ribbonflower-walmarthumor.ml
Open in
urlscan Pro
2606:4700:3035::681f:59bc
Public Scan
Submission: On October 22 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 21st 2020. Valid for: a year.
This is the only time ribbonflower-walmarthumor.ml was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 2606:4700:303... 2606:4700:3035::681f:59bc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 2606:4700::68... 2606:4700::6812:eb0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81e::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 7 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
43 | 7 |
ASN13335 (CLOUDFLARENET, US)
ribbonflower-walmarthumor.ml |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
ribbonflower-walmarthumor.ml
ribbonflower-walmarthumor.ml |
151 KB |
9 |
pinimg.com
i.pinimg.com |
498 KB |
7 |
yandex.ru
1 redirects
mc.yandex.ru |
98 KB |
6 |
googleapis.com
fonts.googleapis.com maps.googleapis.com |
123 KB |
3 |
gstatic.com
fonts.gstatic.com |
55 KB |
43 | 5 |
Domain | Requested by | |
---|---|---|
19 | ribbonflower-walmarthumor.ml |
ribbonflower-walmarthumor.ml
|
9 | i.pinimg.com |
ribbonflower-walmarthumor.ml
|
7 | mc.yandex.ru |
1 redirects
ribbonflower-walmarthumor.ml
mc.yandex.ru |
4 | maps.googleapis.com |
ribbonflower-walmarthumor.ml
maps.googleapis.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
ribbonflower-walmarthumor.ml
|
43 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.pinimg.com DigiCert SHA2 High Assurance Server CA |
2020-05-28 - 2021-06-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2020-09-29 - 2021-03-11 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ribbonflower-walmarthumor.ml/
Frame ID: 49C87E92780DD755897B12206796FC7F
Requests: 43 HTTP requests in this frame
Screenshot
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
OWL Carousel (Widgets) Expand
Detected patterns
- html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
Slick (JavaScript Libraries) Expand
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
- html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://mc.yandex.ru/watch/56096536?wmode=7&page-url=https%3A%2F%2Fribbonflower-walmarthumor.ml%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603331401169%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201022035003%3Aet%3A1603331403%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A351936376527%3Arqn%3A1%3Arn%3A26406418%3Ahid%3A757139712%3Ads%3A8%2C16%2C1262%2C556%2C0%2C0%2C0%2C690%2C1%2C%2C%2C%2C1980%3Afp%3A1466%3Awn%3A3989%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603331403%3Au%3A1603331403794732694%3At%3ARibbon%20Flower%20%7C%7C%20Walmart%20Humor HTTP 302
- https://mc.yandex.ru/watch/56096536/1?wmode=7&page-url=https%3A%2F%2Fribbonflower-walmarthumor.ml%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603331401169%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201022035003%3Aet%3A1603331403%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A351936376527%3Arqn%3A1%3Arn%3A26406418%3Ahid%3A757139712%3Ads%3A8%2C16%2C1262%2C556%2C0%2C0%2C0%2C690%2C1%2C%2C%2C%2C1980%3Afp%3A1466%3Awn%3A3989%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603331403%3Au%3A1603331403794732694%3At%3ARibbon%20Flower%20%7C%7C%20Walmart%20Humor
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ribbonflower-walmarthumor.ml/ |
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
ribbonflower-walmarthumor.ml/css/ |
137 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themify-icons.css
ribbonflower-walmarthumor.ml/css/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.css
ribbonflower-walmarthumor.ml/css/ |
3 KB 866 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.css
ribbonflower-walmarthumor.ml/css/ |
2 KB 586 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.css
ribbonflower-walmarthumor.ml/css/ |
3 KB 1018 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.theme.default.min.css
ribbonflower-walmarthumor.ml/css/ |
1013 B 650 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnific-popup.css
ribbonflower-walmarthumor.ml/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
ribbonflower-walmarthumor.ml/css/ |
24 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ff5146d9519f654cfb4c2f2141ab6d90.jpg
i.pinimg.com/originals/ff/51/46/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fd68e4bc0c292a096e10f9b7f80f7fb6.jpg
i.pinimg.com/originals/fd/68/e4/ |
106 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fd5da0633f6fe5c0af270fa2b37360c6.jpg
i.pinimg.com/originals/fd/5d/a0/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fcda15785a2b06e7b92aaac62cfb30ef.jpg
i.pinimg.com/originals/fc/da/15/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fc61655c88fce426803d16e5dd5a8577.jpg
i.pinimg.com/originals/fc/61/65/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbecf43b3488979d180ba95287871070.jpg
i.pinimg.com/originals/fb/ec/f4/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbd4305cea5645d729022ae12ad1cf18.jpg
i.pinimg.com/originals/fb/d4/30/ |
