sandrag.savingshighwayglobal.com
Open in
urlscan Pro
2606:4700:20::ac43:4830
Public Scan
Effective URL: https://sandrag.savingshighwayglobal.com/?page=saveoneverything
Submission: On March 21 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.
This is the only time sandrag.savingshighwayglobal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN11427 (TWC-11427-TEXAS, US)
PTR: gvo10899.gvodatacenter.com
free.ssgordon.com |
ASN13335 (CLOUDFLARENET, US)
sandrag.savingshighwayglobal.com |
ASN15169 (GOOGLE, US)
PTR: 172.2.212.35.bc.googleusercontent.com
savingshighway.net |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-173-201-249-4.ip.secureserver.net
seal.starfieldtech.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-210-44.ewr50.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
provely-public.s3.amazonaws.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-24-5.compute-1.amazonaws.com
app.provely.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-118-116-203.us-east-2.compute.amazonaws.com
wurfl.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
savingshighway.net
savingshighway.net |
819 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 387 |
49 KB |
4 |
llclickpro.com
llclickpro.com |
6 KB |
3 |
provely.io
app.provely.io — Cisco Umbrella Rank: 278346 |
10 KB |
2 |
starfieldtech.com
seal.starfieldtech.com — Cisco Umbrella Rank: 215354 |
6 KB |
2 |
gtranslate.net
cdn.gtranslate.net — Cisco Umbrella Rank: 36081 |
8 KB |
2 |
savingshighwayglobal.com
sandrag.savingshighwayglobal.com |
6 KB |
1 |
wurfl.io
wurfl.io — Cisco Umbrella Rank: 38217 |
2 KB |
1 |
amazonaws.com
provely-public.s3.amazonaws.com — Cisco Umbrella Rank: 483039 |
90 KB |
1 |
cloudfront.net
d3e54v103j8qbb.cloudfront.net |
30 KB |
1 |
googleapis.com
chart.googleapis.com — Cisco Umbrella Rank: 48278 |
2 KB |
1 |
leadsleap.net
pixel.leadsleap.net — Cisco Umbrella Rank: 730465 |
956 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1217 |
63 KB |
1 |
ssgordon.com
1 redirects
free.ssgordon.com |
103 B |
37 | 14 |
Domain | Requested by | |
---|---|---|
11 | savingshighway.net |
sandrag.savingshighwayglobal.com
savingshighway.net |
4 | cdnjs.cloudflare.com |
llclickpro.com
provely-public.s3.amazonaws.com |
4 | llclickpro.com |
llclickpro.com
cdnjs.cloudflare.com |
3 | app.provely.io |
provely-public.s3.amazonaws.com
|
2 | seal.starfieldtech.com |
sandrag.savingshighwayglobal.com
|
2 | cdn.gtranslate.net |
sandrag.savingshighwayglobal.com
|
2 | sandrag.savingshighwayglobal.com |
llclickpro.com
sandrag.savingshighwayglobal.com |
1 | wurfl.io |
provely-public.s3.amazonaws.com
|
1 | provely-public.s3.amazonaws.com |
sandrag.savingshighwayglobal.com
|
1 | d3e54v103j8qbb.cloudfront.net |
sandrag.savingshighwayglobal.com
|
1 | chart.googleapis.com |
sandrag.savingshighwayglobal.com
|
1 | pixel.leadsleap.net |
llclickpro.com
|
1 | code.jquery.com |
llclickpro.com
|
1 | free.ssgordon.com | 1 redirects |
37 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ftc.gov |
savingshighwayglobal.com |
www.rapidmlm.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
llclickpro.com GTS CA 1P5 |
2024-03-20 - 2024-06-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
leadsleap.net E1 |
2024-03-19 - 2024-06-17 |
3 months | crt.sh |
savingshighwayglobal.com GTS CA 1P5 |
2024-03-05 - 2024-06-03 |
3 months | crt.sh |
*.savingshighway.net R3 |
2024-01-31 - 2024-04-30 |
3 months | crt.sh |
gtranslate.net E1 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
mastercert.ext.pki.starfieldtech.com Starfield Secure Certificate Authority - G2 |
2023-08-24 - 2024-09-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
provely.io Amazon RSA 2048 M02 |
2023-08-01 - 2024-08-29 |
a year | crt.sh |
wurfl.io Amazon RSA 2048 M03 |
2023-12-11 - 2025-01-08 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://sandrag.savingshighwayglobal.com/?page=saveoneverything
Frame ID: 33128676BA6C69B0C61250225B8CF7E8
Requests: 36 HTTP requests in this frame
Frame:
https://pixel.leadsleap.net/set.html?n1=lltkra236503&v1=614115.21&n2=lltkrb236503&v2=614115.21
Frame ID: 23EF22E8BB4371934ADF92D206ABC57C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
joinfreenowPage URL History Show full URLs
-
https://free.ssgordon.com/
HTTP 301
https://llclickpro.com/r/722rn7vw/ Page URL
