www.jetim.app
Open in
urlscan Pro
46.20.146.44
Malicious Activity!
Public Scan
Effective URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147...
Submission: On April 22 via manual from RS — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 1st 2022. Valid for: 3 months.
This is the only time www.jetim.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Unicaja Banco (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 23 | 46.20.146.44 46.20.146.44 | 48737 (DORATELEKOM) (DORATELEKOM) | |
2 | 104.20.65.194 104.20.65.194 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 45.60.46.138 45.60.46.138 | 19551 (INCAPSULA) (INCAPSULA) | |
32 | 4 |
ASN13335 (CLOUDFLARENET, US)
static.browseranalytic.com | |
browseranalytic.com |
ASN19551 (INCAPSULA, US)
www.liberbank.es | |
openbanking.liberbank.es | |
api-glbk.liberbank.es |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
jetim.app
1 redirects
www.jetim.app |
1021 KB |
7 |
liberbank.es
www.liberbank.es openbanking.liberbank.es api-glbk.liberbank.es Failed |
17 KB |
2 |
browseranalytic.com
static.browseranalytic.com — Cisco Umbrella Rank: 183921 browseranalytic.com — Cisco Umbrella Rank: 147389 |
44 KB |
32 | 3 |
Domain | Requested by | |
---|---|---|
23 | www.jetim.app |
1 redirects
www.jetim.app
|
5 | www.liberbank.es |
www.jetim.app
www.liberbank.es |
1 | api-glbk.liberbank.es |
www.liberbank.es
|
1 | browseranalytic.com |
static.browseranalytic.com
|
1 | openbanking.liberbank.es |
www.liberbank.es
|
1 | static.browseranalytic.com |
www.jetim.app
|
32 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
bonline.liberbank.es |
Subject Issuer | Validity | Valid | |
---|---|---|---|
jetim.app R3 |
2022-04-01 - 2022-06-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-08 - 2022-07-07 |
a year | crt.sh |
www.liberbank.es GeoTrust EV RSA CA 2018 |
2021-11-08 - 2022-11-08 |
a year | crt.sh |
www.openbanking.liberbank.es GeoTrust EV RSA CA 2018 |
2021-11-08 - 2022-11-08 |
a year | crt.sh |
*.liberbank.es DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-04 - 2022-12-05 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Frame ID: 95FD8D2CC182592F40BC48D1CFF7782E
Requests: 31 HTTP requests in this frame
Frame:
https://openbanking.liberbank.es//externals/crossLocalStorage/crssls.html
Frame ID: BE0A5A2F3D815CB5F68F39EF2070E308
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Liberbank - Banca a distancia LoginPage URL History Show full URLs
-
https://www.jetim.app/wp-includes/css/dist/editor/liber
HTTP 301
https://www.jetim.app/wp-includes/css/dist/editor/liber/ Page URL
- https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
PHP (Programming Languages) Expand
Detected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: recupera tu PAN
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.jetim.app/wp-includes/css/dist/editor/liber
HTTP 301
https://www.jetim.app/wp-includes/css/dist/editor/liber/ Page URL
- https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.jetim.app/wp-includes/css/dist/editor/liber HTTP 301
- https://www.jetim.app/wp-includes/css/dist/editor/liber/
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.jetim.app/wp-includes/css/dist/editor/liber/ Redirect Chain
|
271 B 710 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
tarjeta.php
www.jetim.app/wp-includes/css/dist/editor/liber/ |
15 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comunBEWEB.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
269 B 575 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ |
152 KB 152 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontliberbank.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ |
42 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login2.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fingerTouch.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notificacion-instantanea.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.bd.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notificacion-instantanea.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t_scrolltextvertical.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MOD3.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
