spinwithvegas.com
Open in
urlscan Pro
2606:4700:3030::6815:1567
Public Scan
Effective URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php
Submission Tags: phishing malicious Search All
Submission: On February 03 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2020. Valid for: a year.
This is the only time spinwithvegas.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-77-181.compute-1.amazonaws.com
h48knlhx.r.us-east-1.awstrack.me |
ASN14618 (AMAZON-AES, US)
PTR: visit.rebrand.ly
eeeee.coolstorz.live |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
static.bouncepilot.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-121-78.compute-1.amazonaws.com
api.traversedlp.com |
ASN6921 (ARACHNITEC, US)
PTR: 216-189-51-90.for-global-telecom.com
go.yonyelinta.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
spinwithvegas.com
2 redirects
spinwithvegas.com |
471 KB |
4 |
gstatic.com
fonts.gstatic.com |
38 KB |
4 |
smartgreatperks.com
smartgreatperks.com |
12 KB |
3 |
traversedlp.com
static.traversedlp.com api.traversedlp.com Failed |
9 KB |
2 |
yonyelinta.com
1 redirects
go.yonyelinta.com |
799 B |
2 |
offer-notavailable.com
offer-notavailable.com |
94 KB |
2 |
bouncepilot.com
static.bouncepilot.com |
62 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
59 KB |
1 |
googleapis.com
fonts.googleapis.com |
896 B |
1 |
rapid-cdn.com
1 redirects
rapid-cdn.com |
1 KB |
1 |
coolstorz.live
1 redirects
eeeee.coolstorz.live |
353 B |
1 |
awstrack.me
1 redirects
h48knlhx.r.us-east-1.awstrack.me |
173 B |
35 | 12 |
Domain | Requested by | |
---|---|---|
15 | spinwithvegas.com |
2 redirects
go.yonyelinta.com
spinwithvegas.com |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | smartgreatperks.com |
smartgreatperks.com
|
2 | go.yonyelinta.com |
1 redirects
offer-notavailable.com
|
2 | offer-notavailable.com |
smartgreatperks.com
offer-notavailable.com |
2 | static.traversedlp.com |
www.googletagmanager.com
|
2 | static.bouncepilot.com |
smartgreatperks.com
|
2 | www.googletagmanager.com |
smartgreatperks.com
|
1 | fonts.googleapis.com |
spinwithvegas.com
|
1 | rapid-cdn.com | 1 redirects |
1 | api.traversedlp.com |
static.traversedlp.com
|
1 | eeeee.coolstorz.live | 1 redirects |
1 | h48knlhx.r.us-east-1.awstrack.me | 1 redirects |
35 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
vegas-redirect.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.bouncepilot.com Amazon |
2020-07-21 - 2021-08-21 |
a year | crt.sh |
*.traversedlp.com Go Daddy Secure Certificate Authority - G2 |
2020-12-29 - 2022-01-30 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-16 - 2021-07-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://spinwithvegas.com/landingpages/vv045_ny/index.php
Frame ID: EDB161AAF9DFC82A3DD4784D8634333B
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://h48knlhx.r.us-east-1.awstrack.me/L0/https:%2F%2Feeeee.coolstorz.live%2Fwq2/1/0100017763d3d901-95d1b9df-04f6-4...
HTTP 302
https://eeeee.coolstorz.live/wq2 HTTP 301
http://smartgreatperks.com/adb540ade49f3f279d29c92647e2cb0ee/?sid1=BESTSCORESEVERCOOLZEEEEEESETEEEEE Page URL
- http://smartgreatperks.com/adb540ade49f3f279d29c92647e2cb0ee/?newcid=4740&sid1=BESTSCORESEVERCOOLZEEEEE... Page URL
- https://offer-notavailable.com/bettercontent/?utm_source=202058&utm_medium=27&utm_campaign=242&utm_content=23 Page URL
-
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=202058&vert=&cid=
HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=11534... Page URL
-
http://go.yonyelinta.com/match-6633/42429/109977769/1612350688/mf_2b5ad6d9-65ae-44c7-951f-8539955a53a...
HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id={target.thru} HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_{target.thru... HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Get it
Search URL Search Domain Scan URL
Title: IA-L
Search URL Search Domain Scan URL
Title: BONI HOLEN
Search URL Search Domain Scan URL
Title: Zdobądź bonus
Search URL Search Domain Scan URL
Title: Забрать бонусы
Search URL Search Domain Scan URL
Title: Bonus TnC's
Search URL Search Domain Scan URL
Title: Regulamin bonusu
Search URL Search Domain Scan URL
Title: Bonusbedingungen
Search URL Search Domain Scan URL
Title: T&C Bonusuri
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://h48knlhx.r.us-east-1.awstrack.me/L0/https:%2F%2Feeeee.coolstorz.live%2Fwq2/1/0100017763d3d901-95d1b9df-04f6-493d-9dec-7c13b3576986-000000/Z-50JjPQGu-2msBhPGGBBHd71kw=199
HTTP 302
https://eeeee.coolstorz.live/wq2 HTTP 301
http://smartgreatperks.com/adb540ade49f3f279d29c92647e2cb0ee/?sid1=BESTSCORESEVERCOOLZEEEEEESETEEEEE Page URL
- http://smartgreatperks.com/adb540ade49f3f279d29c92647e2cb0ee/?newcid=4740&sid1=BESTSCORESEVERCOOLZEEEEEESETEEEEE&sid2=&sid3=&sid4=&dev_click= Page URL
- https://offer-notavailable.com/bettercontent/?utm_source=202058&utm_medium=27&utm_campaign=242&utm_content=23 Page URL
-
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=202058&vert=&cid=
HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1153464956006421935 Page URL
-
http://go.yonyelinta.com/match-6633/42429/109977769/1612350688/mf_2b5ad6d9-65ae-44c7-951f-8539955a53ac/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1153464956006421935
HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id={target.thru} HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_{target.thru}&click_id=%7Bclick_id%7D HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://h48knlhx.r.us-east-1.awstrack.me/L0/https:%2F%2Feeeee.coolstorz.live%2Fwq2/1/0100017763d3d901-95d1b9df-04f6-493d-9dec-7c13b3576986-000000/Z-50JjPQGu-2msBhPGGBBHd71kw=199 HTTP 302
- https://eeeee.coolstorz.live/wq2 HTTP 301
- http://smartgreatperks.com/adb540ade49f3f279d29c92647e2cb0ee/?sid1=BESTSCORESEVERCOOLZEEEEEESETEEEEE
- http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=202058&vert=&cid= HTTP 307
- http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1153464956006421935
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
smartgreatperks.com/adb540ade49f3f279d29c92647e2cb0ee/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
74 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fp.php
smartgreatperks.com/ |
265 B 466 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retargeting.js
static.traversedlp.com/v1/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cookie
api.traversedlp.com/retargeting/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
smartgreatperks.com/adb540ade49f3f279d29c92647e2cb0ee/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gtm.js
www.googletagmanager.com/ |
74 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fp.php
smartgreatperks.com/ |
232 B 432 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retargeting.js
static.traversedlp.com/v1/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie
api.traversedlp.com/retargeting/v1/ |
18 B 565 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
enqueue
api.traversedlp.com/retargetinginclusion/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
enqueue
api.traversedlp.com/retargetinginclusion/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
offer-notavailable.com/bettercontent/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.png
offer-notavailable.com/bettercontent/images/ |
92 KB 93 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts464-internationalemail-general
go.yonyelinta.com/ Redirect Chain
|
496 B 566 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
