![](/screenshots/795b3f8c-1d0f-4b9e-8b03-06fcff82fa0d.png)
ebanking-ch3-ubs-4cb53.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Effective URL: https://ebanking-ch3-ubs-4cb53.web.app/login.html?session=18qNcptCFkKgyVZBp1rdSzx25nMeV8CdNNmuhAckkALDFy8T7f65pyurOvzQd5OUhxS8nyeSusazC...
Submission: On November 02 via manual from CH — Scanned from FR
Summary
TLS certificate: Issued by GTS CA 1D4 on October 19th 2022. Valid for: 3 months.
This is the only time ebanking-ch3-ubs-4cb53.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UBS (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 51.15.139.10 51.15.139.10 | 12876 (Online SAS) (Online SAS) | |
12 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
2 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
2 | 2606:4700::68... 2606:4700::6810:5614 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2606:4700::68... 2606:4700::6810:7eaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 34.117.59.81 34.117.59.81 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
29 | 11 |
ASN12876 (Online SAS, FR)
PTR: 10-139-15-51.instances.scw.cloud
www.pxlme.me |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
web.app
ebanking-ch3-ubs-4cb53.web.app |
127 KB |
5 |
gstatic.com
www.gstatic.com |
319 KB |
2 |
googleapis.com
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 338 |
521 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121 |
102 KB |
2 |
unpkg.com
1 redirects
unpkg.com — Cisco Umbrella Rank: 1127 |
10 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 475 |
3 KB |
2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 959 |
61 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2041 |
358 B |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 4894 |
496 B |
1 |
aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2992 |
30 KB |
1 |
pxlme.me
1 redirects
www.pxlme.me |
252 B |
29 | 11 |
Domain | Requested by | |
---|---|---|
12 | ebanking-ch3-ubs-4cb53.web.app |
ebanking-ch3-ubs-4cb53.web.app
|
5 | www.gstatic.com |
ebanking-ch3-ubs-4cb53.web.app
|
2 | firebaseinstallations.googleapis.com |
www.gstatic.com
|
2 | www.googletagmanager.com |
www.gstatic.com
www.googletagmanager.com |
2 | unpkg.com |
1 redirects
ebanking-ch3-ubs-4cb53.web.app
|
2 | cdn.jsdelivr.net |
ebanking-ch3-ubs-4cb53.web.app
|
2 | code.jquery.com |
ebanking-ch3-ubs-4cb53.web.app
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | ipinfo.io |
ebanking-ch3-ubs-4cb53.web.app
|
1 | ajax.aspnetcdn.com |
ebanking-ch3-ubs-4cb53.web.app
|
1 | www.pxlme.me | 1 redirects |
29 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.ubs.com |
ebanking-ch.ubs.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2022-10-19 - 2023-01-17 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
ipinfo.io GTS CA 1D4 |
2022-10-11 - 2023-01-09 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ebanking-ch3-ubs-4cb53.web.app/login.html?session=18qNcptCFkKgyVZBp1rdSzx25nMeV8CdNNmuhAckkALDFy8T7f65pyurOvzQd5OUhxS8nyeSusazCPt6DlvBEa8MJBONRTeObC&auth=13339aae-31a3-43d6-b155-bb0de1fb261f
Frame ID: F8FEB62EF4E4759A44769E8EA2040229
Requests: 32 HTTP requests in this frame
Screenshot
![](/screenshots/795b3f8c-1d0f-4b9e-8b03-06fcff82fa0d.png)
Page Title
UBS E-Banking login | UBS SwitzerlandPage URL History Show full URLs
-
http://www.pxlme.me/isee9F6a
HTTP 302
https://ebanking-ch3-ubs-4cb53.web.app/ Page URL
- https://ebanking-ch3-ubs-4cb53.web.app/login.html?session=18qNcptCFkKgyVZBp1rdSzx25nMeV8CdNNmuhAckkALDFy8T7f65pyurO... Page URL
Detected technologies
![](/vendor/wappa/icons/Firebase.png)
Detected patterns
- /(?:([\d.]+)/)?firebase(?:\.min)?\.js
- /firebasejs/([\d.]+)/firebase
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
27 Outgoing links
These are links going to different origins than the main page.
