sentencefo.com
Open in
urlscan Pro
104.21.19.154
Malicious Activity!
Public Scan
Effective URL: https://sentencefo.com/sf/tpl9/?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-48ba-96b5-fbed63288a75
Submission: On January 12 via manual from US — Scanned from US
Summary
TLS certificate: Issued by R3 on December 30th 2021. Valid for: 3 months.
This is the only time sentencefo.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 216.108.228.152 216.108.228.152 | 26277 (PREMIANET) (PREMIANET) | |
1 | 89.26.247.219 89.26.247.219 | 5626 (ONI Inter...) (ONI Internet Service Provider) | |
1 1 | 95.111.240.167 95.111.240.167 | 51167 (CONTABO) (CONTABO) | |
2 19 | 104.21.19.154 104.21.19.154 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.23.52 104.18.23.52 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 173.194.205.97 173.194.205.97 | 15169 (GOOGLE) (GOOGLE) | |
3 | 104.21.67.146 104.21.67.146 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 3 | 45.55.126.207 45.55.126.207 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
3 | 172.67.161.47 172.67.161.47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 173.194.175.139 173.194.175.139 | 15169 (GOOGLE) (GOOGLE) | |
1 | 173.194.205.155 173.194.205.155 | 15169 (GOOGLE) (GOOGLE) | |
1 | 173.194.208.105 173.194.208.105 | 15169 (GOOGLE) (GOOGLE) | |
35 | 11 |
ASN26277 (PREMIANET, US)
PTR: amsterdam-nl-datacenter.serverpoint.com
suidy.site |
ASN51167 (CONTABO, DE)
PTR: vps.smdnode2021.com
insurefundspick.com |
ASN15169 (GOOGLE, US)
PTR: qm-in-f97.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: qs-in-f139.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: qm-in-f155.1e100.net
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
sentencefo.com
3 redirects
sentencefo.com beacon.sentencefo.com |
850 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 |
20 KB |
4 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1772 ka-f.fontawesome.com — Cisco Umbrella Rank: 3532 |
23 KB |
3 |
virtualpushplatform.com
virtualpushplatform.com — Cisco Umbrella Rank: 270596 |
7 KB |
2 |
suidy.site
2 redirects
suidy.site |
444 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 8 |
501 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
439 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
36 KB |
1 |
insurefundspick.com
1 redirects
insurefundspick.com |
500 B |
1 |
neenors.com
neenors.com |
443 B |
35 | 10 |
Domain | Requested by | |
---|---|---|
19 | sentencefo.com |
2 redirects
neenors.com
sentencefo.com |
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com sentencefo.com |
3 | ka-f.fontawesome.com |
kit.fontawesome.com
|
3 | beacon.sentencefo.com |
1 redirects
sentencefo.com
|
3 | virtualpushplatform.com |
sentencefo.com
virtualpushplatform.com |
2 | suidy.site | 2 redirects |
1 | www.google.com |
sentencefo.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.googletagmanager.com |
sentencefo.com
|
1 | kit.fontawesome.com |
sentencefo.com
|
1 | insurefundspick.com | 1 redirects |
1 | neenors.com | |
35 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.neenors.com Go Daddy Secure Certificate Authority - G2 |
2021-02-15 - 2022-02-15 |
a year | crt.sh |
*.sentencefo.com R3 |
2021-12-30 - 2022-03-30 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.virtualpushplatform.com R3 |
2021-12-28 - 2022-03-28 |
3 months | crt.sh |
beacon.sentencefo.com R3 |
2022-01-05 - 2022-04-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-12 - 2022-09-11 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sentencefo.com/sf/tpl9/?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-48ba-96b5-fbed63288a75
Frame ID: F4C3C1510ACD42D508BFE8A74E16155C
Requests: 36 HTTP requests in this frame
Screenshot
Page Title
BestbuyPage URL History Show full URLs
-
http://suidy.site/c/44/1/10659856/1/
HTTP 301
https://suidy.site/c/44/1/10659856/1/ HTTP 302
https://neenors.com/ffe144bc663228e800/1/44/1-10659856 Page URL
-
https://insurefundspick.com/r/7ec1088d-7e50-4663-bf52-bb5ceb75cf78/472015/1145199745/1
HTTP 302
https://sentencefo.com/sf/tpl9?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-4... HTTP 301
http://sentencefo.com/sf/tpl9/?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-... HTTP 301
https://sentencefo.com/sf/tpl9/?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-... Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://suidy.site/c/44/1/10659856/1/
HTTP 301
https://suidy.site/c/44/1/10659856/1/ HTTP 302
https://neenors.com/ffe144bc663228e800/1/44/1-10659856 Page URL
-
https://insurefundspick.com/r/7ec1088d-7e50-4663-bf52-bb5ceb75cf78/472015/1145199745/1
HTTP 302
https://sentencefo.com/sf/tpl9?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-48ba-96b5-fbed63288a75 HTTP 301
http://sentencefo.com/sf/tpl9/?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-48ba-96b5-fbed63288a75 HTTP 301
https://sentencefo.com/sf/tpl9/?logo=bestbuy&item=70NT&s1=6JQT&s2=1145199745&clickid=eedb6797-6333-48ba-96b5-fbed63288a75 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://suidy.site/c/44/1/10659856/1/ HTTP 301
- https://suidy.site/c/44/1/10659856/1/ HTTP 302
- https://neenors.com/ffe144bc663228e800/1/44/1-10659856
- https://beacon.sentencefo.com/g2/0aa1ed35-047c-44e4-a211-47dc2b9c1be9?clickid=eedb6797-6333-48ba-96b5-fbed63288a75&item=70NT&logo=bestbuy&s1=6JQT&s2=1145199745 HTTP 302
