www.cexpr.es
Open in
urlscan Pro
195.77.193.40
Malicious Activity!
Public Scan
Effective URL: https://www.cexpr.es/pt?n=6383000637323741
Submission: On April 24 via manual from PT — Scanned from ES
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on January 19th 2024. Valid for: a year.
This is the only time www.cexpr.es was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Correos Express (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
35 | 195.77.193.40 195.77.193.40 | 3352 (TELEFONIC...) (TELEFONICA_DE_ESPANA) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.217.18.106 172.217.18.106 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.217.18.10 172.217.18.10 | 15169 (GOOGLE) (GOOGLE) | |
38 | 4 |
ASN3352 (TELEFONICA_DE_ESPANA, ES)
www.cexpr.es | |
s.correosexpress.com |
ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
maps.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
maps.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
cexpr.es
www.cexpr.es |
492 KB |
17 |
correosexpress.com
s.correosexpress.com |
712 KB |
2 |
googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362 |
65 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
6 KB |
38 | 4 |
Domain | Requested by | |
---|---|---|
18 | www.cexpr.es |
www.cexpr.es
|
17 | s.correosexpress.com |
www.cexpr.es
s.correosexpress.com |
2 | maps.googleapis.com |
www.cexpr.es
maps.googleapis.com |
1 | cdnjs.cloudflare.com |
www.cexpr.es
|
38 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.correosexpress.com |
www.correos.es |
correostelecom.es |
www.nexea.es |
twitter.com |
www.youtube.com |
www.linkedin.com |
apps.apple.com |
play.google.com |
www.livroreclamacoes.pt |
Subject Issuer | Validity | Valid | |
---|---|---|---|
s.correosexpress.com Entrust Certification Authority - L1K |
2024-01-19 - 2025-02-04 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.cexpr.es/pt?n=6383000637323741
Frame ID: E550C2C44EC758D48BE91D6BA4FAA328
Requests: 38 HTTP requests in this frame
Screenshot
Page Title
Siga seu envio - correosexpress.ptPage URL History Show full URLs
-
http://www.cexpr.es/pt?n=6383000637323741
HTTP 307
https://www.cexpr.es/pt?n=6383000637323741 Page URL
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Envios
Search URL Search Domain Scan URL
Title: Serviços
Search URL Search Domain Scan URL
Title: Contacto
Search URL Search Domain Scan URL
Title: Produtos
Search URL Search Domain Scan URL
Title: Serviços
Search URL Search Domain Scan URL
Title: E-Commerce
Search URL Search Domain Scan URL
Title: Condições e procedimentos
Search URL Search Domain Scan URL
Title: Como ser cliente?
Search URL Search Domain Scan URL
Title: Quem somos?
Search URL Search Domain Scan URL
Title: Perguntas frequentes (FAQ)
Search URL Search Domain Scan URL
Title: Estações
Search URL Search Domain Scan URL
Title: Trabalhe connosco
Search URL Search Domain Scan URL
Title: Envios nacionales
Search URL Search Domain Scan URL
Title: Envios internacionales
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Portal do colaborador
Search URL Search Domain Scan URL
Title: Lei de Transparência
Search URL Search Domain Scan URL
Title: Canal ético
Search URL Search Domain Scan URL
Title: Parceiros
Search URL Search Domain Scan URL
Title: Contratações
Search URL Search Domain Scan URL
Title: Conformidade
Search URL Search Domain Scan URL
Title: [Twitter]
Search URL Search Domain Scan URL
Title: [Youtube]
Search URL Search Domain Scan URL
Title: [Linkedin]
Search URL Search Domain Scan URL
Title: IOS
Search URL Search Domain Scan URL
Title: ANDROID
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Aviso Legal
Search URL Search Domain Scan URL
Title: Política de proteção de dados
Search URL Search Domain Scan URL
Title: Política de Privacidade
Search URL Search Domain Scan URL
Title: Política de Cookies
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Title: Política de cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.cexpr.es/pt?n=6383000637323741
HTTP 307
https://www.cexpr.es/pt?n=6383000637323741 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
pt
www.cexpr.es/ Redirect Chain
|
42 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.css
www.cexpr.es/SeguimientoSinCP/css/ |
853 KB 185 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles_v1.css
www.cexpr.es/SeguimientoSinCP/css/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepicker.css
www.cexpr.es/SeguimientoSinCP/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
public_styles.css
s.correosexpress.com/webpublica/resources/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_v1.css
