ninjashare.to
Open in
urlscan Pro
2606:4700:3034::6815:3f63
Public Scan
Submission Tags: falconsandbox
Submission: On August 06 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2021. Valid for: a year.
This is the only time ninjashare.to was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exdynsrv.com | |
main.exoclick.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
main.exdynsrv.com | |
main.realsrv.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
373 KB |
8 |
ninjashare.to
ninjashare.to |
139 KB |
4 |
exdynsrv.com
a.exdynsrv.com syndication.exdynsrv.com main.exdynsrv.com |
15 KB |
3 |
google.com
www.google.com |
20 KB |
2 |
glersakr.com
glersakr.com |
22 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
30 KB |
2 |
fontawesome.com
use.fontawesome.com |
77 KB |
1 |
rtmark.net
my.rtmark.net |
491 B |
1 |
onmarshtompor.com
onmarshtompor.com |
832 B |
1 |
realsrv.com
main.realsrv.com |
418 B |
1 |
exoclick.com
main.exoclick.com |
419 B |
1 |
iadoremakingpics.com
iadoremakingpics.com |
70 KB |
1 |
gamesfromheaven.com
gamesfromheaven.com |
1 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
21 KB |
1 |
ndroip.com
ndroip.com |
27 KB |
0 |
tgpsew.com
Failed
tgpsew.com Failed |
|
39 | 16 |
Domain | Requested by | |
---|---|---|
8 | ninjashare.to |
ninjashare.to
|
5 | fonts.gstatic.com |
fonts.googleapis.com
www.google.com |
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
3 | www.google.com |
ninjashare.to
www.gstatic.com www.google.com |
2 | glersakr.com |
ninjashare.to
|
2 | syndication.exdynsrv.com |
a.exdynsrv.com
|
2 | use.fontawesome.com |
ninjashare.to
use.fontawesome.com |
1 | my.rtmark.net |
onmarshtompor.com
|
1 | onmarshtompor.com |
glersakr.com
|
1 | main.realsrv.com |
gamesfromheaven.com
|
1 | main.exoclick.com |
gamesfromheaven.com
|
1 | main.exdynsrv.com |
gamesfromheaven.com
|
1 | iadoremakingpics.com |
gamesfromheaven.com
|
1 | gamesfromheaven.com |
a.exdynsrv.com
|
1 | fonts.googleapis.com |
ninjashare.to
|
1 | maxcdn.bootstrapcdn.com |
ninjashare.to
|
1 | ajax.googleapis.com |
ninjashare.to
|
1 | a.exdynsrv.com |
ninjashare.to
|
1 | ndroip.com |
ninjashare.to
|
0 | tgpsew.com Failed |
ndroip.com
|
39 | 20 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-08-03 - 2022-08-02 |
a year | crt.sh |
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-06-03 - 2022-07-04 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
exdynsrv.com R3 |
2021-08-05 - 2021-11-03 |
3 months | crt.sh |
glersakr.com R3 |
2021-07-05 - 2021-10-03 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
exoclick.com R3 |
2021-08-05 - 2021-11-03 |
3 months | crt.sh |
realsrv.com R3 |
2021-08-05 - 2021-11-03 |
3 months | crt.sh |
onmarshtompor.com R3 |
2021-08-04 - 2021-11-02 |
3 months | crt.sh |
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA |
2020-10-27 - 2021-11-26 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://ninjashare.to/download/vHjXCAPVmajCgNusL6XKGE?t=fdcfa037f506d8501649862416874542
Frame ID: C2FBB48CDA247FFF2F355E8A9EBD8C54
Requests: 25 HTTP requests in this frame
Frame:
https://gamesfromheaven.com/iframe/5dd3cd3e6656e?iframe&ag_custom_domain=ninjashare.to
Frame ID: 44965F999E6D5053305B8BFAA4D85CA5
Requests: 5 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LciF9kbAAAAAFP445L2HdlD2yTB2ltfXFq5XoYo&co=aHR0cHM6Ly9uaW5qYXNoYXJlLnRvOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&cb=15a9iou13ik5
Frame ID: 9C46E5C6B5441971484D81173BC26872
Requests: 7 HTTP requests in this frame
Frame:
https://onmarshtompor.com/fac.php?OAID=d0fe9cff7ae34aa592aed2acb09ab841&oaidts=1628262893
Frame ID: 6589B2352DB9C74134A545E6501F2F51
Requests: 2 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
vHjXCAPVmajCgNusL6XKGE
ninjashare.to/download/ |
14 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
bootstrap.min.css
ninjashare.to/css/ |
156 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.3.1/css/ |
48 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles.min.css
ninjashare.to/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo.png
ninjashare.to/images/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waWQiOjEwOTUxMTAsInNpZCI6MTEwNDUzNCwid2lkIjoyMjY4MjQsInNyYyI6Mn0=eyJ.js
ndroip.com/na/ |
71 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
download.svg
ninjashare.to/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad-provider.js
a.exdynsrv.com/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
884 B 679 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/ |
69 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
app.ob.min.js
ninjashare.to/js/ |
184 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
pp.js
ninjashare.to/js/ |
207 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
pp2.js
ninjashare.to/js/ |
588 B 984 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 642 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ |
66 KB 67 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ |
341 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
api.php
syndication.exdynsrv.com/v1/ |
812 B 1021 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ntload
