rosepartyrental.ourers.com
Open in
urlscan Pro
146.20.151.240
Public Scan
Submission: On October 28 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 19th 2021. Valid for: a year.
This is the only time rosepartyrental.ourers.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 14 | 146.20.151.240 146.20.151.240 | 27357 (RACKSPACE) (RACKSPACE) | |
1 | 146.20.151.241 146.20.151.241 | 27357 (RACKSPACE) (RACKSPACE) | |
4 | 2a00:1450:400... 2a00:1450:4001:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 20.119.67.213 20.119.67.213 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hostedpayments.fullsteampay.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
ourers.com
2 redirects
rosepartyrental.ourers.com |
55 KB |
5 |
gstatic.com
www.gstatic.com |
526 KB |
4 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
26 KB |
1 |
fullsteampay.net
hostedpayments.fullsteampay.net — Cisco Umbrella Rank: 163679 |
8 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 665 |
33 KB |
1 |
sysers.com
files.sysers.com — Cisco Umbrella Rank: 258732 |
17 KB |
24 | 6 |
Domain | Requested by | |
---|---|---|
14 | rosepartyrental.ourers.com |
2 redirects
rosepartyrental.ourers.com
|
5 | www.gstatic.com |
www.google.com
|
4 | www.google.com |
rosepartyrental.ourers.com
www.gstatic.com www.google.com |
1 | hostedpayments.fullsteampay.net |
rosepartyrental.ourers.com
|
1 | code.jquery.com |
rosepartyrental.ourers.com
|
1 | files.sysers.com |
rosepartyrental.ourers.com
|
24 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ourers.com Go Daddy Secure Certificate Authority - G2 |
2021-12-19 - 2023-01-20 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.fullsteampay.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-15 - 2022-11-15 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://rosepartyrental.ourers.com/view/manage_event/pay/31419-tk-MjAyMi0wOC0zMSAxMDozNDowOHJvc2VwYXJ0eXJlbnRhbDMxNDE5/
Frame ID: A73B09DAF75460F7FC2461224F379C4F
Requests: 17 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc9COgeAAAAABLNcwJJhP4n9PLcOmGcvYNRMetE&co=aHR0cHM6Ly9yb3NlcGFydHlyZW50YWwub3VyZXJzLmNvbTo0NDM.&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&theme=light&size=normal&cb=zai5r1bqfmif
Frame ID: 0B8052CDF5034642E76E686CABB5ED63
Requests: 4 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6Lc9COgeAAAAABLNcwJJhP4n9PLcOmGcvYNRMetE
Frame ID: FD256D49ED4B149FC487B98E32D5558C
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://rosepartyrental.ourers.com/view/manage_event/pay/31419-tk-MjAyMi0wOC0zMSAxMDozNDowOHJvc2VwYXJ0eXJlbnRhb...