spinwithvegas.com/landingpages/vv045_ny/ Redirect Chain
|
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 896 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
spinwithvegas.com/landingpages/vv045_ny/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preloader.svg
spinwithvegas.com/landingpages/vv045_ny/img/ |
626 B 719 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
71 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parters-pay-desk.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parters-pay-mob.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
spinwithvegas.com/landingpages/vv045_ny/js/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
spinwithvegas.com/landingpages/vv045_ny/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-desk.jpg
spinwithvegas.com/landingpages/vv045_ny/img/ |
266 KB 266 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang-arr.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-light-1.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-light-2.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flags.png
spinwithvegas.com/landingpages/vv045_ny/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.traversedlp.com
- URL
- https://api.traversedlp.com/retargeting/v1/cookie
- Domain
- api.traversedlp.com
- URL
- https://api.traversedlp.com/retargetinginclusion/enqueue
- Domain
- api.traversedlp.com
- URL
- https://api.traversedlp.com/retargetinginclusion/enqueue
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
spinwithvegas.com/ | Name: mongo_sess Value: 1b0b6ed8fe44e2f61c463a6d90b291af |
|
.spinwithvegas.com/ | Name: __cfduid Value: d756d01be148ec197404439e943639a691612350688 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.traversedlp.com
eeeee.coolstorz.live
fonts.googleapis.com
fonts.gstatic.com
go.yonyelinta.com
h48knlhx.r.us-east-1.awstrack.me
offer-notavailable.com
rapid-cdn.com
smartgreatperks.com
spinwithvegas.com
static.bouncepilot.com
static.traversedlp.com
www.googletagmanager.com
api.traversedlp.com
104.227.9.34
216.189.51.90
2600:9000:2156:c000:10:b308:84c0:93a1
2606:4700:3030::6815:1567
2606:4700:3031::6815:4a86
2606:4700:3035::ac43:c19a
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:824::2008
2a00:1450:4001:828::2008
34.193.77.181
34.237.121.78
52.72.49.79
65.9.7.84
017febff1383f7bde113bf7d51281a041ce19123db0819fd6ee3fc8f5a89a45c
074b64ac2ed79a5265d2491093095d2fb66a442d769835bba4852eae0f70cde7
1b6ba2c51f0445367411b95457811094c44e7082199ff1d6723ec9ef5c44bea6
1c60db81e04331ba58a90e0e0dd3db46afb1e76839eafb38e8558d4354ce2cac
21bbade2576fa06c832e1864e23f6a8653c03d9ba1aad5267b3f2e48597b543a
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
3485068c605242a0853e4e9dd60705ecbdd0128902b182792c196aaf63e96513
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
623f08e9428b91b9b56b27365286c406c1f5f54eb46c35f26b85f1c81d34a722
656ef62960b826072d6ef9775270694165cf09882b085fb7fb6134fb76885f32
7336654fb6e8cbdb1e42d0500d517bb676b6ec378163d2f1fba36f4f71dead28
73e4ddf2f5d70eea18d65175cbe5312cdfc1eba52c63bfec87e6a88c07409e0b
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
863d73671fbd18cf7f99a3ca0cf68adf879c43d3ba1bdbf67fe4beb68b49ddd2
8cfdd91b07d0e6d85546661f95cbba99e9dfe86702e37113ed3bfc40746b26d2
92126e01e710beca2472d4ea728f0e7b432a7e0bb8c64d41b5bf0f9a177ce709
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
aa1f6d401c5c984fd9082a703916f06280262b77ca275d2d3279483af7c8ab1e
b28d5c5ba6ed6f8227566294e97d1a2adc846c8a220612b7ad0203ab128c4361
b5cde61bceadebf4f17a794409dc0d0217a1d9f7e798214fdeb23c0c98784ff6
be769e2f0de448635109d6602a95c421ff9bf881e17c863371ee2f864fd20db2
d18166f68dcd0f68576c8798c01d17eac495848247f737d4fb02c83f5478ff40
d201e5a3fe0d50a3855f87d60a4dd66ef8c91aa7796c0cd97bdaecb16f0cfe3b
d88e33f01165a7085114a365de792cbda138af8875ab3e481750e24b0fb86eed
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68