www.deltaadvance.com
Open in
urlscan Pro
52.191.134.110
Public Scan
Effective URL: https://www.deltaadvance.com/login.html?c=241401&v1=lnddr
Submission: On January 17 via manual from US
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 16th 2017. Valid for: 3 years.
This is the only time www.deltaadvance.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.193.254.250 104.193.254.250 | 14576 (HOSTING-S...) (HOSTING-SOLUTIONS - Hosting Solution Ltd.) | |
1 1 | 143.95.43.30 143.95.43.30 | 36024 (COLO4-CO) (COLO4-CO - Colo4) | |
9 | 52.191.134.110 52.191.134.110 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 199.66.205.242 199.66.205.242 | 35838 (CCANET) (CCANET) | |
1 | 216.58.206.10 216.58.206.10 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 107.154.114.10 107.154.114.10 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
1 | 172.217.22.72 172.217.22.72 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 172.217.22.67 172.217.22.67 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 54.230.44.78 54.230.44.78 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 216.58.207.78 216.58.207.78 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 67.225.220.126 67.225.220.126 | 32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web) | |
1 | 74.125.206.156 74.125.206.156 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 3 | 69.167.130.8 69.167.130.8 | 32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web) | |
2 | 52.85.173.188 52.85.173.188 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 52.85.173.121 52.85.173.121 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
30 | 14 |
ASN14576 (HOSTING-SOLUTIONS - Hosting Solution Ltd., US)
PTR: jackfowler.clientshostname.com
track.lenddrive.com |
ASN36024 (COLO4-CO - Colo4, LLC, US)
PTR: starlord.asoshared.com
lenddrive.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
www.deltaadvance.com |
ASN35838 (CCANET, GB)
PTR: ssl.comodo.com
ssl.comodo.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f10.1e100.net
ajax.googleapis.com |
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.114.10.ip.incapdns.net
www.sparning.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f72.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f67.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-44-78.fra6.r.cloudfront.net
cdn.zarget.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f14.1e100.net
www.google-analytics.com |
ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.rtb123.com
www.rtb123.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: wk-in-f156.1e100.net
stats.g.doubleclick.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-173-188.fra6.r.cloudfront.net
d3rr3d0n31t48m.cloudfront.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-173-121.fra6.r.cloudfront.net
d3rr3d0n31t48m.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
deltaadvance.com
www.deltaadvance.com |
|
6 |
sparning.com
www.sparning.com |
|
3 |
cloudfront.net
d3rr3d0n31t48m.cloudfront.net |
|
3 |
shop.pe
1 redirects
shop.pe |
228 B |
3 |
gstatic.com
fonts.gstatic.com |
|
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
302 B |
2 |
lenddrive.com
2 redirects
track.lenddrive.com lenddrive.com |
769 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
|
1 |
rtb123.com
www.rtb123.com |
|
1 |
zarget.com
cdn.zarget.com |
|
1 |
googletagmanager.com
www.googletagmanager.com |
|
1 |
googleapis.com
ajax.googleapis.com |
|
1 |
comodo.com
ssl.comodo.com |
|
30 | 13 |
Domain | Requested by | |
---|---|---|
9 | www.deltaadvance.com |
www.deltaadvance.com
|
6 | www.sparning.com |
www.deltaadvance.com
www.sparning.com |
3 | d3rr3d0n31t48m.cloudfront.net |
www.deltaadvance.com
d3rr3d0n31t48m.cloudfront.net |
3 | shop.pe |
1 redirects
d3rr3d0n31t48m.cloudfront.net
|
3 | fonts.gstatic.com |
www.deltaadvance.com
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
1 | stats.g.doubleclick.net |
www.deltaadvance.com
|
1 | www.rtb123.com |
www.deltaadvance.com
|
1 | cdn.zarget.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.deltaadvance.com
|
1 | ajax.googleapis.com |
www.deltaadvance.com
|
1 | ssl.comodo.com |
www.deltaadvance.com
|
1 | lenddrive.com | 1 redirects |
1 | track.lenddrive.com | 1 redirects |
30 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
ssl.comodo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.deltaadvance.com COMODO RSA Domain Validation Secure Server CA |
2017-12-16 - 2020-09-29 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.deltaadvance.com/login.html?c=241401&v1=lnddr
Frame ID: (76741897007A45E374577AED290613D7)
Requests: 31 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://track.lenddrive.com/index.php/campaigns/pf910oj0mq15e/track-url/go659j3dqxbb6/58365d1a6cdb7c5b47...
