5eb3340d90.news-xvojuxu.com
Open in
urlscan Pro
193.108.117.211
Public Scan
Effective URL: https://5eb3340d90.news-xvojuxu.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Submission: On May 17 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 9th 2024. Valid for: 3 months.
This is the only time 5eb3340d90.news-xvojuxu.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 193.108.118.16 193.108.118.16 | 63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST) | |
1 1 | 142.202.51.61 142.202.51.61 | 63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST) | |
1 13 | 144.76.106.61 144.76.106.61 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 167.235.135.169 167.235.135.169 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 176.9.17.3 176.9.17.3 | 24940 (HETZNER-AS) (HETZNER-AS) | |
5 | 23.158.56.201 23.158.56.201 | 63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST) | |
1 | 94.130.32.96 94.130.32.96 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 78.46.76.54 78.46.76.54 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 2a02:b48:207:... 2a02:b48:207:1::8 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 45.133.44.32 45.133.44.32 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
6 | 193.108.117.211 193.108.117.211 | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | () () | |
1 | 116.202.233.120 116.202.233.120 | () () | |
4 | 2a00:1450:400... 2a00:1450:4001:831::2003 | () () | |
1 | 5.9.110.111 5.9.110.111 | () () | |
34 | 11 |
ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com
news-xguyiyi.cc |
ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 61-51-202-142.clients.gthost.com
partners-tds.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.61.106.76.144.clients.your-server.de
news-pepafu.com | |
14281a4378.news-xkelefo.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.169.135.235.167.clients.your-server.de
show.revopush.com |
ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 201-56-158-23.clients.gthost.com
31c1432e55.news-xpocane.com |
ASN24940 (HETZNER-AS, DE)
PTR: revopush-show-58.t.push.house
show.revopush.com |
ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-181.t.push.house
img.cdn.house |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
news-xkelefo.com
14281a4378.news-xkelefo.com |
93 KB |
6 |
news-xvojuxu.com
5eb3340d90.news-xvojuxu.com |
173 KB |
5 |
news-xpocane.com
31c1432e55.news-xpocane.com |
57 KB |
4 |
gstatic.com
fonts.gstatic.com |
51 KB |
3 |
cdn.house
1 redirects
img.cdn.house — Cisco Umbrella Rank: 13358 |
8 KB |
3 |
revopush.com
show.revopush.com — Cisco Umbrella Rank: 20394 |
3 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
wmgtr.com
i.wmgtr.com — Cisco Umbrella Rank: 28706 |
28 KB |
1 |
jythnv.xyz
1 redirects
jythnv.xyz — Cisco Umbrella Rank: 209775 |
137 B |
1 |
news-pepafu.com
1 redirects
news-pepafu.com |
136 B |
1 |
partners-tds.com
1 redirects
partners-tds.com — Cisco Umbrella Rank: 917286 |
731 B |
1 |
news-xguyiyi.cc
1 redirects
news-xguyiyi.cc |
110 B |
34 | 12 |
Domain | Requested by | |
---|---|---|
12 | 14281a4378.news-xkelefo.com |
14281a4378.news-xkelefo.com
|
6 | 5eb3340d90.news-xvojuxu.com |
31c1432e55.news-xpocane.com
5eb3340d90.news-xvojuxu.com |
5 | 31c1432e55.news-xpocane.com |
14281a4378.news-xkelefo.com
31c1432e55.news-xpocane.com |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | img.cdn.house |
1 redirects
5eb3340d90.news-xvojuxu.com
|
3 | show.revopush.com |
14281a4378.news-xkelefo.com
31c1432e55.news-xpocane.com 5eb3340d90.news-xvojuxu.com |
1 | fonts.googleapis.com |
5eb3340d90.news-xvojuxu.com
|
1 | i.wmgtr.com | |
1 | jythnv.xyz | 1 redirects |
1 | news-pepafu.com | 1 redirects |
1 | partners-tds.com | 1 redirects |
1 | news-xguyiyi.cc | 1 redirects |
34 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.news-xkelefo.com R3 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