www.cexpr.es/SeguimientoSinCP/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_correos_express.png
s.correosexpress.com/webpublica/resources/images/ |
52 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paquete.png
www.cexpr.es/SeguimientoSinCP/images/ |
53 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_correos_footer.png
s.correosexpress.com/webpublica/resources/images/footer/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_cex.png
s.correosexpress.com/webpublica/resources/images/footer/ |
193 KB 194 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_telecom.png
s.correosexpress.com/webpublica/resources/images/footer/ |
191 KB 191 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_nexea.png
s.correosexpress.com/webpublica/resources/images/footer/ |
194 KB 194 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_visa.png
s.correosexpress.com/webpublica/resources/images/footer/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_mastercard.png
s.correosexpress.com/webpublica/resources/images/footer/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_maestro.png
s.correosexpress.com/webpublica/resources/images/footer/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_apple.png
s.correosexpress.com/webpublica/resources/images/footer/ |
489 B 894 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_android.png
s.correosexpress.com/webpublica/resources/images/footer/ |
516 B 921 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
livro_reclamacoes.png
www.cexpr.es/SeguimientoSinCP/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
www.cexpr.es/SeguimientoSinCP/js/ |
359 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resources.js
www.cexpr.es/SeguimientoSinCP/js/ |
35 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tablePagination.js
www.cexpr.es/SeguimientoSinCP/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
entregaCartaFunctions.js
www.cexpr.es/SeguimientoSinCP/js/ |
67 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepicker.packed.min.js
www.cexpr.es/SeguimientoSinCP/js/ |
39 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
datepicker.min.js
www.cexpr.es/SeguimientoSinCP/js/ |
1 KB 876 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.js
www.cexpr.es/SeguimientoSinCP/js/ |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
192 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
markerclusterer.js
www.cexpr.es/js/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.js
www.cexpr.es/SeguimientoSinCP/js/lang/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CarteroW01-Light.woff
www.cexpr.es/SeguimientoSinCP/css/fonts/Cartero/ |
20 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_rrss_twitter.png
s.correosexpress.com/webpublica/resources/images/footer/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_rrss_youtube.png
s.correosexpress.com/webpublica/resources/images/footer/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_rrss_linkedin.png
s.correosexpress.com/webpublica/resources/images/footer/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CarteroW01-Light.woff
s.correosexpress.com/webpublica/resources/css/fonts/Cartero/ |
20 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CarteroW01-Regular.woff
s.correosexpress.com/webpublica/resources/css/fonts/Cartero/ |
19 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CarteroW01-Bold.woff
s.correosexpress.com/webpublica/resources/css/fonts/Cartero/ |
20 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ |
3 B 225 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.cexpr.es/SeguimientoSinCP/images/ |
318 B 692 B |
Other
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Correos Express (Transportation)119 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| cookie_key_google_analytics function| existsCookie function| activarAnalytics function| scrollConf function| navDefaultConfig function| heightMenuConf function| activeLevelHamburger function| toggleThreeLevel function| activeLevelTwo function| reorderMenu function| activeLevelThree object| headertext object| headers object| tablebody object| current undefined| row number| j undefined| col function| $ function| jQuery function| moment object| jQuery11230519254363167378 function| Cookies object| CHX number| currentScrollValueDest number| startScrollDest number| endScrollDest number| currentScrollValueAddrDest number| startScrollAddrDest number| endScrollAddrDest number| currentScrollValueOffice number| startScrollOffice number| endScrollOffice function| showAndHideDescription function| goToManageShipping function| isNumberKey function| isNumeric function| validarEmail function| isMovil function| onBlurCPDest function| shiftTab function| selectorKeyUpDown function| selectCp function| manageUp function| manageDown function| edValueKeyUpCP function| responseValidationCP function| updateDatesConcertada function| selectAddress function| selectorKeyUpDownAddress function| manageUpAddress function| manageDownAddress function| edValueKeyUpAddress function| responseValidationAddress function| limpiarField function| limpiarCamposDireccion function| mostrarBoton string| currentLocale function| validarFecha function| obtenerHoras function| solonumeros number| reintentosTelefono boolean| telefonoValido function| mostrarInputCitypaq function| mostrarListadoCitypaq function| finalizarCitypaq function| seleccionarCitypaq function| paintcitypaqMap function| initCitypaqMap function| refreshAddress function| getOfficesData function| getMondialsData function| getDisashopData function| loadMondialsList function| loadDisashopsList function| abrirHorario function| disashopRowSelected function| fillDisashopInfoFromCp function| setDisashopData function| officeListRowSelected function| fillOfficeInfoFromCp function| fillMondialInfoFromCp function| setOfficeData function| setMondialData function| validateCPOffice function| onBlurCPOffice function| selectorKeyUpDownOffice function| manageUpOffice function| manageDownOffice function| edValueKeyUpCPOffice function| responseValidationCPOffice function| limpiarFieldOffice function| cerrarPopUp function| abrirPopUp function| initMap function| PostalCodeControl function| infowindow function| busqueda function| restriccionesInputBuscar function| comportamientoFocus number| pulseBoton function| displayAllGestionEnvio function| hiddenAllGestionEnvio function| loadPopUpPOD function| activarPantallaRefresco function| desactivarPantallaRefresco object| datePickerController function| MarkerClusterer function| Cluster function| ClusterIcon string| cookie_key_msg function| acceptCookie function| acceptAllCookies function| deleteCookiesAnaliticas function| mostrarConfigCookies object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.cexpr.es/SeguimientoSinCP | Name: JSESSIONID Value: VoI3Q9Fs7c0BohMKbvhs9piyRogVLz3Kxv8cd5QJ.seguimientosincp-cex-5bf667b5b7-c9c6q |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
maps.googleapis.com
s.correosexpress.com
www.cexpr.es
104.17.25.14
172.217.18.10
172.217.18.106
195.77.193.40
00d15623ba07744573b43a803b2941627ad909078f9026b182127024f18fd303
0b69c197d880811d9fdb6ed58f2c3c6abdb1b17ae48c5c5f25d72c32db8f0380
14c0e71a41f3252a93770c009b1bd81abd8337b565091b71291d925f44f92422
239c6b57a274a66cb5045b02011b7e48fd85b7429e9a8752b2f7699f9695e887
25b52d20492c64eec99f8c103c1dbf427a9a24ea3c992ee586882e872d395263
25da3bfce283d962ae3e1e538f7465c8bccb2dd9c8137643e7a817e66cff166f
2af81d71caf7a5f4b7c839f81585f9621569bc4147efcd96e1767e9a91cde4a5
32e2194639f59b70768fc92f990dd7cc25e530c58acc05042be92b5ece825bdd
3448338bb4885d817f8e0ca9fbda0f1cae2d9b8541a40e3fc3ddf9395b99d25d
3c415a4c6b17ce801d67d04d4e0f6eefbcc9f288423edd82bc527029b4ddfd84
429fa9d22824abe07dbe5b7f0c87edb1a5c87d0f90cc9c41fbce70b2e1907f60
5a4c53f8b3e5f3fea275c4c221a7a4e3bb790bd0c487498a50ed0b027c2d3b1c
5afeaac4de714087572d89e26e9e45f03e85dd35637442f212d38736201d0f6a
60475d04965256bc3220c24e18f3e92d5f9d409036cb0f2c8fc1c58e522f6d38
656b7b67796e9f70966e26a007652552d54c4d66eb02ae832f97aa3bd6ef9491
6b9bed41508f7f92db5625a35ce8a024330cf6f2dbb0fdae6ff04455ba2a9d92
761a64ededbe13d165e957da68d0ec37ab4f5ceb33c0c642774037c97bcd0de7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b66f15bcf35d0cf47a5bdbd42223880e1ed612b4b90884eb0c14d6e7bc3e00a
8168c41c6b26693502f95215ae75c7b1a9d4a2bf06a76cc1ecf254913044f63b
82b6707c092cb2df26191d2bd51148524ff08dd8f3ec8bd8767c42f5d52a7bc5
8c04b8744a2bf6c7131db5f963b27fdaf4f6d6df4291bf60ba20e614efc63f75
969355c767e544fa98c78c907b68bf4ef2a3e9d67257acc7c5b61e95a9524a1c
af426107bed7db078b46cf6b8be9d2af34cb1f84a05bf9cedea73183057eb910
b4ee118bf3ff0c4e76bbd11a15786ee85f230bf9489ce32beb5a9c0061fe5a28
bce212f7e14df89787ef7312edd157badeddec5992bac005077db7298f4776c7
c4b13dda0dcaa3d9ee90e8ccd101a109ce48639b8186dfb6fb4567a1d16f2d6b
c7d36d98ee15947e2b98a537947f351fbaa569668dd5cabc4d64393196e39e17
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cddbc9b1e9a791af5606e15792fba89e8cd669a54110aa02293847b14d6b4c2e
d4de06bd905b8ecde76dcb159ef57a36cc1c7c396c74578f7c0683748933250e
eae52f2bf789f4a8839139a4759896bcc4af37805415bfd6ff43c918452c0f06
eb0996523b66324a29825841a59ba84da2515cac3923be0098a1ee70835ae762
f380fc502d637a38c61b0a24a341a4e7b11a3edad4a1a65a9bd9d2eade445289
f3d95e70da8a1b026f87a73b7ae9df2ffe03a49d5eb0aa9dbb34568cb372f435
ffc6b2b368417a791e2e370525033b38b5be160ce527a8ff4ec88d070ce50f79