pointexclusive.com
Open in
urlscan Pro
64.140.159.50
Malicious Activity!
Public Scan
Submitted URL: https://skinnyfarmer.com/index.php?usemp3=false&brand=brand&t202kw=MGUSAMZ2&c1=764574488&c2=470338&c3=c3&c4=59&s=30&i=1095
Effective URL: https://pointexclusive.com/?476d5f8d1cc99a91223a1092f266b553
Submission: On July 19 via manual from US
Effective URL: https://pointexclusive.com/?476d5f8d1cc99a91223a1092f266b553
Submission: On July 19 via manual from US
Summary
This website contacted 9 IPs
in 2 countries
across 7 domains to perform 39 HTTP transactions.
The main IP is 64.140.159.50, located in
Seattle, United States and
belongs to SUBNET-1 - Subnet Labs LLC, US.
The main domain is pointexclusive.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 5th 2018. Valid for: 3 months.
This is the only time pointexclusive.com was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on June 5th 2018. Valid for: 3 months.
This is the only time pointexclusive.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online) Generic (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 172.110.22.97 172.110.22.97 | 63356 (SUBNET-1) (SUBNET-1 - Subnet Labs LLC) | |
| 2 | 64.140.159.50 64.140.159.50 | 63356 (SUBNET-1) (SUBNET-1 - Subnet Labs LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:824::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 64.140.158.133 64.140.158.133 | 63356 (SUBNET-1) (SUBNET-1 - Subnet Labs LLC) | |
| 28 | 54.231.236.33 54.231.236.33 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 54.192.94.153 54.192.94.153 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:817::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 172.110.6.254 172.110.6.254 | 63356 (SUBNET-1) (SUBNET-1 - Subnet Labs LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:817::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 39 | 9 |
2
64.140.159.50
(Seattle, United States)
ASN63356 (SUBNET-1 - Subnet Labs LLC, US)
ASN63356 (SUBNET-1 - Subnet Labs LLC, US)
| pointexclusive.com |
1
64.140.158.133
(Seattle, United States)
ASN63356 (SUBNET-1 - Subnet Labs LLC, US)
ASN63356 (SUBNET-1 - Subnet Labs LLC, US)
| pointexclusive.com |
28
54.231.236.33
(San Jose, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-1.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-1.amazonaws.com
| s3-us-west-1.amazonaws.com |
2
54.192.94.153
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-153.fra2.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-153.fra2.r.cloudfront.net
| api.pushnami.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
amazonaws.com
s3-us-west-1.amazonaws.com |
433 KB |
| 4 |
pointexclusive.com
pointexclusive.com |
133 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
14 KB |
| 2 |
pushnami.com
api.pushnami.com |
13 KB |
| 2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
33 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
25 KB |
| 1 |
skinnyfarmer.com
1 redirects
skinnyfarmer.com |
234 B |
| 39 | 7 |
| Domain | Requested by | |
|---|---|---|
| 28 | s3-us-west-1.amazonaws.com |
pointexclusive.com
|
| 4 | pointexclusive.com |
pointexclusive.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
pointexclusive.com |
| 2 | api.pushnami.com |
pointexclusive.com
|
| 1 | www.googletagmanager.com |
pointexclusive.com
|
| 1 | fonts.googleapis.com |
pointexclusive.com
|
| 1 | ajax.googleapis.com |
pointexclusive.com
|
| 1 | skinnyfarmer.com | 1 redirects |
| 39 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| pointexclusive.com Let's Encrypt Authority X3 |
2018-06-05 - 2018-09-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pointexclusive.com/?476d5f8d1cc99a91223a1092f266b553
Frame ID: 283A539CF784160115DF479B6FBE71D0
Requests: 39 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://skinnyfarmer.com/index.php?usemp3=false&brand=brand&t202kw=MGUSAMZ2&c1=764574488&c2=470338&c3...