85 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 885 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 869 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v16/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f9f5384a01e098c38de983a1362d4551.jpg
i.pinimg.com/originals/f9/f5/38/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f9283c7ffe49aa0c7a3b164185637972.jpg
i.pinimg.com/originals/f9/28/3c/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
ribbonflower-walmarthumor.ml/js/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
ribbonflower-walmarthumor.ml/js/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
ribbonflower-walmarthumor.ml/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.js
ribbonflower-walmarthumor.ml/js/ |
43 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
ribbonflower-walmarthumor.ml/js/ |
42 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnific-popup.js
ribbonflower-walmarthumor.ml/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instafeed.min.js
ribbonflower-walmarthumor.ml/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
119 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gmap.js
ribbonflower-walmarthumor.ml/js/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
ribbonflower-walmarthumor.ml/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AYCLpXzofN0NMiQugG7jRXhozvY.woff2
fonts.gstatic.com/s/unna/v15/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themify.woff
ribbonflower-walmarthumor.ml/fonts/ |
55 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
mc.yandex.ru/metrika/ |
368 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/56096536/ Redirect Chain
|
186 B 704 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 379 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
56096536
mc.yandex.ru/webvisor/ |
43 B 505 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
56096536
mc.yandex.ru/webvisor/ |
43 B 505 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/42/9/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/42/9/ |
147 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
60 B 445 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
56096536
mc.yandex.ru/webvisor/ |
43 B 505 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| ym function| $ function| jQuery object| bootstrap object| jQuery111007317942922000831 function| Popper function| Instafeed object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| initialize object| google_map_canvas object| marker object| Ya object| yaCounter56096536 object| _xdc_3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ribbonflower-walmarthumor.ml/ | Name: _ym_d Value: 1603331403 |
|
.ribbonflower-walmarthumor.ml/ | Name: _ym_uid Value: 1603331403794732694 |
|
.ribbonflower-walmarthumor.ml/ | Name: __cfduid Value: db34f9796244a1adc6d0d7ef697c5643d1603331401 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
i.pinimg.com
maps.googleapis.com
mc.yandex.ru
ribbonflower-walmarthumor.ml
2606:4700:3035::681f:59bc
2606:4700::6812:eb0
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::200a
2a02:6b8::1:119
01c3ca5c37c2164f5b7a3bd47d75641a5a5f7ec1b93ffa739aafd82702265387
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ce13af0649fd0d7a34d0cce69aecb91d806e7e66aa7c2c19ffa314185650e47
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
16d7aa2a37f1ded47af54237c2213709eb0bcc1e0aae3c472114736d33ee6911
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3d26e2736e74ceac7490ef4f3be558302f8cb7cf0806615f19ffca13b0858a60
4844d66651ff7fb53ff4dd28621f71962bd4586648e310a5828607945dce4607
50bebf675301a89b0d02e00db40f4450c475a96494d4244a8d5336ad548e484d
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56b7b5219002faa7b071eb6dad6065368a547250cd690fe1af49b73a2c0f0e89
5cbdd090435c803f747289a51e18f9274445e181a1b2cda89cd6678782f634da
61dd2074038ccee3ce9bed2850ab1aa6cb71acf9d3dd2039206ac716617ab74d
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
77c4aefc9badcfb697719dcad21cf8360adf87f9c0df10d094fc3cd4ba5825ae
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a69161e4cb04ea6cbf3079a275067f248633fc79c3d89de4fb6fe98a5b9eff6c
a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61
ada0df5b6ce77a315ec3ea934effadc306b344e4a17340a932b88b5d59c1b3d7
b1385f05d6716f5713941fed66a6a2fbaf2b854724a0512a30fc34c0a9752708
b3c469cde1662f9a81d43b39999c14744065d069cfc382d4f85ac809d412894c
ba6c2bd63bc1cfff1b60734b57bbbd26a82b4c25aea1377eb6e0e10565ecff7d
bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e
c1015a8ea35dfe3a5a7fcb05623232319c53dbc585e4cf14c03550c1b63467ca
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e711b3b35d8a464d4b70af3158a9b46eea544eca0097f7b357d27fc74d487ccf
eb608f51174955521561a9ba745b293906670bbef7935092cdb11b279b059907
ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc
f20e3068b2556a765a281d38b6fca12aed826607acea90394947a5640bb1ff55
f554b10b524b3dec99aef081d4f6cf19357c6fa3c602dae80515cd18a7d5aa0d
f7ba647e8cac8daca22b4e4933e2cdb39c04e02a1d9f39728df858a584a079b1
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d