simcredits.net
Open in
urlscan Pro
2a07:7800::208
Public Scan
Effective URL: https://simcredits.net/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On February 23 via api from IT — Scanned from GB
Summary
TLS certificate: Issued by R3 on February 21st 2024. Valid for: 3 months.
This is the only time simcredits.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 2a07:7800::208 2a07:7800::208 | 48254 (TWENTYI) (TWENTYI) | |
3 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
6 | 2a00:1450:400... 2a00:1450:4001:829::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2620:1ec:46::60 2620:1ec:46::60 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 89.116.64.168 89.116.64.168 | 46475 (LIMESTONE...) (LIMESTONENETWORKS) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::2002 | 15169 (GOOGLE) (GOOGLE) | |
3 | 52.152.143.207 52.152.143.207 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 68.219.88.97 68.219.88.97 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2a00:1450:400... 2a00:1450:4001:831::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2004 | 15169 (GOOGLE) (GOOGLE) | |
29 | 11 |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 |
228 KB |
7 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 777 o.clarity.ms — Cisco Umbrella Rank: 7429 c.clarity.ms — Cisco Umbrella Rank: 1351 |
28 KB |
5 |
afe.pw
afe.pw |
120 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 316 |
50 KB |
3 |
simcredits.net
1 redirects
simcredits.net |
6 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 |
5 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 242 |
764 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 775 |
24 KB |
29 | 9 |
Domain | Requested by | |
---|---|---|
6 | pagead2.googlesyndication.com |
simcredits.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
5 | afe.pw |
simcredits.net
|
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | o.clarity.ms |
www.clarity.ms
|
3 | cdn.jsdelivr.net |
simcredits.net
|
3 | simcredits.net |
1 redirects
simcredits.net
|
2 | c.clarity.ms | 1 redirects |
2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | www.clarity.ms |
simcredits.net
www.clarity.ms |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | c.bing.com | 1 redirects |
1 | code.jquery.com |
simcredits.net
|
29 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.afe.pw |
afe.pw |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.simcredits.net R3 |
2024-02-21 - 2024-05-21 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
afe.pw R3 |
2024-02-13 - 2024-05-13 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://simcredits.net/
Frame ID: D77DAF883599C8CB22C59B2E1EAC7280
Requests: 22 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: 1E8D5761F5CBC381EBFB05D73CECB236
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2207596415306425&output=html&adk=1812271804&adf=3025194257&lmt=1708652192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fsimcredits.net%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708652192452&bpp=2&bdt=324&idt=240&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=238285188496&frm=20&pv=2&ga_vid=659436768.1708652193&ga_sid=1708652193&ga_hid=1586331891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C31081316%2C95324580%2C95325068%2C31081331%2C95320377%2C95320870%2C95324154%2C95324161&oid=2&pvsid=1439532606214737&tmod=1381821549&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: B1DFDE7A9D37F0E46952A3047C0E165B
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AD87D457E39FADBF0D4486D0B7D23EE
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 692B98B6D25BB96E9AF79873E28BA29A
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Online Mobile Top Up for Afghanistan Networks With Google pay or Mastercard and Visa - Afe.PwPage URL History Show full URLs
-
http://simcredits.net/
HTTP 301
https://simcredits.net/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: afe.pw
Search URL Search Domain Scan URL
Title: Referral Program
Search URL Search Domain Scan URL
Title: Guide
Search URL Search Domain Scan URL
Title: Supported Payment Methods
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://simcredits.net/
HTTP 301
https://simcredits.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&RedC=c.clarity.ms&MXFR=1A55B4E59DB46D151AF6A0CB99B463C7 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=055ECA5846664F4A8E373D15EA5F5343&MUID=1ECA2957FFAF66B62DA73D79FEBA679D
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
simcredits.net/ Redirect Chain
|
23 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ |
190 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
simcredits.net/fonts/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k57pjy7izt
www.clarity.ms/tag/ |
650 B 1013 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
awcc.png
afe.pw/img/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
etesalat.png
afe.pw/img/ |
59 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roshan.png
afe.pw/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mtn.png
afe.pw/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
salaam.png
afe.pw/img/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.20/ |
60 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ |
408 KB 138 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 1E8D |
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
o.clarity.ms/ |
0 294 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame B1DF |
603 B 245 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 444 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AD8 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 692B |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame 4AD8 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 4AD8 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 692B |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
o.clarity.ms/ |
0 294 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
o.clarity.ms/ |
0 294 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| $ function| jQuery function| Popper object| bootstrap function| clarity function| showInput object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.clarity.ms/ | Name: CLID Value: 52a2d9609fad4adaa8b0292bb8fd057c.20240223.20250222 |
|
.simcredits.net/ | Name: _clck Value: v7pnxp%7C2%7Cfji%7C0%7C1514 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.simcredits.net/ | Name: _clsk Value: xx23gx%7C1708652192948%7C1%7C1%7Co.clarity.ms%2Fcollect |
|
.bing.com/ | Name: MUID Value: 1ECA2957FFAF66B62DA73D79FEBA679D |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 1ECA2957FFAF66B62DA73D79FEBA679D |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 1ECA2957FFAF66B62DA73D79FEBA679D |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afe.pw
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
code.jquery.com
googleads.g.doubleclick.net
o.clarity.ms
pagead2.googlesyndication.com
simcredits.net
tpc.googlesyndication.com
www.clarity.ms
www.google.com
2606:4700::6810:5914
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:831::2001
2a04:4e42::649
2a07:7800::208
52.152.143.207
68.219.88.97
89.116.64.168
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
1644af2f4738b800e650b72bf7ffcfcffafaf9f8ee4281b4ea4848256eb55652
34b67748274a5e5b08b4fe9eebaad0f425f4ada1b50783d5fe3c57fa629dbbbd
53b671b93ee23ab9197b8a5d18056ed9cb51ea818c0d98cc4a43b20a14ec683d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668dfd0f0c48ec34e0e4373351174480a5ede54c4acce5c75b8adc9626773dc9
734488390595444d4ec3b04f64f9a755b9fc33cb5c91264d5fc3fa1216164fba
787895013574952b8388ed9f1d243b64018d673c8c9c3661ab739f122b13356f
8caecb15e1ea1609a8691c291b5232c593fa5c5fd9d5873e4975e72078b277e2
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
af6612519a78d8e0d64274e31ed48b532a59f31d1585d17fa48453d06474629c
ba57917264aae29691ae38382c49aadf7a9ba0d904e2e71c24b9036410df3de8
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d17faf9b5cfe66a50ace353a45f3a68bcd57e5aabda6e75f5958cdc5a7cac50e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e982836026199ac68d5cba5dc4de9a72ce1dde9d22c23852486f6fc99c037b08
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8