HTTP 301
https://rosepartyrental.ourers.com/view/manage_event/pay/31419-tk-MjAyMi0wOC0zMSAxMDozNDowOHJvc2VwYXJ0eXJlbnRhb... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rosepartyrental.ourers.com/view/manage_event/pay/31419-tk-MjAyMi0wOC0zMSAxMDozNDowOHJvc2VwYXJ0eXJlbnRhbDMxNDE5
HTTP 301
https://rosepartyrental.ourers.com/view/manage_event/pay/31419-tk-MjAyMi0wOC0zMSAxMDozNDowOHJvc2VwYXJ0eXJlbnRhbDMxNDE5/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://rosepartyrental.ourers.com/cp/upload/rosepartyrental/items/med/5000.jpg HTTP 302
- https://files.sysers.com/cp/upload/rosepartyrental/items/med/5000.jpg
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
rosepartyrental.ourers.com/view/manage_event/pay/31419-tk-MjAyMi0wOC0zMSAxMDozNDowOHJvc2VwYXJ0eXJlbnRhbDMxNDE5/ Redirect Chain
|
58 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
floating_window_3.js
rosepartyrental.ourers.com/cp/resources/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general_functions.js
rosepartyrental.ourers.com/cp/resources/js/ |
58 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
textarea_tab.js
rosepartyrental.ourers.com/cp/resources/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax_lib.js
rosepartyrental.ourers.com/cp/resources/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.css
rosepartyrental.ourers.com/cp/resources/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ers2_default.css
rosepartyrental.ourers.com/cp/template-common/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checklist_color.js
rosepartyrental.ourers.com/cp/resources/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tcal.js
rosepartyrental.ourers.com/cp/resources/tigra/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tcal.css
rosepartyrental.ourers.com/cp/resources/tigra/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
basic_template.js
rosepartyrental.ourers.com/cp/resources/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5000.jpg
files.sysers.com/cp/upload/rosepartyrental/items/med/ Redirect Chain
|
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
909 B 988 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullsteam.hostedcontrols.js
hostedpayments.fullsteampay.net/js/hostedcontrols/1.0.0/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caution-icon-96.png
rosepartyrental.ourers.com/cp/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ |
400 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 0B80 |
43 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame 0B80 |
52 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame 0B80 |
400 KB 159 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame 0B80 |
102 B 134 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bframe
www.google.com/recaptcha/api2/ Frame FD25 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame FD25 |
52 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame FD25 |
400 KB 159 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
334 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| add_loader_script function| run_loader_scripts function| sort_js_array_by_key function| is_dev_site function| append_html_to_id function| decode_escaped_string function| getObjPosition function| getElementByIdOrNode function| elementDescendedFrom function| getElementPosition function| getViewPortSize function| get_parent_element function| add_value_to_select function| set_select_value function| open_help_video function| cp_page_help_edit function| cp_page_help_str_to_array function| cp_page_help_array_to_str function| cp_page_help_row_action function| open_cp_page_help_content function| advance_time function| display_time function| unescape_decode function| ersCurrentUnixTimestamp function| ersCurrentDateTime function| ersDateStringFromDate function| ersIsValidDate function| ersTSFromDate function| ersDurationFromSeconds function| display_date function| change_date_by_days function| advance_date_by_day function| reverse_date_by_day function| enableSelection function| disableSelection function| element_exists function| noenter function| trim_string function| blurOnEnter function| updateNumber function| updateSelect function| decround function| formatDollar function| decodeQueryString function| err function| toggleChevron function| getvar function| cookievar function| ersDE function| ersEP function| ersDEBN function| ersDEBC function| ersElDisplay function| ersElHTML function| ersElOHTML function| ersElOpac