![](/screenshots/7b0bcf1c-9d33-4914-8d0f-087ee203aa29.png)
romanety.vip
Open in
urlscan Pro
172.67.149.216
Malicious Activity!
Public Scan
Effective URL: http://romanety.vip/?pl=1405.d08acda0601405e47f7e0795076e6d76&n=aHR0cDovL3BsLmJpdGNvaW5iaWxsaW9uYXJpZS5yb21hbmV0eS52...
Submission: On November 23 via manual from FR
Summary
This is the only time romanety.vip was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lion's Den Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2620:101:2005... 2620:101:2005:11f0::1001 | 16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC) | |
1 1 | 8.208.98.199 8.208.98.199 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
1 1 | 104.28.14.171 104.28.14.171 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
47 | 172.67.149.216 172.67.149.216 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
47 | 1 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
2102340.olivky.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
48 |
romanety.vip
1 redirects
go.romanety.vip romanety.vip |
1 MB |
1 |
olivky.com
1 redirects
2102340.olivky.com |
337 B |
1 |
cisco.com
1 redirects
secure-web.cisco.com |
274 B |
47 | 3 |
Domain | Requested by | |
---|---|---|
47 | romanety.vip |
romanety.vip
|
1 | go.romanety.vip | 1 redirects |
1 | 2102340.olivky.com | 1 redirects |
1 | secure-web.cisco.com | 1 redirects |
47 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
pl.bitcoinbillionarie.romanety.vip |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://romanety.vip/?pl=1405.d08acda0601405e47f7e0795076e6d76&n=aHR0cDovL3BsLmJpdGNvaW5iaWxsaW9uYXJpZS5yb21hbmV0eS52aXAvP3Nlc3Npb249MDNjZjEwOWM3MzBmNDQ2OGE1NjAxZDE0OGM4ZjQ4NDcmYWZmX2lkPTY3NjMmZnBwPTEmcGl4ZWxzZXR0aW5ncz1nby5yb21hbmV0eS52aXAlMkZmYnAlM0ZldiUzRCU3QmV2JTdEJTI2cGl4ZWwlM0QlN0JwaXhlbCU3RA==
Frame ID: 514FA2B883CD948541B9A0690818906F
Requests: 47 HTTP requests in this frame
Screenshot
![](/screenshots/7b0bcf1c-9d33-4914-8d0f-087ee203aa29.png)
Page URL History Show full URLs
-
https://secure-web.cisco.com/1tdz2jHHaCzW1eoo0hAInfOqY0KXKjXEvPBKN1wCK7YKxgXWb9S6vLhKKsK4dWsZBFld81AhTc9a...
HTTP 302
http://2102340.olivky.com/news HTTP 302
http://go.romanety.vip/0a2m HTTP 302
http://romanety.vip/?pl=1405.d08acda0601405e47f7e0795076e6d76&n=aHR0cDovL3BsLmJpdGNvaW5iaWxsaW9u... Page URL
Detected technologies
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://secure-web.cisco.com/1tdz2jHHaCzW1eoo0hAInfOqY0KXKjXEvPBKN1wCK7YKxgXWb9S6vLhKKsK4dWsZBFld81AhTc9aw4D1mb6T9WXldY_jclLjQNO-dxVsq3MuO6fBfTRf-sB2ES6eoi7-hnVOobTghHQQkpuydjIpVUqZnXv6Fm6dwaX04R3jSVge-w1jXg4fyGea98DF6BH7FybRgGvQs3FELC632Bv1fe6Av4UwW6R-wGbHxlUR7IzM07RPEosbbhtGllkIewNUDXDG1Lr6yazYRzUYuPB75UzGqA5lxZwhaLYn7PMC0EsmILrUDLA47KVI97eluKBdW/https%3A%2F%2Fbit.ly%2F3lBiaH0
HTTP 302
http://2102340.olivky.com/news HTTP 302
http://go.romanety.vip/0a2m HTTP 302
http://romanety.vip/?pl=1405.d08acda0601405e47f7e0795076e6d76&n=aHR0cDovL3BsLmJpdGNvaW5iaWxsaW9uYXJpZS5yb21hbmV0eS52aXAvP3Nlc3Npb249MDNjZjEwOWM3MzBmNDQ2OGE1NjAxZDE0OGM4ZjQ4NDcmYWZmX2lkPTY3NjMmZnBwPTEmcGl4ZWxzZXR0aW5ncz1nby5yb21hbmV0eS52aXAlMkZmYnAlM0ZldiUzRCU3QmV2JTdEJTI2cGl4ZWwlM0QlN0JwaXhlbCU3RA== Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
47 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
romanety.vip/ Redirect Chain
|
72 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
puls-biznesu-logo.png
romanety.vip/prelands/1405/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
as-seen-on-image-PO.png
romanety.vip/prelands/1405/images/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zygmunt1.jpg