HTTP 301
http://lenddrive.com/ HTTP 302
https://www.deltaadvance.com/login.html?c=241401&v1=lnddr Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://track.lenddrive.com/index.php/campaigns/pf910oj0mq15e/track-url/go659j3dqxbb6/58365d1a6cdb7c5b470ceaa3b9c7b69bb8341032
HTTP 301
http://lenddrive.com/ HTTP 302
https://www.deltaadvance.com/login.html?c=241401&v1=lnddr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1835437747&t=pageview&_s=1&dl=https%3A%2F%2Fwww.deltaadvance.com%2Flogin.html%3Fc%3D241401%26v1%3Dlnddr&ul=en-us&de=UTF-8&dt=Log%20Into%20Your%20Account%20Below&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=1741128959&gjid=438497858&cid=2065204967.1516194427&tid=UA-85818623-2&_gid=260581555.1516194427&_r=1>m=Gc5TNP7LR&cd2=1516194426633.tvl59rpa&cd3=2018-01-17T13%3A07%3A06.633%2B00%3A00&cd4=Loan%20Websites&cd5=US%20Short%20Term%20Loan%20Websites&cd6=Websites%20Used%20by%20Publishers&cd8=www.deltaadvance.com&cd9=241401&z=1281964406 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85818623-2&cid=2065204967.1516194427&jid=1741128959&_gid=260581555.1516194427&gjid=438497858&_v=j66&z=1281964406
- https://shop.pe/widget/widget_async.js HTTP 301
- https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.html
www.deltaadvance.com/ Redirect Chain
|
15 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css-bundle.min.css
www.deltaadvance.com/Content/themes/US-PayDay/DeltaAdvance.com/css/ |
68 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comodo_secure_seal_113x59_transp.png
ssl.comodo.com/images/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ |
92 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
hit.core.js
www.sparning.com/hit/ |
6 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox-1.3.4.pack.js
www.deltaadvance.com/Scripts/ |
15 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
general.js
www.deltaadvance.com/Scripts/ |
11 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
www.deltaadvance.com/Scripts/ |
40 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.unobtrusive.min.js
www.deltaadvance.com/Scripts/ |
4 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
www.deltaadvance.com/Scripts/ |
1 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
111 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.deltaadvance.com/Content/themes/US-PayDay/DeltaAdvance.com/images/ |
12 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v11/ |
26 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
H2DMvhDLycM56KNuAtbJYA.woff2
fonts.gstatic.com/s/lato/v11/ |
25 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg
www.deltaadvance.com/Content/themes/US-PayDay/DeltaAdvance.com/images/ |
18 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
EsvMC5un3kjyUhB9ZEPPwg.woff2
fonts.gstatic.com/s/lato/v11/ |
25 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
488542.js
cdn.zarget.com/182106/ |
296 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
35 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
btp.js
www.rtb123.com/tags/1A9353C8-B6FA-0195-61BE-131014053A23/ |
1 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_async.js
d3rr3d0n31t48m.cloudfront.net/widget/ Redirect Chain
|
2 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.sparning.com/hit/ |
90 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget.js
d3rr3d0n31t48m.cloudfront.net/widget/ |
150 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget.css
d3rr3d0n31t48m.cloudfront.net/widget/ |
81 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fpt.js
www.sparning.com/hit/ |
10 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.sparning.com/misc/ |
113 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.sparning.com/misc/ |
100 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
params
shop.pe/widget/main/init/ |
239 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
