birdeye.com
Open in
urlscan Pro
54.183.92.175
Public Scan
Effective URL: https://birdeye.com/northshore-plastic-surgery-llc-150488397010820/mobile-deeplink/1?rid=2&rtype=review&slp=1
Submission: On October 01 via manual from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 16th 2020. Valid for: a year.
This is the only time birdeye.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-92-175.us-west-1.compute.amazonaws.com
birdeye.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-156.fra50.r.cloudfront.net
d1azc1qln24ryf.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-215.fra2.r.cloudfront.net
ddjkm7nmu27lx.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
cloudfront.net
d1azc1qln24ryf.cloudfront.net d3cnqzq0ivprch.cloudfront.net ddjkm7nmu27lx.cloudfront.net |
932 KB |
5 |
gstatic.com
fonts.gstatic.com |
74 KB |
4 |
birdeye.com
birdeye.com |
10 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
101 KB |
2 |
google.com
www.google.com |
21 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
google.de
www.google.de |
106 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
84 B |
1 |
ytimg.com
s.ytimg.com |
37 KB |
1 |
youtube.com
www.youtube.com |
1 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
6 KB |
1 |
rs6.net
1 redirects
r20.rs6.net |
427 B |
35 | 13 |
Domain | Requested by | |
---|---|---|
10 | d3cnqzq0ivprch.cloudfront.net |
birdeye.com
d3cnqzq0ivprch.cloudfront.net |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | birdeye.com |
d3cnqzq0ivprch.cloudfront.net
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googletagmanager.com |
birdeye.com
www.googletagmanager.com |
2 | www.google.com |
birdeye.com
|
2 | d1azc1qln24ryf.cloudfront.net |
birdeye.com
d1azc1qln24ryf.cloudfront.net |
2 | fonts.googleapis.com |
birdeye.com
|
1 | www.google.de |
birdeye.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | s.ytimg.com |
www.youtube.com
|
1 | www.youtube.com |
birdeye.com
|
1 | ddjkm7nmu27lx.cloudfront.net |
birdeye.com
|
1 | maxcdn.bootstrapcdn.com |
birdeye.com
|
1 | r20.rs6.net | 1 redirects |
35 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.birdeye.com Go Daddy Secure Certificate Authority - G2 |
2020-09-16 - 2021-10-18 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://birdeye.com/northshore-plastic-surgery-llc-150488397010820/mobile-deeplink/1?rid=2&rtype=review&slp=1
Frame ID: 033283F685B6CD3DD37478807052C45A
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://r20.rs6.net/tn.jsp?f=001YjqOIBZm2JKHPW2hIwGx1EsFzSJve2KZnUZwQpocj-7F3accqJRbwkTB9BJQG3Om...
HTTP 302
https://birdeye.com/northshore-plastic-surgery-llc-150488397010820/mobile-deeplink/1?rid=2&rtype... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://r20.rs6.net/tn.jsp?f=001YjqOIBZm2JKHPW2hIwGx1EsFzSJve2KZnUZwQpocj-7F3accqJRbwkTB9BJQG3Om4FFJmbm2ImNpWveLQQajtVBvLUSAMeqTs_UtO52rk_Ul0-ZIFxyXGU43Q5t9EBS4Wgy06OwhZPQen3h63DiVNKNDqW6EgO9kjVz_RdvxFNszfUICjxDZEtkUIe1htO8GKGMtvwsr51MvWNsR1lJonY3QR3bs9DDAkO6zVFNupuAmY-aXVZPfQrIJwXdlwun5gE481TM16pD0XCLhKUWC0g==&
HTTP 302
https://birdeye.com/northshore-plastic-surgery-llc-150488397010820/mobile-deeplink/1?rid=2&rtype=review&slp=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
1
birdeye.com/northshore-plastic-surgery-llc-150488397010820/mobile-deeplink/ Redirect Chain
|
24 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
9 KB 851 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-cf.css
d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
8 KB 706 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
be.deeplink.combined.min.gz.css
d3cnqzq0ivprch.cloudfront.net/prod/2020092106/css/ |
154 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_dummyIcons40.min.gz.css
d3cnqzq0ivprch.cloudfront.net/prod/2020092106/css/reviews/ |
3 KB 862 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_aggrIcons40.min.gz.css
d3cnqzq0ivprch.cloudfront.net/prod/2020092106/css/reviews/ |
29 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pace.min.gz.js
d3cnqzq0ivprch.cloudfront.net/prod/2020092106/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
59b38c4d9d2040.40632887.jpg
ddjkm7nmu27lx.cloudfront.net/150488397010820/logo/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-birdeye-grey.png
d3cnqzq0ivprch.cloudfront.net/prod/css/images/ |
4 KB 5 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bf.combined.min.gz.js
d3cnqzq0ivprch.cloudfront.net/prod/2020092106/js/ |
1 MB 362 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
be.deeplink.combined.min.gz.js
d3cnqzq0ivprch.cloudfront.net/prod/2020092106/js/ |
49 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
reviews
www.google.com/maps/api/js/ |
57 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