- https://beacon.sentencefo.com/s/81dd894f-c9d9-4bb2-8a38-0cf227612bd1?&requestid=kXtlixVoTL&destinationid=877351702&clickid=eedb6797-6333-48ba-96b5-fbed63288a75&item=70NT&logo=bestbuy&s1=6JQT&s2=1145199745
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
1-10659856
neenors.com/ffe144bc663228e800/1/44/ Redirect Chain
|
149 B 443 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
sentencefo.com/sf/tpl9/ Redirect Chain
|
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
268a7048dd.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
91 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.7f0cfe806970e4f7cd32.css
sentencefo.com/sf/tpl9/ |
3 MB 364 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-4.png
sentencefo.com/sf/tpl9/public/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.png
sentencefo.com/sf/tpl9/public/ |
466 B 751 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-5.png
sentencefo.com/sf/tpl9/public/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-6.png
sentencefo.com/sf/tpl9/public/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-7.png
sentencefo.com/sf/tpl9/public/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-3.png
sentencefo.com/sf/tpl9/public/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-8.png
sentencefo.com/sf/tpl9/public/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-9.png
sentencefo.com/sf/tpl9/public/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-10.png
sentencefo.com/sf/tpl9/public/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-11.png
sentencefo.com/sf/tpl9/public/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-12.png
sentencefo.com/sf/tpl9/public/ |
875 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.137b3c32.chunk.js
sentencefo.com/sf/tpl9/js/ |
307 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.7989ce03.js
sentencefo.com/sf/tpl9/js/ |
480 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ace-push.js
virtualpushplatform.com/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
summary
beacon.sentencefo.com/geo/ |
129 B 577 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bestbuy.png
sentencefo.com/sf/tpl9/public/bestbuy/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cart.png
sentencefo.com/sf/tpl9/public/bestbuy/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81dd894f-c9d9-4bb2-8a38-0cf227612bd1
beacon.sentencefo.com/s/ Redirect Chain
|
343 KB 260 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 206 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 132 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 439 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
253 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit
virtualpushplatform.com/api/v1/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log-client-error
virtualpushplatform.com/api/v1/visit/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange function| gtag object| dataLayer object| webpackJsonp object| regeneratorRuntime function| _ object| core function| ScratchCard object| SCRATCH_TYPE object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
neenors.com/ | Name: uid20449 Value: 1145199745-20220112100831-610c49f722a37c8e7ed01d31ed49a2dc- |
|
.sentencefo.com/ | Name: _ga Value: GA1.2.2112385341.1642003716 |
|
.sentencefo.com/ | Name: _gid Value: GA1.2.295088433.1642003716 |
|
.sentencefo.com/ | Name: _gat_gtag_UA_148357412_1 Value: 1 |
|
.virtualpushplatform.com/ | Name: TiPMix Value: 15.3700365756499 |
|
.virtualpushplatform.com/ | Name: x-ms-routing-name Value: self |
|
.virtualpushplatform.com/ | Name: ARRAffinitySameSite Value: 8f60b4b980ecbcf2fd9b03ce93c680d6b1fafced4d2ba05719358001084dbcc8 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beacon.sentencefo.com
insurefundspick.com
ka-f.fontawesome.com
kit.fontawesome.com
neenors.com
sentencefo.com
stats.g.doubleclick.net
suidy.site
virtualpushplatform.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.18.23.52
104.21.19.154
104.21.67.146
172.67.161.47
173.194.175.139
173.194.205.155
173.194.205.97
173.194.208.105
216.108.228.152
45.55.126.207
89.26.247.219
95.111.240.167
01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40
04082a20f59582a77c69ad81adc8474c3b0334f1e58bfe97a441e8451714606f
0818d6453d6e14d3e2dc40d09754b944fd57fedbb8bac9c91a231249775934e6
0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a
182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327
18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248
291cee189530825b44750ab633f4ded7a61580f9fd06edab7534e46793da70f7
2ae62c8c7728d2a3c1ea824fb6e7b6b87ac0097e339a50d465b198d688f38237
2b60ab58ea91fbd2346bb9ab54a3de3fa7ea2c590d7ceddcd1c2a36648782ac9
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
2ec87e0273b81d4283d187f5f1cac9d6a33d08e46ebd95bb09c60c8f095d0c9f
339738b995f78eafa90fa0df714420aef8e9ff266047fdecd6505ce08ee28f51
3e0a2c6f1629e30b237e5f3dab46dcc82c0d951e4cac3210745a3eeab9e08191
4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
7601b7d86d7a99f2e41dc7b4ee89411f656704a932f9b96c051d28d116535cde
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1
b79b96152b26a4ddc46d4695da59cbd94610de79e7f14e497b8c3cdd9ee1b1d2
c06105e2c0b3b1bb6eaf8125f3cf0f3ccffc41fe525f0085a0b5dd12c3ce0055
c8a9c87d02c50d39fc00586eaec6cc5bab1954dddfbedd3b3438841fc17a2a1b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda