www.expressminceur.com
Open in
urlscan Pro
46.255.165.236
Public Scan
Effective URL: https://www.expressminceur.com/lmp/camp_71/index.php?cpg=camp_71&diff=webmediarm&aff=327845&nom=&prenom=&email=a.coutelier@gmai...
Submission: On July 11 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on June 12th 2020. Valid for: 3 months.
This is the only time www.expressminceur.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-37-119.eu-west-1.compute.amazonaws.com
notify.adleadevent.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Domain | Requested by | |
---|---|---|
9 | www.expressminceur.com |
mta108.arxmail.fr
www.expressminceur.com |
2 | www.facebook.com |
www.expressminceur.com
|
2 | www.google-analytics.com |
1 redirects
www.expressminceur.com
|
2 | connect.facebook.net |
www.expressminceur.com
connect.facebook.net |
2 | cdnjs.cloudflare.com |
www.expressminceur.com
|
2 | stackpath.bootstrapcdn.com |
www.expressminceur.com
|
2 | affiliation.webmediarm.com | 2 redirects |
2 | js.sddan.com |
1 redirects
mta108.arxmail.fr
|
2 | cockpit.arexys.com | 2 redirects |
2 | mta108.arxmail.fr |
mta108.arxmail.fr
|
1 | www.google.de |
www.expressminceur.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | fonts.gstatic.com |
www.expressminceur.com
|
1 | code.jquery.com |
www.expressminceur.com
|
1 | fonts.googleapis.com |
www.expressminceur.com
|
1 | use.fontawesome.com |
www.expressminceur.com
|
1 | wmrm-xat.com | 1 redirects |
1 | sddan.mgr.consensu.org | 1 redirects |
1 | mel.sir-21604p.com | 1 redirects |
1 | notify.adleadevent.com |
mta108.arxmail.fr
|
1 | crt.mediabeille.com | 1 redirects |
27 | 22 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mta108.arxmail.fr Let's Encrypt Authority X3 |
2020-06-17 - 2020-09-15 |
3 months | crt.sh |
*.adleadevent.com Gandi Standard SSL CA 2 |
2020-04-14 - 2021-04-17 |
a year | crt.sh |
*.sddan.com RapidSSL RSA CA 2018 |
2020-02-17 - 2022-05-18 |
2 years | crt.sh |
expressminceur.com Let's Encrypt Authority X3 |
2020-06-12 - 2020-09-10 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
*.fontawesome.com DigiCert SHA2 Secure Server CA |
2019-10-28 - 2020-12-23 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.expressminceur.com/lmp/camp_71/index.php?cpg=camp_71&diff=webmediarm&aff=327845&nom=&prenom=&email=a.coutelier@gmail.com&idc=1937&idv=4268&track=327845~&agspb=wm
Frame ID: D38328FCA63A3D3A7D85C37584AB6C6F
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://mta108.arxmail.fr/tl/10c2/10zp/rs/4z4c/145/rs/Link-3/aHR0cHM6Ly93bXJtLXhhdC5jb20vY2xpYy5waHA/a... Page URL
-
https://wmrm-xat.com/clic.php?idc=1937&idv=4268&type=5&cand=327845&url=https://www.expressminceur...
HTTP 302
http://affiliation.webmediarm.com/clic.php?idc=1937&idv=4268&type=5&cand=327845&url=https://www.expressminceur... HTTP 301
https://affiliation.webmediarm.com/clic.php?idc=1937&idv=4268&type=5&cand=327845&url=https://www.expressminceur... HTTP 302
https://www.expressminceur.com/lmp/camp_71/index.php?cpg=camp_71&diff=webmediarm&aff=327845&nom=&prenom=&em... Page URL
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mta108.arxmail.fr/tl/10c2/10zp/rs/4z4c/145/rs/Link-3/aHR0cHM6Ly93bXJtLXhhdC5jb20vY2xpYy5waHA/aWRjPTE5MzcmaWR2PTQyNjgmdHlwZT01JmNhbmQ9MzI3ODQ1JnVybD1odHRwczovL3d3dy5leHByZXNzbWluY2V1ci5jb20vbG1wL2NhbXBfNzEvaW5kZXgucGhwP2NwZz1jYW1wXzcxJmRpZmY9d2VibWVkaWFybSZhZmY9MzI3ODQ1Jm5vbT0mcHJlbm9tPSZlbWFpbD1hLmNvdXRlbGllckBnbWFpbC5jb20=.html Page URL
-
https://wmrm-xat.com/clic.php?idc=1937&idv=4268&type=5&cand=327845&url=https://www.expressminceur.com/lmp/camp_71/index.php?cpg=camp_71&diff=webmediarm&aff=327845&nom=&prenom=&email=a.coutelier@gmail.com
