theatre-workshop.spwn.jp
Open in
urlscan Pro
151.101.1.195
Public Scan
Submission Tags: phishingrod
Submission: On October 26 via api from DE — Scanned from JP
Summary
TLS certificate: Issued by GTS CA 1D4 on October 26th 2022. Valid for: 3 months.
This is the only time theatre-workshop.spwn.jp was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-83.nrt57.r.cloudfront.net
smartplugin.youbora.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-154-70.nrt12.r.cloudfront.net
cdn.docomo-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-165-29.ap-northeast-1.compute.amazonaws.com
docomo-analytics.com |
ASN15169 (GOOGLE, US)
us-central1-spwn-balus.cloudfunctions.net |
ASN15169 (GOOGLE, US)
PTR: 137.34.211.130.bc.googleusercontent.com
public.spwn.jp |
Domain | Requested by | |
---|---|---|
8 | us-central1-spwn-balus.cloudfunctions.net |
theatre-workshop.spwn.jp
|
5 | public.spwn.jp | |
5 | firestore.googleapis.com |
theatre-workshop.spwn.jp
|
5 | theatre-workshop.spwn.jp |
theatre-workshop.spwn.jp
|
3 | www.gstatic.com |
theatre-workshop.spwn.jp
www.gstatic.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | cdnjs.cloudflare.com |
theatre-workshop.spwn.jp
|
2 | use.typekit.net |
theatre-workshop.spwn.jp
use.typekit.net |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | service.smt.docomo.ne.jp |
theatre-workshop.spwn.jp
|
1 | docomo-analytics.com | 1 redirects |
1 | cdn.docomo-analytics.com |
theatre-workshop.spwn.jp
|
1 | cdn.jsdelivr.net |
theatre-workshop.spwn.jp
|
1 | p.typekit.net |
use.typekit.net
|
1 | www.googletagmanager.com |
theatre-workshop.spwn.jp
|
1 | smartplugin.youbora.com |
theatre-workshop.spwn.jp
|
1 | fonts.googleapis.com |
theatre-workshop.spwn.jp
|
40 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
spwn.zendesk.com |
balus.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.sadaqahjaryah.com GTS CA 1D4 |
2022-10-26 - 2023-01-24 |
3 months | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.youbora.com Go Daddy Secure Certificate Authority - G2 |
2022-09-22 - 2023-10-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.docomo-analytics.com GlobalSign RSA OV SSL CA 2018 |
2021-12-07 - 2023-01-08 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
misc.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
edgecert.googleapis.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
public.spwn.jp GTS CA 1D4 |
2022-10-12 - 2023-01-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://theatre-workshop.spwn.jp/
Frame ID: 75EE988BAF8660C02B6EC72326DACFE8
Requests: 38 HTTP requests in this frame
Screenshot
Page Title
Theatre WorkshopDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Typekit (Font Scripts) Expand
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: ご利用ガイド
Search URL Search Domain Scan URL
Title: お問い合わせ
Search URL Search Domain Scan URL
Title: 運営会社
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://docomo-analytics.com/dcm/tr/dcmAn/img?action_name=SPWN&idsite=347&rec=1&r=702216&h=11&m=48&s=50&url=https%3A%2F%2Ftheatre-workshop.spwn.jp%2F&_id=44cfef063a24bf14&_idts=1666784930&_idvc=1&_idn=0&_refts=0&_viewts=1666784930&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200>_ms=262&afterAuthFlg=1&trackingType=2 HTTP 301
- https://service.smt.docomo.ne.jp/dmpf/noauth/ciReceive/receive?redirect=false&idsite=347&firstCookieId=44cfef063a24bf14&unicode=3171&time=1666784930575&thirdCookieId=44cfef063a24bf14
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
theatre-workshop.spwn.jp/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wwr2dhb.css
use.typekit.net/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ |
1 KB 774 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ |
2 KB 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
412 B 828 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ |
4 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp.min.js
smartplugin.youbora.com/v6/js/adapters/theoplayer2/6.7.4/ |
137 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.82289f93.chunk.css
theatre-workshop.spwn.jp/static/css/ |
127 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.eaf399a7.chunk.js
theatre-workshop.spwn.jp/static/js/ |
3 MB 667 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.60f96181.chunk.js
theatre-workshop.spwn.jp/static/js/ |
2 MB 506 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
185 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ |
36 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cast_sender.js
www.gstatic.com/eureka/clank/106/ |
52 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
THEOplayer.js
cdn.jsdelivr.net/npm/theoplayer@2.92.0/ |
2 MB 569 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
union2_pi.js
cdn.docomo-analytics.com/js/contents/ |
55 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
receive
service.smt.docomo.ne.jp/dmpf/noauth/ciReceive/ Redirect Chain
|
37 B 208 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 446 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H3 |
/
theatre-workshop.spwn.jp/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
sending_fee_confirmation_entry_point
us-central1-spwn-balus.cloudfunctions.net/ |
100 B 112 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
sending_fee_confirmation_entry_point
us-central1-spwn-balus.cloudfunctions.net/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getUserCart
us-central1-spwn-balus.cloudfunctions.net/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getUserCart
us-central1-spwn-balus.cloudfunctions.net/ |
82 B 115 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ |
54 B 553 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ |
232 KB 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
sending_fee_confirmation_entry_point
us-central1-spwn-balus.cloudfunctions.net/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
sending_fee_confirmation_entry_point
us-central1-spwn-balus.cloudfunctions.net/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
sending_fee_confirmation_entry_point
us-central1-spwn-balus.cloudfunctions.net/ |
100 B 112 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
sending_fee_confirmation_entry_point
us-central1-spwn-balus.cloudfunctions.net/ |
100 B 112 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ |
13 B 53 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ |
13 B 53 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/cfbead/0000000000000000000146b3/27/ |
23 KB 23 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ |
13 B 53 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg_1280.jpg
public.spwn.jp/event-pages/200806-Introduction/img/ |
141 KB 142 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg_1280.jpg
public.spwn.jp/event-pages/20102218-online/img/ |
171 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg_1280.jpg
public.spwn.jp/event-pages/20120418-online/img/ |
97 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg_1280.jpg
public.spwn.jp/event-pages/21022518-onlinethird/img/ |
100 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg_1280.jpg
public.spwn.jp/event-pages/21070518-onlinethird/img/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| __onGCastApiAvailable object| youbora number| versioningNum string| jsURL object| jsElement string| userAgent object| google_tag_manager object| google_tag_data object| THEOplayer function| P function| VRDisplay function| VRFrameData string| GoogleAnalyticsObject function| ga object| _dcmlinker object| _paq string| u object| cast object| gaplugins object| gaGlobal object| gaData object| $jscomp function| $jscomp$lookupPolyfilledValue number| searchIntervalId number| searchIntervalCount object| DcmAn object| JSON2 object| Piwik object| AnalyticsTracker function| piwik_log object| webpackJsonpportal object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| setImmediate function| clearImmediate object| __SENTRY__7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.spwn.jp/ | Name: _gcl_au Value: 1.1.152768279.1666784930 |
|
.theatre-workshop.spwn.jp/ | Name: _ga Value: GA1.3.318162792.1666784930 |
|
.theatre-workshop.spwn.jp/ | Name: _gid Value: GA1.3.2120734707.1666784930 |
|
.theatre-workshop.spwn.jp/ | Name: _gat_UA-134613381-1 Value: 1 |
|
theatre-workshop.spwn.jp/ | Name: _pk_id.347.9d48 Value: 44cfef063a24bf14.1666784930.1.1666784930.1666784930. |
|
theatre-workshop.spwn.jp/ | Name: _pk_ses.347.9d48 Value: * |
|
.docomo-analytics.com/ | Name: dcman_com Value: 44cfef063a24bf14 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.docomo-analytics.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
docomo-analytics.com
firestore.googleapis.com
fonts.googleapis.com
p.typekit.net
public.spwn.jp
service.smt.docomo.ne.jp
smartplugin.youbora.com
stats.g.doubleclick.net
theatre-workshop.spwn.jp
us-central1-spwn-balus.cloudfunctions.net
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
13.112.165.29
13.225.154.70
130.211.34.137
151.101.1.195
2001:4860:4802:36::36
2404:6800:4004:81e::200a
2404:6800:4004:823::2008
2404:6800:4004:825::2003
2404:6800:4004:826::200a
2404:6800:4004:826::200e
2404:6800:4008:c04::9d
2600:140b:1a00:14::17dc:548b
2600:140b:4::1720:f191
2606:4700::6810:5814
2606:4700::6811:190e
49.102.154.15
99.84.140.83
07f04fb64ae41a30d42f786f106fab277a166a05e97a0e24dafeb79ac992bb70
0d1490a8b85fb6bc81e5a7a1256b8db687338f2b980a1d99ade5da181a22391a
13ecccd6ba816f912fa6df2e1c1ff2fc307bb182103cec30718ca218b3141f2a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
4b1f3691056f283f125eb3da514dfeb69cf4117817765ae181f1546ec286f2b1
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713fc8d7fa247e5e4bf2609ae518a251ddf3479db3ab7d4603865a2c0cfb66ee
72e13deb7cb92ca430d25df6c8d30916f912128f8b22f773366ba164a96555c8
73ef14193fc18b5e4259cbc7e48b440601be20a50f34ea67b24070d930965f6c
780f79b35be714dd9d3700092ca6122fe7f8a5f2e4e59825e40c60748d0a89ee
7ce01c8d49dcf83097107c8d295077a019cb02c9a32cc619322d59dd137c3c3e
7d2dc96af8be78c838801f95bcabf7cd67519287a375e2c7159b219107fd5c4f
7f21092dd7d1df9be4542b494cef3e82e16c125ee0484bbc09c38e99c9d7ffff
875f8e591b4fbc6567e2b33553bea9ca2d0e18593bd857783a569fe7bf4ba097
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
a12c4869c15986a4428af0b9f9563e67c2667940fd7a7c9b2b2e3f2cc4f7c346
a169aa4af8dc29fefe1a12e81532953afd4d3915545c98ebc56dd7467a78ce93
abb288d6e8383bb7aa5f72ebbd4e8babc8d2e75171a8ceff85f51ebf50135dcd
b1ade2066c096e5617275e048e364db76cebef7f8286e1b0ff707f05765dd561
b37fe172b6bf71c3514006396470ba933e9534a8ac1e50159380b2b02398d936
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b59792b585b871509ab31c8083b01c4de5c5070ba3cf75fcd81ded16c7383fb6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c639f8501463de7556ba05323a5f606abc77c76ff8496fcb4594b199d4d13042
ccc174e37a7b1c80668f2968743a395eca0a35c2c337bca3bd62666f6d397dde
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
dceda386513e58035c7c1d2186d0ca3028162721650bb42980cb34db6ffeb679
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f8125afb5a0dd2148b619b07ec7c8be39d44fb00af6d3ea1f818daa1de8c7bba
f972e738341ec1e7cf940d46dd5917fd37f617abd5f8e1865658c89371ff7e10
fa126737c3537a12be027f51b3d7b04836cdd8319c7872146d9b69888d9289ee