- https://sandrag.savingshighwayglobal.com/?page=saveoneverything Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: No Spam
Search URL Search Domain Scan URL
Title: Members Area Log In
Search URL Search Domain Scan URL
Title: Rapid MLM software & Direct Sales solutions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://free.ssgordon.com/
HTTP 301
https://llclickpro.com/r/722rn7vw/ Page URL
- https://sandrag.savingshighwayglobal.com/?page=saveoneverything Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://free.ssgordon.com/ HTTP 301
- https://llclickpro.com/r/722rn7vw/
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
llclickpro.com/r/722rn7vw/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ |
84 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
code.jquery.com/ui/1.11.4/ |
235 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trackr.js
llclickpro.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.php
llclickpro.com/ |
0 454 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
set.html
pixel.leadsleap.net/ Frame 23EF |
2 KB 956 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ajax.php
llclickpro.com/ |
0 414 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
sandrag.savingshighwayglobal.com/ |
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
savingshighway.net/startfreeandsaveoneverything/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
components.css
savingshighway.net/startfreeandsaveoneverything/css/ |
38 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
startfree.css
savingshighway.net/startfreeandsaveoneverything/css/ |
314 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
float.js
cdn.gtranslate.net/widgets/latest/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dining11-p-800.jpg
savingshighway.net/startfreeandsaveoneverything/images/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compliance-service-card-icon-consultflow-webflow-ecommerce-template.svg
savingshighway.net/startfreeandsaveoneverything/images/ |
665 B 620 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logomatersclear256.png
savingshighway.net/startfreeandsaveoneverything/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
sandrag.savingshighwayglobal.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getSeal
seal.starfieldtech.com/ |
4 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
chart.googleapis.com/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
startfree.js
savingshighway.net/startfreeandsaveoneverything/js/ |
3 MB 489 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ClarityCity-Bold.woff
savingshighway.net/startfreeandsaveoneverything/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ClarityCity-Regular.woff
savingshighway.net/startfreeandsaveoneverything/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ClarityCity-SemiBold.woff
savingshighway.net/startfreeandsaveoneverything/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logob1.png
savingshighway.net/startfreeandsaveoneverything/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
story-behind-our-firm-image-consultflow-webflow-ecommerce-template-p-800.jpg
savingshighway.net/startfreeandsaveoneverything/images/ |
127 KB 128 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upsidea-p-800.jpg
savingshighway.net/startfreeandsaveoneverything/images/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BBB-Accredited-Business-A-Rating-p-500.png
savingshighway.net/startfreeandsaveoneverything/images/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
provely-widget.js
provely-public.s3.amazonaws.com/scripts/ |
89 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.png
cdn.gtranslate.net/flags/32/ |
695 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
270 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
siteseal_sf_3_h_d_m.gif
seal.starfieldtech.com/images/3/en/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
provely-widget.css
app.provely.io/css/ |
96 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/css/ |
25 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wurfl.js
wurfl.io/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/js/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification
app.provely.io/api/widget/69a9eed5-407c-4074-b2bd-13c3a14e6cfd/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
notification
