start.nyspins.com
Open in
urlscan Pro
104.20.104.65
Public Scan
Effective URL: https://start.nyspins.com/de/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B335B&var5=AAVBK
Submission: On March 31 via manual from NZ
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on March 13th 2018. Valid for: 2 years.
This is the only time start.nyspins.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 212.47.208.158 212.47.208.158 | 3327 (CITIC CIT...) (CITIC CITIC Telecom CPC Netherlands B.V.) | |
1 1 | 94.236.90.18 94.236.90.18 | 15395 (RACKSPACE...) (RACKSPACE-LON) | |
1 1 | 104.20.105.65 104.20.105.65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 11 | 104.20.104.65 104.20.104.65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 172.217.22.10 172.217.22.10 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.22.8 172.217.22.8 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 3 | 172.217.22.14 172.217.22.14 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 37.157.4.39 37.157.4.39 | 198622 (ADFORM) (ADFORM) | |
1 | 52.222.171.160 52.222.171.160 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 64.233.166.154 64.233.166.154 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 172.217.22.3 172.217.22.3 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 52.222.171.250 52.222.171.250 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 54.76.111.242 54.76.111.242 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
26 | 12 |
ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., EE)
PTR: a158.radicenter.eu
internewsreview.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
start.nyspins.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
start.nyspins.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f14.1e100.net
www.google-analytics.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-171-160.fra54.r.cloudfront.net
tag.widespace.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: wm-in-f154.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-171-250.fra54.r.cloudfront.net
engine.widespace.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-111-242.eu-west-1.compute.amazonaws.com
userbeacon.widespace.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
nyspins.com
2 redirects
start.nyspins.com |
611 KB |
3 |
gstatic.com
fonts.gstatic.com |
39 KB |
3 |
widespace.com
tag.widespace.com engine.widespace.com userbeacon.widespace.com |
2 KB |
3 |
adform.net
track.adform.net |
36 KB |
3 |
google-analytics.com
1 redirects
www.google-analytics.com |
15 KB |
2 |
doubleclick.net
stats.g.doubleclick.net |
469 B |
1 |
googletagmanager.com
www.googletagmanager.com |
21 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
netrefer.com
1 redirects
suprnation.cdn.netrefer.com |
911 B |
1 |
internewsreview.com
internewsreview.com |
413 B |
26 | 10 |
Domain | Requested by | |
---|---|---|
12 | start.nyspins.com |
2 redirects
start.nyspins.com
|
3 | fonts.gstatic.com |
start.nyspins.com
|
3 | track.adform.net |
internewsreview.com
track.adform.net |
3 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
start.nyspins.com |
2 | stats.g.doubleclick.net |
start.nyspins.com
|
1 | userbeacon.widespace.com |
start.nyspins.com
|
1 | engine.widespace.com |
start.nyspins.com
|
1 | tag.widespace.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
start.nyspins.com
|
1 | fonts.googleapis.com |
start.nyspins.com
|
1 | suprnation.cdn.netrefer.com | 1 redirects |
1 | internewsreview.com | |
26 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nyspins.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nyspins.com Thawte RSA CA 2018 |
2018-03-13 - 2020-06-15 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://start.nyspins.com/de/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B335B&var5=AAVBK
Frame ID: 4CB70A013C7E6D74F5D559701C8E3FBA
Requests: 31 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://internewsreview.com/redirection/new/201803/Marketing-15216434071.php?snippet=AAVBK Page URL
-
http://suprnation.cdn.netrefer.com/redirect.aspx?pid=2759&bid=1545&var5=AAVBK
HTTP 301
http://start.nyspins.com/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B335B&... HTTP 301
https://start.nyspins.com/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B335B&... HTTP 302
https://start.nyspins.com/de/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B33... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Trete unserem Casino bei
Search URL Search Domain Scan URL
Title: Besuche die Seite
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://internewsreview.com/redirection/new/201803/Marketing-15216434071.php?snippet=AAVBK Page URL
-
http://suprnation.cdn.netrefer.com/redirect.aspx?pid=2759&bid=1545&var5=AAVBK
HTTP 301
http://start.nyspins.com/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B335B&var5=AAVBK HTTP 301
https://start.nyspins.com/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B335B&var5=AAVBK HTTP 302
https://start.nyspins.com/de/?programme=aff&source=netrefer&btag=654575_11844B77647D42CB954FE8686C7B335B&var5=AAVBK Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1393239771&t=pageview&_s=1&dl=https%3A%2F%2Fstart.nyspins.com%2Fde%2F%3Fprogramme%3Daff%26source%3Dnetrefer%26btag%3D654575_11844B77647D42CB954FE8686C7B335B%26var5%3DAAVBK&dr=http%3A%2F%2Finternewsreview.com%2Fredirection%2Fnew%2F201803%2FMarketing-15216434071.php%3Fsnippet%3DAAVBK&ul=en-us&de=UTF-8&dt=NYspins%20%7C%20the%20Casino%20That%20Never%20Sleeps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aPDAAEAB~&jid=1805111301&gjid=1734612499&cid=469979584.1522531391&tid=UA-71968518-5&_gid=2111173037.1522531391&_r=1>m=G3rM57T2Q5&cd9=469979584.1522531391&z=1851738327 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71968518-5&cid=469979584.1522531391&jid=1805111301&_gid=2111173037.1522531391&gjid=1734612499&_v=j66&z=1851738327
