www.email.turbomoney.kz
Open in
urlscan Pro
188.114.82.161
Public Scan
Submission: On January 10 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on January 10th 2021. Valid for: 3 months.
This is the only time www.email.turbomoney.kz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN198881 (IMPLIX-PL-AS, PL)
PTR: mta-2.email.turbomoney.kz
www.email.turbomoney.kz |
ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
us-as.gr-cdn.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-32.fra2.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-129.fra2.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-78.fra2.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-16-37.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-55.fra2.r.cloudfront.net
vc.hotjar.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
gr-cdn.com
us-as.gr-cdn.com |
623 KB |
4 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com |
62 KB |
4 |
google-analytics.com
www.google-analytics.com |
21 KB |
3 |
clickguard.com
io.clickguard.com |
3 KB |
2 |
google.de
www.google.de |
214 B |
2 |
google.com
www.google.com |
225 B |
2 |
nr-data.net
bam-cell.nr-data.net |
1017 B |
2 |
doubleclick.net
stats.g.doubleclick.net |
224 B |
2 |
vk.com
vk.com |
23 KB |
2 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com |
2 KB |
2 |
turbomoney.kz
www.email.turbomoney.kz |
12 KB |
1 |
hotjar.io
vc.hotjar.io |
255 B |
1 |
newrelic.com
js-agent.newrelic.com |
11 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
58 KB |
41 | 14 |
Domain | Requested by | |
---|---|---|
13 | us-as.gr-cdn.com |
www.email.turbomoney.kz
us-as.gr-cdn.com |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | io.clickguard.com |
www.email.turbomoney.kz
|
2 | www.google.de | |
2 | www.google.com | |
2 | bam-cell.nr-data.net |
js-agent.newrelic.com
www.email.turbomoney.kz |
2 | stats.g.doubleclick.net |
www.email.turbomoney.kz
|
2 | vk.com |
www.email.turbomoney.kz
|
2 | dev.visualwebsiteoptimizer.com |
www.email.turbomoney.kz
|
2 | www.email.turbomoney.kz |
www.email.turbomoney.kz
|
1 | vc.hotjar.io |
www.email.turbomoney.kz
|
1 | in.hotjar.com |
www.email.turbomoney.kz
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | js-agent.newrelic.com |
www.email.turbomoney.kz
|
1 | www.googletagmanager.com |
www.email.turbomoney.kz
|
41 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.grnewsletters.com |
www.getresponse.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
email.turbomoney.kz R3 |
2021-01-10 - 2021-04-10 |
3 months | crt.sh |
*.gr-cdn.com Go Daddy Secure Certificate Authority - G2 |
2020-03-23 - 2021-04-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2020-06-19 - 2022-07-06 |
2 years | crt.sh |
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-06-09 - 2022-06-10 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-16 - 2021-07-16 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-12-28 - 2021-05-07 |
4 months | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.hotjar.io Amazon |
2020-09-15 - 2021-10-15 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.email.turbomoney.kz/
Frame ID: 5AC1E3990EFAB9C9E7A5E9541F096D3F
Requests: 39 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E18F5F6BDFB7158D6BE62035C047CD86
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Product updates
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Partner program
Search URL Search Domain Scan URL
Title: Event meetups
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.email.turbomoney.kz/ |
25 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.1e7e4c2dc6046c0968a0.min.css
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common~Login~Logout~ResetPassword.167bdf44ea05bd44cd3a.min.css
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
832 B 476 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HomePage.464014947aa00c9ba326.min.css
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
807 B 460 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.bundle.c3b2db3b611730de77db.min.js
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
2 KB 941 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.4cf4c19f6d0dc11e505b.min.js
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
2 MB 388 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.1e7e4c2dc6046c0968a0.min.js
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
127 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.a3d603e2d8134cf0ffc2.min.js
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
121 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common~Login~Logout~ResetPassword.167bdf44ea05bd44cd3a.min.js
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common~2fa~Login.6701c2c920c7d0a0c017.min.js
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
38 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HomePage.464014947aa00c9ba326.min.js
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
22 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
226 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
panel
www.email.turbomoney.kz/panel-api/translations/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openapi.js
vk.com/js/api/ |