function| ersElPointerEvents function| ersElValue function| ersElVisibility function| ersElsByClass function| ersEV function| ersFDE function| ersJSON function| ersObjectKeys function| ersSetSessvar function| ersVA function| ersVAFA function| ersVAFO function| ersVI function| ersVIFA function| ersVIFO function| ersVO function| ersVOFA function| ersVOFO function| ersVS function| ersVSFA function| ersVSFO function| ersQSFO function| fake_sleep function| ers_real_sleep function| ersAddClass function| ersRemoveClass function| ersRemoveElement function| ersHasClass function| ersIsElement function| ersIsFunction function| ersRandom object| ersScheduledActions object| ersScheduledActionTimer boolean| ersRunningScheduledAction function| ersScheduleAction function| ersRunNextScheduledAction object| ERSPreloadedImages function| ersPreloadImages function| ersPreloadImage function| ERSClickOrTouch function| html_to_dom function| strip_html_from function| ampersand_decode function| encode_notes_text function| decoded_notes_text function| ersDisplayMoreBelow function| ersDisplayLessBelow function| ersValueTrue function| ersInlinePropStop function| ersTSVDownload function| wm_title_to_id function| ersPostRequestToScript function| ersVerifyCombinedInvoiceRefundAmount object| loader_script_arr object| blue_editor_button_arr object| _UTIL function| ERSPromise function| E function| in_appcp function| do_ajax_query function| closeModal function| createModal function| modalPrompt function| modalAlert function| setSelectionRange function| replaceSelection function| catchTab function| insertAtCaret function| insertMergeFieldAtCaret object| eac_retry_info object| ERSHTTPRequests function| xmlhttpPost function| update_setting function| update_general_image function| get_current_foldername function| make_ajax_call function| verify_ajax_call function| ers_ajax_call function| verify_ers_ajax_call function| ajax_register_flexible_container function| parse_ajax_response function| process_ajax_callback function| get_ajax_response function| render_ajax_response function| ajax_link function| ers_spinner_div function| ajax_post function| explain_price_received function| explain_price function| extract_html_source function| extract_wp_template_contents function| extract_ajax_response function| get_post_prefix function| add_loaded_scripts_to_head string| ajax_callback_function string| extra_callback_function string| ajax_render_id string| override_ajax_response_url boolean| is_dev string| ajax_carry_value object| retry_info object| callbacks function| query_ajax_query object| aj_flexible_containers function| find_and_eval_script_tags string| render_ajax_template function| eval_script_tags function| uncheck_box function| check_box function| check_callback function| uncheck_callback function| toggle_checkboxes object| A_TCALCONF object| A_TCALTOKENS function| f_tcalGetHTML function| f_tcalRelDate function| f_tcalResetTime function| f_tcalCancel function| f_tcalUpdate function| f_tcalOnClick function| f_tcalParseDate function| f_tcalGenerateDate function| f_tcalGetInputs function| f_tcalHasClass function| f_tcalAddClass function| f_tcalRemoveClass function| f_getPosition function| f_tcalInit function| f_tcalAddOnload function| parse_basic_js_template function| basic_tpl_start_element_touch function| basic_tpl_allow_element_touch function| parse_basic_js_template_condition function| get_basic_js_template_var_keys function| basic_display_time function| display_money function| display_picture_path number| tpl_touch_obj_scrollTop number| tpl_touch_obj_top number| tpl_touch_pos_left number| tpl_touch_pos_top boolean| CM_use_touch object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| $ function| jQuery undefined| hostedPaymentParameters boolean| cardNumberValidationRan boolean| expirationMonthReceived boolean| expirationYearReceived boolean| cvvValidationRan boolean| cardNumberIsValid number| expirationMonth number| expirationYear boolean| cvvIsValid string| accountToken boolean| accountTokenFailed string| transactionId string| hostedPaymentsResponseJson boolean| hostedPaymentsProcessingComplete boolean| hostedPaymentsProcessingSuccessful undefined| hostedControlsUrl function| setupFullsteamHostedPayments function| performFullsteamSubmitEvent function| performFullsteamHostedPaymentsAction function| startFrameValidation function| checkFrameValidationResults function| continueFullsteamHostedPaymentsAction