www.gstatic.com |
35 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
1 |
plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 14016 |
61 KB |
33 | 8 |
Domain | Requested by | |
---|---|---|
14 | app.wellnesscoach.live |
app.wellnesscoach.live
|
3 | q.stripe.com |
app.wellnesscoach.live
|
3 | accounts.google.com |
apis.google.com
app.wellnesscoach.live www.gstatic.com |
3 | js.stripe.com |
app.wellnesscoach.live
js.stripe.com |
2 | m.stripe.network |
js.stripe.com
m.stripe.network |
2 | connect.facebook.net |
app.wellnesscoach.live
connect.facebook.net |
2 | apis.google.com |
app.wellnesscoach.live
apis.google.com |
1 | m.stripe.com |
m.stripe.network
|
1 | www.gstatic.com |
accounts.google.com
|
1 | www.google-analytics.com |
app.wellnesscoach.live
|
1 | cdn.plyr.io |
app.wellnesscoach.live
|
33 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.wellnesscoach.live |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.wellnesscoach.live Go Daddy Secure Certificate Authority - G2 |
2022-06-02 - 2023-07-04 |
a year | crt.sh |
*.plyr.io GTS CA 1P5 |
2022-07-05 - 2022-10-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2022-08-31 - 2023-01-10 |
4 months | crt.sh |
*.apis.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-10 - 2022-09-08 |
3 months | crt.sh |
accounts.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-08-15 - 2022-11-13 |
3 months | crt.sh |
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-11 - 2022-10-19 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://app.wellnesscoach.live/live?utm_source=hs_email&utm_campaign=meditation.live%20weekly%20emails&from=BRANCH&utm_medium=email&_hsmi=224485679&_hsenc=p2ANqtz-_DQnmzoTFVWJj2Iva1--OHIYzuV7IB3Qj51glaAjWpN5sq50TddL2Vd3U-s1A-LoD1uxhklfLrgx3GVyG0hU1JeBy0fw&utm_content=224479018&_branch_match_id=1050737917791039284&_branch_referrer=H4sIAAAAAAAAA0WO0W6CMABF%2F8YXU2hBhi4hC8boIMTFRDB7IhUqLbSl2laFr1%2FgZY%2F35J7kUGOU%2FnRdQWpmsGG9BJw9iYOVcjiTnYtTCfNRd5pev6wRZYWFwqyR0b%2FhTMbyRUjHhyURmHG9mK7Tw4poJouSasEiz1ut1sFHuJk2kVWkvPh4NyModycpxv68Ly5p6yVPjAD4%2BU5%2BR1uEydY%2FtQFqOI7bizoG%2Bh7Ac11nXlH7OdAoBlm%2FQ%2FZNO37LHs3bPxTDAdIcpWQ7wNtrjql6aYg0c0G4gWg9U93bR0Uiqsu58g%2Fu8bKNDgEAAA%3D%3D
Frame ID: DE1E11FD71037B54BFE5A10DA840C1CE
Requests: 21 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 9B2A8029F8E68FD39032C31AB2497864
Requests: 4 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-6a0034e15fdc6a820e161ebc10368dcb.html
Frame ID: 61F44EC1D5F05C448B134B30C417D290
Requests: 4 HTTP requests in this frame
Frame:
https://m.stripe.network/inner.html
Frame ID: 11725F295AA183863CEF685084E2E465
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/bb2120c6-9513-4a14-8b95-40d225d55382.png)
Page Title
Wellness Coach AppDetected technologies
Detected patterns
- <iframe[^>]*accounts\.google\.com/o/oauth2
![](/vendor/wappa/icons/Plyr.png)
Detected patterns
- https://cdn\.plyr\.io/([0-9.]+)/.+\.js
![](/vendor/wappa/icons/Stripe.png)
Detected patterns
- js\.stripe\.com
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
live
app.wellnesscoach.live/ |
4 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plyr.polyfilled.js
cdn.plyr.io/3.6.4/ |
187 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
10.aefaf1d1.chunk.js
app.wellnesscoach.live/static/js/ |
278 KB 280 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.c3403899.chunk.js
app.wellnesscoach.live/static/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
15.f1dbc00c.chunk.js
app.wellnesscoach.live/static/js/ |
1 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.2699a0de.chunk.css
