![](/screenshots/cc900cee-04d8-41cd-a0d8-c45c2a04cbc7.png)
hetmanrecovery.com
Open in
urlscan Pro
2606:4700:20::681a:abb
Public Scan
Submission: On July 19 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on June 8th 2023. Valid for: 3 months.
This is the only time hetmanrecovery.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2606:4700:20:... 2606:4700:20::681a:abb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:3865 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
4 | 2a00:1450:400... 2a00:1450:4001:801::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400c:c09::9c | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 95.169.181.166 95.169.181.166 | 31103 (KEYWEB-AS) (KEYWEB-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2004 | 15169 (GOOGLE) (GOOGLE) | |
39 | 12 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN31103 (KEYWEB-AS, DE)
PTR: vm1011157.keymachine.pro
ajax.hetmanrecovery.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
gstatic.com
fonts.gstatic.com |
109 KB |
10 |
hetmanrecovery.com
hetmanrecovery.com ajax.hetmanrecovery.com |
144 KB |
4 |
youtube.com
img.youtube.com — Cisco Umbrella Rank: 3241 |
439 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 56 |
22 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 5665 |
515 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 116 |
407 B |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2609 www.google.com — Cisco Umbrella Rank: 3 |
664 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 69 |
132 KB |
1 |
gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1772 |
4 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1162 |
7 KB |
39 | 10 |
Domain | Requested by | |
---|---|---|
12 | fonts.gstatic.com |
hetmanrecovery.com
|
8 | hetmanrecovery.com |
hetmanrecovery.com
static.cloudflareinsights.com |
4 | img.youtube.com |
hetmanrecovery.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | ajax.hetmanrecovery.com |
hetmanrecovery.com
|
2 | www.google.de |
hetmanrecovery.com
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googletagmanager.com |
hetmanrecovery.com
www.googletagmanager.com |
1 | www.google.com | |
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | secure.gravatar.com |
hetmanrecovery.com
|
1 | static.cloudflareinsights.com |
hetmanrecovery.com
|
39 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
war.ukraine.ua |
www.virustotal.com |
www.youtube.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hetmanrecovery.com GTS CA 1P5 |
2023-06-08 - 2023-09-06 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA |
2022-11-23 - 2023-12-24 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
*.hetmanrecovery.com Sectigo RSA Domain Validation Secure Server CA |
2023-06-26 - 2024-07-26 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hetmanrecovery.com/es/hetman_partition_recovery_download.htm
Frame ID: 6AC43A39D559DB2F8F8AA1EF40E4F7B9
Requests: 39 HTTP requests in this frame
Screenshot
![](/screenshots/cc900cee-04d8-41cd-a0d8-c45c2a04cbc7.png)
Page Title
Descargar Hetman Partition Recoveryâ„¢ 4.8 gratis (release: 14.07.2023)Detected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Detected patterns
- <link rel="amphtml"
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: #StandWithUkraine Support
Search URL Search Domain Scan URL
Title: Consultar con antivirus
Search URL Search Domain Scan URL
Title: How to Fix Errors When Installing Or Downloading a Program
Search URL Search Domain Scan URL
Title: How to Restore Data from a Windows Computer That Can’t Boot
Search URL Search Domain Scan URL
Title: How to Enter BIOS or UEFI and Boot PC from a Flash Drive or a CD
Search URL Search Domain Scan URL
Title: How to Recover Data After Resetting or Reinstalling Windows PC
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
hetman_partition_recovery_download.htm
hetmanrecovery.com/es/ |
64 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.ttf
hetmanrecovery.com/wp-content/themes/soft/fonts/ |
7 KB 8 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fCRc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu72xKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fCRc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
