assicurazionircauto.com
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Effective URL: https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/in.html
Submission: On November 27 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time assicurazionircauto.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 34.73.29.134 34.73.29.134 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 16 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:20:... 2606:4700:20::681a:507 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2620:1ec:bdf::44 2620:1ec:bdf::44 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.189.67.17 52.189.67.17 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2606:4700:e4:... 2606:4700:e4::ac40:a307 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:10:... 2606:4700:10::ac43:88d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.36.173 104.18.36.173 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 67.202.105.33 67.202.105.33 | 32748 (STEADFAST) (STEADFAST) | |
1 | 67.202.105.34 67.202.105.34 | 32748 (STEADFAST) (STEADFAST) | |
33 | 11 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.29.73.34.bc.googleusercontent.com
drvninsurance.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
media-us1.digital.nuance.com |
ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com |
ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
assicurazionircauto.com
1 redirects
assicurazionircauto.com |
190 KB |
9 |
tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13324 ic.tynt.com — Cisco Umbrella Rank: 6169 de.tynt.com — Cisco Umbrella Rank: 2370 |
9 KB |
3 |
nuance.com
media-us1.digital.nuance.com — Cisco Umbrella Rank: 10095 |
341 KB |
2 |
dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 9213 |
2 KB |
1 |
amung.us
whos.amung.us — Cisco Umbrella Rank: 10208 |
182 B |
1 |
inq.com
ups.inq.com — Cisco Umbrella Rank: 15254 |
549 B |
1 |
waust.at
waust.at — Cisco Umbrella Rank: 28771 |
7 KB |
1 |
drvninsurance.com
drvninsurance.com |
511 B |
33 | 8 |
Domain | Requested by | |
---|---|---|
16 | assicurazionircauto.com |
1 redirects
drvninsurance.com
assicurazionircauto.com |
7 | ic.tynt.com | |
3 | media-us1.digital.nuance.com |
assicurazionircauto.com
|
2 | t.dtscout.com |
waust.at
t.dtscout.com |
1 | de.tynt.com |
cdn.tynt.com
|
1 | cdn.tynt.com |
waust.at
|
1 | whos.amung.us |
waust.at
|
1 | ups.inq.com |
assicurazionircauto.com
|
1 | waust.at |
assicurazionircauto.com
|
1 | drvninsurance.com | |
33 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ups.com |
wwwapps.ups.com |
www.pressroom.ups.com |
www.investors.ups.com |
www.jobs-ups.com |
sustainability.ups.com |
www.theupsstore.ca |
upscapital.com |
www.instagram.com |
twitter.com |
whos.amung.us |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-16 - 2023-06-16 |
a year | crt.sh |
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2022-09-14 - 2023-10-12 |
a year | crt.sh |
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2022-09-14 - 2023-10-12 |
a year | crt.sh |
*.amung.us Sectigo RSA Domain Validation Secure Server CA |
2022-05-18 - 2023-06-17 |
a year | crt.sh |
*.tynt.com Sectigo RSA Domain Validation Secure Server CA |
2022-09-07 - 2023-09-30 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/in.html
Frame ID: 95A74B1FE093A5476B8DEAB06E8B087A
Requests: 30 HTTP requests in this frame
Frame:
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/index_1.html
Frame ID: 838722F2F792CFB648EB774191FD2A20
Requests: 1 HTTP requests in this frame
Frame:
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/index_2.html
Frame ID: FA062215232ACDC50F51E130B4218319
Requests: 1 HTTP requests in this frame
Frame:
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/index_4.html
Frame ID: FB2FD35A0BE5936B75AC98516C48171A
Requests: 1 HTTP requests in this frame
Frame:
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/index_3.html
Frame ID: ED8C86349E322CD40898CFB36F49446D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Tracking | UPSPage URL History Show full URLs
- http://drvninsurance.com/2211.htm Page URL
-
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/
HTTP 302
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/in.html Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Page Statistics
55 Outgoing links
These are links going to different origins than the main page.
