www.fxgfvbfgbh.de.rs
Open in
urlscan Pro
88.198.22.168
Malicious Activity!
Public Scan
Submission Tags: @jcybersec_
Submission: On July 08 via api from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 9th 2020. Valid for: 3 months.
This is the only time www.fxgfvbfgbh.de.rs was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
26 | 88.198.22.168 88.198.22.168 | 24940 (HETZNER-AS) (HETZNER-AS) | |
4 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a03:2880:f01... 2a03:2880:f017:4:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
1 3 | 199.188.200.186 199.188.200.186 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 176.9.157.130 176.9.157.130 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 2a00:1450:400... 2a00:1450:4001:816::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:46e9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 67.202.94.94 67.202.94.94 | 32748 (STEADFAST) (STEADFAST) | |
2 | 185.225.208.133 185.225.208.133 | 13213 (UK2NET-AS) (UK2NET-AS) | |
41 | 10 |
ASN24940 (HETZNER-AS, DE)
PTR: page-tech.de
www.fxgfvbfgbh.de.rs |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium79-2.web-hosting.com
kbcz.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
de.rs
www.fxgfvbfgbh.de.rs |
598 KB |
5 |
googleapis.com
maps.googleapis.com fonts.googleapis.com |
122 KB |
4 |
amung.us
2 redirects
whos.amung.us widgets.amung.us |
4 KB |
3 |
kbcz.xyz
1 redirects
kbcz.xyz |
502 KB |
2 |
gstatic.com
fonts.gstatic.com |
23 KB |
2 |
page-stats.de
www.page-stats.de |
23 KB |
1 |
geojs.io
get.geojs.io |
791 B |
1 |
fbcdn.net
scontent-tpe1-1.xx.fbcdn.net |
12 KB |
41 | 8 |
Domain | Requested by | |
---|---|---|
26 | www.fxgfvbfgbh.de.rs |
www.fxgfvbfgbh.de.rs
|
4 | maps.googleapis.com |
www.fxgfvbfgbh.de.rs
maps.googleapis.com |
3 | kbcz.xyz |
1 redirects
www.fxgfvbfgbh.de.rs
|
2 | widgets.amung.us | |
2 | whos.amung.us | 2 redirects |
2 | fonts.gstatic.com |
www.fxgfvbfgbh.de.rs
|
2 | www.page-stats.de |
www.fxgfvbfgbh.de.rs
|
1 | get.geojs.io |
www.fxgfvbfgbh.de.rs
|
1 | fonts.googleapis.com |
www.fxgfvbfgbh.de.rs
|
1 | scontent-tpe1-1.xx.fbcdn.net |
www.fxgfvbfgbh.de.rs
|
41 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
websitebutler.de Let's Encrypt Authority X3 |
2020-05-09 - 2020-08-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
kbcz.xyz Sectigo RSA Domain Validation Secure Server CA |
2020-04-03 - 2021-04-03 |
a year | crt.sh |
page-stats.de Let's Encrypt Authority X3 |
2020-06-30 - 2020-09-28 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-03-21 - 2020-10-09 |
7 months | crt.sh |
whos.amung.us Sectigo RSA Domain Validation Secure Server CA |
2020-05-21 - 2022-05-21 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.fxgfvbfgbh.de.rs/
Frame ID: 92869F5BE8DF8885CB9344192BA5CA02
Requests: 43 HTTP requests in this frame
Screenshot
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://kbcz.xyz/maiker/location HTTP 301
- https://kbcz.xyz/maiker/location/
- https://whos.amung.us/widget/x40pnut3ur HTTP 307
- https://widgets.amung.us/classic/00/5.png
- https://whos.amung.us/widget/7egqu8r8ba HTTP 307
- https://widgets.amung.us/classic/01/145.png
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.fxgfvbfgbh.de.rs/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
www.fxgfvbfgbh.de.rs/css/webcard/ |
55 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buttons.css
www.fxgfvbfgbh.de.rs/css/webcard/ |
36 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.fxgfvbfgbh.de.rs/css/webcard/minimalist/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
www.fxgfvbfgbh.de.rs/css/webcard/minimalist/colors/ |
0 368 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome-4.4.0.min.css
www.fxgfvbfgbh.de.rs/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magnific-popup.css
www.fxgfvbfgbh.de.rs/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flexslider.css
www.fxgfvbfgbh.de.rs/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
www.fxgfvbfgbh.de.rs/css/ |
0 290 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.fxgfvbfgbh.de.rs/js/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form-processing.js
www.fxgfvbfgbh.de.rs/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
118 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
maps.js
www.fxgfvbfgbh.de.rs/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.flexslider.js
www.fxgfvbfgbh.de.rs/js/ |
54 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magnific-popup.js
www.fxgfvbfgbh.de.rs/js/ |
46 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initSlider.js
www.fxgfvbfgbh.de.rs/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imagesloaded.js
www.fxgfvbfgbh.de.rs/js/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
velocity.js
www.fxgfvbfgbh.de.rs/js/ |
210 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
velocity.ui.js
www.fxgfvbfgbh.de.rs/js/ |
34 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initPositionAndSize.js
www.fxgfvbfgbh.de.rs/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initAnimations.js
www.fxgfvbfgbh.de.rs/js/ |
24 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initLinks.js
www.fxgfvbfgbh.de.rs/js/ |
1 KB 1004 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
www.fxgfvbfgbh.de.rs/js/webcard/minimalist/ |
469 B 726 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
105030193_109518220813748_5315477886371695992_n.jpg
scontent-tpe1-1.xx.fbcdn.net/v/t1.0-9/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
kbcz.xyz/maiker/ |
717 KB 502 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webvisitenkarte_net_banner_728_de.png
www.fxgfvbfgbh.de.rs/images/webcard/ads/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
www.fxgfvbfgbh.de.rs/css/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 973 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
piwik.js
www.page-stats.de/ |
66 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hamburg.jpg
www.fxgfvbfgbh.de.rs/images/webcard/banner/ |
327 KB 328 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
www.fxgfvbfgbh.de.rs/font/font-awesome-4.4.0/ |
63 KB 63 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
piwik.php
www.page-stats.de/ |
43 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
kbcz.xyz/maiker/location/ Redirect Chain
|
1 KB 627 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geo.json
get.geojs.io/v1/ip/ |
304 B 791 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.png
widgets.amung.us/classic/00/ Redirect Chain
|
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
145.png
widgets.amung.us/classic/01/ Redirect Chain
|
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
51 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/41/4/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/41/4/ |
144 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 141 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webcard string| extraPath function| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| jQuery183038879718824986687 number| sliderResizeTimeout function| EventEmitter function| imagesLoaded object| wvViewport function| updateFullWidth function| updateSectionHeights function| updateParallax function| updateAnimationTrigger function| triggerAnimation object| _paq object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| sh boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt undefined| to_object string| a function| checking function| creatingInput function| searchingForms object| _xdc_3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.fxgfvbfgbh.de.rs/ | Name: _pk_ses.587.c1a5 Value: 1 |
|
www.fxgfvbfgbh.de.rs/ | Name: _pk_id.587.c1a5 Value: f2551d9b1b226ced.1594203362.1.1594203362.1594203362. |
|
.fxgfvbfgbh.de.rs/ | Name: wid Value: 2a299qle5vfclm9nb7k30b1c21 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
kbcz.xyz
maps.googleapis.com
scontent-tpe1-1.xx.fbcdn.net
whos.amung.us
widgets.amung.us
www.fxgfvbfgbh.de.rs
www.page-stats.de
176.9.157.130
185.225.208.133
199.188.200.186
2606:4700:20::ac43:46e9
2a00:1450:4001:801::200a
2a00:1450:4001:808::200a
2a00:1450:4001:816::2003
2a03:2880:f017:4:face:b00c:0:1
67.202.94.94
88.198.22.168
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07daedfc1563ae53116228bc534dcc2d2b0e3e948a0d71ed850afe47de24ccce
0b16f80c7e917a5e356eff761589882a96bfb6fff3af0afe92691ed31485fd4f
0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
1400720a4b106b6514fa36ec765a0331eca0463c2a8c3f2cce600d97f03fc7fb
15a468a0899c2afa0b264aabe1992cb23b181f91df3f493f847a95184a06c9b2
1e90d0a79ce4a12fba933784eea1b3e9105898480096d16235201504eaf499a6
2dc788a390ba377c518b5b68697312e206f2e4cf4ad95e8607cd753cadca44f4
317b81d686e683538ecea2906bdd154b9445ca1cae866c20c047e0d7753f9c62
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
32c696facdc745fe3f18c62fc0e8e35dbce7dc26261599ad8feeff2456592680
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
466414c1a55a4b2fe32edcfc2c9ac437fdd0487c6c55bba4dac9afd2443a55bf
467863295302de0e4bd9f19be284d506caaa40aa083a4604342975f2f9242860
48e0179cb72f572f7219b5854373ac967445961b5c967cac4f1bdcdd8c046505
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6e5afe196f29e50b5dea8738b6ffcfad7770b0f60de559d9fca0488cb419c07c
6f862c43ba5ee3294c21be44e74ca8e365e2ba0a02ceaf637e6c75dd114914f3
708b7b0650cb6c27ed0586a288264fdd3250109754f29115644a8dd03dd0d2f3
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
7ba6b429ff22edcf8c734e8731ff107ad3407d25c2b815b296bc4c7c69644cc5
8c0268db1f7bff88555607f383fdf5945c0f4b7647e9edaff0c4d708ffe37238
93870437b7a6afa3b3a7b891ce300ebca970fef60efa7635b165d20eb7b7ac97
9579473c363be16f3a96d3a7bf87e7f6fcb27436dfd195b938eb238f0ec31ac5
9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e
a1f50bd04865459bf220a5cbf2765038965a99de708de8d581c83f6639d96a67
a37ed77cba8bdadf489c82b095976492e5509430a118546132f735aff9d46ef0
a67157d6d434a77523cb4e00640992fd472a297af87091082137edf88fe3e711
ce0b3cc4048b5dd27f352533ac47cbdef8f4bb9a5170a7fa6d2a917428946599
d4c215d271e272432ac0af349f1563a8977f1f2deec76facde8e06f0eea0b169
d4cdb91e6c5ab039e7781d80cdb7bc655b593a0b3d0388ab16328e54139ad6f3
dbfcdf5ec59d7563bcea781b903f2f3e4cc8ad57da4d6571cb092aec1ca0678b
de7f75f90fc821a1b4ab782f5a3c7f4a9f6def35e9b0f34d27147551919fbdb2
df2e60bba2260f0a09d596f8d763cac597a866e0797b064d90cc5f7cf6521f80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8dea8f310ea235597152396bfb55a76b2a2444dbfdc2e4163d5cae4ab8e80df
edee3af15748fed9fc8f51995162882bf9378eb2bd8634f3ef76228fdb95e42f
ee94aa8ba028639eb06303aa393e3ba644e512d823534d33c6b68a93dd23ad0c
f003ac71cecf83bb9b5646de2ca71e807127128176b5abc60dd507dc8c726569
f1ecb339dc22db4c4840cb2923cf806174d9167b90bbf424bed871f96c83b301