appnewstv.hs-sites-eu1.com
Open in
urlscan Pro
2606:4700:4400::6812:21fd
Malicious Activity!
Public Scan
Effective URL: https://appnewstv.hs-sites-eu1.com/
Submission: On September 14 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 14th 2022. Valid for: a year.
This is the only time appnewstv.hs-sites-eu1.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
ASN13335 (CLOUDFLARENET, US)
f.hubspotusercontent-eu1.net | |
26246913.fs1.hubspotusercontent-eu1.net |
ASN13335 (CLOUDFLARENET, US)
whos.amung.us | |
widgets.amung.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 15304 |
57 KB |
5 |
hubspotusercontent-eu1.net
f.hubspotusercontent-eu1.net — Cisco Umbrella Rank: 276740 26246913.fs1.hubspotusercontent-eu1.net |
259 KB |
3 |
hubspot.com
app-eu1.hubspot.com — Cisco Umbrella Rank: 132144 forms-eu1.hubspot.com — Cisco Umbrella Rank: 62178 track-eu1.hubspot.com — Cisco Umbrella Rank: 44921 |
2 KB |
3 |
feliznewstv.com
1 redirects
feliznewstv.com |
502 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355 |
43 KB |
2 |
amung.us
1 redirects
whos.amung.us — Cisco Umbrella Rank: 9037 widgets.amung.us — Cisco Umbrella Rank: 9687 |
2 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
2 |
hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 17228 |
4 KB |
2 |
hs-sites-eu1.com
appnewstv.hs-sites-eu1.com |
6 KB |
1 |
hsforms.com
forms-eu1.hsforms.com — Cisco Umbrella Rank: 68293 |
444 B |
1 |
hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 41077 |
16 KB |
1 |
hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 61625 |
23 KB |
1 |
hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 41623 |
20 KB |
1 |
hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 38081 |
889 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120 |
1 KB |
31 | 15 |
Domain | Requested by | |
---|---|---|
5 | static.hsappstatic.net |
appnewstv.hs-sites-eu1.com
static.hsappstatic.net |
3 | feliznewstv.com |
1 redirects
appnewstv.hs-sites-eu1.com
|
3 | cdnjs.cloudflare.com |
appnewstv.hs-sites-eu1.com
|
3 | f.hubspotusercontent-eu1.net |
appnewstv.hs-sites-eu1.com
|
2 | 26246913.fs1.hubspotusercontent-eu1.net |
appnewstv.hs-sites-eu1.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdn2.hubspot.net |
appnewstv.hs-sites-eu1.com
|
2 | appnewstv.hs-sites-eu1.com |
appnewstv.hs-sites-eu1.com
|
1 | forms-eu1.hsforms.com | |
1 | widgets.amung.us | |
1 | whos.amung.us | 1 redirects |
1 | track-eu1.hubspot.com | |
1 | forms-eu1.hubspot.com |
js-eu1.hscollectedforms.net
|
1 | js-eu1.hs-banner.com |
js-eu1.hs-scripts.com
|
1 | js-eu1.hscollectedforms.net |
js-eu1.hs-scripts.com
|
1 | js-eu1.hs-analytics.net |
js-eu1.hs-scripts.com
|
1 | app-eu1.hubspot.com |
static.hsappstatic.net
|
1 | js-eu1.hs-scripts.com |
appnewstv.hs-sites-eu1.com
|
1 | fonts.googleapis.com |
appnewstv.hs-sites-eu1.com
|
31 | 19 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hs-sites-eu1.com Cloudflare Inc ECC CA-3 |
2022-04-14 - 2023-04-13 |
a year | crt.sh |
hubspotusercontent-eu1.net Cloudflare Inc ECC CA-3 |
2022-02-24 - 2023-02-23 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
hubspot.net Cloudflare Inc ECC CA-3 |
2022-05-06 - 2023-05-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
feliznewstv.com R3 |
2022-07-23 - 2022-10-21 |
3 months | crt.sh |
hsappstatic.net Cloudflare Inc ECC CA-3 |
2022-05-10 - 2023-05-10 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
hubspot.com Cloudflare Inc ECC CA-3 |
2022-03-08 - 2023-03-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://appnewstv.hs-sites-eu1.com/
Frame ID: C2764D523B13DA3D00FBC4249A5A3866
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
Log into Facebook | FacebookDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://feliznewstv.com/location HTTP 301
- https://feliznewstv.com/location/
- https://whos.amung.us/widget/josvip222 HTTP 307
- https://widgets.amung.us/classic/00/54.png
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
appnewstv.hs-sites-eu1.com/ |
27 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.css
f.hubspotusercontent-eu1.net/hub/26246913/hub_generated/template_assets/53070288600/1663077099315/marketplace/GiantFocal/Hatch_Landing/css/ |
340 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
module_-2712622_Site_Search_Input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1663012019885/ |
612 B 553 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
feliznewstv.com/ |
716 KB 501 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
static.hsappstatic.net/cms-free-branding-lib/static-1.111/js/ |
203 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.min.js
f.hubspotusercontent-eu1.net/hub/26246913/hub_generated/template_assets/53070982620/1663077090631/marketplace/GiantFocal/Hatch_Landing/js/plugins/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
f.hubspotusercontent-eu1.net/hub/26246913/hub_generated/template_assets/53071252464/1663077093553/marketplace/GiantFocal/Hatch_Landing/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
project.js
static.hsappstatic.net/cos-i18n/static-1.53/bundles/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
module_-2712622_Site_Search_Input.min.js
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1663012019149/ |
7 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26246913.js
js-eu1.hs-scripts.com/ |
2 KB 889 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hatch-landing.svg
26246913.fs1.hubspotusercontent-eu1.net/hubfs/26246913/raw_assets/public/@marketplace/GiantFocal/Hatch_Landing/images/placeholder/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-02.jpg
26246913.fs1.hubspotusercontent-eu1.net/hubfs/26246913/raw_assets/public/@marketplace/GiantFocal/Hatch_Landing/images/placeholder/ |
204 KB 205 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsCmsFreeBranding.css
static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprocket_white.svg
static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
has-permission
app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/ |
0 687 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26246913.js
js-eu1.hs-analytics.net/analytics/1663159500000/ |
63 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collectedforms.js
js-eu1.hscollectedforms.net/ |
65 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26246913.js
js-eu1.hs-banner.com/ |
60 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
forms-eu1.hubspot.com/collected-forms/v1/config/ |
116 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__ptq.gif
track-eu1.hubspot.com/ |
45 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
feliznewstv.com/location/ Redirect Chain
|
1 KB 682 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
54.png
widgets.amung.us/classic/00/ Redirect Chain
|
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
counters.gif
forms-eu1.hsforms.com/embed/v3/ |
35 B 444 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
51 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
perf
appnewstv.hs-sites-eu1.com/_hcms/ |
2 B 318 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_2712622 function| i18n_getmessage function| i18n_getlanguage object| _hsq object| webpackJsonp object| I18n function| jsonpHandler number| headerHeight object| _hsp boolean| _hspb_ran boolean| _hspb_loaded object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt undefined| to_object string| a boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| checking function| creatingInput function| searchingForms5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hubspot.com/ | Name: __cf_bm Value: 9k1bC8YvIJNsXDegLf.vFRQYLMbI00wK7Z4fm6ryoIg-1663159566-0-AYZs569i3Mg3Tyg0gXA3pp7F545zs640HKj5MIbgH7QJDvymEX9b8mWXyjhqCpuVIg3knRI8qF6AAMHkmUSA3zw= |
|
.hs-sites-eu1.com/ | Name: __hstc Value: 205882892.abd0570a52a71898e5a35f197d1455c2.1663159567398.1663159567398.1663159567398.1 |
|
.hs-sites-eu1.com/ | Name: hubspotutk Value: abd0570a52a71898e5a35f197d1455c2 |
|
.hs-sites-eu1.com/ | Name: __hssrc Value: 1 |
|
.hs-sites-eu1.com/ | Name: __hssc Value: 205882892.1.1663159567399 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
26246913.fs1.hubspotusercontent-eu1.net
app-eu1.hubspot.com
appnewstv.hs-sites-eu1.com
cdn2.hubspot.net
cdnjs.cloudflare.com
f.hubspotusercontent-eu1.net
feliznewstv.com
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hsforms.com
forms-eu1.hubspot.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
static.hsappstatic.net
track-eu1.hubspot.com
whos.amung.us
widgets.amung.us
147.182.144.225
172.65.192.122
172.65.193.34
172.65.202.201
172.65.208.22
172.65.232.43
172.65.236.181
172.65.238.60
172.65.240.166
2606:4700:10::6816:4bab
2606:4700:4400::6812:21fd
2606:4700:4400::6812:22e2
2606:4700::6811:190e
2606:4700::6811:6d2
2606:4700::6811:f3cc
2a00:1450:4001:801::2003
2a00:1450:4001:813::200a
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
3de8a4192954672641eeaf80efcee354677c732c1337b940ed9e9931a9c5686f
401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
663a4b0ca28bb9ae1d6df24e5952ce1c320ba27ca00304df4238136f15debd7f
664f3bc9bdc5e9833b03897e75cd2ae873a24a3336c9b4ecb8b2f98afba6b31e
6736d3d82e92d1e2ebd967a17619b57bc8ebbb061b46e178207e22bd82d33acd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
7467ee7ee02f3aa9315588ffca1f25123849baf48abd814404c89af775eaf82e
788561ed324caca628ee7ee6bb111ae0616f41f9569d7f6af5ed406a07492ecf
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f
a6ca5798cfb367eeadd92ad1165794010aa63a7d71cb2f1ec012ce4509d67017
a863c1f5907b22275103666c25d38df3a9d0714092e9d1eb590ec2467fc8f61b
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b232ce0dd80388c5ab4e2fde4d7b6f1e94d1e4245af13df58fc9d37eb09dbc0f
b8bd5ad77008d06e64a7d97115f081f2940832f8942a36125a3b48d025b3cc0b
bb0f709cf596a9631bd72c215279dc874bc17df79aa51a3dfc9068d46321af1c
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c8de31ea4c06371a09efa4fbfbb9fd2b44c484593e82171bb1f5f20d323c4615
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d9352a037e299d56c31064536ec1f520d5f9f1ee3f0ae2321a74f95a3a2cea
eef3946aa2efe29811b16e73ec2666e994c0a2239ef4c716f2fb54f34ed29fa6
f572b7e57e266aef4ba79201895e5183f538d9c29141a51f79482e211c5ae7ae
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e6d7ccd952d26615cf449d6548878465e7297a09175a9054ce2f53ba7d20fc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd6ec3a496418c63b4e67570d8922f9027157083fa5dfe60c03925859263091a