adstips.xyz
Open in
urlscan Pro
159.69.73.203
Public Scan
Effective URL: https://adstips.xyz/click.php?key=gq6relw83jasypttcyts&sid=6859697331671924910&cost=0&pub=976&pid=976-90c45c5z&creat...
Submission: On August 11 via api from PL
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 27th 2020. Valid for: 3 months.
This is the only time adstips.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 64.98.145.30 64.98.145.30 | 32491 (TUCOWS-3) (TUCOWS-3) | |
2 2 | 184.168.131.241 184.168.131.241 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
1 | 31.170.100.125 31.170.100.125 | 201942 (SOLTIA) (SOLTIA) | |
1 3 | 173.236.118.102 173.236.118.102 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
16 | 159.69.73.203 159.69.73.203 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 198.143.165.221 198.143.165.221 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
4 | 139.45.197.193 139.45.197.193 | 9002 (RETN-AS) (RETN-AS) | |
14 | 185.53.177.54 185.53.177.54 | 61969 (TEAMINTER...) (TEAMINTERNET-AS) | |
3 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
41 | 7 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
polandmobilet.com | |
polandmobilets.com |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
bxt1.sponsides.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.203.73.69.159.clients.your-server.de
adstips.xyz |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
smart.broadlandstraffic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
adstips.xyz
adstips.xyz |
336 KB |
14 |
rewardsofficial.club
rewardsofficial.club |
260 B |
4 |
propeller-tracking.com
propeller-tracking.com |
5 KB |
3 |
gstatic.com
fonts.gstatic.com |
72 KB |
3 |
sponsides.com
1 redirects
bxt1.sponsides.com |
7 KB |
1 |
broadlandstraffic.com
smart.broadlandstraffic.com |
2 KB |
1 |
billiwa.com
mobi.billiwa.com |
454 B |
1 |
polandmobilets.com
1 redirects
polandmobilets.com |
389 B |
1 |
bit.ly
1 redirects
bit.ly |
138 B |
1 |
polandmobilet.com
1 redirects
polandmobilet.com |
214 B |
1 |
polandmobile1.com
1 redirects
polandmobile1.com |
571 B |
41 | 11 |
Domain | Requested by | |
---|---|---|
16 | adstips.xyz |
bxt1.sponsides.com
adstips.xyz |
14 | rewardsofficial.club |
adstips.xyz
|
4 | propeller-tracking.com |
adstips.xyz
propeller-tracking.com |
3 | fonts.gstatic.com |
adstips.xyz
|
3 | bxt1.sponsides.com |
1 redirects
bxt1.sponsides.com
|
1 | smart.broadlandstraffic.com |
adstips.xyz
|
1 | mobi.billiwa.com | |
1 | polandmobilets.com | 1 redirects |
1 | bit.ly | 1 redirects |
1 | polandmobilet.com | 1 redirects |
1 | polandmobile1.com | 1 redirects |
41 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ads.conscier.com Let's Encrypt Authority X3 |
2020-07-02 - 2020-09-30 |
3 months | crt.sh |
bxt1.sponsides.com Let's Encrypt Authority X3 |
2020-08-09 - 2020-11-07 |
3 months | crt.sh |
adstips.xyz Let's Encrypt Authority X3 |
2020-07-27 - 2020-10-25 |
3 months | crt.sh |
smart.broadlandstraffic.com Let's Encrypt Authority X3 |
2020-06-19 - 2020-09-17 |
3 months | crt.sh |
propeller-tracking.com Let's Encrypt Authority X3 |
2020-07-13 - 2020-10-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://adstips.xyz/click.php?key=gq6relw83jasypttcyts&sid=6859697331671924910&cost=0&pub=976&pid=976-90c45c5z&creative_id=[[creative_id]]&subid=6859697331671924910&app_name=unknown
Frame ID: D7DB6476E7E286FC312063B9EEE956B4
Requests: 41 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://polandmobile1.com/point
HTTP 303
http://polandmobilet.com/ HTTP 301
https://bit.ly/2Pw03UD HTTP 301
http://polandmobilets.com/ HTTP 301
https://mobi.billiwa.com/ofc/ad48b810-e88822fe-1db6c20f-a02a-5d14/3d064b8d-569935cc-02f53d96-aa7e-f7d... Page URL
- https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M... Page URL
- https://bxt1.sponsides.com/?utm_term=6859697331671924910&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
-
https://bxt1.sponsides.com/proc.php?361e19e07968b7b1ed693ed4140c73ccc0a6a54b
HTTP 302
https://adstips.xyz/click.php?key=gq6relw83jasypttcyts&sid=6859697331671924910&cost=0&pub=976&pi... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://polandmobile1.com/point
HTTP 303
http://polandmobilet.com/ HTTP 301
https://bit.ly/2Pw03UD HTTP 301
http://polandmobilets.com/ HTTP 301
https://mobi.billiwa.com/ofc/ad48b810-e88822fe-1db6c20f-a02a-5d14/3d064b8d-569935cc-02f53d96-aa7e-f7d4?Subid=%7Bholkastoris%7D&sub_pubid=%7BYOUR_SUB_PUBID_HERE%7D&externalid=%7BYOUR_CLICKID_HERE%7D Page URL
- https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020081112-dae5585d309d228298d282b003c79372&kw1=M999M Page URL
- https://bxt1.sponsides.com/?utm_term=6859697331671924910&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
-
https://bxt1.sponsides.com/proc.php?361e19e07968b7b1ed693ed4140c73ccc0a6a54b
HTTP 302
https://adstips.xyz/click.php?key=gq6relw83jasypttcyts&sid=6859697331671924910&cost=0&pub=976&pid=976-90c45c5z&creative_id=[[creative_id]]&subid=6859697331671924910&app_name=unknown Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://polandmobile1.com/point HTTP 303
- http://polandmobilet.com/ HTTP 301
- https://bit.ly/2Pw03UD HTTP 301
- http://polandmobilets.com/ HTTP 301
- https://mobi.billiwa.com/ofc/ad48b810-e88822fe-1db6c20f-a02a-5d14/3d064b8d-569935cc-02f53d96-aa7e-f7d4?Subid=%7Bholkastoris%7D&sub_pubid=%7BYOUR_SUB_PUBID_HERE%7D&externalid=%7BYOUR_CLICKID_HERE%7D