params
shop.pe/widget/main/init/ |
1 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.sparning.com/misc/ |
113 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onafterprint object| onbeforeprint object| dataLayer function| $ function| jQuery object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData number| confirmInt object| js function| hitregistersuccess number| hitcorejsalreadyfired object| lmpost function| loadExitFrame function| getParameterByName function| randomtip function| getUrlVars undefined| email object| AddShoppersLoader function| as_cleanse_field function| as_detect_cc object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang boolean| hitregistered function| Fingerprint undefined| zargetMain object| ZargetUrlChangeTrigger object| zargetCookie function| runZGHeatmap function| runZGPausedExp object| segmentMsgQueue object| expEvt function| zarget$ function| fm_$ object| zargetAPI object| FMApi object| triggerHeatmapExperiment object| bulkDetails object| jQuery111305662476523507856 object| result string| value boolean| _iml5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.deltaadvance.com/ | Name: hit Value: uid=6909e1c2-8dd5-4f01-93b1-dd9d17aa3866 |
|
www.deltaadvance.com/ | Name: campaignid Value: 241401 |
|
.deltaadvance.com/ | Name: _gat_UA-85818623-2 Value: 1 |
|
.deltaadvance.com/ | Name: _gid Value: GA1.2.260581555.1516194427 |
|
.deltaadvance.com/ | Name: _ga Value: GA1.2.2065204967.1516194427 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.zarget.com
d3rr3d0n31t48m.cloudfront.net
fonts.gstatic.com
lenddrive.com
shop.pe
ssl.comodo.com
stats.g.doubleclick.net
track.lenddrive.com
www.deltaadvance.com
www.google-analytics.com
www.googletagmanager.com
www.rtb123.com
www.sparning.com
104.193.254.250
107.154.114.10
143.95.43.30
172.217.22.67
172.217.22.72
199.66.205.242
216.58.206.10
216.58.207.78
52.191.134.110
52.85.173.121
52.85.173.188
54.230.44.78
67.225.220.126
69.167.130.8
74.125.206.156
08d28c7e3792b56f7d1c4423aa684ed0fd3f726ea6fcb27a1aadb450f23b20b6
0da34e81a9ebc0481999eb7f973b690ed400732eb167ba15756cafff72fa9e0a
1f8b3b359ad1a44184813b6920b7fcafda4dc04d2e8a94369b3970560620b4e7
24c94b4ab339a9c7c23474bcef3443422d2b99b5d8d2d7d3911296c3ffef4cf2
28b9e6150d298f7e85545cf3d7e20a694fe2b75912f5ef2f4d3150b6d1efff0e
453c913f4f3e27af5bed6ed1bd69cad2f547a774e5f5e2d697bed857aa1358d3
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
49cdbdefa15fa3f220eaf225d2e769adbb8ae81800204b39959c79239f4f4fb3
5f162c067359cdde1c3a8f7cb03fc93af1bdcda1aced3ded198b601fb17b06d7
5f45848e26911b6ade6bff51e7ce4218b57062b1f46c42a96c4cf3649ee09034
63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e
671cbf6f84a523bd7c3cd3f1106eaee4052298b626c3354a7b151fffa6b2deeb
6c0e8c8fdc287b01c8b369677c3bce1fd43bb0443d5f21ce9880247db02d0bd2
76f815fb2392a309cfb0b557b83edbb2820802b928cc460d4a97c8da15ce07b7
781409508d1e1c02c2a2e776e3b75ebf082ef52c417443d9ca662f51748a330b
7918bd30bcaa0bb24f5e40b8ff58195da4a8f1b156f148885f5027cff3cd1e88
79e4bc4c419cc6e92b0a084feedf16b6d3c9c26dfdc5da9c9bdbb220ced8a827
7f3dc6c12682b2c830b83b51065e9b39a0f9ae0b5da4f02ffd1d458bf6e885d9
813f0de8413b8a695d44b23840a03e74f12be04bc4d3ee7f6a66fb8affd6af7b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
963f2a8d2d0fa03db970b5c97a845c5114e7ef5970c96b0322f89fbf7b90c32f
abce2c41853a03e9542c887b70056ddd7dcc2bac82effbd3dc929ed036c45dec
b72ef1ad62088d75cd9a84f8063661aa621ffcf1b85dd18fc1839baecd846fd0
d82e4217c9c6d47ca9c088159424331eb82c1ca84cbf23931708f33ee6a02509
e5c424aeb09828addb7f87cbaa7a7ce248225a3b96002401331d74683858ef63
f3eeb0092a776e6a4f2c0bb980c912d1075a4647fe6f2a642f4ca4024fd98086
f49245894c40abca6d64848ae9e6401fb5601d64f63771d96f08c5cd4132496c
f6d4510e23f84168cf9157950b67dd749b9b15bb9e58e4ef54d71e8cf3b3dbbc
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7