aktualisierenmedia.com
Open in
urlscan Pro
178.62.190.89
Malicious Activity!
Public Scan
Effective URL: https://aktualisierenmedia.com/thenewsspy/index.php?aref=https%3A%2F%2Flqvwl.adsbtrk.com%2Fsite%2Fredirectpage%3Fsid%3D170581%2...
Submission: On April 01 via manual from IN
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 23rd 2020. Valid for: 3 months.
This is the only time aktualisierenmedia.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online) Lion's Den Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 93.119.176.64 93.119.176.64 | 203523 (VIRTONO-N...) (VIRTONO-NETWORKS) | |
1 1 | 2a05:d018:244... 2a05:d018:244:5200::ab | 16509 (AMAZON-02) (AMAZON-02) | |
30 | 178.62.190.89 178.62.190.89 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 195.181.175.46 195.181.175.46 | 60068 (CDN77) (CDN77) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c01::9a | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:820::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 5 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN60068 (CDN77, GB)
PTR: unn-195-181-175-46.datapacket.com
cdn.sendpulse.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
aktualisierenmedia.com
aktualisierenmedia.com |
4 MB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
181 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
185 B |
1 |
sendpulse.com
cdn.sendpulse.com |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
28 KB |
1 |
adsbtrk.com
1 redirects
lqvwl.adsbtrk.com |
939 B |
1 |
acersia.com
1 redirects
track.acersia.com |
294 B |
34 | 9 |
Domain | Requested by | |
---|---|---|
30 | aktualisierenmedia.com |
aktualisierenmedia.com
|
2 | www.google-analytics.com |
1 redirects
aktualisierenmedia.com
|
1 | www.google.de |
aktualisierenmedia.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | cdn.sendpulse.com |
aktualisierenmedia.com
|
1 | www.googletagmanager.com |
aktualisierenmedia.com
|
1 | lqvwl.adsbtrk.com | 1 redirects |
1 | track.acersia.com | 1 redirects |
34 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
lqvwl.adsbtrk.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
aktualisierenmedia.com Let's Encrypt Authority X3 |
2020-02-23 - 2020-05-23 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.sendpulse.com COMODO RSA Domain Validation Secure Server CA |
2018-10-30 - 2020-10-29 |
2 years | crt.sh |
www.google.de GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://aktualisierenmedia.com/thenewsspy/index.php?aref=https%3A%2F%2Flqvwl.adsbtrk.com%2Fsite%2Fredirectpage%3Fsid%3D170581%26hv%3Dbmafs5e843ffc3e41a234296068%26hid%3D2729708
Frame ID: 7350D8792E7DC66DF6229C066B8FE655
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://track.acersia.com/campaigns/sy343hgzbj025/track-url/zy141nksb6508/ac9557af378cf40987e9f8d5cc11...
HTTP 302
https://lqvwl.adsbtrk.com/c/1f6294bfdf4e357a?subid=zy141nksb6508&list=rc807pkjlod50 HTTP 302
https://aktualisierenmedia.com/thenewsspy/index.php?aref=https%3A%2F%2Flqvwl.adsbtrk.com%2Fsite%2Fredirectp... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://track.acersia.com/campaigns/sy343hgzbj025/track-url/zy141nksb6508/ac9557af378cf40987e9f8d5cc1109f3af537e1a
HTTP 302
https://lqvwl.adsbtrk.com/c/1f6294bfdf4e357a?subid=zy141nksb6508&list=rc807pkjlod50 HTTP 302
https://aktualisierenmedia.com/thenewsspy/index.php?aref=https%3A%2F%2Flqvwl.adsbtrk.com%2Fsite%2Fredirectpage%3Fsid%3D170581%26hv%3Dbmafs5e843ffc3e41a234296068%26hid%3D2729708 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=894687118&t=pageview&_s=1&dl=https%3A%2F%2Faktualisierenmedia.com%2Fthenewsspy%2Findex.php%3Faref%3Dhttps%253A%252F%252Flqvwl.adsbtrk.com%252Fsite%252Fredirectpage%253Fsid%253D170581%2526hv%253Dbmafs5e843ffc3e41a234296068%2526hid%253D2729708&ul=en-us&de=UTF-8&dt=ZDFmediathek%20-%20Die%20j%C3%BCngste%20Investition%20von%20Horst%20Lichter%20hat%20Experten%20beunruhigt%20und%20gro%C3%9Fe%20Banken%20zittern%20lassen&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEBAAUABE~&jid=1702449164&gjid=1799800950&cid=715669701.1585725437&tid=UA-135019686-10&_gid=1491528123.1585725437&_r=1>m=2ou9i1&z=1508505282 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-135019686-10&cid=715669701.1585725437&jid=1702449164&_gid=1491528123.1585725437&gjid=1799800950&_v=j79&z=1508505282 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-135019686-10&cid=715669701.1585725437&jid=1702449164&_v=j79&z=1508505282 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-135019686-10&cid=715669701.1585725437&jid=1702449164&_v=j79&z=1508505282&slf_rd=1&random=502762647
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
aktualisierenmedia.com/thenewsspy/ Redirect Chain
|
155 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.download
aktualisierenmedia.com/thenewsspy/index_files/ |
43 KB 44 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js.download
aktualisierenmedia.com/thenewsspy/index_files/ |
274 KB 274 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
393e3m353j3k393e371d3i353m39353n1e333f3d.js.download
aktualisierenmedia.com/thenewsspy/index_files/ |
635 B 888 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
aktualisierenmedia.com/thenewsspy/index_files/ |
69 KB 70 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
87b7c73af4ffaf5437831b6eb9b556c9_1.js.download
aktualisierenmedia.com/thenewsspy/index_files/ |