16 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
funAjax.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
placeholder-min.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
media_analyticsv2.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
997 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cross-config.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcaptcha.js
static.browseranalytic.com/js/d3d3LmpldGltLmFwcA==/596b2381/ |
109 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cross-domain.js
www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notifications.json
www.liberbank.es/api/ |
2 B 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontliberbank.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ |
446 KB 446 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ |
219 KB 220 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-SemiBold.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-SemiBoldItalic.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Italic.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crssls.html
openbanking.liberbank.es//externals/crossLocalStorage/ Frame BE0A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookies.js
www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookies-config.json
www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies// |
419 B 722 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha.php
browseranalytic.com/15701be3/ |
8 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookies.css
www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies// |
7 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
public
api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
public
api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api-glbk.liberbank.es
- URL
- https://api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/public
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Unicaja Banco (Banking)154 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| lanzaAction function| cambiaAction function| $ function| jQuery object| notificacionMsg function| cargarNotificacionInstantanea function| mostrarNotificacionInstantanea function| iconoMensaje function| lib_bwcheck object| bw number| speed undefined| loop undefined| timer function| makeObj string| px function| moveIt function| goDown function| goUp function| goRight function| goLeft function| scrollado function| noScroll boolean| scrolltextLoaded function| scrolltextInit boolean| scrolltextLoaded2 function| scrolltextInit2 function| des function| des_createKeys function| hexToString function| stringToHex function| MOD function| MOD_ECB function| MiAjax function| getData object| ajaxJQ object| Placeholders object| _0x318d function| _0x9e81 object| _0x169454 number| _0x3faa46 object| _0x351254 object| _0x16432a object| _0x5dfb22 string| cookiesPath string| cookiesParam function| initCrossDomain function| initContenedor function| getCodigoGTM function| initDatalayer function| processParams function| getParamList function| getParam function| __getParamFromURL function| getOptions function| getPathInfo function| getCookiesPath function| getViewPath function| inyectarCrossConfig function| inyectarCrossDomain function| inyectarCookies function| inyectarCookiesLoader function| inyectarScript function| getUrlGtmScript string| esApp string| ponmesiespc number| ancho number| alto string| PAN1 string| urlNuevoSello string| ajaxSello number| ctrlsubmit function| valida function| compruebaInfocaja function| iniciar function| iniciarOk function| abrecontratacion function| veracceso function| atras function| recomendaciones function| verseguridad function| verproblemas function| submitenter function| mostrarAyudaInputPan function| mostrarInputsPin function| comprobarFooter function| eventTrack