app.wellnesscoach.live/static/css/ |
161 KB 163 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.6579a8a0.chunk.js
app.wellnesscoach.live/static/js/ |
171 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.d7f50872.chunk.js
app.wellnesscoach.live/static/js/ |
31 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.cbf1bbc6.chunk.js
app.wellnesscoach.live/static/js/ |
24 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.3d147ebb.chunk.css
app.wellnesscoach.live/static/css/ |
58 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.530cb4ce.chunk.js
app.wellnesscoach.live/static/js/ |
966 KB 967 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7.10dd2710.chunk.css
app.wellnesscoach.live/static/css/ |
705 KB 706 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7.e604ece0.chunk.js
app.wellnesscoach.live/static/js/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
larsseit-webfont.7729350d.woff2
app.wellnesscoach.live/static/media/ |
20 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v3
js.stripe.com/ |
326 KB 79 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
apis.google.com/js/ |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
larsseit-bold-webfont.f6a38961.woff2
app.wellnesscoach.live/static/media/ |
20 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ |
108 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
299 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 9B2A |
280 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 9B2A |
2 KB 846 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.iBWaHDP-6pg.es5.O/d=1/rs=AOaEmlETlIX1tx1rHlmv6vVxAbtX71BL3w/ Frame 9B2A |
99 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-6a0034e15fdc6a820e161ebc10368dcb.html
js.stripe.com/v3/ Frame 61F4 |
186 B 818 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iframerpc
accounts.google.com/o/oauth2/ Frame 9B2A |
49 B 96 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame 61F4 |
0 571 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame 61F4 |
0 570 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-d45840d7b854ab8c334de3b67a83d7c5.js
js.stripe.com/v3/fingerprinted/js/ Frame 61F4 |
526 B 385 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inner.html
m.stripe.network/ Frame 1172 |
930 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame 1172 |
0 344 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
out-4.5.42.js
m.stripe.network/ Frame 1172 |
86 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
6
m.stripe.com/ Frame 1172 |
156 B 523 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Plyr object| webpackJsonpwellnesscoach-desktop function| jQuery object| TreemapSquared function| SVG object| Apex function| ApexCharts string| GoogleAnalyticsObject function| ga object| activeRenewals object| renewStates object| callbackMappedToRenewStates object| promiseMappedToRenewStates object| msal function| fbAsyncInit object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gapi object| ___jsl object| FB object| osapi object| webpackChunkstripe_js_v3 function| Stripe object| __buffer7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wellnesscoach.live/ | Name: _ga Value: GA1.2.2114721429.1662042366 |
|
.wellnesscoach.live/ | Name: _gid Value: GA1.2.474758959.1662042366 |
|
.app.wellnesscoach.live/ | Name: G_ENABLED_IDPS Value: google |
|
.google.com/ | Name: NID Value: 511=WOrQq6rGx1LL__X67IShRQW4GRMy9RIlJ3W1-LN8XQqiNFEitLU9p1FirQZnCcWM8xlnX-Dm-yDrgMpUe27_FrDcQK3qvYMwA0Ab40rHdaLVNoIm2OEWDvUw7L3vpC5FGVo92hHLNsKZmkmWkxEfXdqL3j_pKO9GA2cMkUcMF3I |
|
m.stripe.com/ | Name: m Value: 75ff81a4-6848-4482-9818-03e0f6316392b8da5e |
|
.app.wellnesscoach.live/ | Name: __stripe_mid Value: 73571168-09d1-4579-8a1f-18952c31ec8ebf5557 |
|
.app.wellnesscoach.live/ | Name: __stripe_sid Value: db45333b-3352-4bd8-aeb0-055b75e576f03f534b |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.live.com https://www.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://graph.microsoft.com https://login.microsoft.com https://login.microsoftonline.com https://player.vimeo.com https://www.googleapis.com https://accounts.google.com https://apis.google.com https://www.facebook.com https://graph.facebook.com https://connect.facebook.net https://api.meditation.live https://media.meditation.live https://checkout.stripe.com https://js.stripe.com https://api.stripe.com https://vod-progressive.akamaized.net https://i.vimeocdn.com https://cdn.plyr.io ;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://player.vimeo.com https://accounts.google.com https://cdn.plyr.io https://checkout.stripe.com https://apis.google.com https://connect.facebook.net https://api.stripe.com https://js.stripe.com https://www.google-analytics.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com |
Strict-Transport-Security | max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
apis.google.com
app.wellnesscoach.live
cdn.plyr.io
connect.facebook.net
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
www.google-analytics.com
www.gstatic.com
151.101.64.176
18.119.7.141
2606:4700:21::681b:c258
2a00:1450:4001:803::2003
2a00:1450:4001:809::200d
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200e
2a03:2880:f007:8:face:b00c:0:1
54.187.119.242
54.187.48.204
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
100a93f016e52e971a51478187bb7c37d343c9d33ec9fb08ef8032135c3ec4cd
21ca574192971f57bd01e98b21b9082a4df9d369043d0d57146bceb5fe0a3b9d
2928a4814b0e6f3aa96a5064b568d7485cc56fd3f2ebe388ddfe3fb543bfbad4
29c230dedea1185ae5c04db345bb87b8ca9c5e4b2edd458bce3099b59ace4412
3beb0b0b4431c26a6290bd5d78ab9e4f6fd868d338a1dee54cc13a372bbffb16
3c554c844f20cbf338ba2b551aac40c89166ea81bbc98187d6aa69924d64a5f6
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
5463455a788cdc07b864e5a6c0705d9f7d8eecf0a36a6b6b5dcfe25c608b61db
64edc5596b8cef6a234f2a15e4ab06fee5718f1ba507fe82528a30f2897afa52
6df57872531da840b956c109641e7fc7653ea7a398a13057fcd6c018bb5d662c
7907f9569c7929765031a8c8bd04a3ff86f3fc43ffcdcdfbbbcf3b1d65eb2857
7f07e5e05567c555c2f262ffab11ef1478f38d6e49d215ff66c6108d000530b5
8f10792cdd3b568587dd73792feef255c82fb80348cec45c0c4fc2af8ee154d6
9310adb28d022647d6d2823bd9cc4463fb14af110ec368792eba2cfc5da85037
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4795ddb719269e16ff82c7fc3ef0af16bef5122b03a9bf93fe91a76fea39399
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aba9cba5dc1feb1d44e2eade51a80a4ade55d31d9ff68fa8a067cad92bc29a51
b5d64c94bf165ca22b367e52de872e54d9f3c9681ce7c8dded5689172ef7f1a6
b8a194132a87cfc51a7291307432ebe0d5954e51226fb5d41271f9ae5e2d39df
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c64b2e4ff1701c77fd34bfb5775d6b7db1d0c7038b25de22c8926d6160936792
d1c8872dcf4c2c70254699b251b22bed9cb9e61c420b4876dd78bbff87a535da
d8ae6314d9e9ff24a59b9bf7535b266ac4989b8621a2a8af2f391203380de592
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9a007ed8752db82dd1451af6444e8f49dc072623b76bdd051bb5363787c4f0
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fb976aeb4e16602ec4035f3f9c77ca1136af5882b5bd636039153e2628abd455
fc7f27b896f1ec82853220dbc2a8ee6fdecfa7475baa2068dbb382901305a84a
ff00c2588a2e49c0b6800a7cde39dabc92f37ef74795668c3cb02ac6fa0ee3a5