thirds.ellawn.com
Open in
urlscan Pro
2606:4700:3036::681b:b6a1
Public Scan
Effective URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Submission: On November 16 via manual from IL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 2nd 2020. Valid for: a year.
This is the only time thirds.ellawn.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-14-156.eu-west-1.compute.amazonaws.com
bubacs.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
ellawn.com
thirds.ellawn.com |
590 KB |
2 |
gstatic.com
fonts.gstatic.com |
22 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
33 KB |
2 |
mdsyzz.info
api.mdsyzz.info |
3 KB |
1 |
nr-data.net
bam.nr-data.net |
275 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
88 B |
1 |
newrelic.com
js-agent.newrelic.com |
9 KB |
1 |
onesignal.com
cdn.onesignal.com |
3 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
20 KB |
1 |
googleapis.com
fonts.googleapis.com |
887 B |
1 |
hugedynasty.com
1 redirects
hugedynasty.com |
1019 B |
1 |
bubacs.com
1 redirects
bubacs.com |
740 B |
1 |
mockmine.com
1 redirects
mockmine.com |
979 B |
1 |
happyleagues.com
1 redirects
happyleagues.com |
1 KB |
37 | 15 |
Domain | Requested by | |
---|---|---|
23 | thirds.ellawn.com |
thirds.ellawn.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google-analytics.com |
thirds.ellawn.com
|
2 | cdnjs.cloudflare.com |
thirds.ellawn.com
|
2 | api.mdsyzz.info |
thirds.ellawn.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | stats.g.doubleclick.net |
thirds.ellawn.com
|
1 | js-agent.newrelic.com |
thirds.ellawn.com
|
1 | cdn.onesignal.com |
thirds.ellawn.com
|
1 | stackpath.bootstrapcdn.com |
thirds.ellawn.com
|
1 | fonts.googleapis.com |
thirds.ellawn.com
|
1 | hugedynasty.com | 1 redirects |
1 | bubacs.com | 1 redirects |
1 | mockmine.com | 1 redirects |
1 | happyleagues.com | 1 redirects |
37 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-11-02 - 2021-11-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-10-28 - 2021-01-20 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-10-28 - 2021-01-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-28 - 2021-01-20 |
3 months | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-10-23 - 2021-05-07 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-10-28 - 2021-01-20 |
3 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Frame ID: D29B0C174779E7091982182FDB81D8F2
Requests: 37 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://happyleagues.com/link/dc17e7048b9f953bfc498f1cfd9635f2/d607034a90e3cb4061e0ab9fdf2af420
HTTP 302
http://mockmine.com/open?key=Y2FtcGFpZ25pZD00MyZ1c2VyX2lkPTEz&s1=0aaff80b2642f87dad9cd9b2a3a04d0... HTTP 302
https://bubacs.com/?a=10207&c=39459&s1=&s2=2dcbf9cd0c769615ad776a3cbfb10535e358b1c0 HTTP 302
https://hugedynasty.com/?a=23&c=2897&s1=10207&s2=33259-584332103&s4=&s3= HTTP 302
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207 Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
animate.css (Web Frameworks) Expand
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://happyleagues.com/link/dc17e7048b9f953bfc498f1cfd9635f2/d607034a90e3cb4061e0ab9fdf2af420
HTTP 302
http://mockmine.com/open?key=Y2FtcGFpZ25pZD00MyZ1c2VyX2lkPTEz&s1=0aaff80b2642f87dad9cd9b2a3a04d0c&s2=d607034a90e3cb4061e0ab9fdf2af420&s3=22_365145 HTTP 302
https://bubacs.com/?a=10207&c=39459&s1=&s2=2dcbf9cd0c769615ad776a3cbfb10535e358b1c0 HTTP 302
https://hugedynasty.com/?a=23&c=2897&s1=10207&s2=33259-584332103&s4=&s3= HTTP 302
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
thirds.ellawn.com/dk/ Redirect Chain
|
29 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.qtip.min.css
thirds.ellawn.com/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
thirds.ellawn.com/css/ |
72 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
10 KB 887 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
thirds.ellawn.com/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geo.css
thirds.ellawn.com/dk/css/ |
428 B 514 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDKWorker.js
thirds.ellawn.com/ |
71 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDKUpdaterWorker.js
thirds.ellawn.com/ |
71 B 365 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auto-push.min.js
api.mdsyzz.info/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero-gradient.png
thirds.ellawn.com/images/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone.jpg
thirds.ellawn.com/images/ |
48 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shadow.png
thirds.ellawn.com/images/ |
998 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-below.png
thirds.ellawn.com/images/ |
362 KB 363 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
winner.png
thirds.ellawn.com/images/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
thirds.ellawn.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.3.3.1.min.js
thirds.ellawn.com/js/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-2.8.3.min.js
thirds.ellawn.com/js/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parsley.js
thirds.ellawn.com/js/ |
42 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.qtip.min.js
thirds.ellawn.com/js/ |
43 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/latest/ |
105 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScrollToPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/latest/plugins/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
thirds.ellawn.com/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.js
thirds.ellawn.com/js/ |
669 B 553 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validate.js
thirds.ellawn.com/js/ |
19 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validate_error_messages.js
thirds.ellawn.com/dk/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.js
thirds.ellawn.com/js/ |
132 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
thirds.ellawn.com/js/ |
1 KB 713 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d02cf1e5-3852-4ec9-b89b-257b8aba4c70
api.mdsyzz.info/rest/v1/p-apps/get-id/ |
129 B 987 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 391 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1071.min.js
js-agent.newrelic.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 88 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d4db62af92
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
96 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| rumble string| GoogleAnalyticsObject function| ga string| diamond number| j object| NREUM object| newrelic function| __nr_require object| OneSignal object| _at function| InitializePush function| CheckImageAndReplace function| httpGetAsync function| getUrlVars function| getUrlParam function| lotteryExpressSignUp function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| _toConsumableArray function| _slice function| _slicedToArray function| _extends object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| localization function| WOW object| google_tag_data object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ellawn.com/ | Name: _gat Value: 1 |
|
.ellawn.com/ | Name: _ga Value: GA1.2.1353740656.1605536377 |
|
.ellawn.com/ | Name: _gid Value: GA1.2.462348697.1605536377 |
|
thirds.ellawn.com/ | Name: PHPSESSID_MS Value: sb7fgrvalog7qv5d9vq7egqlk6 |
|
.ellawn.com/ | Name: __cfduid Value: dc61e5ec49dd2e34d93f0d7161ee6d69a1605536376 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.mdsyzz.info
bam.nr-data.net
bubacs.com
cdn.onesignal.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
happyleagues.com
hugedynasty.com
js-agent.newrelic.com
mockmine.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
thirds.ellawn.com
www.google-analytics.com
151.101.114.110
162.247.242.20
2001:4de0:ac19::1:b:2a
2606:4700:3032::681f:582e
2606:4700:3032::ac43:b9fa
2606:4700:3035::681f:5130
2606:4700:3036::681b:b6a1
2606:4700::6810:125e
2606:4700::6812:e234
2a00:1450:4001:801::200e
2a00:1450:4001:806::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:400c:c03::9d
51.15.74.140
54.194.14.156
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1e3b0b1b0ec443392b143405d5873b89bc7833a8e4b28a612f487362d0ab25a6
20dbec1efa8df2a9be70818fbb1fd76631c3b01a1a81dc67e84fc1da4f58cdca
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
34faa34d73ef1cd69981296a5236ed01a9db8fb8e44aec27ad540e5827f8995a
358525e0c3fea64d167304b1668cdcbaa59f3e187f4ae41099cfdd915c8f8378
37641e80e90736df5a0739b512d6a6523008a51b3b9f84b8d144857e5895b693
49b36a05c46edcaa27318234c8942c643764f08215a8be42ed33856f1abb0a81
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5729bdce61355430757a6c83f442ecf833fb7b2267fe11d3eab62abdf590c72d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ee81f9e3074d08a2e734a29dfc9102e59a93089a3701701134017a6eaa4bc86
6833caa3130bc3ec7e4dea1d1aa28017361078c7cc84bea9df0db1e2f517223c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7c9b8a2e2cccb16fa660a1d3004d77da7c5b09b5157fca3e7b5c98929eb11737
8cc89a8fdadff9ebf0ab452381db354aea0c04c89eae7ed4bca09468640722bb
8fb30b9c4fe8d35b443bd2f74193e289ab1886070934241730ccec2e11b49e26
93278405d5505910c8255bd16c10b3efdaed40ca4d076c48629b258597654d07
96450e069f947e14c762a7316321ba571e87c748955f60afba30c5c7fdd54659
a177b36f02fd459e560e2d320aca931c4bcf51f7d532684c9db1c2dd64ea42ae
ad91fd6deb78b242fc1ca0a8c4922acc5dc7ea819da13f24f66e873d57f60333
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b626dcc5c995147c214e5d81ad77a30b26f28a3460d7fdd4f4167bd100729ec9
cad7ecfa052ac551c4ebe0a17f339c48da2f2abdcfbd3574b63a52b9d384c12d
d1725c3604c8733615a0cc69a585304c1ce2a8cbe0c67c4978a1afb48c73ec47
d18ee35249f8ad198a439343b1627e2075c5640f1f20251636d928badb7470d9
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
ded87289c262a8c4cbd4c003560d53e3c2789a7975f0a0618742dbb87fa1bcb8
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051