romanety.vip/prelands/1405/images/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zygmunt2.jpg
romanety.vip/prelands/1405/images/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
muskbranson.jpg
romanety.vip/prelands/1405/images/ |
103 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dreamcar.jpg
romanety.vip/prelands/1405/images/ |
79 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tisdale.jpg
romanety.vip/prelands/1405/images/ |
47 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image6.jpg
romanety.vip/prelands/1405/images/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step1-PO.jpg
romanety.vip/prelands/1405/images/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step2-PO.jpg
romanety.vip/prelands/1405/images/ |
51 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image1.jpg
romanety.vip/prelands/1405/images/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side2.jpg
romanety.vip/prelands/1405/images/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side3.jpg
romanety.vip/prelands/1405/images/ |
86 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side4.jpg
romanety.vip/prelands/1405/images/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side5.jpg
romanety.vip/prelands/1405/images/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side6.jpg
romanety.vip/prelands/1405/images/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side7.jpg
romanety.vip/prelands/1405/images/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkmark.png
romanety.vip/prelands/1405/images/ |
341 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s2.jpg
romanety.vip/prelands/1405/images/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s3.jpg
romanety.vip/prelands/1405/images/ |
128 KB 129 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pl1.png
romanety.vip/prelands/1405/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pl2.png
romanety.vip/prelands/1405/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image2.jpg
romanety.vip/prelands/1405/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k2.jpg
romanety.vip/prelands/1405/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k3.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k4.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k5.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k6.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k7.jpg
romanety.vip/prelands/1405/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k8.jpg
romanety.vip/prelands/1405/images/ |
984 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k9.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k10.jpg
romanety.vip/prelands/1405/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k11.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k12.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k13.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k14.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k15.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k16.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k17.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k18.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k19.jpg
romanety.vip/prelands/1405/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pl3.png
romanety.vip/prelands/1405/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
romanety.vip/prelands/1405/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
romanety.vip/prelands/1405/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getdetector.js
romanety.vip/prelands/1405/js/ |
216 B 899 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold.woff
