news-now-today.com
Open in
urlscan Pro
95.179.159.226
Malicious Activity!
Public Scan
Effective URL: https://news-now-today.com/NLBOEF/?sxid=xy9pv8ctpik5&campid=1395195&extid=zr8bdf0efba0a911ea8ef71229d7649657eb2f2edafed2401...
Submission: On May 28 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 16th 2020. Valid for: 3 months.
This is the only time news-now-today.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online) Lion's Den Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 108.59.12.98 108.59.12.98 | 30633 (LEASEWEB-...) (LEASEWEB-USA-WDC) | |
2 | 52.4.32.92 52.4.32.92 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 3.126.48.135 3.126.48.135 | 16509 (AMAZON-02) (AMAZON-02) | |
38 | 95.179.159.226 95.179.159.226 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
41 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-32-92.compute-1.amazonaws.com
usd.khurshid-sus.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
vqemzvkx.com |
ASN20473 (AS-CHOOPA, US)
PTR: 95.179.159.226.vultr.com
news-now-today.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
38 |
news-now-today.com
news-now-today.com |
2 MB |
2 |
khurshid-sus.com
usd.khurshid-sus.com |
3 KB |
2 |
capitalo9ne.com
1 redirects
capitalo9ne.com |
1 KB |
1 |
vqemzvkx.com
1 redirects
vqemzvkx.com |
2 KB |
41 | 4 |
Domain | Requested by | |
---|---|---|
38 | news-now-today.com |
usd.khurshid-sus.com
news-now-today.com |
2 | usd.khurshid-sus.com |
capitalo9ne.com
usd.khurshid-sus.com |
2 | capitalo9ne.com | 1 redirects |
1 | vqemzvkx.com | 1 redirects |
41 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
vqemzvkx.com |
www.facebook.com |
hrsumo.com |
business.facebook.com |
developers.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
news-now-today.com Let's Encrypt Authority X3 |
2020-04-16 - 2020-07-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://news-now-today.com/NLBOEF/?sxid=xy9pv8ctpik5&campid=1395195&extid=zr8bdf0efba0a911ea8ef71229d7649657eb2f2edafed24018b7423c19bb0770bc0473826e320c38ee0b&contry=NL&vistyp=NON-ADULT&targid=mike-lip-7nFvyL8o&keywrd=capitalo9ne,capitalo9ne,capitalo9ne.com&trftyp=DOMAIN&ttorigin=xy9pv8ctpik5
Frame ID: 0FB3709C75D289CEF90A32563711CEC8
Requests: 41 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://capitalo9ne.com/ Page URL
-
http://capitalo9ne.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5MDY...
HTTP 302
http://usd.khurshid-sus.com/zcvisitor/8bdf0efb-a0a9-11ea-8ef7-1229d7649657?campaignid=03e0e360-9aa6-11ea... Page URL
- http://usd.khurshid-sus.com/zcredirect?visitid=8bdf0efb-a0a9-11ea-8ef7-1229d7649657&type=js&browserWidth... Page URL
-
https://vqemzvkx.com/click?trvid=10033&extid=zr8bdf0efba0a911ea8ef71229d7649657eb2f2edafed24018b7...