264 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deeplink
birdeye.com/papi/business/150488397010820/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading-indicator.gif
d3cnqzq0ivprch.cloudfront.net/prod/css/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
859 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflBWZFZo/ |
102 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 62 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 84 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
debuglog
birdeye.com/papi/ |
2 B 507 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
emailclick
birdeye.com/papi/customer/ |
263 B 714 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmark-large.png
d3cnqzq0ivprch.cloudfront.net/prod/css/images/ |
2 KB 2 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite-aggr-icon40.png
d3cnqzq0ivprch.cloudfront.net/prod/2020092106/css/images/sprites/ |
466 KB 467 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.woff2
d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/ |
18 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| Pace object| BF string| fbAppId function| placeHolderHandler function| showStaticInverseStar function| getReviewRatingStars function| getAvgStars function| fieldSorter function| customDateFormat function| getCountry function| Query function| Uri function| jsUri object| APP function| abortRequests function| $ function| jQuery function| _ object| Handlebars object| Backbone object| ich object| jQuery111009128706498318966 function| log object| perf object| PhoneFormat function| JSEncrypt object| bowser object| google object| default_MapsApiReviewsHttp function| handleGooglePlacesReviewsAuthSuccessMessage object| gaGlobalObject object| dataLayer function| getPageNameForGA function| getParentTypeForGA object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ytTracker function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady function| gtag object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| operator3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.birdeye.com/ | Name: _gat_gtag_UA_36823741_5 Value: 1 |
|
.birdeye.com/ | Name: _gid Value: GA1.2.1582099945.1601569576 |
|
.birdeye.com/ | Name: _ga Value: GA1.2.1577559181.1601569576 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
birdeye.com
d1azc1qln24ryf.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
ddjkm7nmu27lx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
r20.rs6.net
s.ytimg.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
13.224.186.215
13.224.186.22
143.204.101.156
2001:4de0:ac19::1:b:2a
208.75.122.11
2a00:1450:4001:809::2008
2a00:1450:4001:818::2003
2a00:1450:4001:818::200a
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::200e
2a00:1450:4001:821::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9c
54.183.92.175
0b31a64177d36a091e0cfd8fe1bc3ded4d71e4350ecc228d6500a98799471b9d
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
132747f7ac5826be2381b11c8691880eef5ac95ef946e82e4e76126400e4d99a
1679572be3fd6a6ba3af604da613b3e61b51ad060e3f9ad6682dd2e2f7c8f28b
2cfd2530949251366762e91adef404d1d82bf3ef63c8982b36776af5577a9d15
3129da1f2c75aee73b716dc7535543f28aa61e84c656d86556f6fe973b9fb2a5
42de8c69952901e63f7dc62fe2a8f10d9f35f59e54c41827841b34602e5378dd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
721e251c7670dbd1a2e5168505897fe549ae97aafa0eb92a533b592613e46309
731175f16f8ff9c9ddba3a0e2cb13c0113270f34877517c618724f503a4f22f0
735f1c73f436f4c32eaf0e2ccff60e7a0e78d9edb466b08bd2e9e6ca9044d2af
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8631f71a3a15e78ecf76bcb6e41f0eee09c2f73450ceca63b8867280368ae54d
8987e95693a27821ff62bae040eafd8feefb119bda884bd2ea5cf5c1fa88d260
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a0223dc4fb76745109c3bfe5bfe45c81a97593a5f0a447e7f4b53f013a3f0bc9
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a9721bf904982b488b7b7cede5c83ca250ef13e6a6e10933bec556a2e152eb24
b0dc2d657946cb2d47ef3af65f22aad2218ad027b85b2d43832847800c99c17f
b6d7dfe3aa3e84164a0e68d1d3425638e5213ff386f253b2892d5789c5c1ea0c
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d55eb5bcb3e279243383a7efe9963eb4d451fe1727d10128c642d5178686a99c
d8d812289ee4c062fe185c72b82c984e2aecc42893b44aae8e8ee7b507e571d6
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ed913a7218dbdb340867a09b5d8f19a6dfd2e61ec09471a8bcfdff39dafcf830
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3648275cea9c47d66123f3061cbf17c0431b103402156e68759ca38daae3cff
fa27c5d4380fcbef2bc14c27194d9667fbbcb260c5ce19981d8fbea3933d30fc
fe52fb641901765a556a6fabcd09562afc9ba99dc674582a9de3fff261c385cc
ff5dd42d7212bf0316b03fb64bb4165ccfc4e6b5aba5051bfa2c411241bb0e61