show.revopush.com Go Daddy Secure Certificate Authority - G2 |
2024-03-22 - 2025-03-22 |
a year | crt.sh |
img.cdn.house R3 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
*.news-xpocane.com R3 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
*.news-xvojuxu.com R3 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://5eb3340d90.news-xvojuxu.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Frame ID: 6516338E8448EA7BBA6980603191B0F2
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
Нажмите разрешить для получения доступаPage URL History Show full URLs
-
http://news-xguyiyi.cc/tds
HTTP 307
https://news-xguyiyi.cc/tds HTTP 302
https://partners-tds.com/WzJQVS HTTP 302
https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= HTTP 302
https://14281a4378.news-xkelefo.com/?id=1218914904&p1=&p2=&p3=&p4= Page URL
- https://31c1432e55.news-xpocane.com/?i=1&id=1218914904&p1=&p2=&p3=&p4= Page URL
- https://5eb3340d90.news-xvojuxu.com/?i=2&id=1218914904&p1=&p2=&p3=&p4= Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://news-xguyiyi.cc/tds
HTTP 307
https://news-xguyiyi.cc/tds HTTP 302
https://partners-tds.com/WzJQVS HTTP 302
https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= HTTP 302
https://14281a4378.news-xkelefo.com/?id=1218914904&p1=&p2=&p3=&p4= Page URL
- https://31c1432e55.news-xpocane.com/?i=1&id=1218914904&p1=&p2=&p3=&p4= Page URL
- https://5eb3340d90.news-xvojuxu.com/?i=2&id=1218914904&p1=&p2=&p3=&p4= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://news-xguyiyi.cc/tds HTTP 307
- https://news-xguyiyi.cc/tds HTTP 302
- https://partners-tds.com/WzJQVS HTTP 302
- https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= HTTP 302
- https://14281a4378.news-xkelefo.com/?id=1218914904&p1=&p2=&p3=&p4=
- https://img.cdn.house/i/1/673a4HQwLdMu6q8LHuI6Cz8nwjg2DvvgzrSLFzxaQoVPrDFVDYxzKbi6HZaK_A-jGc7ynNxirTrewbyF4ClTEmD4OLNNfIqZsT3sgiDBPfHfO01QCLVqJ21PhPfIp2OXVkKNiifsSFHtT4MSXHy9G2UqtpzPQb804y-QTrdOnExpV-snhsIjc3fRGwpekxOk__yk3M_KSgT74KdaCmt0x31-yXUzZ3j831uYMpJdfbEop0Fy0kyzTeI328RQm5TnFrRB49BfasPkl5L1BfYYKiEEi7cBnCxYt8598ADHOHWeDzVFH5-_T8jGRW-dwXUdON1FzXNZmNKf HTTP 307
- https://jythnv.xyz/dsp/ph/icm?aid=7790919022790789385&mid=0&sid=992&t=1715979695&subid=1218914904 HTTP 302
- https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
14281a4378.news-xkelefo.com/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
process.js
14281a4378.news-xkelefo.com/ |
44 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revopush.js
14281a4378.news-xkelefo.com/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon1.png
14281a4378.news-xkelefo.com/lands/39/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon2.png
14281a4378.news-xkelefo.com/lands/39/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon3.png
14281a4378.news-xkelefo.com/lands/39/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon4.png
14281a4378.news-xkelefo.com/lands/39/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon5.png
14281a4378.news-xkelefo.com/lands/39/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon7.png
14281a4378.news-xkelefo.com/lands/39/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon8.png
14281a4378.news-xkelefo.com/lands/39/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
show.revopush.com/api/v1/inpage/show/ |
743 B 946 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.png
14281a4378.news-xkelefo.com/lands/39/ |
589 B 709 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
09PCbB0-SjsC-S-_ApukbL06IDWsqzCR5uS4QajFT7GaM8dIASpsPLSzih80nwZ-NYshuStpmOiyNNvLng91_TOfhwk3ZQSHAtxxbmZhg9LAYSYMfauyQ6xnzBfztQwmrl9FSKDxFvw7BE1otgLc0pfdU-HlSPndADwByb62S4UaZ65sd_HJ0e7OJPEtkXUAyDcBqKlx
img.cdn.house/i/1/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
reject
14281a4378.news-xkelefo.com/ |
5 B 117 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
31c1432e55.news-xpocane.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
process.js
31c1432e55.news-xpocane.com/ |
44 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revopush.js
31c1432e55.news-xpocane.com/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sketch.min.js
31c1432e55.news-xpocane.com/lands/46/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
show.revopush.com/api/v1/inpage/show/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png
i.wmgtr.com/cic/ Redirect Chain
|
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
reject
31c1432e55.news-xpocane.com/ |
5 B 117 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
5eb3340d90.news-xvojuxu.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
5eb3340d90.news-xvojuxu.com/lands/20/ |
2 KB 1004 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
process.js
5eb3340d90.news-xvojuxu.com/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revopush.js
5eb3340d90.news-xvojuxu.com/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
show.revopush.com/api/v1/inpage/show/ |
754 B 931 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
girls.jpg
5eb3340d90.news-xvojuxu.com/lands/20/ |
148 KB 148 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Zy2CnrKZR0AALDL_MZNi3ixKNN8iJHXsUA4A1pqXf32hTaMyogkkp2dvoo4xp7mxtELg6QeRmvg4Jzy866EFn1IlxDsZp682ZkwwaRj8eSU1i3DFeLd0eYiepRNCSMTgLkPGVsFC_pKNTVN40GHaArn-46tcXxW42ZZlZJ4dT-MN13AwUho0UH4JCl0S6ZBL6aDzDA==
img.cdn.house/i/1/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
5eb3340d90.news-xvojuxu.com/ |
548 B 256 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _GLOBALS string| userCustomRedirectUrl function| a0_0x51f5 function| a0_0x3281 object| Sentry object| _PHV2SITE object| webpackChunklands_static object| _phv2Activator2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
partners-tds.com/ | Name: _subid Value: 1g9kseq11ndevo |
|
partners-tds.com/ | Name: 933eb Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1OTc5NjkyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1OTc5NjkyfSxcInRpbWVcIjoxNzE1OTc5NjkyfSJ9._jZafDklpIIjb0TIbiF2VUpTe6a2Y_9Q_F0ugkXfH7I |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
14281a4378.news-xkelefo.com
31c1432e55.news-xpocane.com
5eb3340d90.news-xvojuxu.com
fonts.googleapis.com
fonts.gstatic.com
i.wmgtr.com
img.cdn.house
jythnv.xyz
news-pepafu.com
news-xguyiyi.cc
partners-tds.com
show.revopush.com
116.202.233.120
142.202.51.61
144.76.106.61
167.235.135.169
176.9.17.3
193.108.117.211
193.108.118.16
23.158.56.201
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2003
2a02:b48:207:1::8
45.133.44.32
5.9.110.111
78.46.76.54
94.130.32.96
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
09959f401dbec86370932a57cc491685741bd4b6c7df2f344e680a0bb4b6177d
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5
5853ab843490b1f90255082fa6b3bf12173b0a24e8cafeda96e3634c1d588752
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6ab7f7164307a2f278eb3d3b3cb391ba4343781b2d0278f6a2571d7f5f6dcaa6
847786653e45fc07a13d88ff38ebba8fd025fc26aabd3f4b38d944e186cfe6b6
8c2833512c4c08fcd7f8e1bf594ccb10d03430c6fd1cbfe88ce566486934722a
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30
a13eb3158013d14f9b93696666b16ecd81bcc33e992c0a7383b6bca0817c0199
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
bb685a474fed0be22f5debd5bcef9c895f527590e337829628b7488a3ab4d4dc
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c1bef9d8d90de8fcc7570e5d7cc20c661684d2d1a920847160414a0de54a0273
c946155e05f9cd13175eda2832bf7f95912a1806ff692bf4d374d9e1edca8f3c
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711
cc3cd02662db5bc16fe4611e0a2c6a3f36621c30a56b8c294ca5fc8d3a9b59ce
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e577c5ecdee456c52c850a691c6ee0ebf5ff4a19e6e3172d0ae5cd9450a33e26
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fadf1b6c75a8663619fcc8eb49ef48090589eb4105928b4b2f41296cd659f7fe