reditest.pages.dev
Open in
urlscan Pro
188.114.96.3
Malicious Activity!
Public Scan
Effective URL: https://reditest.pages.dev/files/?email=null
Submission: On July 15 via api from US — Scanned from FI
Summary
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time reditest.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 21 | 65.109.83.50 65.109.83.50 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 142.250.186.106 142.250.186.106 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.185.227 142.250.185.227 | 15169 (GOOGLE) (GOOGLE) | |
2 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 169.150.247.36 169.150.247.36 | 60068 (CDN77 _) (CDN77 _) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
1 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.217.18.10 172.217.18.10 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.65.229 151.101.65.229 | 54113 (FASTLY) (FASTLY) | |
35 | 12 |
ASN24940 (HETZNER-AS, DE)
PTR: turbocharge.rebootns.com
www.cdtech.sbs | |
cdtech.sbs |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com |
ASN60068 (CDN77 _, GB)
PTR: 169-150-247-36.bunnyinfra.net
www.ratufa.io |
ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net
ajax.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
cdtech.sbs
3 redirects
www.cdtech.sbs cdtech.sbs |
284 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508 |
31 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
13 KB |
2 |
gstatic.com
fonts.gstatic.com |
33 KB |
2 |
pages.dev
reditest.pages.dev Failed |
8 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641 |
31 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410 |
1 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
24 KB |
1 |
ratufa.io
www.ratufa.io n1.ratufa.io Failed |
93 KB |
35 | 9 |
Domain | Requested by | |
---|---|---|
18 | cdtech.sbs |
cdtech.sbs
|
3 | www.cdtech.sbs | 3 redirects |
2 | cdnjs.cloudflare.com |
reditest.pages.dev
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | reditest.pages.dev |
cdtech.sbs
|
1 | cdn.jsdelivr.net |
reditest.pages.dev
|
1 | stackpath.bootstrapcdn.com |
reditest.pages.dev
|
1 | ajax.googleapis.com |
reditest.pages.dev
|
1 | maxcdn.bootstrapcdn.com |
reditest.pages.dev
|
1 | code.jquery.com |
reditest.pages.dev
|
1 | www.ratufa.io |
reditest.pages.dev
|
1 | fonts.googleapis.com |
cdtech.sbs
|
0 | n1.ratufa.io Failed |
www.ratufa.io
|
35 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.prosecco8cento.sbs.cdtech.sbs R3 |
2024-05-17 - 2024-08-15 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
reditest.pages.dev WE1 |
2024-07-02 - 2024-09-30 |
3 months | crt.sh |
www.ratufa.io R10 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://reditest.pages.dev/files/?email=null
Frame ID: CA530E6D6895EB0837BE07679002EF0E
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
http://www.cdtech.sbs/wp/eg/
HTTP 307
https://www.cdtech.sbs/wp/eg/ HTTP 301
https://cdtech.sbs/wp/eg/ HTTP 307
http://www.cdtech.sbs/wp/eg/ HTTP 301
https://www.cdtech.sbs/wp/eg/ HTTP 301
https://cdtech.sbs/wp/eg/ Page URL
- https://reditest.pages.dev/files/?email=null Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Popper (Miscellaneous) Expand
Detected patterns
- <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.cdtech.sbs/wp/eg/
HTTP 307
https://www.cdtech.sbs/wp/eg/ HTTP 301
https://cdtech.sbs/wp/eg/ HTTP 307
http://www.cdtech.sbs/wp/eg/ HTTP 301
https://www.cdtech.sbs/wp/eg/ HTTP 301
https://cdtech.sbs/wp/eg/ Page URL
- https://reditest.pages.dev/files/?email=null Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.cdtech.sbs/wp/eg/ HTTP 307
- https://www.cdtech.sbs/wp/eg/ HTTP 301
- https://cdtech.sbs/wp/eg/ HTTP 307
- http://www.cdtech.sbs/wp/eg/ HTTP 301
- https://www.cdtech.sbs/wp/eg/ HTTP 301
- https://cdtech.sbs/wp/eg/
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
cdtech.sbs/wp/eg/ Redirect Chain
|
25 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
cdtech.sbs/wp/wp-includes/css/dist/block-library/ |
111 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ |
56 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ |
227 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/css/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
editor-style.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ |
82 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woo.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdtech.sbs/wp/wp-includes/js/jquery/ |
86 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
cdtech.sbs/wp/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-header.png
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/images/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
front-flex.min.css
cdtech.sbs/wp/wp-content/plugins/siteorigin-panels/css/ |
2 KB 515 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/ |
79 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.js
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.superfish.js
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d1b31fb5-2602-4873-b36e-a087c0d0e6bf
https://cdtech.sbs/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
reditest.pages.dev/files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.png
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/images/ |
333 B 363 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z7NOdRfiaC4Vd8hhoPzfb5vBTP1d7ZumR_g.woff2
fonts.gstatic.com/s/jura/v31/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/fonts/ |
70 KB 70 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
155 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
reditest.pages.dev/files/ |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
www.ratufa.io/c/ |
317 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.session.min.js
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
token
n1.ratufa.io/v1.0/form/i1bszc89/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
token
n1.ratufa.io/v1.0/form/i1bszc89/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
reditest.pages.dev/ |
15 KB 4 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- reditest.pages.dev
- URL
- https://reditest.pages.dev/files/?email=null
- Domain
- n1.ratufa.io
- URL
- https://n1.ratufa.io/v1.0/form/i1bszc89/token
- Domain
- n1.ratufa.io
- URL
- https://n1.ratufa.io/v1.0/form/i1bszc89/token
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| sim_factory function| filterCSS function| filterXSS object| Base64 object| RatufaContainer function| $ function| jQuery function| Popper object| bootstrap object| form function| handleSubmit1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
reditest.pages.dev/ | Name: __session:0.7510790966335259: Value: https: |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cdtech.sbs
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
n1.ratufa.io
reditest.pages.dev
stackpath.bootstrapcdn.com
www.cdtech.sbs
www.ratufa.io
n1.ratufa.io
reditest.pages.dev
104.17.24.14
104.18.10.207
104.18.11.207
142.250.185.227
142.250.186.106
151.101.130.137
151.101.65.229
169.150.247.36
172.217.18.10
188.114.96.3
65.109.83.50
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
23541534121fff865879e14b9b0197f3f38e20fafab1fd4076aa19785de8b7a8
26db49828d6701fcfce37a96da6ec3f0ed481abae49c8c9969a575b064413cad
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6845e3b55ca718e3050e973e67ca536261cfa915908c7169d9461b157d77677c
6c2a1eda8a126e1f385c0e0fd0fc3454e59753bd92da7ed006a6bb66185b17bf
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8872c52f10899fd3865d158264a006531179a7bfb336e1e377f39b030c98064f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
cb5ebbe3af570ca0c61ff1ed6531bccb0ad5bc7bcbe80e05e1e2de47d72c734d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb98571344066fc106fcdf4842b360be8f871545b1101533e9df90edb337f9d
d1377b77ffcd41206747fcd8a7322729a090fc27dab48728932f923f6aa6e94e
d708270d61fa1dfec437b58e2e55fcec2f413c7777d91c6d6e81a9e87c9a9ba9
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8253d5e0b488ea4e82bb658c670cb28266064abaa951a23becbc0e0d7425d1c
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42