HTTP 302
https://pointexclusive.com/?476d5f8d1cc99a91223a1092f266b553 Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
lighttpd
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /lighttpd(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
- env /^Modernizr$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://skinnyfarmer.com/index.php?usemp3=false&brand=brand&t202kw=MGUSAMZ2&c1=764574488&c2=470338&c3=c3&c4=59&s=30&i=1095
HTTP 302
https://pointexclusive.com/?476d5f8d1cc99a91223a1092f266b553 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
pointexclusive.com/ Redirect Chain
|
114 KB 114 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.0/ |
90 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js.php
pointexclusive.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
normalize.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
amazon.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
640 B 1006 B |
Stylesheet
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
107 KB 108 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
responsive.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
365 B 720 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
notify.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr-2.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
survey10.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
830 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
icon
fonts.googleapis.com/ |
574 B 481 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
5994a6e29d660c673826287b
api.pushnami.com/scripts/v1/pushnami-adv/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
amazonv2.2.png
pointexclusive.com/image_center/other/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e675b35bc035f20378752e45575e9179.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/new/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4-5.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
415a85639c5cf81c4878b33e82d08cb2.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/new/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
d324097eb73d9bb058544621549d8024.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/new/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
couple4.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
d47619b92cebc6ebfa07969ab5370ae6.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
man_lake.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Korea4.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
man1.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5star.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
45star.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
guarantee.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
secureSiteLogo.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
countdownScript.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
932 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
countdown.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/js/ |
497 B 866 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
s3-us-west-1.amazonaws.com/imgcenter/js_public/ |
60 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
70 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
5994a6e29d660c673826287b
api.pushnami.com/scripts/v1/pushnami-adv/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
error.php
pointexclusive.com/ |
109 B 288 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/r/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online) Generic (Online)56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| asdf function| datehax object| html5 object| Modernizr function| yepnope object| respond function| goToQ1 function| goToQ2 function| goToQ3 function| goToQ4 function| goToQ5 function| goToQ6 function| goToQ7 function| goToQ8 function| goToQ9 function| goToQ10 function| HideAllQuestions function| onbeforeload string| msg string| msg2 function| ViewOffer1375 function| ViewOffer1370 function| ViewOffer1380 object| pushWrap undefined| o object| Pushnami object| jQuery1101006549034019977307 function| countdown function| getScore function| getScore_recaptcha function| loading2 function| loading3 function| ff function| ff2 object| jsc function| move_offers function| u60000 function| a60000 function| Z60000 object| Sbta function| rns object| BetterJsPop function| getCookie function| setCookie function| startTimer function| reset_timer function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .pointexclusive.com/ | Name: _gat_gtag_UA_79983506_1 Value: 1 |
|
| .pointexclusive.com/ | Name: _gid Value: GA1.2.156862548.1532018579 |
|
| .pointexclusive.com/ | Name: _ga Value: GA1.2.197246422.1532018579 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.pushnami.com
fonts.googleapis.com
pointexclusive.com
s3-us-west-1.amazonaws.com
skinnyfarmer.com
www.google-analytics.com
www.googletagmanager.com
172.110.22.97
172.110.6.254
2a00:1450:4001:817::2008
2a00:1450:4001:817::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:824::200a
54.192.94.153
54.231.236.33
64.140.158.133
64.140.159.50
0774ef725cdbec581655ed6c6ca22b5bbbc982ca4721707e668d75efb275d7e3
0ac816e41740bfa7bbbfcadd182df3177e0d440368d57bc4b45074f95d2caf1b
0db44aae459671e58025883d934a4fb13d644159e8cf0a21acdd024c095975a9
1140156c09c0ad7bafc0fd18078c3911d765fac83ddcb2e1b2b877998f000491
15cc18999315c5ab1e3167ed6a6f3d606433623094ddc34e51d57741d099e385
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
33a18b4288cb7f433820ab2e6b03f605d42334113829b574325787306b724c14
39b67a18f2c153b3b8f844e1b7c4ce829f36f8d591350036a918d66117d4ab43
3d5e921e19bb9438cbf5bf21103468fbc161d800d3be409031da8ac9acb06276
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4a942229e38aad23a58db9ce42e999e69160b4fce178519eef947e5640d7f909
4d3938fc65148e3b1d23351e9ab5bc58d86d669326d303b85ee539a5a0e7b810
5462f1cb351b9d7a318515632e14826b02c2487bf8cdd69560e65a5291cdea82
5704a81ca3229a829298e91e7ef4ae146f370a9fc57a9a5c9a32223076cfffed
64b8557e7ba553c8cf58b98410b7145fd90b2662d32a4902c3c822e0d4aafa56
65fbe8a14d808822f2f4b63a76443536a93b59abc0395c29d90c446000385c4e
6d5da2e20499b56d5e9d26a92a1103c56caff35138e428cb825c8b0e47f96e61
707398ee3591cf9f21344fb30e2b336d7e5ca4e45caf04fbf523865a54eac571
7c9baeb5f76825e25b5006fb577b2c2276f3e50a91b031e05115f8bdf81cc193
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
871cdb3b8c6ef6c76e687d2092abc72082331f634b557e11d853e58abbe4e924
8a1132ecace649a94b946826058b9d73202d697fb5ec0c73609cc128d4ccef5e
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
92c74d1ba1b9c9513b02b17a14cc079086b087ec32473e45768848beee60e10d
932859b876d07cbf7feadd905c5427fa5ea3f6e04eef3baaec1a8bed8e3f4e10
967b9d7c7fef6464831e9a2e7cccb9fec48692f5ba9ef2b7e03ecc0645c46970
997d224d7042a563d3a376a672e6aa0e1108626cff6b539841c71c950ce29aa5
a5489a0f2b654ddaa9303dac229a8cbdb57266a33ec3603b3132f59dd8fcc097
a73563e6eff7a5f60a404240bf7fe26a42ee37afe3d18000faee3aed6e932068
a8d7dd5dfc23b9b17ae827e9500c098009d4fbb0792d344e10cbd7371601dfe4
b255671a4af52695376763781b94d5ea0831b943eaf3a96bfd8b172224f7039c
bb5306a5d524e4736d018809faacfb6269a5a3a79f0b29758397c1d40bdea6fa
c05c396e05422383b42a0f95dba45b5844101118a0c7aa6402c255c4d80b1224
cb270f1d6240ce463b409fe30bd4fed7e807dd7b9cae4f6712cef8e632f88869
d2fcd72262ed841501216e260b7457212e1484d0b2f3b4579bbfa64ba9705c63
eede2305c1be81c7890c9c98551ee2ad11b15a8b8c4bb02e0216b8e7f562ab9a