r0yerburnsllc.advensure.io
Open in
urlscan Pro
13.127.67.222
Public Scan
Submitted URL: https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fr0yerburnsllc.advensure.io%2fpages%2fyou%2dhave%2dnew%2...
Effective URL: https://r0yerburnsllc.advensure.io/pages/you-have-new-fax-message
Submission: On July 20 via manual from IN — Scanned from DE
Effective URL: https://r0yerburnsllc.advensure.io/pages/you-have-new-fax-message
Submission: On July 20 via manual from IN — Scanned from DE
Summary
This website contacted 14 IPs
in 4 countries
across 13 domains to perform 27 HTTP transactions.
The main IP is 13.127.67.222, located in
Mumbai, India and
belongs to AMAZON-02, US.
The main domain is r0yerburnsllc.advensure.io.
TLS certificate: Issued by R3 on May 11th 2022. Valid for: 3 months.
This is the only time r0yerburnsllc.advensure.io was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 11th 2022. Valid for: 3 months.
This is the only time r0yerburnsllc.advensure.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
35.82.107.49
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-107-49.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-107-49.us-west-2.compute.amazonaws.com
| ddec1-0-en-ctp.trendmicro.com |
10
13.127.67.222
(Mumbai, India)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-127-67-222.ap-south-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-127-67-222.ap-south-1.compute.amazonaws.com
| r0yerburnsllc.advensure.io |
1
52.219.160.134
(Mumbai, India)
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
| advensure-prod.s3.ap-south-1.amazonaws.com |
1
108.138.7.25
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-25.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-25.fra56.r.cloudfront.net
| cdn.linearicons.com |
1
2a03:2880:f02d:100:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
2a03:2880:f12d:181:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
advensure.io
r0yerburnsllc.advensure.io |
2 MB |
| 6 |
googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 310 fonts.googleapis.com — Cisco Umbrella Rank: 72 |
181 KB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226 |
7 KB |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
297 B |
| 1 |
gstatic.com
fonts.gstatic.com |
48 KB |
| 1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
90 KB |
| 1 |
linearicons.com
cdn.linearicons.com — Cisco Umbrella Rank: 38017 |
2 KB |
| 1 |
ionicframework.com
code.ionicframework.com — Cisco Umbrella Rank: 13644 |
9 KB |
| 1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 947 |
8 KB |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 737 |
7 KB |
| 1 |
amazonaws.com
advensure-prod.s3.ap-south-1.amazonaws.com |
10 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 424 |
16 KB |
| 1 |
trendmicro.com
1 redirects
ddec1-0-en-ctp.trendmicro.com |
151 B |
| 27 | 13 |
| Domain | Requested by | |
|---|---|---|
| 10 | r0yerburnsllc.advensure.io |
r0yerburnsllc.advensure.io
|
| 4 | maps.googleapis.com |
r0yerburnsllc.advensure.io
maps.googleapis.com |
| 2 | fonts.googleapis.com |
r0yerburnsllc.advensure.io
|
| 2 | cdnjs.cloudflare.com |
r0yerburnsllc.advensure.io
|
| 1 | www.facebook.com |
r0yerburnsllc.advensure.io
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | connect.facebook.net |
r0yerburnsllc.advensure.io
|
| 1 | cdn.linearicons.com |
r0yerburnsllc.advensure.io
|
| 1 | code.ionicframework.com |
r0yerburnsllc.advensure.io
|
| 1 | use.fontawesome.com |
r0yerburnsllc.advensure.io
|
| 1 | maxcdn.bootstrapcdn.com |
r0yerburnsllc.advensure.io
|
| 1 | advensure-prod.s3.ap-south-1.amazonaws.com |
r0yerburnsllc.advensure.io
|
| 1 | cdn.jsdelivr.net |
r0yerburnsllc.advensure.io
|
| 1 | ddec1-0-en-ctp.trendmicro.com | 1 redirects |
| 27 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| spritzcentral.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| advensure.io R3 |
2022-05-11 - 2022-08-09 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
| *.s3.ap-south-1.amazonaws.com Amazon |
2021-12-09 - 2022-11-30 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
| ionicframework.com Cloudflare Inc ECC CA-3 |
2022-05-01 - 2023-05-01 |
a year | crt.sh |
| cdn.linearicons.com Amazon |
2022-01-21 - 2023-02-19 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-04-29 - 2022-07-28 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-07-04 - 2022-09-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://r0yerburnsllc.advensure.io/pages/you-have-new-fax-message
Frame ID: 1FEFE013FFD26251736ECABEB0EEFC20
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
NEW SECURE MESSAGE : YOU HAVE NEW FAX MESSAGEPage URL History Show full URLs
-
https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fr0yerburnsllc.advensure.io%2fpages%...