HTTP 302
http://affiliation.webmediarm.com/clic.php?idc=1937&idv=4268&type=5&cand=327845&url=https://www.expressminceur.com/lmp/camp_71/index.php?cpg=camp_71&diff=webmediarm&aff=327845&nom=&prenom=&email=a.coutelier@gmail.com HTTP 301
https://affiliation.webmediarm.com/clic.php?idc=1937&idv=4268&type=5&cand=327845&url=https://www.expressminceur.com/lmp/camp_71/index.php?cpg=camp_71&diff=webmediarm&aff=327845&nom=&prenom=&email=a.coutelier@gmail.com HTTP 302
https://www.expressminceur.com/lmp/camp_71/index.php?cpg=camp_71&diff=webmediarm&aff=327845&nom=&prenom=&email=a.coutelier@gmail.com&idc=1937&idv=4268&track=327845~&agspb=wm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://cockpit.arexys.com/webservice/retargeting/notify/tag?email=a.coutelier@gmail.com&fw[ids]=1198&source=beemailing HTTP 302
- https://crt.mediabeille.com/adtckrtg.php?ids=1198&hash=77fc79a46613b7fac273637b21495aaa&hash256=99e812866c00c0a190510c3aba4c340bf680736b7b4e9379767f5af6b2f6a9b2&ids=1198 HTTP 301
- https://notify.adleadevent.com/adtckrtg.php?ids=1198&hash=77fc79a46613b7fac273637b21495aaa&hash256=99e812866c00c0a190510c3aba4c340bf680736b7b4e9379767f5af6b2f6a9b2&ids=1198
- https://cockpit.arexys.com/webservice/retargeting/sirdata/tag?email=a.coutelier@gmail.com&source=beemailing&donotsave=1 HTTP 302
- https://mel.sir-21604p.com/HDM.d?pa=21604&si=1&hd_m=77fc79a46613b7fac273637b21495aaa&hd_s256=99e812866c00c0a190510c3aba4c340bf680736b7b4e9379767f5af6b2f6a9b2 HTTP 301
- https://js.sddan.com/HDM.d?pa=21604&si=1&hd_m=77fc79a46613b7fac273637b21495aaa&hd_s256=99e812866c00c0a190510c3aba4c340bf680736b7b4e9379767f5af6b2f6a9b2 HTTP 307
- https://sddan.mgr.consensu.org/api/v1/public/set-consent/sirdata?redirect=https%3A%2F%2Fjs.sddan.com%2FHDM.d%3Fhd_m%3D77fc79a46613b7fac273637b21495aaa%26hd_s256%3D99e812866c00c0a190510c3aba4c340bf680736b7b4e9379767f5af6b2f6a9b2%26pa%3D21604%26si%3D1&vendor_id=53&user_id=ZmZiZDEwMjk5NTUzM2Y3ZmJhNDE5ZGZkpHiRELq%2Fdj3pfAZQsieaazkPJMFA2VOxsNACUJCA1F3eWtAau0L%2B8rx0YCM%2BsW%2BCQ9qF93TTwhir&gdpr_consent=0 HTTP 302
- https://js.sddan.com/HDM.d?hd_m=77fc79a46613b7fac273637b21495aaa&hd_s256=99e812866c00c0a190510c3aba4c340bf680736b7b4e9379767f5af6b2f6a9b2&pa=21604&si=1&gdpr_consent=0&gdpr=1
- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=900160787&t=pageview&_s=1&dl=https%3A%2F%2Fwww.expressminceur.com%2Flmp%2Fcamp_71%2Findex.php%3Fcpg%3Dcamp_71%26diff%3Dwebmediarm%26aff%3D327845%26nom%3D%26prenom%3D%26email%3Da.coutelier%40gmail.com%26idc%3D1937%26idv%3D4268%26track%3D327845~%26agspb%3Dwm&ul=en-us&de=UTF-8&dt=D%C3%A9tox%20Express%20%7C%20Apr%C3%A8s%20les%20f%C3%AAtes%2C%20je%20d%C3%A9marre%20mon%20programme%20D%C3%A9tox%20%7C%20-6%20kg%20en%201%20mois&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1371297776&gjid=45196237&cid=616228970.1594474298&tid=UA-72776158-1&_gid=419053070.1594474298&_r=1&z=1345746555 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72776158-1&cid=616228970.1594474298&jid=1371297776&_gid=419053070.1594474298&gjid=45196237&_v=j83&z=1345746555 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72776158-1&cid=616228970.1594474298&jid=1371297776&_v=j83&z=1345746555 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72776158-1&cid=616228970.1594474298&jid=1371297776&_v=j83&z=1345746555&slf_rd=1&random=1297123025
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
aWRjPTE5MzcmaWR2PTQyNjgmdHlwZT01JmNhbmQ9MzI3ODQ1JnVybD1odHRwczovL3d3dy5leHByZXNzbWluY2V1ci5jb20vbG1wL2NhbXBfNzEvaW5kZXgucGhwP2NwZz1jYW1wXzcxJmRpZmY9d2VibWVkaWFybSZhZmY9MzI3ODQ1Jm5vbT0mcHJlbm9tPSZlb...