Title: Geschäftsstellen
Search URL Search Domain Scan URL
Title: Bancomaten/Geldautomaten
Search URL Search Domain Scan URL
Title: Hilfe: Fragen und Antworten
Search URL Search Domain Scan URL
Title: Digital Banking Support
Search URL Search Domain Scan URL
Title: Service Line Privatkunden
Search URL Search Domain Scan URL
Title: Betreuung Unternehmenskunden
Search URL Search Domain Scan URL
Title: Weitere Kontaktadressen
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: UBS E-Banking in der Schweiz
Search URL Search Domain Scan URL
Title: UBS Safe
Search URL Search Domain Scan URL
Title: UBS Quotes
Search URL Search Domain Scan URL
Title: UBS KeyClub eStore
Search URL Search Domain Scan URL
Title: UBS Connect
Search URL Search Domain Scan URL
Title: UBS KeyTrader
Search URL Search Domain Scan URL
Title: Kundenportale der Investment Bank
Search URL Search Domain Scan URL
Title: More logins
Search URL Search Domain Scan URL
Title: Probleme mit Login
Search URL Search Domain Scan URL
Title: Kartenleser / Access Card bestellen
Search URL Search Domain Scan URL
Title: Neuheiten im Digital Banking
Search URL Search Domain Scan URL
Title: E-Banking Demo ausprobieren
Search URL Search Domain Scan URL
Title: https://ebanking-ch.ubs.com
Search URL Search Domain Scan URL
Title: Schweiz
Search URL Search Domain Scan URL
Title: Information zu UBS
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
Title: Betrügerische E-Mails melden
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.pxlme.me/isee9F6a
HTTP 302
https://ebanking-ch3-ubs-4cb53.web.app/ Page URL
- https://ebanking-ch3-ubs-4cb53.web.app/login.html?session=18qNcptCFkKgyVZBp1rdSzx25nMeV8CdNNmuhAckkALDFy8T7f65pyurOvzQd5OUhxS8nyeSusazCPt6DlvBEa8MJBONRTeObC&auth=13339aae-31a3-43d6-b155-bb0de1fb261f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.pxlme.me/isee9F6a HTTP 302
- https://ebanking-ch3-ubs-4cb53.web.app/
- https://unpkg.com/axios/dist/axios.min.js HTTP 302
- https://unpkg.com/axios@1.1.3/dist/axios.min.js
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ebanking-ch3-ubs-4cb53.web.app/ Redirect Chain
|
2 KB 1021 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwr.css
ebanking-ch3-ubs-4cb53.web.app/assets/ |
186 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
ebanking-ch3-ubs-4cb53.web.app/assets/ |
39 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uuidv4.min.js
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
login.html
ebanking-ch3-ubs-4cb53.web.app/ |
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
uwr.css
ebanking-ch3-ubs-4cb53.web.app/assets/ |
186 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
default.css
ebanking-ch3-ubs-4cb53.web.app/assets/ |
39 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
uuidv4.min.js
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase.js
www.gstatic.com/firebasejs/5.9.4/ |
774 KB 210 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/7.3.0/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-analytics.js
www.gstatic.com/firebasejs/7.3.0/ |
21 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-auth.js
www.gstatic.com/firebasejs/6.1.1/ |
156 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-database.js
www.gstatic.com/firebasejs/6.1.1/ |
177 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
unpkg.com/axios@1.1.3/dist/ Redirect Chain
|
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
526 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
526 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
409b4bec-c67e-4764-a141-054db8df81d2.woff
ebanking-ch3-ubs-4cb53.web.app/assets/widgets/Common/fonts/ubs-latin-extended/ |
2 KB 979 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
input-question.png
ebanking-ch3-ubs-4cb53.web.app/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