function| startGetCardDetailToken function| checkGetCardDetailTokenResponse function| startCvvPost function| checkCvvPostResults function| finishHostedPaymentsProcessing function| handleEventMessage function| getIframeMarkup function| callMethod function| getHostedControlsUrl function| validateHostedControlsSetup function| checkInputForCardData function| hostedPaymentsPerformLuhnCheck function| hostedPaymentsPerformBinCheck function| hostedPaymentsRangeCheck function| startTokenListener function| tokenFormConfirm function| tokenFormSubmit function| submitForPayment function| execSubmitForPayment function| enableTokenForm function| resetTokenForm function| enable_token_listener function| disable_token_listener function| checkTokenForm function| clog function| erspay_show_loading_overlay function| erspay_hide_loading_overlay function| performCustomFormValidation function| cardNumberFocusIn function| cardNumberFocusOut function| cardNumberValid function| cardNumberInvalid function| expirationMonthValid function| expirationMonthInvalid function| expirationYearValid function| expirationYearInvalid function| cvvValid function| cvvInvalid function| hostedPaymentsError function| showPleaseWait function| hidePleaseWait function| outputTokenMessage function| tokenNotReceived function| fs_authkey_received function| start_draw_screen_for_delayed_fspay function| recaptcha_callback_v2 function| recaptcha_callback function| recaptcha_init function| formelem_clicked function| show_formelem_click_loader function| start_enable_fspay_form function| exec_enable_fspay_form function| terminal_authorize_crm_card boolean| hosted_payments_enabled boolean| hosted_payments_validating boolean| hosted_listener_enabled boolean| hosted_listener_received_token string| current_foldername boolean| tread_obj boolean| clogging_enabled boolean| block_submit_button boolean| fspay_form_enabled string| fspay_form_authkey function| enableHostedPaymentsForm boolean| delayed_fspay_started function| crm_pay_cof_differs function| crm_pay_check_cof function| crm_pay_cof_diff_confirm string| last_pay_type_clicked string| last_pay_amount_clicked function| pay_type_click function| submit_general_payment function| payment_type_selected function| paytype_type_is_integrated number| gpayamount string| cpt_calc number| cpt_calc_number string| cpt_title string| cpt_calc_type function| conv_pay_type_click object| closure_lm_262306 number| widgetId1 number| extraheight function| register_floating_window function| open_floating_window function| frame_autosize function| open_floating_frame function| open_floating_iframe function| open_floating_src function| open_floating_ajax_link function| close_floating_window function| set_info_location boolean| floating_window_exists number| n object| A_TCALTOKENS_IDX1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rosepartyrental.ourers.com/ | Name: PHPSESSID Value: eqtuj2df00k9pbg0437ujet3k4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
files.sysers.com
hostedpayments.fullsteampay.net
rosepartyrental.ourers.com
www.google.com
www.gstatic.com
146.20.151.240
146.20.151.241
20.119.67.213
2001:4de0:ac18::1:a:3a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
02978d1f8d8ded667dcaf2adbb7040af32f93aa163e6ae0381f4fedf27547275
09421011972b46b79624bc30e01744d910b7b8d3fc5f8ed7d83b2fdebcc37a33
0c78fac74270d84637474a2a867e80f2cd83cbeaa09229cd28ebe716397d572d
2078c985e79796742925d3f3f556244464f444d34f13b30a71d987927aeb8c26
2eb33e0b237d37aabd2e5229e7ef52a25e9b620f6e122d2ff3439f9977926e58
372555d0bb2addd8169880b0ac7453126a1ac11deafb1359b00c302009a36f79
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4fcf6db1d763cd65ba5d1204a2b4f6fa87fd9efea0f2c8f2ccc08b944bb7cb16
58e10f9d4100fbecf75a2b2fb61f2f422999113c4c3faa5bc6ad706cd286e930
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
a21f1987a34f75a71fe7e744d3e764d5b853460813a3e7c8d85548236bcf8640
b1d5f511e0f7666c8f359c3f553732fb2df784b385787bd5b7163a35b47e2cd7
b8bbb3b36754ddf0d1ded922b0fc33227e86b93d2be575099f55a885b40c14cf
c97264339b988cdbebb68eb99f0b7cadb4137af1b8c339da098ef169ca329fc0
d135a22ba0093900bcb7e07d85517d411eebd89c425de91935c75020bee16f73
dd21e7a2a0e91c5421069adccb632a4fe668f02658fc46964c24e3aa912c2f75
ebb754a1cdc5973935d98987d8355fd20ac0ebd07c808c2fe22c9c0d78c69aa3
f5315d1ef1242fb71c3c23146f17796a1960a6b137482cbb0a4bb61b54fe962e
f63fecc65795a03ef53949ea4a20edfcfea3824ae245b42e553b0289dfa3fec2
f719d0f0edff6cb6a37243fc0d88d1cfdb5a525c2bdefb1fa147e09b1903d4ae