hetmanrecovery.com/wp-content/themes/soft/css/ |
204 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-google-fonts.css
hetmanrecovery.com/wp-content/themes/soft/css/ |
5 KB 957 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
162 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0af1b5b500469aa2f5b3cf791da359c8
secure.gravatar.com/avatar/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
hetmanrecovery.com/wp-content/themes/soft/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normal-box-sprite.webp
hetmanrecovery.com/wp-content/themes/soft/img/ |
76 KB 77 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partition_recovery.webp
hetmanrecovery.com/wp-content/themes/soft/img/large-box/ |
12 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
img.youtube.com/vi/XhQWb-LtUC8/ |
145 KB 145 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
img.youtube.com/vi/1nSlF76fE7s/ |
84 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
img.youtube.com/vi/BOWhvngUWZE/ |
131 KB 132 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
img.youtube.com/vi/ckZicarCol4/ |
78 KB 78 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
219 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
3 B 23 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 351 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
holiday.php
ajax.hetmanrecovery.com/ |
27 B 349 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
price.php
ajax.hetmanrecovery.com/ |
7 KB 953 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
hetmanrecovery.com/cdn-cgi/ |
0 149 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer function| update_all_prices function| update_download_url object| __cfBeacon object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hetmanrecovery.com/ | Name: _gid Value: GA1.2.517712887.1689763180 |
|
.hetmanrecovery.com/ | Name: _ga_P3SY5NK48J Value: GS1.1.1689763179.1.0.1689763179.60.0.0 |
|
.hetmanrecovery.com/ | Name: _ga Value: GA1.1.423554647.1689763180 |
|
.hetmanrecovery.com/ | Name: _dc_gtm_UA-4618259-4 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.hetmanrecovery.com
fonts.gstatic.com
hetmanrecovery.com
img.youtube.com
region1.analytics.google.com
secure.gravatar.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:20::681a:abb
2606:4700::6810:3865
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2004
2a00:1450:400c:c09::9c
2a04:fa87:fffe::c000:4902
95.169.181.166
04f92fe5c334e44b66cc7f911ceae5b04afb443fb7349a37fedc9b87f13f5a26
100e88005a63f58b24c8b98a90fcd1a9c230bf853befa6e61c53661beaf84808
10abc7354298a356ff50e65a99ce8f2e6927de313cd5f342d640a44cbc15a976
12b223ed8c7b62a29d9bfbd39101832285eb72d3f99c194014df4bcacb8d63f0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2374f80619ad6ec2e0491a5423d10504a336a34c7387a01011244631933843d1
308282ecb5b3c10590500b49a316b13b3382e371cb5c61bc039b3c6cbc1f050f
3a6a12778cf3e5309e51b08d18bd32927c96dedba3436dad5df6ad8ca067d0bb
4ddaf188f9462ec8b661c95cc3ccc4717551aa008ab613d6996178bdea4c60a0
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6471495feac81046b90285fff81cae4ad42e73c88302db964b9fd7a7c4ee1fae
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95bcf28318ee9a935506dedb02a2bf8612ce11fc5b158cef687004f0fe15a172
99f53cd7b6e2fccc5fc2a4a5aa34c3e3fe9aa105bc15598e054fed58a25ff383
a32cd1503240f7f42fb81570efcebdd955642008a2338f8c5aafe43a31a70e68
ac06c78e1a7609742f5437751618c2c4e6587c2ae4b6435c9dff9a418ff9f979
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
bd9d85f411d902ddedf4ef8b82cf82ef3633060a5e8c7a4c898c3d0a9a8d983a
c8ae26abc14d6aa9c73325e3ed09c0a557efe117ce2c30272f1ad299efc00922
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
e497953eb96e0f1ef9c6c4b896d2b6e03e3a910da4fc1fe2a1ab57c263954018
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4c713abb5a101ef80a4138723a9b913fdd42f47cead5551daf2bf3850794b2
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f4dba441808b6d20284703246d6c93d7a468f6adc92fec490db92b7ec64f0b75
ff368ea10ce016d5fd7acf80c6f8e7e205d022cb01927618d51c06a33158f976