www.paydaycash24.com
Open in
urlscan Pro
185.104.45.85
Public Scan
Submission: On January 18 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 19th 2020. Valid for: 3 months.
This is the only time www.paydaycash24.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 185.104.45.85 185.104.45.85 | 200000 (UKRAINE-AS) (UKRAINE-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE) | |
7 | 2a03:90c0:41:... 2a03:90c0:41:2801::254 | 199524 (GCORE) (GCORE) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
4 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 54.74.103.129 54.74.103.129 | 16509 (AMAZON-02) (AMAZON-02) | |
39 | 11 |
ASN200000 (UKRAINE-AS, UA)
PTR: web399.default-host.net
www.paydaycash24.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-103-129.eu-west-1.compute.amazonaws.com
node218.jivosite.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
paydaycash24.com
www.paydaycash24.com |
831 KB |
8 |
jivosite.com
code.jivosite.com node218.jivosite.com |
298 KB |
4 |
gstatic.com
fonts.gstatic.com |
31 KB |
2 |
facebook.com
www.facebook.com |
557 B |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
facebook.net
connect.facebook.net |
92 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
31 KB |
1 |
googleapis.com
fonts.googleapis.com |
626 B |
1 |
jquery.com
code.jquery.com |
33 KB |
0 |
ukraine.com.ua
Failed
www.ukraine.com.ua Failed |
|
39 | 10 |
Domain | Requested by | |
---|---|---|
17 | www.paydaycash24.com |
code.jquery.com
www.paydaycash24.com |
7 | code.jivosite.com |
www.paydaycash24.com
code.jivosite.com |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.facebook.com |
www.paydaycash24.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | connect.facebook.net |
www.paydaycash24.com
connect.facebook.net |
1 | node218.jivosite.com |
code.jivosite.com
|
1 | www.googletagmanager.com |
www.paydaycash24.com
|
1 | fonts.googleapis.com |
www.paydaycash24.com
|
1 | code.jquery.com |
www.paydaycash24.com
|
0 | www.ukraine.com.ua Failed |
www.paydaycash24.com
|
39 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
lendyou.com |
www.jivochat.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.paydaycash24.com Let's Encrypt Authority X3 |
2020-11-19 - 2021-02-17 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.jivosite.com Go Daddy Secure Certificate Authority - G2 |
2020-04-05 - 2022-06-04 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.paydaycash24.com/
Frame ID: 4F1E83D3713E211FAB97185AE9D45357
Requests: 42 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.paydaycash24.com/ Page URL
- https://www.paydaycash24.com/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: UNSUBSCRIBE
Search URL Search Domain Scan URL
Title: Business Messenger by
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.paydaycash24.com/ Page URL
- https://www.paydaycash24.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.paydaycash24.com/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.2.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
preloader-ccc-128.gif
www.ukraine.com.ua/static/parking/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.paydaycash24.com/ |
0 449 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.paydaycash24.com/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.paydaycash24.com/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 626 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.min.js
www.paydaycash24.com/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plane.jpg
www.paydaycash24.com/imgs/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icn_01.svg
www.paydaycash24.com/imgs/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icn_02.svg
www.paydaycash24.com/imgs/ |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icn_03.svg
www.paydaycash24.com/imgs/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.svg
www.paydaycash24.com/imgs/ |
694 B 861 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
www.paydaycash24.com/js/ |
78 B 249 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validate.js
www.paydaycash24.com/js/ |
51 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
code.jivosite.com/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
81 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.paydaycash24.com/imgs/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back.jpg
www.paydaycash24.com/imgs/ |
287 KB 288 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow.svg
www.paydaycash24.com/imgs/ |
746 B 913 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pxiByp8kv8JHgFVrLFj_Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faq_back.jpg
www.paydaycash24.com/imgs/ |
175 KB 175 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
benefit_back.jpg
www.paydaycash24.com/imgs/ |
269 KB 269 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pxiByp8kv8JHgFVrLBT5Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
