stream.crichd.vip
Open in
urlscan Pro
2606:4700:3031::6815:888
Public Scan
Effective URL: https://stream.crichd.vip/update/skys1.php
Submission: On October 03 via manual from RO — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2022. Valid for: a year.
This is the only time stream.crichd.vip was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
cdn786.com
play3.cdn786.com — Cisco Umbrella Rank: 345197 |
1 MB |
6 |
fclecteur.com
fclecteur.com — Cisco Umbrella Rank: 320025 |
27 KB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 492 |
205 KB |
4 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 11345 s4.histats.com — Cisco Umbrella Rank: 9126 |
9 KB |
3 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 977 |
118 KB |
2 |
ugroocuw.net
ugroocuw.net — Cisco Umbrella Rank: 69576 |
23 KB |
2 |
uptimecdn.com
uptimecdn.com — Cisco Umbrella Rank: 186200 |
60 KB |
2 |
vmuid.com
vmuid.com — Cisco Umbrella Rank: 81095 |
11 KB |
2 |
youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 9635 |
2 KB |
2 |
achcdn.com
achcdn.com — Cisco Umbrella Rank: 62063 |
60 KB |
2 |
crichd.vip
1 redirects
stream.crichd.vip — Cisco Umbrella Rank: 557855 |
2 KB |
1 |
web3-lab.com
asia.web3-lab.com — Cisco Umbrella Rank: 89797 |
749 B |
1 |
ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5857 |
317 B |
1 |
tartator.com
tartator.com — Cisco Umbrella Rank: 27669 |
137 KB |
1 |
origunix.com
1 redirects
origunix.com — Cisco Umbrella Rank: 107463 |
373 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1229 |
11 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 485 |
30 KB |
40 | 17 |
Domain | Requested by | |
---|---|---|
6 | play3.cdn786.com |
cdn.jsdelivr.net
|
6 | fclecteur.com |
stream.crichd.vip
fclecteur.com |
4 | cdn.jsdelivr.net |
fclecteur.com
|
3 | code.jquery.com |
fclecteur.com
|
2 | ugroocuw.net |
fclecteur.com
|
2 | uptimecdn.com |
fclecteur.com
uptimecdn.com |
2 | s4.histats.com |
s10.histats.com
|
2 | vmuid.com |
fclecteur.com
vmuid.com |
2 | s10.histats.com |
stream.crichd.vip
fclecteur.com |
2 | youradexchange.com |
achcdn.com
uptimecdn.com |
2 | achcdn.com |
stream.crichd.vip
achcdn.com |
2 | stream.crichd.vip | 1 redirects |
1 | asia.web3-lab.com |
cdn.jsdelivr.net
|
1 | pro.ip-api.com |
cdn.jsdelivr.net
|
1 | tartator.com |
fclecteur.com
|
1 | origunix.com | 1 redirects |
1 | maxcdn.bootstrapcdn.com |
fclecteur.com
|
1 | ajax.googleapis.com |
fclecteur.com
|
40 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
youradexchange.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-03 |
a year | crt.sh |
youradexchange.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-20 - 2023-06-20 |
a year | crt.sh |
histats.com R3 |
2022-09-30 - 2022-12-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-03-21 - 2023-04-22 |
a year | crt.sh |
vmuid.com R3 |
2022-09-18 - 2022-12-17 |
3 months | crt.sh |
ugroocuw.net R3 |
2022-09-01 - 2022-11-30 |
3 months | crt.sh |
play3.cdn786.com R3 |
2022-09-27 - 2022-12-26 |
3 months | crt.sh |
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA |
2021-10-28 - 2022-11-27 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://stream.crichd.vip/update/skys1.php
Frame ID: F367CC03A81F99CB75CC1968027680F2
Requests: 7 HTTP requests in this frame
Frame:
https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Frame ID: 42BC0E544F3BB42AB17DA9C05311BCC1
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://stream.crichd.vip/update/skys1.php
HTTP 301
https://stream.crichd.vip/update/skys1.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://stream.crichd.vip/update/skys1.php
HTTP 301
https://stream.crichd.vip/update/skys1.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://origunix.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113 HTTP 302
- https://tartator.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
skys1.php
stream.crichd.vip/update/ Redirect Chain
|
941 B 925 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crichdws.js
fclecteur.com/ |
1020 B 1006 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suv4.js
achcdn.com/script/ |
98 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crichdws.php
fclecteur.com/ Frame 42BC |
69 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ut.js
achcdn.com/script/ |
70 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suurl4.php
youradexchange.com/script/ |
1 KB 997 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.0/ Frame 42BC |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 42BC |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.js
code.jquery.com/ Frame 42BC |
276 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
embed.css
fclecteur.com/css/ Frame 42BC |
428 B 723 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.0.min.js
code.jquery.com/ Frame 42BC |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate-1.2.1.min.js
code.jquery.com/ Frame 42BC |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
site.css
fclecteur.com/css/ Frame 42BC |
165 B 606 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 42BC |
513 KB 138 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 42BC |
185 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 42BC |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 42BC |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
