www.mt-lesershop.de
Open in
urlscan Pro
18.194.251.60
Malicious Activity!
Public Scan
Effective URL: https://www.mt-lesershop.de/
Submission: On July 25 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on June 8th 2024. Valid for: 3 months.
This is the only time www.mt-lesershop.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 35.158.163.209 35.158.163.209 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 18.194.251.60 18.194.251.60 | 16509 (AMAZON-02) (AMAZON-02) | |
38 | 13.249.9.81 13.249.9.81 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200e | 15169 (GOOGLE) (GOOGLE) | |
43 | 5 |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-163-209.eu-central-1.compute.amazonaws.com
mt-lesershop.de |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-251-60.eu-central-1.compute.amazonaws.com
www.mt-lesershop.de |
ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-81.cdg53.r.cloudfront.net
cdn02.plentymarkets.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
38 |
plentymarkets.com
cdn02.plentymarkets.com — Cisco Umbrella Rank: 239788 |
2 MB |
3 |
mt-lesershop.de
1 redirects
mt-lesershop.de www.mt-lesershop.de |
76 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
165 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 |
21 KB |
43 | 4 |
Domain | Requested by | |
---|---|---|
38 | cdn02.plentymarkets.com |
www.mt-lesershop.de
cdn02.plentymarkets.com |
2 | www.googletagmanager.com |
www.mt-lesershop.de
www.googletagmanager.com |
2 | www.mt-lesershop.de |
cdn02.plentymarkets.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | mt-lesershop.de | 1 redirects |
43 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mt-lesershop.de Encryption Everywhere DV TLS CA - G2 |
2024-06-08 - 2024-09-07 |
3 months | crt.sh |
*.plentymarkets.com Amazon RSA 2048 M02 |
2024-04-09 - 2025-05-08 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.mt-lesershop.de/
Frame ID: C3A4C791CDF45E0E6D3F35D07BFE8B23
Requests: 44 HTTP requests in this frame
Screenshot
Page Title
MindenerTageblattPage URL History Show full URLs
-
https://mt-lesershop.de/
HTTP 301
https://www.mt-lesershop.de/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mt-lesershop.de/
HTTP 301
https://www.mt-lesershop.de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.mt-lesershop.de/ Redirect Chain
|
304 KB 75 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular.ttf
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/ |
127 KB 77 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Logo.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-icons.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/css/ |
66 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-base.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/css/ |
345 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
208 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lighblue3-diamond.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl-logo.svg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Logos/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/js/dist/ |
899 KB 258 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Logo.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/documents/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-9.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/js/dist/chunks/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-3.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/js/dist/chunks/ |
88 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-14.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/js/dist/chunks/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-25.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/js/dist/chunks/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
304 B 0 |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Leonos_Slider_Strandkoerbe.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Sliders/ |
131 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Buecher02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
158 KB 158 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Garten02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
327 KB 327 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Regionales02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
239 KB 240 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Wohnen02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
171 KB 172 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-0.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/387/ceres/js/dist/chunks/ |
19 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71357-Geschenk-Set-Gartenglueck-013.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047678/middle/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71323-Pflanzgefaess-Willkommen-Edelrost-01.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047647/middle/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66913-Strandkorb-DueNE-Design-1436-1.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71366-71367-Wespenvertreiber-Set-01.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047694/middle/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71357-Geschenk-Set-Gartenglueck-012.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047678/middle/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71323-Pflanzgefaess-Willkommen-Edelrost-04.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047647/middle/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71323-Pflanzgefaess-Willkommen-Edelrost-03.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047647/middle/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71323-Pflanzgefaess-Willkommen-Edelrost-02.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047647/middle/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Strandkorb-Duene-Teak-shell-518-01436-2.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Strandkorb-Duene-Teak-shell-518-01436-3.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MD02503-Abdeckhaube-Strandkorb--2-.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