romanety.vip/prelands/1405/fonts/ |
61 KB 61 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lion's Den Scam (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| showresult object| dayNames object| monthNames object| now function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.romanety.vip/ | Name: __cfduid Value: d37b09eada48291968b85e8831d9235b31606132452 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2102340.olivky.com
go.romanety.vip
romanety.vip
secure-web.cisco.com
104.28.14.171
172.67.149.216
2620:101:2005:11f0::1001
8.208.98.199
04e7148602ddf1379e8e0856fe11b7390c58be67acddc94afccd7a85a530173f
0d92a54e423ed5e5827dab376996a8f11b263f9f1a354229115f3880a2263fa9
10656ea830d09ef4c83725fa9b1c969c6db543ccebdf0a5ae829f10450dd1295
134f32c133bb18795a6a6fa336b38c8ea847fdb719773f357e3596657f9322cf
18340ec5c97928fd7048fbb8b7ea46d40e9f1a844157479cae1c3aee74a18532
1f1dada65f1b30f5700733fddd6cfecf020c375d1bff615800c479ab0e9114be
24ec2ec41784ade5db30c3138d02358f61949e4997d2d2edff027962e09106f3
2d1f84bc084465cd04e4a51ed4e326f867d6b781e6fa638e88fe0d403fa25914
35cc12a4bfdadd63cf0f944a1cd59d01109b85ec7f053f7bc154f24884b38d23
37b3e6c347e15e3b68a038c35c546d1096bca125f17757665191197ca1f33270
3da22778b0d5ddb379a3fc840366e9f4d4cb83bdb86aca2bd3cccc878d941f40
3e01450e670be379450bbc8295c282fe1072180548fbdd049a6de05773222ebb
40253c49e6f54a4c3fe36e8cb8c1fc7ee9125f684c0567dfdadc9748596f1cf7
4372c2e14a4d8b95e496901eb6de81c693e9a9541cf952376f95fe0987f1f9f3
437f06ea99336e6aad1f7ff45305047058a54bdcad42a5fd0ff937dfbb2fa4ce
4eb895704956c1a3afd16e035c15e312726cb9f597012cc783d1b2f7940f8800
5075928122f50bdb50b3003abc1716b944e03929b93961bab0b8d4084db2dfe7
53e819be662aa41d17f12ef89a0ff3abaa8389d8e4432cb0df77d4decf00e58f
5b170b03c90359b8e769c8775ad3c3f6a345c5927081a60701d2737cae304852
5c7cc6db9ac3bd72812aba87e3e65731068adbcfa3449040c6b46950b8319ac0
64c10fcc7f79257c7a8d5543721a1e9cd85ce632ddb3d052f89b6dbadaa6d80a
6f3c2bb49f0757bc9ccd6294dcf32a7039ae250d8f15e3c0f2cfb4ad2419d405
7327145af747c7eaabd12f520c9f6dcf0157db83330057ba1b9000d731707051
743768f6c6f5c3b0cc95851f39bef1babc45fe139f6f0c3a41504db1b83eb987
747fa69e8515eb0d9b77d88d343d114d67d91956aa816b00dc2487db5a9d1f43
751eae069b55f1fad4e3e0f3eeacb9e4e72839624b75dacd6c08d09b1f8f6478
79846a5edfead6db01bffdc3da57e86980bb6eb0e3a36ff55cc93e301662f97b
7a0c17286b9c07084879d64fed888c03c4611a2f845240126e4c9190647a35ff
94836d30b965fd9b1346ea9610d615a01f819f05c8a0b1e2769239fc6182ec2e
9da257928c9ffa763b38920f18ad82cc312178579ca71de71f891c5f8eb2ff64
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
b2ef038c342ab467d22fe34ec012006e3031fdec522ff9f200b45457419c91e9
c20d778070702e5e0098d6e6281885eca05ced331aceb60da846b9ac91406800
d467f168a2a05631cf68351ec620a49b2a9cb5950469e55b2fc43b546daecef0
d9883ee5618bb624a3d6aace14ee62e30a1e0ef49c9087112f404e75acda33ef
dbe9e3b1f6eff779e0ae16ed939a729d996569fe0eee3b161ec426f1d4c9803d
dc1b331906f5cbe30d8c805fdbef311df6730836807721884b797150890f2558
df8116788fffd98d3a1ad098e2023b3166e54e5a0c76512d200e6c9e45d1d238
df8127d6b88a99a318f50472dd20c62fba3f55dc2428b89f1f10d6c60b37d6c0
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
ec5b6dbf600de1cdacedb9c9a96fe6c486e5b86f4caec9a8677f057fbffba23d
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f2a3142e39555d540d9f39ec4664fc00beff124ac6f551d00f66295ede7c7507
f4f9da47e21d7b025b6e101e90267444fda1f647f9f32ddfed29c51dfc1856ce
f5804e5b26748de34ea5cc1e7ff905d78afd1c03b4e5ed3292edaba567f8d9e7
f6497e3d5fc66ae1a3fcb21b89ab5e1731a820296898e7bf2228b53a7a7c94a7
f953ecb8fe2bad9ccf108a24d2d2cf278a923a02c9448152e64490823e86124a