HTTP 302
https://news-now-today.com/NLBOEF/?sxid=xy9pv8ctpik5&campid=1395195&extid=zr8bdf0efba0a911ea8ef71229d76... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Anika Smit
Search URL Search Domain Scan URL
Title: Cris Sie
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Jelmer Hartlief
Search URL Search Domain Scan URL
Title: Nazli Goktas
Search URL Search Domain Scan URL
Title: Thomas Veenstra
Search URL Search Domain Scan URL
Title: Mitchel de Jager
Search URL Search Domain Scan URL
Title: Facebook Comments Plugin
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://capitalo9ne.com/ Page URL
-
http://capitalo9ne.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5MDY1MzI2NCwiaWF0IjoxNTkwNjQ2MDY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybzlob2FubDBoMTQ2M3ZhaHMwNTBzOG0iLCJuYmYiOjE1OTA2NDYwNjQsInRzIjoxNTkwNjQ2MDY0MjE2NzU3fQ.djtmDgeNDf0djlNAgyKdrVPVQvGDgeLnIcf0ITWrS3U&sid=8bb51316-a0a9-11ea-ad73-95b3b87936f8
HTTP 302
http://usd.khurshid-sus.com/zcvisitor/8bdf0efb-a0a9-11ea-8ef7-1229d7649657?campaignid=03e0e360-9aa6-11ea-9cab-12e5dcaa70ed Page URL
- http://usd.khurshid-sus.com/zcredirect?visitid=8bdf0efb-a0a9-11ea-8ef7-1229d7649657&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
-
https://vqemzvkx.com/click?trvid=10033&extid=zr8bdf0efba0a911ea8ef71229d7649657eb2f2edafed24018b7423c19bb0770bc0473826e320c38ee0b&cost=0.020000&campid=1395195&targid=mike-lip-7nFvyL8o&keywrd=capitalo9ne%2Ccapitalo9ne%2Ccapitalo9ne.com&contry=NL&trftyp=DOMAIN&vistyp=NON-ADULT&tarurl=
HTTP 302
https://news-now-today.com/NLBOEF/?sxid=xy9pv8ctpik5&campid=1395195&extid=zr8bdf0efba0a911ea8ef71229d7649657eb2f2edafed24018b7423c19bb0770bc0473826e320c38ee0b&contry=NL&vistyp=NON-ADULT&targid=mike-lip-7nFvyL8o&keywrd=capitalo9ne,capitalo9ne,capitalo9ne.com&trftyp=DOMAIN&ttorigin=xy9pv8ctpik5 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://capitalo9ne.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5MDY1MzI2NCwiaWF0IjoxNTkwNjQ2MDY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybzlob2FubDBoMTQ2M3ZhaHMwNTBzOG0iLCJuYmYiOjE1OTA2NDYwNjQsInRzIjoxNTkwNjQ2MDY0MjE2NzU3fQ.djtmDgeNDf0djlNAgyKdrVPVQvGDgeLnIcf0ITWrS3U&sid=8bb51316-a0a9-11ea-ad73-95b3b87936f8 HTTP 302
- http://usd.khurshid-sus.com/zcvisitor/8bdf0efb-a0a9-11ea-8ef7-1229d7649657?campaignid=03e0e360-9aa6-11ea-9cab-12e5dcaa70ed
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
capitalo9ne.com/ |
471 B 830 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8bdf0efb-a0a9-11ea-8ef7-1229d7649657
usd.khurshid-sus.com/zcvisitor/ Redirect Chain
|
1010 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
usd.khurshid-sus.com/ |
748 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
news-now-today.com/NLBOEF/ Redirect Chain
|
182 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
news-now-today.com/NLBOEF/css/ |
148 KB 148 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
news-now-today.com/NLBOEF/css/ |
17 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
news-now-today.com/NLBOEF/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NOS.png
news-now-today.com/NLBOEF/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
as-seen-on-image-NL.png
news-now-today.com/NLBOEF/images/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4431863d1eb32200.jpg
news-now-today.com/NLBOEF/images/ |
84 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7db812b3b7825ccd.jpg
news-now-today.com/NLBOEF/images/ |
82 KB 83 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
64283d6a7064ee54.jpg
news-now-today.com/NLBOEF/images/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
muskbranson.jpg
news-now-today.com/NLBOEF/images/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dreamcar.jpg
news-now-today.com/NLBOEF/images/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tisdale.jpg
news-now-today.com/NLBOEF/images/ |
271 KB 271 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.jpg
news-now-today.com/NLBOEF/images/ |
115 KB 115 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkmark.png
news-now-today.com/NLBOEF/images/ |
341 B 662 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bittrader-step1.png
news-now-today.com/NLBOEF/images/ |
594 KB 594 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bittrader-step2.png
news-now-today.com/NLBOEF/images/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bittrader-step3.png
news-now-today.com/NLBOEF/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.png
news-now-today.com/NLBOEF/images/ |
147 KB 148 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kelly.jpg
news-now-today.com/NLBOEF/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
judith.jpg
news-now-today.com/NLBOEF/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anika.jpg
news-now-today.com/NLBOEF/images/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cris.jpg
news-now-today.com/NLBOEF/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jelmer.jpg
news-now-today.com/NLBOEF/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
allin.png
news-now-today.com/NLBOEF/images/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Nazli.jpg
news-now-today.com/NLBOEF/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thomas.jpg
news-now-today.com/NLBOEF/images/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side1.png
news-now-today.com/NLBOEF/images/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side2.png
news-now-today.com/NLBOEF/images/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side3.png
news-now-today.com/NLBOEF/images/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side4.png
news-now-today.com/NLBOEF/images/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side5.png
news-now-today.com/NLBOEF/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side6.png
news-now-today.com/NLBOEF/images/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side7.png
news-now-today.com/NLBOEF/images/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_bitcointrader1.jpg
news-now-today.com/NLBOEF/images/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_bitcointrader2.jpg
news-now-today.com/NLBOEF/images/ |
61 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_bitcointrader3.jpg
news-now-today.com/NLBOEF/images/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold.html
news-now-today.com/NLBOEF/css/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tahoma.html
news-now-today.com/NLBOEF/css/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online) Lion's Den Scam (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dayNames object| monthNames object| now number| dayOfTheWeek0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
capitalo9ne.com
news-now-today.com
usd.khurshid-sus.com
vqemzvkx.com
108.59.12.98
3.126.48.135
52.4.32.92
95.179.159.226
02fd8ca9374392122da2983c5c1c2ae28813dd480c1af19f8ed6ebe394bfd3b9
034b7b0a5ffa0abb7fee45e3da1a225609a2035c51550ce0a3bd1c8aeaeee8e0
049e53c3cbcf5fd4635346f45257e90d5d40e5726dd1e8f9a7de9a68b4eb4f0b
04e953f0ee53304b86f0e58680127bd0810c9b63f660f59566184481dd72b571
11e916b6007508ee9bd47612b4ad35c321c1f2401d142af63d5c72f54ee5aa45
1578fe78e280dd26e20fd8de23ecb801f7294c4089db320ffa8910624f208f60
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
27136be39109fe6e068dae618e286dfd3f6c7dae2b18417b79815bcf1e290d57
2ee52ff6707524032d929923fd8e1154b8c158c65cd25d207470d240adedec20
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
3f820474e7e94ee0a33d84122ac27b579503596987188873e7d03023020f5130
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
558a35aa5b6bdc6437ae2786b1d8150bff1b4102216a59f6bfd50dbfbdf4d856
5696f7a3a4265c4df382d629aeedb83688012dd32bc308446287691c89f669d4
598f44e94a70133bbf65981564abf531d880e8bb97624c672f56bf09c2fc4db8
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
6268ab0c6e43bb76d7bb2b6fa245c7fb3c3dfc8938781eb9cc4675c343661df8
67e1bb3e75c8b1591c6f6107bbedd2f95bd59cc89102e1a564e08d0b60dbea32
6a35b23abf3fb7c510b2722412b093a924ab9463af33ba1305a46acec8148629
74e6c7fc462cdd9b8a6876368c1aafe1830a75af5bfa86329ee3ccafa8319214
7bc7a8dc98dc5829b38d5102084ec6383663a8e36c3f696d46c516e13af70dbe
8f691c9fceed4669a72b624fd7fae7f8d8db74f7fd2292ab0a1db4c5f9c479f9
98a37c848364171dd541db74fb1b014bedabfa2b9d8ad0e06b1586b060d8bd7a
9eaa894a13f86e0120c60578a1a168b33db9ace1b9339c013d12e84bc2665516
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
ac7837175eb539cde62aa5b19b3ffa9f9436f72ff5458e98e80746d83eea3aa4
accb8bdb33d10e0abead1ae7c3a54735759ac3df8a5b1d68d45f97ce0105c8c1
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
c8a1916b926cd4b7d835be3541eae14be4fdf839357e701bd1e104378975e59e
d68be4b8b1e02694381123c4a884525fced0c87cf34c2b21501fb4920a0cabdd
d82eb219162100e0b1ef30cccc411c1c92168d56a6e952584a63a90d9dd3c586
e47374400288a7be95bdafe93df012387839c6ce349053c88a905f4e4b9a5158
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e7adda3dcb1e7d8a26ddb5e3a32b70571860f42e88cd44d064beff821a9e76b6
e8534f5335522037c03fe544db314033fe5f05d847c5356b8ebe7f3f79beb6f5
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
ebf6b41de459245e224d34815e5decf97b21e24fd3d2ba82bb8b0d633cf1c3a1