HTTP 302
https://r0yerburnsllc.advensure.io/pages/you-have-new-fax-message Page URL
Detected technologies
Google Maps
(Maps)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Laravel
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://spritzcentral.com/00/000
Title: View Documents Here
Title: View Documents Here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fr0yerburnsllc.advensure.io%2fpages%2fyou%2dhave%2dnew%2dfax%2dmessage&umid=9fc56fbf-3b0d-4b4b-9f44-459ec9e0e94d&auth=33a2eb7a88f5226ceb0ea48524328a2ed3aaf153-6272ccc3f83b1431ee79faff5771410b24106c09
HTTP 302
https://r0yerburnsllc.advensure.io/pages/you-have-new-fax-message Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
you-have-new-fax-message
r0yerburnsllc.advensure.io/pages/ Redirect Chain
|
92 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
r0yerburnsllc.advensure.io/css/operator/ |
230 KB 230 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.css
r0yerburnsllc.advensure.io/css/ |
14 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flatpickr@4
cdn.jsdelivr.net/npm/ |
49 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-without-text.png
r0yerburnsllc.advensure.io/img/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
yCv9ip1IpgBraeMq1aOvzEeE0IdDfY6Rq12KWLyZ.png
advensure-prod.s3.ap-south-1.amazonaws.com/operator_cms_images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
maps.googleapis.com/maps/api/ |
167 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
r0yerburnsllc.advensure.io/js/operator/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wow.min.js
cdnjs.cloudflare.com/ajax/libs/wow/0.1.12/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blazy.min.js
r0yerburnsllc.advensure.io/js/operator/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
3 KB 967 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 672 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
use.fontawesome.com/releases/v5.0.8/css/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ |
70 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ |
50 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-font.min.css
cdn.linearicons.com/free/1.0.0/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ |
313 KB 90 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ |
3 B 45 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v17/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prev.png
r0yerburnsllc.advensure.io/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
next.png
r0yerburnsllc.advensure.io/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.gif
r0yerburnsllc.advensure.io/images/ |
8 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
close.png
r0yerburnsllc.advensure.io/images/ |
280 B 527 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
common.js
maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/ |
245 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
util.js
maps.googleapis.com/maps-api-v3/api/js/49/9/intl/de_ALL/ |
155 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| flatpickr object| Laravel string| APP_URL string| AWS_URL object| Translate function| fbAsyncInit object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| FB object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate function| _ function| Popper function| jQuery function| $ function| axios function| Vue object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched function| WOW function| Blazy object| bLazy2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .advensure.io/ | Name: XSRF-TOKEN Value: eyJpdiI6ImxFXC85TVp6bGdDNnF4cnFoTGR1MDBnPT0iLCJ2YWx1ZSI6IjBLbDIyTTNFc28wMXZkekd6TUwrQWl5VXJnbDRmMiswbmFcL093VHpQK3Y4TTM1aWdLa2NqeVVrUmhYNzdHajkwczVkU0sydXhQdk85YUQyQTNDUGVock9wcVBmeXNBYmgwTlwvdnlRUGNNc2ppRW92ZXFEUFJIbDhjYmdFZm92UUUiLCJtYWMiOiI3ODZlMWQ4ZjQyNzA4ZjQxMGUzNDVmODY3MDhhMTgwN2RkOTEzN2Y2ZjNiNjk5YjM5MWFmNDBmZDFhYjI5ZTUzIn0%3D |
|
| .advensure.io/ | Name: laravel_session Value: eyJpdiI6IkhYRElCWGZ4a20wc1pJZGpGdXRFY3c9PSIsInZhbHVlIjoieDdlMksxc1Z4dklqZW5QU1wvZ042TGlVWjhxWHVJOTMybjdrM2JcL3lESWZadldNZnhUSW41K1JYT0VKa0dabkJOUTJ5OVwvSFR5b1pEV0tBNTV0ZHd4V1BnZHgrNkRlRkpUS213SXFPKzMyeG1RVjNieU9NZzdJcUlxQmZrZGo2Y04iLCJtYWMiOiI4ZTZkNDI3Nzk5NDg5MmZkOTdmMTJmZWMwODUyYzljMTdiZjQwZWZmYTczYWYzYmRjNmVjZGQ0ZGM3NWFhMGU1In0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
advensure-prod.s3.ap-south-1.amazonaws.com
cdn.jsdelivr.net
cdn.linearicons.com
cdnjs.cloudflare.com
code.ionicframework.com
connect.facebook.net
ddec1-0-en-ctp.trendmicro.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
r0yerburnsllc.advensure.io
use.fontawesome.com
www.facebook.com
108.138.7.25
13.127.67.222
2606:4700:20::681a:7ad
2606:4700:3033::6815:3f36
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:400e:80c::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.82.107.49
52.219.160.134
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1941357ffd631db7a0818888d4404737f96072687749194d816f3d7a2cee9bbc
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
21b5de03a67c23196c75ae78ca22da4f5b446462b4054905ba7348c790af5cbf
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
3ae5a26539cc9594d4dd0d1b8983fb60ed68f26c451763dadf8b47047686cb35
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
57b9362e19a017628f38fbe860257702b091eeb903e0022d294ad999e6db42b1
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
86e38d4b7c5fe5ad71ce8aba08117bdc0e5a039ed67676808d6768c8f75f138c
8bd6304875f868edbeffbb30f35f91e05aac4d3584ba381352735424bc5ca37f
8f329d15329bc36b3f96471b1e8223d20a74f8e79255f0713c2e6e4a4b0de010
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
a4fdcdeb660bb52b703065c2ffd9b7fd36dfdccb416c3b663200d5f967ceb184
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb893541ce2c2ad9d3f10bf907da5ad098b226ef9d4738e5cb174064f1b10c13
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d99d10c28ffff7540fa5e23c04a67aa3407e814df613dbdca25df88e0b69f082
dab7c9fa5f067ea81be4c24efd6dc2f9d505b2f0f7b9977b602394ad52089c1a
e868bf9398e42216b605ec6b29934e6cd52353295e686a0701e03b4ea463ecc6
ff8c1eeaabf27111c1f4a10651da1e10917e912db6a54cdc7a753d27bedde956