45 KB 46 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sendpulse-prompt.min.css
aktualisierenmedia.com/thenewsspy/index_files/ |
45 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
aktualisierenmedia.com/thenewsspy/index_files/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cegrc1o7f3llvodpyray.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jgc2qdsl7f0wbpyk9nap.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jwccfgscfkwc894gdtcg.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dyxpm6j17qfnmnhj9rdc.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xjfu04hzwv1fubhhu6l7.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ulprhvedsgozq6r6gy8t.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
91 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l4tebgz5cuohroqtccyi.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
96 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wjee55cioggkempejeeg.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step3.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l7kp6sagzvgjamrhi0w8.png
aktualisierenmedia.com/thenewsspy/index_files/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ainicniusbw2nyx3hlfi.png
aktualisierenmedia.com/thenewsspy/index_files/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xo0rgoorgbynpgw4kyqp.png
aktualisierenmedia.com/thenewsspy/index_files/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ooo3goob2pv5nlmdwwas.png
aktualisierenmedia.com/thenewsspy/index_files/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jfn5vt9dszilcurtwjlo.png
aktualisierenmedia.com/thenewsspy/index_files/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wy3fkittrrlvgut3odp2.png
aktualisierenmedia.com/thenewsspy/index_files/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kdsy10yyahownwemccbo.png
aktualisierenmedia.com/thenewsspy/index_files/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkmark.png
aktualisierenmedia.com/thenewsspy/index_files/ |
341 B 579 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w04ebxsdt1iehtc0j2ti.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n4donflljypzf0jwaysp.png
aktualisierenmedia.com/thenewsspy/index_files/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hiqtte24snwgkglyozuw.jpg
aktualisierenmedia.com/thenewsspy/index_files/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
313b3k3l313c393j39353i353e3d353439311e333f3d.js
aktualisierenmedia.com/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
76 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
82b7b89c794157b436dcfed5cd5952c3_1.js
cdn.sendpulse.com/js/push/ |
49 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online) Lion's Den Scam (Online)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| google_tag_data function| ga object| gaplugins object| JqueryWs function| $ function| jQuery string| str string| r object| stats function| gtag number| a object| dataLayer object| sndplse object| google_tag_manager object| oSpPOptions function| oSendpulsePush object| oSpP function| UAParser string| GoogleAnalyticsObject object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.aktualisierenmedia.com/ | Name: _gat_gtag_UA_135019686_10 Value: 1 |
|
.aktualisierenmedia.com/ | Name: _gid Value: GA1.2.1491528123.1585725437 |
|
.aktualisierenmedia.com/ | Name: _ga Value: GA1.2.715669701.1585725437 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aktualisierenmedia.com
cdn.sendpulse.com
lqvwl.adsbtrk.com
stats.g.doubleclick.net
track.acersia.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
178.62.190.89
195.181.175.46
2a00:1450:4001:800::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:820::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c01::9a
2a05:d018:244:5200::ab
93.119.176.64
18f964969c482859c4aaa2aec0b97e478485cc368a7f8e07579e82be930aabe4
1ad0b3ff5790c9b59169c805db5d2340d145bdb56e8ca767b17374fc197f9dc6
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
2b65d3d4ad5fa6ab757a0d7e1eef72b3bc90f020d7a9966ba5439cc25a9c2bad
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614
48e9d3d9b2d20808a416f9acc714692c11908fcc9712ea56de08d6a6aaa3397a
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
7049efe7e9c26f1914161c3cbc7a76955037cf68b0bf1f4cf10ee2214efef18f
7080960827e86452ae31d6c3f46184c38114ab3e2c620b1548b368faec027faa
71fc9547f8e637c4151db8b0f033c1d09aee3f7f2c9a52f37b8cdd1b879cd8b3
83294d9755b784dcdd40202480359f828eacac3a0edd11647c26761ab56575a2
92454e19c5061ca1f0df8eaa27f81bcb171b2a7979cb23a506a52dba205b1467
a063e0570f52858c51abf382c65a98b6f97f4650929dc7e172ca3d9f3a91d546
abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
be10289e9cfc7454ce592f2181dd7852038227285ea54fde89a3f833568fa3eb
bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2
c585f22ff4b48568d093fdcb0cd429be80edfa06e7bffbedd92d7bada9fbde5a
ca783fcc65d1ba104e19854f40695c8edad38a43f24809007af1177e79d41b31
d2a7964e688d996d99b4a6c62b3fda969793f26b47c73c8bb19cd5e87a62c65f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
ea7e3aa7525a4386adb109ac635b4cc6c9ed085b1e6ff165116ca2096d4651d7
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa7aeaf3e77bf8f24caaed55ec9891ad55e51c61d5e339606fa263563b4da09
f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9
f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e
fbfc8f1d8f871e504a88244f7e36068cf46ed9e31fcb09b4b361f114518dffa9