ikram.bo.fekkiha.dulceabuela.es
Open in
urlscan Pro
185.68.109.166
Malicious Activity!
Public Scan
Effective URL: http://ikram.bo.fekkiha.dulceabuela.es/public/XCT4NZYMM5sEgQTwaR50BRbMOccZ8bUb
Submission: On February 20 via automatic, source openphish — Scanned from ES
Summary
This is the only time ikram.bo.fekkiha.dulceabuela.es was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 18 | 185.68.109.166 185.68.109.166 | 201446 (PROFESION...) (PROFESIONALHOSTING) | |
2 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3037::ac43:a669 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:1734 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3038::6815:ea91 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2606:4700:e4:... 2606:4700:e4::ac40:a816 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 108.138.7.118 108.138.7.118 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.198.23.205 104.198.23.205 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
34 | 10 |
ASN201446 (PROFESIONALHOSTING, ES)
PTR: dns109166.phdns5.es
ikram.bo.fekkiha.dulceabuela.es |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-118.fra56.r.cloudfront.net
static.hotjar.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com
r.lr-in.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
dulceabuela.es
2 redirects
ikram.bo.fekkiha.dulceabuela.es |
2 MB |
7 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1424 ka-f.fontawesome.com — Cisco Umbrella Rank: 2612 |
287 KB |
2 |
lr-in.com
cdn.lr-in.com — Cisco Umbrella Rank: 16325 r.lr-in.com — Cisco Umbrella Rank: 17690 |
162 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196 |
82 KB |
2 |
killbot.org
killbot.org |
1 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346 |
3 KB |
1 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 628 |
4 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
34 | 8 |
Domain | Requested by | |
---|---|---|
18 | ikram.bo.fekkiha.dulceabuela.es |
2 redirects
ikram.bo.fekkiha.dulceabuela.es
|
6 | ka-f.fontawesome.com |
kit.fontawesome.com
ikram.bo.fekkiha.dulceabuela.es |
2 | cdnjs.cloudflare.com |
ikram.bo.fekkiha.dulceabuela.es
cdnjs.cloudflare.com |
2 | killbot.org |
cdn.jsdelivr.net
|
2 | cdn.jsdelivr.net |
ikram.bo.fekkiha.dulceabuela.es
|
1 | r.lr-in.com |
cdn.lr-in.com
|
1 | static.hotjar.com |
ikram.bo.fekkiha.dulceabuela.es
|
1 | cdn.lr-in.com |
ikram.bo.fekkiha.dulceabuela.es
|
1 | kit.fontawesome.com |
ikram.bo.fekkiha.dulceabuela.es
|
0 | eofcbnmajmjmplflapaojjnihcjkigck Failed |
ikram.bo.fekkiha.dulceabuela.es
|
34 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
*.hotjar.com Amazon |
2022-10-25 - 2023-11-23 |
a year | crt.sh |
api.logrocket.com R3 |
2023-02-19 - 2023-05-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://ikram.bo.fekkiha.dulceabuela.es/public/XCT4NZYMM5sEgQTwaR50BRbMOccZ8bUb
Frame ID: 2EB3A85F49881D330FE7AF345764CA0A
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
DHLPage URL History Show full URLs
-
http://ikram.bo.fekkiha.dulceabuela.es/public
HTTP 301
http://ikram.bo.fekkiha.dulceabuela.es/public/ Page URL
-
http://ikram.bo.fekkiha.dulceabuela.es/XCT4NZYMM5sEgQTwaR50BRbMOccZ8bUb/
HTTP 301
http://ikram.bo.fekkiha.dulceabuela.es/public/XCT4NZYMM5sEgQTwaR50BRbMOccZ8bUb Page URL
Detected technologies
Laravel (Web Frameworks) ExpandDetected patterns
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ikram.bo.fekkiha.dulceabuela.es/public
HTTP 301
http://ikram.bo.fekkiha.dulceabuela.es/public/ Page URL
-
http://ikram.bo.fekkiha.dulceabuela.es/XCT4NZYMM5sEgQTwaR50BRbMOccZ8bUb/
HTTP 301
http://ikram.bo.fekkiha.dulceabuela.es/public/XCT4NZYMM5sEgQTwaR50BRbMOccZ8bUb Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ikram.bo.fekkiha.dulceabuela.es/public HTTP 301
- http://ikram.bo.fekkiha.dulceabuela.es/public/
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ikram.bo.fekkiha.dulceabuela.es/public/ Redirect Chain
|
558 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whois
killbot.org/api/v2/ |
83 B 816 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
XCT4NZYMM5sEgQTwaR50BRbMOccZ8bUb
ikram.bo.fekkiha.dulceabuela.es/public/ Redirect Chain
|
59 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f7165dd215.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
ikram.bo.fekkiha.dulceabuela.es/public/css/ |
429 KB 430 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logger-1.min.js
cdn.lr-in.com/ |
805 KB 161 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fonts.css
eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
ikram.bo.fekkiha.dulceabuela.es/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.png
ikram.bo.fekkiha.dulceabuela.es/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
foo.png
ikram.bo.fekkiha.dulceabuela.es/images/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
ikram.bo.fekkiha.dulceabuela.es/public/js/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
session-recorder.js
ikram.bo.fekkiha.dulceabuela.es/public/js/ |
44 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ |
100 KB 23 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ |
27 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ |
823 B 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ |
2 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whois
killbot.org/api/v2/ |
83 B 488 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-latin-400-normal.woff2
ikram.bo.fekkiha.dulceabuela.es/fonts/vendor/@fontsource/roboto/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2895475.js
static.hotjar.com/c/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webfa-solid-900.woff2
ikram.bo.fekkiha.dulceabuela.es/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webfa-brands-400.woff2
ikram.bo.fekkiha.dulceabuela.es/public/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9fc122e8-c32e-485a-9308-89ad2ba840b1
http://ikram.bo.fekkiha.dulceabuela.es/ |
443 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-all-400-normal.woff
ikram.bo.fekkiha.dulceabuela.es/fonts/vendor/@fontsource/roboto/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webfa-solid-900.woff
ikram.bo.fekkiha.dulceabuela.es/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webfa-brands-400.woff
ikram.bo.fekkiha.dulceabuela.es/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webfa-solid-900.ttf
ikram.bo.fekkiha.dulceabuela.es/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webfa-brands-400.ttf
ikram.bo.fekkiha.dulceabuela.es/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.3.0/webfonts/ |
146 KB 147 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.3.0/webfonts/ |
105 KB 106 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
r.lr-in.com/ |
104 B 633 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- eofcbnmajmjmplflapaojjnihcjkigck
- URL
- chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange object| FontAwesomeKitConfig object| _0x3185 function| _0x501f function| _0x34aede function| redirect string| sessionHash function| hj object| _hjSettings object| regeneratorRuntime object| __SDKCONFIG__ function| _LRLogger object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| webpackChunk function| jQuery function| $ object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| intlTelInputUtils function| openNav function| closeNav function| _lrMutationObserver function| _lrXMLHttpRequest boolean| _lr_loaded boolean| errorInB boolean| errorInC object| authTimeout boolean| hasBLogin boolean| isInBLogin object| bLogin function| Pusher object| Echo5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ikram.bo.fekkiha.dulceabuela.es/ | Name: XSRF-TOKEN Value: eyJpdiI6IlBJT01yV0s2QzF6Sit2cnpKNHJ1UUE9PSIsInZhbHVlIjoiZFl1SmFQZGVIaFI2blhmV3c2YzhHOGc5cU8yNFdqQktiam9vSFNwNGcxQk1CU2pXcEZqb2xmdWZEMzVlbUV0RVpENGkwZzNQRm9ia2E3cjB2Z3pLdE94dUdrd0FZRURGTjJmRHZVWkprOGh1dy93OVVyMEpuWFJCUHVrN1c5cjgiLCJtYWMiOiIxZDkzNGEzMGYyZTE2MGI3MTliOGM0NjY2NDk4MDhlMjJkYjlkM2Y2ZTEzMDk3N2ZlODcxYzI0Nzg3MjU3NzlkIiwidGFnIjoiIn0%3D |
|
ikram.bo.fekkiha.dulceabuela.es/ | Name: laravel_session Value: eyJpdiI6ImYzbVpXWVB1UVRiWTlVdkJHbWhIOXc9PSIsInZhbHVlIjoiaWVaanFpb25YVWZpeWc2a0F1YzVjL2dhSzlINXZsZzN5TGxTOGtOM0U2UEY0VkExWi9aZllialYvNmlWdVFuR3FTSG1XR0dJYitvSEZjOC9TNUthMEJKakx4M0w3TnZaaU9VY2REd01xclNodkFITFFoZUEyUnRJWGo0eUtKdjMiLCJtYWMiOiIxMDNlNzFmMzE2NDNmZjQzYzA3NzI0ZWY2YWM4ZTFiZTY0NjQ3ZjM2MjMxZGM3OGI5MDVhYjI5MGU2YjdlZTQxIiwidGFnIjoiIn0%3D |
|
ikram.bo.fekkiha.dulceabuela.es/ | Name: _lr_tabs_-mnnzup%2Fdus Value: {%22sessionID%22:0%2C%22recordingID%22:%225-5fef1106-c49a-416a-9128-c474a6986513%22%2C%22lastActivity%22:1676855586786} |
|
ikram.bo.fekkiha.dulceabuela.es/ | Name: _lr_hb_-mnnzup%2Fdus Value: {%22heartbeat%22:1676855586786} |
|
ikram.bo.fekkiha.dulceabuela.es/ | Name: _lr_uf_-mnnzup Value: 3f1de9b9-d6d2-4d4b-bd5d-e8ffda355b59 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdn.lr-in.com
cdnjs.cloudflare.com
eofcbnmajmjmplflapaojjnihcjkigck
ikram.bo.fekkiha.dulceabuela.es
ka-f.fontawesome.com
killbot.org
kit.fontawesome.com
r.lr-in.com
static.hotjar.com
eofcbnmajmjmplflapaojjnihcjkigck
104.198.23.205
108.138.7.118
185.68.109.166
2606:4700:3037::ac43:a669
2606:4700:3038::6815:ea91
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6812:1734
2606:4700:e4::ac40:a816
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
3781276c947446303f95592499e641929c792c682fcfc73b390184963b4adc36
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3
56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90
6251e6ed36882ca1f70ecd0824ef87e9a43764eb9e3448aacc547be48c044688
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
801d2299e7726134c916ee9b80a62511aaad8507681b1f4a2249205ce97dd805
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9
88ad6fd5180571281aa819f3dbe754e8ca6dd70720e3360ff6a583ca48c870a1
9d1a233591b5b6ed7253c99f263f02cf34a784b67148c9f1d3891b6ba4efeba5
a8831773f69697c641e349c519d162ad5afe58cc583703d96f98a79d29087ef1
a963d0d6baf5f8ad3a8d21c2bff2971d0819789204815a7082d8d4776dec4a80
aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
cf593f955eaa091c8ec6cc0f5d162f90da1127472aa90a1d6b39a582c2618791
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
f7a5aba06e482e1506bdf5b3a730147d4a0ed7f088f6425cc9b166bf8a105fd8
f8991bad621d759d15a02caaec9797e4d9dcf8e2d2ff64e1a0cebc07675b6aed
fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545