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
3d064b8d-569935cc-02f53d96-aa7e-f7d4
mobi.billiwa.com/ofc/ad48b810-e88822fe-1db6c20f-a02a-5d14/ Redirect Chain
|
245 B 454 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
bxt1.sponsides.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
bxt1.sponsides.com/ |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
click.php
adstips.xyz/ Redirect Chain
|
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub.min.js
smart.broadlandstraffic.com/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
adstips.xyz/landers/f0377bc2ca/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ml.css
adstips.xyz/landers/f0377bc2ca/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fv.js
propeller-tracking.com/ |
5 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
adstips.xyz/landers/f0377bc2ca/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coupon2.png
adstips.xyz/landers/f0377bc2ca/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
winners.jpg
adstips.xyz/landers/f0377bc2ca/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21.jpg
adstips.xyz/landers/f0377bc2ca/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
native.history.js
adstips.xyz/landers/f0377bc2ca/ |
22 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go.new.js
adstips.xyz/landers/f0377bc2ca/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2
adstips.xyz/landers/f0377bc2ca/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
adstips.xyz/landers/f0377bc2ca/ |
918 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vctx
propeller-tracking.com/ |
0 715 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-icon-fb.svg
adstips.xyz/landers/f0377bc2ca/ |
571 B 732 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-icon-tw.svg
adstips.xyz/landers/f0377bc2ca/ |
854 B 1016 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-mm.svg
rewardsofficial.club/promo/de_files/ml/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coupon.png
adstips.xyz/landers/f0377bc2ca/ |
158 KB 158 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow.png
adstips.xyz/landers/f0377bc2ca/ |
377 B 534 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
like.png
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_c5H3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v13/ |
46 KB 24 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v13/ |
45 KB 24 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v13/ |
46 KB 24 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
vbl
propeller-tracking.com/ |
0 715 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2
adstips.xyz/landers/f0377bc2ca/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
10.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11.jpg
rewardsofficial.club/promo/de_files/ml/ |
20 B 20 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
vbri
propeller-tracking.com/ |
0 715 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| pm_pid function| $ function| jQuery function| getUrlParameter string| city function| getURLParameter object| dayNames object| monthNames object| now string| today function| get_date function| speak function| startTimer number| _uid function| QueryString function| backtrap object| match2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
adstips.xyz/ | Name: uclickhash Value: 8pj637mywj-8pj637mywj-52c8-0-nt8r-h92tbl-h92t8n-6b8c89 |
|
adstips.xyz/ | Name: uclick Value: 8pj637mywj |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adstips.xyz
bit.ly
bxt1.sponsides.com
fonts.gstatic.com
mobi.billiwa.com
polandmobile1.com
polandmobilet.com
polandmobilets.com
propeller-tracking.com
rewardsofficial.club
smart.broadlandstraffic.com
139.45.197.193
159.69.73.203
173.236.118.102
184.168.131.241
185.53.177.54
198.143.165.221
2a00:1450:4001:81d::2003
31.170.100.125
64.98.145.30
67.199.248.11
05b980d49bf87472a6ff9f104f1c3541b0eda35175cbad1c6d049dce6613eb9b
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
32656fa09a39ed404af119d605b129a4fb669333b94598b16e7325a0820aec6c
34a908aa21e0ae28db24781a10d64778dde09f46a94777ac9db06221047d8be4
475516791ba2a548a8e2991b6e690dee80ec6b6688527333b083a276e879c0aa
477a220ccf48520cd49de38a7bfeb034529d0a56105aa3a4b1b59b63f5163894
47d6a7f88459e04a04ea84cb47dc42c63a31363686db768e5e18b2b65bce374f
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
64ef066211b7218254295043e0e7bffe0962943446af423f64752c80004b65b1
712ca3801cc4aebf31a69d4c7832e0b19c1271dab039592178c0b894737f2cc9
73e8432f31cf5d6e1ce0a0125008190b64a3bebc844e3c7599cec24e3eaa7434
77b5b5e6124d6ebed98d9cfdbfc97f39d9045e2f42ec52a3d134ee4cfa08adec
9146d5bdeb481f80d50795f80fad41ab89a416b60dd9662d828195557365f97f
968c9f4d687c2584b5073a12074aa9d18601af83399d4b6c420b022ecda05f7f
993dbd730262fe5d4f08bbb4ec935e0d62321d03718c48ac1d88e70cd6544091
9d425d2ee401fde3ddf7481b9df7ce8f724b7e1f2166fedda4ba0e6a94da85f5
b0a79f2bd09a605d906f23c84884ecaf4cf9fee5f0286040e9a0f889d6790ca0
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
c8c50d0e96ebdef99117e25e21842926bae49ffab4bc688f6bf112432c9981e7
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
db74fed97c3288d8c3893fe793dfe282381fb0b3ae3d03db2500ecf2ece77449
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e58f583966de27a92876f16e2d4d51f30a2d3dcf562e74d93320e3b7697783
face55db1691eeb3ea75d88ea6c6d42f62894fbe4d303d4a2f365355d595cf6a