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Marketing-15216434071.php
internewsreview.com/redirection/new/201803/ |
133 B 413 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
start.nyspins.com/de/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.166343a3c7cfafaf0eaa.bundle.css
start.nyspins.com/desktop/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inline.bcac5d42328d1dd2c5c2.bundle.js
start.nyspins.com/desktop/ |
804 B 912 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.2e9e5cbc56e7d1d0725a.bundle.js
start.nyspins.com/desktop/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.8ad3d2cb9ae9c2a062a8.bundle.js
start.nyspins.com/desktop/ |
790 KB 222 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6a13846bd6839519b643.bundle.js
start.nyspins.com/desktop/ |
58 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
59 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nyspins.ttf
start.nyspins.com/assets/fonts/common/ |
17 KB 18 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
35 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
track.adform.net/serving/scripts/trackpoint/async/ |
76 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
tag.js
tag.widespace.com/t/ |
698 B 1021 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sitemap
start.nyspins.com/ |
10 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
languages
start.nyspins.com/ |
71 B 477 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/ |
35 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ |
35 B 367 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
track.adform.net/Serving/TrackPoint/ |
9 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
startlp.3ce1f38819d6dc226107.jpg
start.nyspins.com/desktop/ |
320 KB 321 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v12/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
track.adform.net/wpf/v1/7Wa44j1e3NlY5BSo9z4ofjb75PaK4Vpjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflKAk7zl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWk3qwyWEQEe6qgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRP... |
210 B 689 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wid.gif
engine.widespace.com/map/engine/ |
45 B 424 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tags
userbeacon.widespace.com/userbeacon/v1/ |
37 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer function| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| google_tag_manager object| __zone_symbol__loadfalse string| GoogleAnalyticsObject function| ga string| url string| keyToFind undefined| valueFound object| _adftrack boolean| ngDevMode function| _ object| Stomp object| __zone_symbol__unloadfalse object| JSON3 object| gaplugins object| gaGlobal object| gaData object| Adform object| __zone_symbol__mousemovefalse object| KJUR object| adf object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| ng function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| options object| fortyone object| wisp function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nyspins.com/ | Name: _gid Value: GA1.2.2111173037.1522531391 |
|
.nyspins.com/ | Name: _ga Value: GA1.2.469979584.1522531391 |
|
.nyspins.com/ | Name: _dc_gtm_UA-71968518-5 Value: 1 |
|
.nyspins.com/ | Name: __cfduid Value: dcde6321ca5fa9929254d138e7906a1c21522531390 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
engine.widespace.com
fonts.googleapis.com
fonts.gstatic.com
internewsreview.com
start.nyspins.com
stats.g.doubleclick.net
suprnation.cdn.netrefer.com
tag.widespace.com
track.adform.net
userbeacon.widespace.com
www.google-analytics.com
www.googletagmanager.com
104.20.104.65
104.20.105.65
172.217.22.10
172.217.22.14
172.217.22.3
172.217.22.8
212.47.208.158
37.157.4.39
52.222.171.160
52.222.171.250
54.76.111.242
64.233.166.154
94.236.90.18
085fadd564e2358c4fed37147a2b9bf8020ce9e6884dcbf51e61d2b0606957e3
0d18b4bafb15e54b797456bb5688463e8a302996a32273efb4ab1de84a91fb92
11b2eacee917f04f2c05ceb3865b31659ae6161ddf185842da8cff07e8eb24f4
130deee572fff58dcf96a191ce3b651599201a21150ff500eb0fe80e4776e146
141f3fbbf7ecc1316ae7ed2432ec112d708c5c290b9aca412408ddf6945b0dae
148d129354598240b2fa3d51688c5d9beb301a40988c44e0655f8f224170d0fb
1f575282bfb49b4902954c7bedc595bf0f6f5d372af93c83885f51e40af6bd9b
4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40
4cb286e0728f99d8a32589fbb0e99ec81271713b23e0753a5056c8180c141c7b
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
54da1f1e23de284c512c40e2dda74367e099ecd510fc7f7c9a27d10759f557fe
5d3b705ae3ca5b69548414cec5c907f81c69aa9a864de9a2d9fa5424c8aec0a2
5f41f7be041042dcce6e9f9c6d95ea4ad3fab1038cd6ce7894371b742620ad0d
60330b1926e32fc1e4d3ad9b33a616886b4219f3315aebe328c55016c087e9e7
621c706d880d8f6e787e3d92f2ae79decc7d98d97b9908d359ec979fba7c70e5
7aaf8a7cda440a48445c027641a5ec2bc815af3edc40deb645f6d7c23238d230
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ddd03d916ac0265ccb19275b52d2520bdce043cd0fe6ea5661f1574469daf7
856e0b0925406f6aed593c31cd4581a5b7e9c99f27f15434dc49936ff50b6670
924f1b61d30302668c0cbf0ea7795d98e703c4b962ef32ed8770da993e37bfb5
93efc90f4ddeb27b20fe270279b4173a6f755ae7a6657b23db32c27a0c99a43e
9edfb37ac1c96720c317d1c5b819480f863bdce665b18f0d76bc22a7c01c4596
b8afea5702bb3b5f31c5eb5a0d71b27049e1f5b7377fc44fb9595541608522e4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cce015dd88faf9c509a0e3cbd72929e2b13c574f0dcdbe2fef76ca065c10c73d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e514eba0dd7c69aeef74df229cb7037bebae2e958aba75d34ca01f7ca855d40b
ec5faa3f77c5e7ff0b43a16d8ac93f6c3a6ed1d742479250dab671071d8f9cda
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7