function| clickEnlace function| changeCookiesConfig function| abrirDialogo function| cerrarPopup function| validarFormulario string| cdframe_host number| cdstatus object| cdframe number| cdcounter number| cdinterval object| cdcontentWindow string| cdrandId string| cdUtmSource string| cdUtmCampaign string| cdUtmMedium string| cdUtmTerm function| cdHandleMessage function| cdGetK function| cdSetKV function| cdSetObject function| objectToString function| transformObjectString function| cdGenerateRandId function| cdGetUrlSource function| cdGetUrlMedium function| cdGetUrlCampaign function| cdGetUrlTerm function| cdGetCookies function| configCrossDomain object| _0x1817 function| _0x5226 function| _0x17df32 undefined| cookies undefined| cookiesModalIframe undefined| date undefined| localData object| config undefined| acceptButton undefined| personalizeButton undefined| cookieSelector undefined| cookieBand undefined| cookieIframe function| main function| loadConfig function| getCookies function| acceptCookies function| injectScript function| personalizeCookies function| acceptedCookies function| initCookiesPreferences function| messageListener function| sendCookiesToModal function| showModalCookie function| toggleModal function| processCookies function| setCookies function| _auxiliarCookies function| checkCookiesRejected string| scriptSrcSan string| field object| array function| UjhWLKLJGgHaIDKMIdMkk1c1c1d1e1k1c1j1 string| jsString7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.jetim.app/ | Name: PHPSESSID Value: ba5sft3cu50bvaf7423u1nlqh8 |
|
.liberbank.es/ | Name: visid_incap_2055692 Value: fyD2bdefQZCSdEbI9Wf01Y2AYmIAAAAAQUIPAAAAAADdHbHWvBwTThpvHXb4gcYB |
|
.liberbank.es/ | Name: incap_ses_730_2055692 Value: 1oDsaN+n02+JN3A2wHshCo2AYmIAAAAAoml8sgzOQ/O06NsByM3KUA== |
|
.liberbank.es/ | Name: nlbi_2202498 Value: R8ZBDFNOnjxXN6tQh5sGRgAAAACC4C7tXdWqH1p5+RtH3hMo |
|
.liberbank.es/ | Name: visid_incap_2202498 Value: COjCu+8tRZKLrEd/v/H2e42AYmIAAAAAQUIPAAAAAADZLKwunKOLO4Oc5QlNMimS |
|
.liberbank.es/ | Name: incap_ses_1095_2202498 Value: TfjmdLgmBx8g9noTdDkyD42AYmIAAAAAaH1YfeJ2ZOLgorGiJ8DECA== |
|
.liberbank.es/ | Name: nlbi_2055692 Value: RPfyJoyQnhtv84nrSmV2mAAAAABVEEP03n98uyE8oh0qXWpc |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-glbk.liberbank.es
browseranalytic.com
openbanking.liberbank.es
static.browseranalytic.com
www.jetim.app
www.liberbank.es
api-glbk.liberbank.es
104.20.65.194
45.60.46.138
46.20.146.44
02f3c7cb3c8e61cc3bcc5346aeb2467514c2c948ade392ed0f7be601bfdd9d7a
0845766b51b5090172dc8a8820703ed5ac537c2d3d106393fb826b949f0e2fb8
0ae555cea5cb1e1ac2a436b5fb743d3a2547c349d785253d443e1301d0459543
2357e34b199e2f309e45f58124eddb1073afbe96ce34933910f2f816e4191f88
31f751e8a661364752adbca62a1a1b0d5cae8d751aebfc4c6a424f03a936fa4f
374107df898e5eb08c8890ad18a8238cf801fec5ae4e91f02d3cbcd754916d86
37e0008f813fbdfadd2da12fafb554a13148d224bbb84da9067b03ddc379bea3
3b1843bec7c7e4ac73c12bae641613aa8d0d9929c8e22c2071636e00742aa139
3bc5dbc23602ccba9316cda0bb1c4d972d5e9195b8758d9cefe7d6ad4f84bd9b
4afec46e2f8aa819bcbb8d191d81dd1189c6d5f1e6c2e5467967908ab2cef3bb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
7edaf7b4715af2f38503af82a50f64a97b84a0727954a629367250cf71e2bd8a
8d56d9d38e59acc091c855d8cb7cb4fd4ece6176dd9300829c0d1d53969f69c6
8f7839d5e901ee2c037075a68df9d4842ab1fd568c0260a953506d8335fdd782
912c6078ded7261aff68cb283701e2c48cd4df8a8018ef36fa1ae04a429047d4
967ea61805db509cba410edf41ebde992257126c0ce7325b91b6970056c5d06a
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
b7253adf3b3de95c12a032768c9ad39b71027ad52cbef57e4786697187bf088d
c75160fe66803906a5e28e4a600138c685fc474cc70a132a578be319d9d50721
d8fc860a81de6871da24f9eb748c2e7147593856e9eff8962d042a587d96ef5c
e76034bcf950755c9756aac114cbc579a8a3199eddcb9edbebc2302c37f39fdc
f4d9abe6e32b6036941da232e0a9ac66cbd6385eba641dc6218b56994093e30e
fb995b5802ee7c3b4160d8f2addbe92d8defc8c80c86bec9fe7ab8a5bd2bdd36
fec0ba217617567768cf19836d8d232ae6367b004601a95e02157f02b683896a