vmuid.com/ Frame 42BC |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sdk.js
tartator.com/ Frame 42BC Redirect Chain
|
137 KB 137 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
z-5246287
fclecteur.com/ Frame 42BC |
935 B 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
52 B 186 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
send
vmuid.com/uid/ Frame 42BC |
65 B 700 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
uptimecdn.com/script/ Frame 42BC |
98 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ Frame 42BC |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H3 |
crichdws.php
fclecteur.com/ Frame 42BC |
0 459 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ugroocuw.net/5/4940138/ Frame 42BC |
0 434 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.min.js
ugroocuw.net/ Frame 42BC |
71 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skysme.m3u8
play3.cdn786.com/hls/ Frame 42BC |
557 B 1 KB |
XHR
application/vnd.apple.mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ Frame 42BC |
52 B 186 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ut.js
uptimecdn.com/script/ Frame 42BC |
70 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suurl4.php
youradexchange.com/script/ Frame 42BC |
1000 B 810 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skysme.m3u8
play3.cdn786.com/hls/ Frame 42BC |
557 B 1 KB |
XHR
application/vnd.apple.mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skysme-51198.ts
play3.cdn786.com/hls/ Frame 42BC |
648 KB 648 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json
pro.ip-api.com/ Frame 42BC |
161 B 317 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
7f93f4a6-e080-4286-8645-4f1073f545a5
https://fclecteur.com/ Frame 42BC |
61 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
channel
asia.web3-lab.com/v1/ Frame 42BC |
491 B 749 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skysme-51198.ts
play3.cdn786.com/hls/ Frame 42BC |
1 B 400 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skysme-51199.ts
play3.cdn786.com/hls/ Frame 42BC |
676 KB 676 KB |
Fetch
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skysme.m3u8
play3.cdn786.com/hls/ Frame 42BC |
557 B 1 KB |
XHR
application/vnd.apple.mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| fid string| v_width string| v_height object| isMobile string| embedded string| PlaySize object| regeneratorRuntime boolean| s2ss103 function| s2ss103ff object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| user_engagement103 string| utsid-send object| _HistatsCounterGraphics_0_setValues8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
stream.crichd.vip/ | Name: HstCfa4599824 Value: 1664797564057 |
|
stream.crichd.vip/ | Name: HstCla4599824 Value: 1664797564057 |
|
stream.crichd.vip/ | Name: HstCmu4599824 Value: 1664797564057 |
|
stream.crichd.vip/ | Name: HstPn4599824 Value: 1 |
|
stream.crichd.vip/ | Name: HstPt4599824 Value: 1 |
|
stream.crichd.vip/ | Name: HstCnv4599824 Value: 1 |
|
stream.crichd.vip/ | Name: HstCns4599824 Value: 1 |
|
.vmuid.com/ | Name: guid Value: 2a5284e7-d1a3-4df8-b70c-4148e5d735c2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
achcdn.com
ajax.googleapis.com
asia.web3-lab.com
cdn.jsdelivr.net
code.jquery.com
fclecteur.com
maxcdn.bootstrapcdn.com
origunix.com
play3.cdn786.com
pro.ip-api.com
s10.histats.com
s4.histats.com
stream.crichd.vip
tartator.com
ugroocuw.net
uptimecdn.com
vmuid.com
youradexchange.com
139.45.197.239
178.162.196.156
185.209.15.66
192.99.8.27
2001:4de0:ac18::1:a:3b
2606:4700:3030::6815:1ab6
2606:4700:3030::6815:2e74
2606:4700:3031::6815:888
2606:4700:3037::6815:1d36
2606:4700::6812:acf
2606:4700:e4::ac40:a70a
2a00:1450:400d:806::200a
2a04:4e42:400::485
35.190.41.116
46.105.201.240
51.77.64.70
01b834f3524134435d4af478a7fd2295f73729aa6a695feac57b93aa4f51c283
0e5e0d9a559757ba22da3a2fd30a4400dd1e42ebde6ad66fbbeb20784e77c064
15646118b7d40c3133eb24f420b54a6c3d10e06437e71774847a1f8d18faa18b
19ed7ad2c60c8a123d11fa2577994663d27992e82a0d16e490c6827c3514b80c
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
20713eca8d7514104f1431dd682757454348c2a141e48dffabc030a594f0fe41
240477e385e8f697df1964640dbae3c8c7e0b8614a13efe7bc2296a70e55d2fd
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
60d336b8b65426da35cb9baa392e9d142d1f3b8c51bfdb2509ff0a2e71e447f0
622a9a12a289b2e494053dd56e26f1f761522505515787b058e57cca49229962
622d5ec6a06ac3bda469a4c09730ad7fc0868f1452739e9880fed881fec7a302
67370894b8e5f8a4414f1d5663aa8351d76bcfd23aba88978dafa971116741b9
681ff1793be03b5223213c6249a2889e3c8376ba9d3e0b57aee5170d60baf10b
682fedad3ef3014c2ff8b8beee3a55b8792a7aebff060e68b8db2efaff96c24c
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
8baca2aa65818416aeee8065efcfb1e027fd9d851350b762fcedfae849e4af1f
9d44f70cb7568f94bbbf1239d394029176142cc14283197332a63711ee883c57
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
b1839243e57d14543df861e5a282a5badafa82e8e33c685485cd1fcda976b304
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c2a40f0558c123ab94048f28d292bca4a82a93ccae5d0cc4f7126c475eef3efc
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3
d3ad32d281a22d19424fbbd37e58f37c58351898de1c160bec21c95a990db03c
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
d7617ab39105ffeabe649ad82d382e614d34cec5d513792066ca86d8c5e82503
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc