![](/screenshots/54a54800-03d7-495f-871e-020818e48e7b.png)
mail.freexjoin47.duckdns.org
Open in
urlscan Pro
109.205.183.187
Malicious Activity!
Public Scan
Submission: On December 12 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by ahmad.com on November 30th 2021. Valid for: a year.
This is the only time mail.freexjoin47.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 109.205.183.187 109.205.183.187 | 51167 (CONTABO) (CONTABO) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700:303... 2606:4700:3038::6815:eae6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 164.52.101.14 164.52.101.14 | 63199 (CDSC-AS1) (CDSC-AS1) | |
3 | 152.228.223.13 152.228.223.13 | 16276 (OVH) (OVH) | |
2 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
46 | 11 |
ASN51167 (CONTABO, DE)
PTR: vmi739826.contaboserver.net
mail.freexjoin47.duckdns.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
duckdns.org
mail.freexjoin47.duckdns.org |
198 KB |
5 |
githack.com
rawcdn.githack.com |
6 KB |
3 |
ibb.co
i.ibb.co |
88 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
23 KB |
2 |
googleapis.com
ajax.googleapis.com |
59 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
garena.com
reward.ff.garena.com |
9 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
7 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
36 KB |
1 |
google-analytics.com
www.google-analytics.com |
20 KB |
0 |
gstatic.com
Failed
fonts.gstatic.com Failed |
|
46 | 11 |
Domain | Requested by | |
---|---|---|
10 | mail.freexjoin47.duckdns.org |
mail.freexjoin47.duckdns.org
|
5 | rawcdn.githack.com |
mail.freexjoin47.duckdns.org
|
3 | i.ibb.co |
mail.freexjoin47.duckdns.org
|
3 | cdnjs.cloudflare.com |
mail.freexjoin47.duckdns.org
|
2 | ajax.googleapis.com |
mail.freexjoin47.duckdns.org
|
1 | code.jquery.com |
mail.freexjoin47.duckdns.org
|
1 | reward.ff.garena.com |
mail.freexjoin47.duckdns.org
|
1 | stackpath.bootstrapcdn.com |
mail.freexjoin47.duckdns.org
|
1 | www.googletagmanager.com |
mail.freexjoin47.duckdns.org
|
1 | www.google-analytics.com |
mail.freexjoin47.duckdns.org
|
0 | fonts.gstatic.com Failed |
mail.freexjoin47.duckdns.org
|
46 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ahmad.com ahmad.com |
2021-11-30 - 2022-11-30 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-11-08 - 2022-01-31 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.ff.garena.com R3 |
2021-10-04 - 2022-01-02 |
3 months | crt.sh |
ibb.co R3 |
2021-12-05 - 2022-03-05 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-08 - 2022-01-31 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mail.freexjoin47.duckdns.org/
Frame ID: 915257B11E10380830F17E4A834F1B4A
Requests: 48 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mail.freexjoin47.duckdns.org/ |
18 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-AlexHost.css
mail.freexjoin47.duckdns.org/assets/css/ |
40 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ |
69 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alex-facebook.css
rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alex-google.css
rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e328a85faf3ec595e525860c98e34098.png
reward.ff.garena.com//images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vkcircle-Alex.png
mail.freexjoin47.duckdns.org/assets/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpcircle-Alex.png
mail.freexjoin47.duckdns.org/assets/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hwcircle-Alex.png
mail.freexjoin47.duckdns.org/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
applcircle-Alex.png
mail.freexjoin47.duckdns.org/assets/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twcircle-Alex.png
mail.freexjoin47.duckdns.org/assets/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
garena-Alex.jpg
mail.freexjoin47.duckdns.org/assets/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-text.png
i.ibb.co/wWvFFK6/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k9mpwq-PYChfe-PRt-Ul-TSEk-X73-TCDnwyv-Sk-D5-Avsd-UTAQ4-H0c2-OAIEiii-Uwr-VEd7-k1-E8-s180-rw.webp
i.ibb.co/DVjmT33/ |
53 KB 54 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo-color-272x92dp.png
i.ibb.co/v1CZkTr/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ |
82 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2974217.js
rawcdn.githack.com/32323474/47328789/62269b50e7837c3ded793b5f9e681e5394956018/ |
335 B 677 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
input-exception.js
rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/ |
105 B 525 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
449 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Thin.woff2
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Thin.woff
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Thin.otf
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Light.woff2
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Light.woff
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Light.otf
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Regular.woff2
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Regular.woff
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Regular.otf
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Medium.woff2
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Medium.woff
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Medium.otf
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Bold.woff2
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Bold.woff
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Bold.otf
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Black.woff2
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Black.woff
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NotoSansTC-Black.otf
fonts.gstatic.com/ea/notosanstc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bgAlex-d.jpg
mail.freexjoin47.duckdns.org/assets/img/ |
134 KB 134 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
144 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fftext-Alex.png
mail.freexjoin47.duckdns.org/assets/img/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.woff2
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.otf
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.woff2
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.otf
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.woff2
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.otf
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.woff2
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.otf
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.woff2
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.otf
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.woff2
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.otf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| dataLayer function| $ function| jQuery function| openfbAlex function| closefbAlex function| opengpAlex function| closegpAlex function| AlexHostingNetFB function| AlexHostingNetGP object| _0x768a0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
i.ibb.co
mail.freexjoin47.duckdns.org
rawcdn.githack.com
reward.ff.garena.com
stackpath.bootstrapcdn.com
www.google-analytics.com
www.googletagmanager.com
fonts.gstatic.com
109.205.183.187
152.228.223.13
164.52.101.14
2001:4de0:ac18::1:a:1a
2606:4700:3038::6815:eae6
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:801::2008
2a00:1450:4001:801::200a
2a00:1450:4001:803::200e
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
30d1cc84b2adbbe2e7a144cd326b61845698cc34990bf4853e63b703f9b4fa3a
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
4abb644266a5139ed69498a2f9522afe373c41787fda172dad55ce1afb18a8df
4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be
4f8698bca7f3a855b339edf3337864b6b9f1914c653e2ca5127136af9b7d37a4
572f86050126a4138ce65d5f0f3a1f7889f42e396095fceef48dfe4acd0df06a
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5ade2c1a33d4f40e1e4dc31db56bbd948e6d15d6da3b2673cc45477ed56dd185
5d40c79196cf9f9da4bdc857e8e1b5094ff3fa0aa0f314985c5a513edb89a6b7
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d