7 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PacZuPpNLO
code.jivosite.com/script/widget/config/ |
1017 B 764 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
229564261470298
connect.facebook.net/signals/config/ |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 391 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PacZuPpNLO
node218.jivosite.com/widget/status/596283/ |
80 B 265 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle_en_US.js
code.jivosite.com/js/ |
1 MB 245 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.css
code.jivosite.com/css/7daaddae/ |
200 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
393 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
447 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
agent_message.mp3
code.jivosite.com/sounds/ |
4 KB 4 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification.mp3
code.jivosite.com/sounds/ |
6 KB 6 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outgoing_message.mp3
code.jivosite.com/sounds/ |
5 KB 5 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.ukraine.com.ua
- URL
- https://www.ukraine.com.ua/static/parking/preloader-ccc-128.gif
Verdicts & Comments Add Verdict or Comment
38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| dataLayer function| fbq function| _fbq function| valideForm undefined| didScroll number| lastScrollTop number| delta number| navbarHeight object| jQuery111301229287998117925 function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| jivo_config string| jivo_version object| jivo_api7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.paydaycash24.com/ | Name: _fbp Value: fb.1.1610944996312.1582993037 |
|
.paydaycash24.com/ | Name: _gat_UA-164694252-1 Value: 1 |
|
.paydaycash24.com/ | Name: _gid Value: GA1.2.1885114932.1610944996 |
|
www.paydaycash24.com/ | Name: access_challenge_global_expires Value: 1611549795 |
|
www.paydaycash24.com/ | Name: __slsid Value: 3736b11a6805d399c69038e9749f62e9 |
|
.paydaycash24.com/ | Name: _ga Value: GA1.2.869717097.1610944996 |
|
www.paydaycash24.com/ | Name: access_challenge_global Value: 2k_ObxbqNvjapH7LqLRR8A |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jivosite.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
node218.jivosite.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.paydaycash24.com
www.ukraine.com.ua
www.ukraine.com.ua
185.104.45.85
2001:4de0:ac19::1:b:3a
2a00:1450:4001:809::2003
2a00:1450:4001:815::2008
2a00:1450:4001:815::200e
2a00:1450:4001:819::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
54.74.103.129
09f8034198bd9ea5fcc1f5449e61a0316b76d10564293dcbb1f93f31ee252f7d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
154ac656d06c89d2e52ed6cb8ef5ba7eee3bb0809fbef95db8509b671e368bbc
1807b23664cdd8ec0902a051c64a284010f0e2326e052e7124f95cdc1bb96745
2210b7e6d726c9d273fbb76890845c5054bdcc03ce803fe9b153ac7dac1dd646
25a9226f19c5da41eb5cc0c6a6daa2f7a68dd5e56445bfe75061f50a2a2793c6
28bb77266d409603608624ec1ebabf7a820d217e60786ff2041fe7f0bce80f3b
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3011b606ec7e1e776518bd1d9033e8665b666b7619258c056af1fcb4547cd2c9
316f50a77e19c6e9559e877fc06e2319153308568182dfca5a5ece31d4b47888
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
59bc856ccc6a39a209fda8c18687f31a1ac40df85d66d8983e4aa912a3b33bab
626a9ef59a0e14b9a9b7c726595f0460d7eede6dbe349c02bbd4ce32e1f4d1ff
6611cb0faa91199b76ab1638b4860980821c39ade6e74449805dd7436d59e28b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfebd63d34978f3a04a62dfad3b0e5bd2a39e4bff9ab14601f316369f2775dd
703505a15061f0c08ada1a27ddd9143753dab74553b3bc2af24c23b4b5765cf6
77e83427001f5875cd40cb1b22294be5edacdab5fa7250a65af5ae2aaef57649
9f3348f72115fb38cda5c457a93df08274061d298c9b3ab670a244fed2fff66a
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
b523c913af50fb668dd970464d03903b3824898f69d0d2b4718cb962ccc97ec4
b7814432f6cb8f3f163034483a8465e7d946dcfaa79f85524140e312790a92ff
bf57abc5d928b20c75e1f54c5154c4936e4eb62f577037da41e196408b1bdf2e
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
c696de4c3bffff1930d31a5f99fd1bd5fe660f2bdbc4f6601f5500f786fb692a
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
de02325828bab7d9d247514dae7e0ee255e089abf37dc082eef3452a1cbd8d71
de60204842daf5531d76ca6a7104d8def25ab425a0b32e8d7b42f610699abf9e
e1f319db1be1169cc43ec86a2ba14d25fb513231a5f30c299b8941ce09bdddac
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8141e7cc23146e4ec684118de089528695bd1c4af27e6f695bc7a7c2163ee81
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee910b81f56a075ba2170abcbf80d836dfeab8f151e505c706a4e71770bd079d
efd4bfd69386c7edcc5befe6cf5a916747ef9ed7e64d0fce0f20b1b44689e0e5
f0b0b405ca1b9689860b4fcbdc8a75ac74c3b7215a1e61d3b3022dddc8c3592e
fc2eab8a0882ca86e0124f106914eee33ef4643c52f8ce35d723a7245e61f340
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43