tgpsew.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cimp.php
syndication.exdynsrv.com/ |
0 250 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5dd3cd3e6656e
gamesfromheaven.com/iframe/ Frame 4496 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
glersakr.com/5/4425184/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.min.js
glersakr.com/ |
59 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
anchor
www.google.com/recaptcha/api2/ Frame 9C46 |
38 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d152df60ba51874b39e0e82662fa66da.png
iadoremakingpics.com/bnr/4/d15/2df60b/ Frame 4496 |
69 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.exdynsrv.com/ Frame 4496 |
0 419 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.exoclick.com/ Frame 4496 |
0 419 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.realsrv.com/ Frame 4496 |
0 418 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 9C46 |
52 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 9C46 |
341 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9C46 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C46 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C46 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
webworker.js
www.google.com/recaptcha/api2/ Frame 9C46 |
102 B 132 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fac.php
onmarshtompor.com/ Frame 6589 |
203 B 832 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.gif
my.rtmark.net/ Frame 6589 |
43 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tgpsew.com
- URL
- https://tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwOTUxMTAsInNpZCI6MTEwNDUzNCwid2lkIjoyMjY4MjQsImQiOiJuaW5qYXNoYXJlLnRvIiwibGkiOjR9&tz=2&if=0
Verdicts & Comments Add Verdict or Comment
47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| AdProvider function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| bootstrap object| ExoLoader function| instantiateViewability function| ExoAdsRefresh object| recaptcha object| _0x2024 function| _0x41a6fb function| _0x574f function| MobileDetect object| devtoolsDetector object| WebStreamsPolyfill object| streamSaver string| k object| _ijkz186qgm object| o6or7k4k4l object| zfgformats function| setImmediate function| clearImmediate function| _eiwwx function| _mhnmbna object| closure_lm_466710 function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.gamesfromheaven.com/ | Name: c_6def6c6a01828303edf377acf4acff41 Value: 1 |
|
.ninjashare.to/ | Name: __PPU_BACKCLCK_4425184 Value: true |
|
onmarshtompor.com/ | Name: oaidts Value: 1628262893 |
|
.gamesfromheaven.com/ | Name: z_1b2e5733a8a71a8fcbb844e802c2003b Value: 1 |
|
.gamesfromheaven.com/ | Name: showed_15095_95811 Value: [2490878] |
|
onmarshtompor.com/ | Name: OAID Value: d0fe9cff7ae34aa592aed2acb09ab841 |
160 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.exdynsrv.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
gamesfromheaven.com
glersakr.com
iadoremakingpics.com
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
maxcdn.bootstrapcdn.com
my.rtmark.net
ndroip.com
ninjashare.to
onmarshtompor.com
syndication.exdynsrv.com
tgpsew.com
use.fontawesome.com
www.google.com
www.gstatic.com
tgpsew.com
139.45.195.8
139.45.197.239
139.45.197.243
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:3031::ac43:d645
2606:4700:3034::6815:3f63
2606:4700:3034::ac43:a41b
2606:4700:3035::6815:884
2606:4700:3036::ac43:8136
2606:4700:3037::6815:4e07
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
95.211.229.245
95.211.229.246
0802fb46da904ec68bf20de8ada26cfdee6c5e95d397763181aba4340f6e7d03
095498f9bffcb5e5f9f8e8c45b9b7fd2caa0e33677fd7ac0e19088ba40c78b59
0e31f93a0b540fce43b342009b234ccf6096f19ed34baf4acdd18a4f2ed999bf
0f334da460abbd2499d5f315918eddc40a343949f7f041a1a56b8aff122974ee
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
25fb7c164ca102ce240e244cfc1a8fa611176e2598b237b904b07e68b105320f
3718edf7c14def2499263a1b60a9a7132c98b7106d82c7754017f6a697366afa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
49c1ad6c0363b28163c490c781d605a59dcbcdba14ed4c4a962918966737fce4
4d4d27e00a73acac6a60b1d05c460c0a02ace9f1495d633564b37039c949e4f5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
57a020a6c417a601358d07ddd0e3a0cf1ea99375872213c91e5106bf2b2b13b5
590ca72d19b16396e28d36ae06e8a63001d4190d1f052f4474bd064dda211708
593d130ab53bf47b4df3ebcb317ec68c57769214012613f399b0e913286759ca
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
61e16a0d0166032eba39aca67ef332c0b53014a3d96b911cef700544a3ae81d1
635b43a5b68772da3647e164254c0582408d34444580db9e079daa35a48eec26
8ae76bbedd724aa6cc18d7a920facbb6b7cd78577110875a10bb74f156da28ab
931b70059f0911fa52bc228a610376bd9b7e3cc83d5857808ac5c4059b6d5d8c
9d25daed04c231942667c7edbed70062ecbba8c40b8402ea5f5050b08b512943
a32e279d3d9ece2b7c1a49aaf36f2af09d87fddaab5f0713c0f246d56dac04b7
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dd7e1d8a42481c06815f0c96ee0cd3e336aeeda32d28f5c7ced1b37b918368a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23
fedd7aece9518ced98a1671da1df8cfd3e64b5b63f6f9720aa0e3f9cc1864b71