www.whatsthisbill.com
Open in
urlscan Pro
54.204.238.15
Public Scan
Submission: On September 15 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.
This is the only time www.whatsthisbill.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.204.238.15 54.204.238.15 | 14618 (AMAZON-AES) (AMAZON-AES) | |
13 | 52.218.240.226 52.218.240.226 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4007:806::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4007:810::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42::729 2a04:4e42::729 | 54113 (FASTLY) (FASTLY) | |
1 | 2600:1901:0:b... 2600:1901:0:bc29:: | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f00... 2a03:2880:f00d:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a00:1450:400... 2a00:1450:4007:806::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 130.211.34.183 130.211.34.183 | 15169 (GOOGLE) (GOOGLE) | |
1 | 216.58.215.34 216.58.215.34 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c02::9a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:4007:813::2002 | () () | |
32 | 14 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-238-15.compute-1.amazonaws.com
www.whatsthisbill.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
s3q1w2e3.s3.amazonaws.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com |
ASN15169 (GOOGLE, US)
PTR: par21s17-in-f2.1e100.net
www.googleadservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
amazonaws.com
s3q1w2e3.s3.amazonaws.com |
652 KB |
3 |
googleapis.com
ajax.googleapis.com |
352 KB |
2 |
facebook.com
www.facebook.com |
637 B |
2 |
doubleclick.net
stats.g.doubleclick.net googleads.g.doubleclick.net |
2 KB |
2 |
google-analytics.com
www.google-analytics.com |
20 KB |
2 |
facebook.net
connect.facebook.net |
113 KB |
1 |
googleadservices.com
www.googleadservices.com |
14 KB |
1 |
mixpanel.com
api-js.mixpanel.com |
350 B |
1 |
mxpnl.com
cdn.mxpnl.com |
25 KB |
1 |
ravenjs.com
cdn.ravenjs.com |
14 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
39 KB |
1 |
whatsthisbill.com
www.whatsthisbill.com |
20 KB |
0 |
google.de
Failed
www.google.de Failed |
|
0 |
google.com
Failed
www.google.com Failed |
|
32 | 14 |
Domain | Requested by | |
---|---|---|
13 | s3q1w2e3.s3.amazonaws.com |
www.whatsthisbill.com
s3q1w2e3.s3.amazonaws.com |
3 | ajax.googleapis.com |
www.whatsthisbill.com
|
2 | www.facebook.com |
www.whatsthisbill.com
|
2 | www.google-analytics.com |
www.whatsthisbill.com
cdn.ravenjs.com |
2 | connect.facebook.net |
www.whatsthisbill.com
connect.facebook.net |
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
cdn.ravenjs.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | api-js.mixpanel.com |
cdn.ravenjs.com
|
1 | cdn.mxpnl.com |
www.whatsthisbill.com
|
1 | cdn.ravenjs.com |
www.whatsthisbill.com
|
1 | www.googletagmanager.com |
www.whatsthisbill.com
|
1 | www.whatsthisbill.com | |
0 | www.google.de Failed |
www.whatsthisbill.com
|
0 | www.google.com Failed |
www.whatsthisbill.com
|
32 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.whatsthisbill.com R3 |
2021-09-15 - 2021-12-14 |
3 months | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-01-11 - 2022-02-11 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-02-22 - 2022-03-26 |
a year | crt.sh |
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-07-15 - 2022-07-28 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
*.mixpanel.com GeoTrust RSA CA 2018 |
2020-04-20 - 2022-04-21 |
2 years | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.whatsthisbill.com/
Frame ID: 82CDBE96E4173E2F26D0239679B77FFE
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Charge Lookup & Refund RequestDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Django (Web Frameworks) Expand
Detected patterns
- (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.whatsthisbill.com/ |
65 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
s3q1w2e3.s3.amazonaws.com/css/ |
121 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jumbotron-narrow.css
s3q1w2e3.s3.amazonaws.com/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
s3q1w2e3.s3.amazonaws.com/css/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common_xw.css
s3q1w2e3.s3.amazonaws.com/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ |
34 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ |
235 KB 235 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dazzling_logo_horizontal_transparent.png
s3q1w2e3.s3.amazonaws.com/brands/logos/ |
144 KB 144 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cozy_maid.png
s3q1w2e3.s3.amazonaws.com/brands/logos/old/ |
51 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bubbly_cleaning.png
s3q1w2e3.s3.amazonaws.com/brands/logos/old/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homeaglow4.png
s3q1w2e3.s3.amazonaws.com/brands/logos/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dapper_maids.png
s3q1w2e3.s3.amazonaws.com/brands/logos/old/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raven.min.js
cdn.ravenjs.com/3.27.0/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
s3q1w2e3.s3.amazonaws.com/js/ |
36 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common_xw.css
s3q1w2e3.s3.amazonaws.com/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