533 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
illustrations-login_keychain.png
ebanking-ch3-ubs-4cb53.web.app/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
59d9a83f-4045-4d43-af46-655f845461ee.woff
ebanking-ch3-ubs-4cb53.web.app/assets/widgets/Common/fonts/ubs-latin-extended/ |
2 KB 979 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
efe9def0-77d1-4c28-8fd2-371236a3c8ed.ttf
ebanking-ch3-ubs-4cb53.web.app/assets/widgets/Common/fonts/ubs-latin-extended/ |
2 KB 979 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f901b503-9104-414a-a856-af9bcc802b5c.ttf
ebanking-ch3-ubs-4cb53.web.app/assets/widgets/Common/fonts/ubs-latin-extended/ |
2 KB 979 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
ipinfo.io/ |
206 B 496 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
93 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
installations
firebaseinstallations.googleapis.com/v1/projects/pruject-59cab/ |
628 B 521 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
installations
firebaseinstallations.googleapis.com/v1/projects/pruject-59cab/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
176 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 358 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UBS (Banking)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| isZtic function| $ function| jQuery function| uuidv4 object| firebase function| axios function| randomString function| redirectNow function| getFormData string| AuthTokens object| dataLayer function| gtag object| google_tag_manager object| google_tag_data object| gaGlobal2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ebanking-ch3-ubs-4cb53.web.app/ | Name: _ga_G67E3CE9XK Value: GS1.1.1667390214.1.0.1667390214.0.0.0 |
|
.ebanking-ch3-ubs-4cb53.web.app/ | Name: _ga Value: GA1.1.1609682573.1667390215 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
cdn.jsdelivr.net
code.jquery.com
ebanking-ch3-ubs-4cb53.web.app
firebaseinstallations.googleapis.com
ipinfo.io
region1.google-analytics.com
unpkg.com
www.googletagmanager.com
www.gstatic.com
www.pxlme.me
152.199.19.160
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
2606:4700::6810:5614
2606:4700::6810:7eaf
2620:0:890::100
2a00:1450:4001:80e::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
34.117.59.81
51.15.139.10
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
167d91249d9000e337cbaaaa58a6f446f0beba3fa2b62eaef0fddd2a82f82263
20f4e0215945949318eac3514e2f34e16abe6951ede19684b015e544f6a76497
2192281c5f07f6a11781f3f980f4cc3542ca6cbf29c417c0eb5d1636c84863a4
24b67f290ff38e305234a9aaeb58d23fb6cac856c328519a461822603d2eb545
329a54a4d1966abb2a846911add2bbee0944c6afd17cff49f3a86cb24a2e2c37
355da02573a28dc31455c6ebd0e4f1f0eef26016f99c2042692c60d5d1cd3ae9
3ce9310cee89590685e37248ffb80cbf2737b461dc615585be618f53e1d22802
3d45b46e7da00d580a0f63c2d3924f551b67d50345dfbb0f7951de17ce2ced45
43b5a6a45ec4d2a2d88673ec22c45228bb8dd3b5ed0e6fbf426aaafc84b0607d
4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc
63476ebe5384c8dedcbdc39f8bf8929ab6a4e1e8adfbefdf894a1fffee3a25f1
6685cfe54ddef3255c33d0198352369294fb10139e820a3940080d78906bf7ed
6f970cc9fade4d456f45c9e82567f02d3ff17dadc1e1d561676574138d34d7f8
7dcadd6979668d8e3eadf973bc8d9a8a9dcce4eabf275f6275a7cad54676664c
80a57ce9e47761df90463391c2fb538c0da1e24b8da19df8d7970ed72d75663f
98df1d69429a11de8ce7d87e8436a04b0dedc3e5ede509664e10734ffc50854e
991aa4c61dd3b50772784f9ed5303aa905fbf57e3f63b5e40168eb608a56ffa8
b1484e7fd1898dd79dfa52a93cc617ed4e31c8c22829413d8b5d5b56f8c5fff6
b9da2c646faba4cd1b9477bb7b0d23a9631a8c4cbbb29f15a5aef6a8c68b1bb0
ba23bffc36efb30892b6cca21b76dbb4372852a40818abd1cd1e9f7df21bbecd
e01650a2a8c967e5457a964aa0b4202ee3b239c3e4239e1bd7fab961b31187db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e