100 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NUhH906X
io.clickguard.com/s/cHJvdGVjdG9y/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 301 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gr-short.svg
us-as.gr-cdn.com/images/common/v2/global/logos/ |
1 KB 693 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3b52bc86749058f144deb815c481ca5b.woff2
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
62 KB 62 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c065bd9fa03a7a797d95ba7f198a9dcf.woff2
us-as.gr-cdn.com/javascripts/app-frontend-login-pages/dist/ |
63 KB 63 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
NUhH906X
io.clickguard.com/r/cHJvdGVjdG9y/ Frame |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
NUhH906X
io.clickguard.com/r/cHJvdGVjdG9y/ |
0 270 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtrg
vk.com/ |
49 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1184.min.js
js-agent.newrelic.com/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-658879.js
static.hotjar.com/c/ |
15 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 154 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 190 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 58 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
febaf2538c
bam-cell.nr-data.net/1/ |
57 B 518 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 118 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.9a7681f2864b86bb700a.js
script.hotjar.com/ |
223 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E18F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/658879/ |
178 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
658879
vc.hotjar.io/sessions/ |
0 255 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
febaf2538c
bam-cell.nr-data.net/events/1/ |
24 B 499 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require string| __CURRENT_LANGUAGE boolean| __IS_MX boolean| __IS_WHITE_LABEL string| __LOGO_URL string| __MAIN_PAGE_CONTENT string| __RE_CAPTCHA_PUBLIC_KEY string| __webpack_public_path__ object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| core number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ object| __SENTRY__ object| dataLayer object| _vwo_code number| settings_timer number| _vwo_settings_timer object| google_tag_manager function| cg_convert undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _0x41a4 function| _0x5905 object| CG function| _cg_convert function| obj2qs object| fastXDM object| VK object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.turbomoney.kz/ | Name: _vwo_uuid_v2 Value: D1484023C4EC821136022013FDA085EFA|1d0a54a87dd4d48a9ea2cbb65b05e427 |
|
.email.turbomoney.kz/ | Name: timeout Value: logout_43200 |
|
www.email.turbomoney.kz/ | Name: max Value: g0dipfmjptk9vbn5odruaimif9 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=86400 |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam-cell.nr-data.net
dev.visualwebsiteoptimizer.com
in.hotjar.com
io.clickguard.com
js-agent.newrelic.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
us-as.gr-cdn.com
vars.hotjar.com
vc.hotjar.io
vk.com
www.email.turbomoney.kz
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.194.129
13.224.194.32
13.224.194.55
13.224.194.78
151.101.114.110
162.247.243.146
188.114.82.161
205.185.216.42
2606:4700:20::681a:c98
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2003
2a00:1450:400c:c00::9d
34.96.102.137
63.33.16.37
93.186.225.208
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06649e87db9dcc3aac096d3cd4926a6499971599de35952979aed8d4ebeb4a68
071dbf90ff4bc7f15faf0ee21fd107592f16c1684b531c707c60a20da42d1121
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e29332a5b46138b43e04530f586345b2bcf970498c9bcb3b0d62aa4115d8bac
162c7e96da92b8c0f2ad060939ef46ab87a4f715b596516fd0a2aff20a0b2210
21e258a5e3bda0c48f1ec36aadb8cf5e1cef1bee228218a51b73a6e90ba43a6f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
56ee2d40df6d226561426895a3201dc51752df57d76b55c9268e971a68e82937
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62798e8e8d27ee0fc58813078bfb7e3fcf7417d374f5cddcf6ae597717925598
6a57148ab4e668ab23194912a9d40f0b254a7dc4dd6391c6f039f079b22a3ed4
6dd2bd69d5c7ee632fff1502875aa8f14f28cd0064a21483a23dbcc2f4bb9277
728e2064815963fb01e56d8ceab51462810d3949d7bf55cc994cd42329cf73b9
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7d8d731f9de319943947a11e5b9f5af0d6c5627e3496028c9815cf12f8da66ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870abc61067d0fa01cb45e32935a5b8dcfa4ec1b5f80dcf64214b870d8852948
8d6514fccd56cf941cf453b33161f22b05b1e47497b68488f0f5496ffcc37fb9
98cda42abefd73a296ddf0d07c8d34838e45a104bbc3fec3a5d06e6e3baf0793
a887ebafc69c315d87b77c6584ae16434121fb3e651ff97abd481fafb080abaa
c06820d5724d781118e46989857ceb085e9d942c9b94ce7a92adf5734d9069e2
c951f02227bc3c2387a5f490cc25a4ba3adb92fabe1ac1e897f98663c318d1fe
cd7bfd000de34c5d963579c7481bf0d2046f7a5395404a5f913e9fd8fc3b9893
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ee66c5bfcb46e11cc7cde4a62a2b60d31724bf030a388895f3b01c7a0153c9c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2edf945c416208ed71c14cbfc204295fe77f7a787bf7b5a287c92a9e0bce5c8
fdffd706005defc7e4f5e07cac7cc371c5bb0b0c895e5ec7c16c1ea0baa43f59