mta108.arxmail.fr/tl/10c2/10zp/rs/4z4c/145/rs/Link-3/aHR0cHM6Ly93bXJtLXhhdC5jb20vY2xpYy5waHA/ |
2 KB 1010 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax-loader.gif
mta108.arxmail.fr/assets/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adtckrtg.php
notify.adleadevent.com/ Redirect Chain
|
43 B 672 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HDM.d
js.sddan.com/ Redirect Chain
|
0 335 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.php
www.expressminceur.com/lmp/camp_71/ Redirect Chain
|
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.7.2/css/ |
53 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
393 B 404 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
formValidation.min.css
www.expressminceur.com/css/ |
2 KB 906 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newlp.css
www.expressminceur.com/lmp/camp_71/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LP71_gauche.jpg
www.expressminceur.com/lmp/camp_71/images/ |
292 KB 290 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LP71V3_droitehaut.jpg
www.expressminceur.com/lmp/camp_71/images/ |
47 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LP71_droitebas.jpg
www.expressminceur.com/lmp/camp_71/images/ |
137 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ |
57 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
formValidation.min.js
www.expressminceur.com/js/ |
121 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.expressminceur.com/js/framework/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fr_FR.js
www.expressminceur.com/js/language/ |
14 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syky-y18lb0tSbf9kgqS1NDNpg.woff2
fonts.gstatic.com/s/cookie/v11/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2645285022263919
connect.facebook.net/signals/config/ |
522 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| Popper object| bootstrap object| FormValidation object| $jscomp4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.expressminceur.com/ | Name: _fbp Value: fb.1.1594474298304.978322958 |
|
.expressminceur.com/ | Name: _gat Value: 1 |
|
.expressminceur.com/ | Name: _gid Value: GA1.2.419053070.1594474298 |
|
.expressminceur.com/ | Name: _ga Value: GA1.2.616228970.1594474298 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
affiliation.webmediarm.com
cdnjs.cloudflare.com
cockpit.arexys.com
code.jquery.com
connect.facebook.net
crt.mediabeille.com
fonts.googleapis.com
fonts.gstatic.com
js.sddan.com
mel.sir-21604p.com
mta108.arxmail.fr
notify.adleadevent.com
sddan.mgr.consensu.org
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
use.fontawesome.com
wmrm-xat.com
www.expressminceur.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2a
23.111.9.35
2606:4700::6810:85e5
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
46.255.165.236
51.15.145.116
51.158.29.12
51.158.29.13
51.75.148.92
54.194.46.76
54.38.44.2
62.210.234.234
63.32.37.119
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
130348189f123e07b89d7c1bf2b071f6b3fce5077db73553a092edb22130aef8
2e77eb6e079b70becbbb1e0251a73b9b955296f89220f948a54c1a36e5373efe
2ebe1d5ee1ee3b9efc30702e35f00eaa2b55c9d2a19db63555eb3e2fc9b98f85
3a44e3058a27f7dce26e1e673a7c1f12a68f08d7c135178afb030814e1bf018b
3ab906ce14ac26042b2b38203eb381f8159ef0e5d958a45b16e775baa53ac1b7
4f249d56760f53270880e146cef3001beb61d9758396031f7694c9e00bbaba56
5b81c38c31a7a64ca64567dbfe5224ab12b0fa526f17e6b9b67b868a3a5a7b94
5be4f3cac26a7d000a3fd4773d559e8912478b6a9bb2cd4ba8eda5f8226b379d
5d66ec2e78c0a834c34406a069f50ac7b56403406c34389a1b33757ed5cd08ba
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66c30aff703d834793ae35e1af2406e4c0132db0117df840053473e2da486de0
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9c8c928bbc32b03e631cbfaeb62d8e685ef61f269d52531abff9bcdfd4287139
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
af3cdf5edc9a23bc8738a1465f325bfcdd1f19255729c76de19cfddd0914bb24
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe143ca50001a27e1ed4b3f8a87e6cbfa264f50e40e15bef525c07f9931e24e5