29 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Abdeckhaube-Mr-Deko-Schichtaufbau.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strandkorb-lifter-system-3.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strandkorb-lifter-system-4.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Strandkorb-Rollen-Detail.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
komplettset-dreiteilig.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046129/middle/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71366-71367-Wespenvertreiber-Set-02.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047694/middle/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71366-71367-Wespenvertreiber-Set-03.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047694/middle/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.mt-lesershop.de/rest/io/session/ |
682 B 917 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
256 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Favicon.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ |
10 KB 10 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ConsentManager function| loadCSS function| gtag object| dataLayer object| __INITIAL_STATE__ object| App function| __loadPluginChunk object| webpackJsonp function| setImmediate function| clearImmediate function| jQuery function| $ object| CeresMain object| CeresNotification function| createApp function| Vue object| Vuex object| NotificationService function| ceresTranslate object| vueEventHub object| ceresStore function| loadCashInAdvanceModal object| vueApp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mt-lesershop.de/ | Name: plentyID35 Value: eyJpdiI6Ill1VGRhZUNZSjZGVUVKR055a0RKaVE9PSIsInZhbHVlIjoiS2RIY3hDSzg1ZzY1cnJ1UnNZamZXamxyWktHVjVaaW4wK0QrZHozL085eTdHNzYzZEZrMi9CSWROeXp4STFqMiIsIm1hYyI6IjEyNzBhMGFjMzg0NWY5NTFkZTA3NmM4NjhiOWU0NmZhMzNjNjFiNGMxMjQxMjJkZTE4YTdjYjM0NTU4M2Q2ZDYiLCJ0YWciOiIifQ%3D%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn02.plentymarkets.com
mt-lesershop.de
www.google-analytics.com
www.googletagmanager.com
www.mt-lesershop.de
13.249.9.81
18.194.251.60
2a00:1450:4001:806::200e
2a00:1450:4001:81d::2008
35.158.163.209
0e3e3ca49c86b3c51197077281383f9cf1d4253e9b1e9e9dd03c4923925a6a87
150d984df97cdb59d0557fa9f301b4ada6bcae6b41600aac913fa2d8b06ee658
17f90fd9322a06522547fd88c55779f57f26c047997ed4066b95761f41b391ee
1f78d063d9e2037a206c46691fd47937120866131b6a3b5bb156d435eaed821e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ca20391a81584d03fa88bbc3a449a689bc6cb657517f8379030aa415c5ea619
339e83298b6f39d7cfec85cd7dce7b165404f0285774bdc4f33ef1f1748ea24c
35c3a50b3f25ca7f867f9b8d75f882977c324de587b98bf26ca854e02a64acb9
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
370a7b8295d4a563163a47ff85a6d689be4dd1dcb14eccbc4ae2063426177cc9
3d86e3038a9c48c8db2c49a160a5311b005db9085bf27f33aab94c9967638b08
40f801157847e275653090f99e4b383fde6bee2737e5697e692f2744a387b181
4c08767d27f3e91d5fd9cf37f6256c04f8aa237711215b208968d83dfba6fed5
511bd317daa93dc6b838c56de33a112e67c36bb26067f24064213b7b3d1d5bf1
5621b548bf8e3430a9e19201a3270b45578f5d1bc49ac4af688b9ff0fa00c1eb
6ff7d51fb6f54d4868d04d264bb9f0410a9bf53ba03384d9ef19dcf9d3de4753
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f
71ddbd083287cf197beb896702f49a27e2b579bd728ea71dd14cad8d32076ba0
74205dce9ef79a723d5b062e29ba3889102e8b3789bbf5c8c5100557ac7b2775
8016beda9b7a6bee26032ecf5e74cb4385f431b81ab832e547a0b1102c40c809
88328c8d7214404de6606195ae89c98ef555a21c94dc3d31ac22f43c97d2e363
935e3598d7cd3f80b795fd2b77beda0f946309afc6ad85bf4d3d848c107c247f
9603addc34239ee4bcfda0b1da399ee52fa63b3694a2053a4f152b16158c6137
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a11da30ab951d61d409be021976aba12734de866c5d392db4de97a432a870614
a12355f3d507b130895538d61e039d75f2dbf74bd3fe19163a7cb46539fe32f4
a828ee8fa5fbe0c2c13d9c2feafb7ad113ec60cbd70e73858889f2d67dc2839f
a934168bffa7e453415636d20c129f762bb075a2c174c4556d71c29df93e6508
aa0226b5807f156fd048a1704e760b013e0b5a1cf284ea0db15eb99c689a230a
aadedaf8a10726aee2cc7f6dc5c14fc9f3f97ef1c76810845fa5bf305dca818d
ae69d9b1d3723dd6543c2629bf4cdd2b7e5610614ae6ed1f9ce3d931c854bf68
bc343b2e8f80ab2df0d43a4091cdfd6e9a337a4d05ec4e1ae3d38768295f2d9e
bd41e812922efed5ce8b72080657f8799dd4dd4309c915b9b1369a5b0b36c0c1
c20af9152bec0d63106de7ecb6ad1ae8b13005f894b90537083ea3b29e8e9469
c246ecf28db73310586769ff94ea92c51a9d3c351682bec85ec28c6bd744fa5f
ce61eb85ce03edb8b908c0a11d435b599a9b90ff30360cafcf27d7728c3584f7
d5f503e303b2ee1ece7b482cfb42f05c425fe0f814b8f80752c8a4a6dae07b1b
dcf4d497e15060ed3f9dc5113079166e2b379afa46cf67966013e7ed7499057a
de0e248a0876d60682dbc58391761e2ac79ba8b3fd208877dbdca19ee62efce9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e84b1cf847145bbb1b8b200360c169402ce0cbb488836de8f9c274e204b6edc3
e924725dc5cc4e61a8152d357921d8a65394e3acb24a137d1a65e03d23c3ee4f
ec46fbf5f723f4c13bf89f58f8c8688bfb1951e996ce91173247146f1f40d540