app.provely.io/api/widget/69a9eed5-407c-4074-b2bd-13c3a14e6cfd/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- savingshighway.net
- URL
- https://savingshighway.net/startfreeandsaveoneverything/fonts/ClarityCity-Bold.woff
- Domain
- savingshighway.net
- URL
- https://savingshighway.net/startfreeandsaveoneverything/fonts/ClarityCity-Regular.woff
- Domain
- savingshighway.net
- URL
- https://savingshighway.net/startfreeandsaveoneverything/fonts/ClarityCity-SemiBold.woff
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| gtranslateSettings object| provelyObj function| provelySet object| d object| x function| $ function| jQuery function| tram object| Webflow function| doGTranslate function| googleTranslateElementInit2 function| seal_getFlashVersion function| seal_useFlash function| seal_installSeal function| verifySeal object| provely object| WURFL undefined| WurflJSNavigatorUAData undefined| newEvent object| WURFLPromises object| intlTelInputGlobals function| intlTelInput7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
llclickpro.com/ | Name: lltkrr35957 Value: 1 |
|
llclickpro.com/ | Name: lltkrl236503 Value: 1 |
|
.pixel.leadsleap.net/ | Name: lltkra236503 Value: 614115.21 |
|
.pixel.leadsleap.net/ | Name: lltkrb236503 Value: 614115.21 |
|
sandrag.savingshighwayglobal.com/ | Name: plexumx_8_sess_id Value: 0ibgk2mbrpf9hmb5v5110mm281 |
|
.sandrag.savingshighwayglobal.com/ | Name: plexumx_8_sess_id Value: 0ibgk2mbrpf9hmb5v5110mm281 |
|
.savingshighwayglobal.com/ | Name: __cf_bm Value: S5yTE3kzdGvy6C3n_8Yj8y4PSb4HUUNtte7myivyaHk-1710992227-1.0.1.1-bOKSnjDyT6iEEd5YquqnLgSifrAv_edFlwkgM4FmSPbDVy4s8gYLpcSCZ4zdocpIkba_yoXN7dt3vhX9TjWtQQ |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.provely.io
cdn.gtranslate.net
cdnjs.cloudflare.com
chart.googleapis.com
code.jquery.com
d3e54v103j8qbb.cloudfront.net
free.ssgordon.com
llclickpro.com
pixel.leadsleap.net
provely-public.s3.amazonaws.com
sandrag.savingshighwayglobal.com
savingshighway.net
seal.starfieldtech.com
wurfl.io
savingshighway.net
13.225.210.44
173.201.249.4
18.118.116.203
2606:4700:20::681a:d2a
2606:4700:20::ac43:4830
2606:4700:3031::ac43:ba28
2606:4700:3036::ac43:bcf6
2606:4700::6811:190e
2607:f8b0:4006:809::200a
2a04:4e42:600::649
35.212.2.172
54.231.129.73
54.243.24.5
71.40.108.99
046cf965cfbc0b45899a27b617d15995e04b211b80bf21d9f0e85d5630972e41
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d336a97efd52a4ef44ef3270e71eac24ba405d4450016f9d3e943256e9e58c8
1cce77e7bfd5fbf091b356f4b8ea6071302d745461fca17aa1e03fba9b8660a7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cd015e9229b6cd55447e4be0b06f3e215cf3639c403ed84d6f8369aab40874
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
376f337ab0708b2e6e91d3dad947f156244c3c3ff8d682638510c0becc906f31
44473984b49df73e87d9cdbcdfe6b7a71aea382fddaeaaea543b36675b7eb2e5
46ce44ee20d37452c651c39b82fbe3daf252a89fd4b03c7212752bf586856f0d
4b04f3ececa7fa818aaae60f27c8e8c293fa1ecdcc07d17183b45d9cb00d055b
4e66cd5f430deb2cc1ba3a48a084c0beda5de3da9aadcb22eed0d5a2a1437b08
529bcccc5a1659f26fe9f396a809996d064504598f145bee5abc62b94f7d1ec6
56a22d64b03d94e4f064cb7841869f524ff4e04aa21b0e3e289146af173ff493
692e07c02038da494548017b95fa9adbb9184f383ad063e239cd28f90bd465de
786dda34bc4fa06937622766a53627136ee74a66282c28a6cda53fd3096bb720
7cf1b909e7e14e34942f75456987f381b580810b916e3c5fd2217b4d659ee1ca
8704a0a4a29b745122793fdc4ddf4c74b66c7d095004606c5ed85bdd4e795aff
8f110d5822de4c0b1051703a8d4b43d45776af7654cb95e252e1581cf2b566b8
97ca62715031d14115abd058e5354ee17d7cb9917564f2634ea5fb6f63f2ab5f
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a94ffcdf63619e50179c2f4fd1298dca7bf9c27ea63801b08012d5342d5ddd8c
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
c168cfb419190c4d3a92461a4215c50c92ddbbf29a6c90b76e133fdde7d89975
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
ce41d2cb890696e78cc8eeb64971f8bee3ba6574f782abea5b00d4121603c7b3
cfa07a09c6e477167fa6ea623b914570a2fbc93a2ad3c286a084b48364d66ef7
e0b23a3fe5dc932c4eca4c3b7e5581a9f3cc3753a888c450373b9538edf3dac3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68cb17420501844a1a7c32cc2786f40c12813c22514e36fd684c0a022ca58e0
f76e27cc3255387339aef0806850de73798e698c1151051fdd5c35c98547a351
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb9364c92aae6fee6bccc9990a448d17058b48fa31ad440326995bb522726064