Title: ... More
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Sign up / Log in
Search URL Search Domain Scan URL
Title: Alerts (1)
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: Canada - English
Search URL Search Domain Scan URL
Title: Canada - Français
Search URL Search Domain Scan URL
Title: Select Another Country or Territory
Search URL Search Domain Scan URL
Title: Get Started with UPS
Search URL Search Domain Scan URL
Title: Ship
Search URL Search Domain Scan URL
Title: Quote
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: View & Pay Bill
Search URL Search Domain Scan URL
Title: Track & Track History
Search URL Search Domain Scan URL
Title: Manage Inbound/Outbound Deliveries:Quantum View - for Large Enterprise Businesses
Search URL Search Domain Scan URL
Title: Explore All Tracking
Search URL Search Domain Scan URL
Title: Explore Managing Home Deliveries
Search URL Search Domain Scan URL
Title: Explore Managing Business Deliveries
Search URL Search Domain Scan URL
Title: Schedule a Pickup
Search URL Search Domain Scan URL
Title: Manage Online Orders: Marketplace Shipping
Search URL Search Domain Scan URL
Title: Create a Return
Search URL Search Domain Scan URL
Title: Explore All Shipping
Search URL Search Domain Scan URL
Title: View Shipping History
Search URL Search Domain Scan URL
Title: Batch File Shipping
Search URL Search Domain Scan URL
Title: Create Import:UPS Import Control
Search URL Search Domain Scan URL
Title: International Toolset:UPS TradeAbility
Search URL Search Domain Scan URL
Title: Service Guide
Search URL Search Domain Scan URL
Title: Order Supplies
Search URL Search Domain Scan URL
Title: Discover UPS Services
Search URL Search Domain Scan URL
Title: Shipping
Search URL Search Domain Scan URL
Title: Billing
Search URL Search Domain Scan URL
Title: International Shipping
Search URL Search Domain Scan URL
Title: Contract Logistics
Search URL Search Domain Scan URL
Title: Integrating UPS Technology
Search URL Search Domain Scan URL
Title: Individual Shipper
Search URL Search Domain Scan URL
Title: Small Business
Search URL Search Domain Scan URL
Title: Customer Support
Search URL Search Domain Scan URL
Title: Get Started with UPS
Search URL Search Domain Scan URL
Title: Change Delivery
Search URL Search Domain Scan URL
Title: Claims Support
Search URL Search Domain Scan URL
Title: My Profile
Search URL Search Domain Scan URL
Title: About UPS
Search URL Search Domain Scan URL
Title: Media RelationsOpen the link in a new window
Search URL Search Domain Scan URL
Title: Investor RelationsOpen the link in a new window
Search URL Search Domain Scan URL
Title: CareersOpen the link in a new window
Search URL Search Domain Scan URL
Title: Sustainability & Community InvolvementOpen the link in a new window
Search URL Search Domain Scan URL
Title: The UPS StoreOpen the link in a new window
Search URL Search Domain Scan URL
Title: UPS CapitalOpen the link in a new window
Search URL Search Domain Scan URL
Title: InstagramOpen the link in a new window
Search URL Search Domain Scan URL
Title: Twitter Open the link in a new window
Search URL Search Domain Scan URL
Title: Protect Against Fraud
Search URL Search Domain Scan URL
Title: Service Terms and Conditions
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Title: Privacy NoticeOpen the link in a new window
Search URL Search Domain Scan URL
Title: 1
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://drvninsurance.com/2211.htm Page URL
-
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/
HTTP 302
https://assicurazionircauto.com/wp-content/mu-plugins-old/local2/in.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
2211.htm
drvninsurance.com/ |
203 B 511 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
in.html
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ Redirect Chain
|
64 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ups.vendor.54f3c2d83b58.css
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
130 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ups.styles.bf03bcac6bc2.css
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
89 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ups.modules.0cca12c805a5.css
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
697 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ups.widgets.6611168e8d14.css
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
69 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ups.apps-utrk.5ebbdd.css
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
74 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UPS_logo.svg
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icp.gif
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
43 B 554 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.7d4255341a2c49ba8357.bundle.css
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
259 B 651 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d.js
waust.at/ |
14 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index_1.html
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ Frame 8387 |
167 B 584 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InqFramework.js
media-us1.digital.nuance.com/media/launch/ci/ |
0 223 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre-acif.js
ups.inq.com/tagserver/acif/ |
0 549 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif.js
media-us1.digital.nuance.com/media/launch/acif/ |
0 112 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif-configs.js
media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/ |
0 6 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
055096b75efc91eabeb7fa0fb14e24cd44ba71f4
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
34 KB 34 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index_2.html
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ Frame FA06 |
701 B 751 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
social.jpg
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ |
882 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/i/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
whos.amung.us/pingjs/ |
28 B 182 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
t.dtscout.com/pv/ |
51 B 542 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index_4.html
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ Frame FB2F |
241 B 625 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index_3.html
assicurazionircauto.com/wp-content/mu-plugins-old/local2/ Frame ED8C |
327 B 659 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tc.js
cdn.tynt.com/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2
de.tynt.com/deb/ |
4 B 260 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
0 227 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UPS (Transportation)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| _dtspv object| x string| x1 string| x2 object| Tynt object| _33Across function| __uspapi3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.dtscout.com/ | Name: m Value: 1 |
|
.dtscout.com/ | Name: oa Value: 1 |
|
.dtscout.com/ | Name: df Value: 1669512243 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assicurazionircauto.com
cdn.tynt.com
de.tynt.com
drvninsurance.com
ic.tynt.com
media-us1.digital.nuance.com
t.dtscout.com
ups.inq.com
waust.at
whos.amung.us
104.18.36.173
2606:4700:10::ac43:88d
2606:4700:20::681a:507
2606:4700:e4::ac40:a307
2620:1ec:bdf::44
2a06:98c1:3121::3
34.73.29.134
52.189.67.17
67.202.105.33
67.202.105.34
0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343
076902752ae5748c9a6a128021d95a1bddf6aac70390b3d07f4ae941571350fe
0e4a6a629fd390b4bc55fd25ae51b4831ba1a5249eacce068ee18f9d05bc261d
1bebadfca8ed82c57318902b7f8b19cf0bea2abe3cc651c3b261244776c6aee8
2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779
33a1e6507048a8277e7e90dc1949f7d8c95745234b96333da63ff999971bc7d1
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a
ae367b01f6899231a82020e3ed74a9345832f163fc754c2bfee56842af2087d5
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316
eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa
ec42e263cd11890be5f6aad789249f1d74c91f3be4f0f072848cab423d22e44f
f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f