s3q1w2e3.s3.amazonaws.com/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
75 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
s3q1w2e3.s3.amazonaws.com/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 464 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1182537305153680
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 212 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/786640389/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.google.com/pagead/1p-user-list/786640389/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.google.de/pagead/1p-user-list/786640389/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.google.com
- URL
- https://www.google.com/pagead/1p-user-list/786640389/?random=1631668385914&cv=9&fst=1631667600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.whatsthisbill.com%2F&tiba=Charge%20Lookup%20%26%20Refund%20Request&async=1&fmt=3&is_vtc=1&random=3384999320&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
- Domain
- www.google.de
- URL
- https://www.google.de/pagead/1p-user-list/786640389/?random=1631668385914&cv=9&fst=1631667600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.whatsthisbill.com%2F&tiba=Charge%20Lookup%20%26%20Refund%20Request&async=1&fmt=3&is_vtc=1&random=3384999320&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Verdicts & Comments Add Verdict or Comment
47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| format_voucher_code function| update_url_search_params function| initialize_tooltips function| hideSubmitSpinners function| showSubmitSpinners function| getCookie function| formatted_address function| remove_decimal_trailing_zeros function| dollar_format function| rating_to_stars function| formatPhoneNumber function| getQueryVariable function| removeURLParameter function| validateSubmit boolean| touch undefined| si undefined| styleSheet undefined| ri function| runAndSetIntervalX function| start_scripts_js string| csrftoken boolean| SCRIPTS_JS_LOADED object| mixpanel function| fbq function| _fbq function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga function| UAParser function| gm_authFailure object| Raven string| adroll_adv_id string| adroll_pix_id function| look_up_charge_error object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.whatsthisbill.com/ | Name: csrftoken Value: SpOSgaSfSXTlcCEE5e2lkWuhlrZQKstq |
|
www.whatsthisbill.com/ | Name: sessionid Value: ns14vbekvh09jvjkz85o2f6i84oclae1 |
|
.whatsthisbill.com/ | Name: mp_b6478e83e4a4afb0a16cbddbb39644c1_mixpanel Value: %7B%22distinct_id%22%3A%20%2217be703a463150-060e5f8019f88e-c343365-1d4c00-17be703a464b16%22%2C%22%24device_id%22%3A%20%2217be703a463150-060e5f8019f88e-c343365-1d4c00-17be703a464b16%22%2C%22brand%22%3A%20%22homeaglow.com%22%2C%22logged_in%22%3A%20%22False%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.whatsthisbill.com/ | Name: _gcl_au Value: 1.1.1854379408.1631668381 |
|
.whatsthisbill.com/ | Name: _ga Value: GA1.2.1462447073.1631668381 |
|
.whatsthisbill.com/ | Name: _gid Value: GA1.2.1857199488.1631668381 |
|
.whatsthisbill.com/ | Name: _gat Value: 1 |
|
.whatsthisbill.com/ | Name: _fbp Value: fb.1.1631668381532.1792143334 |
|
.facebook.com/ | Name: fr Value: 0aNFWtuwAOpsqu3MF..BhQUii...1.0.BhQUii. |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api-js.mixpanel.com
cdn.mxpnl.com
cdn.ravenjs.com
connect.facebook.net
googleads.g.doubleclick.net
s3q1w2e3.s3.amazonaws.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.whatsthisbill.com
www.google.com
www.google.de
130.211.34.183
216.58.215.34
2600:1901:0:bc29::
2a00:1450:4007:806::200a
2a00:1450:4007:806::200e
2a00:1450:4007:810::2008
2a00:1450:4007:813::2002
2a00:1450:400c:c02::9a
2a03:2880:f00d:8:face:b00c:0:1
2a03:2880:f130:83:face:b00c:0:25de
2a04:4e42::729
52.218.240.226
54.204.238.15
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
434231e44b28203570150f666d7bb9bb131ad3d3a5872e4e1776affe38f2969d
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
5fd30556372c7a86bc70763056beb71c2595dc52ff97da9798d52ac38f04f4de
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f55dae0afe8d62e8764e2297c2113b162786a21cde74776837b58bd221f24c3
7038227e78cd1d46ece0931455599605519225f8e9b2eedd7bdce84b42323ef3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e58dfe6bc89e221985e20fb3fe19196fbf58b92c6f43daaaba8e8134b3e89f0
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
80a284517bae408eb340fe5038a57594a1a3ae3f6668b96c3b50d3b344e1ad1e
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9acdca09bd73004795219923264c3228f214697221e1d39e90084fd70c5724cb
a241b6d0a6471cd98682147f850e2b7d03d8792ee48c739279d04d250d2d5d59
a6b651202bb51ffe364e7a5dad1e99f9f8f81e59acbbebc4e259af1ce50e6b69
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bf5232d3024866c90d139c1b2d36333c7fffcf68227b9876b132f83dfa26fd59
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
e2562b9c04e9b30cb120eca4d1cf07029e181841bf7f67ce86a185464dd921da
e7c3a20e44fa1633d5de0e2f636fb5efd6c084690219211df29668ac2b1082d4
ecfec09dcc831c1c90328fde482217dca203fbca22914760229fdbc4e2b62806
f84a6bed8ef51d250fe1c9aba88e47422868e929bab1f4db1fd932edae670b06
fc8c51ec8e38901c430523fae45a1664680cb36290a7c6490e0302c107e094da
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62