www.dakwerken.com
Open in
urlscan Pro
178.208.33.230
Malicious Activity!
Public Scan
Effective URL: http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Submission: On April 05 via automatic, source openphish
Summary
This is the only time www.dakwerken.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: International Card Services (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 91.194.151.35 91.194.151.35 | 34922 (NETNAMES) (NETNAMES) | |
3 13 | 178.208.33.230 178.208.33.230 | 34762 (COMBELL-AS) (COMBELL-AS) | |
18 | 185.70.113.55 185.70.113.55 | 48645 (BITBRAINS) (BITBRAINS) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 162.247.242.19 162.247.242.19 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
44 | 6 |
ASN34762 (COMBELL-AS, BE)
PTR: mail.interbizbvba.be
www.dakwerken.com |
ASN48645 (BITBRAINS, NL)
PTR: 185-70-113-55.icscards.nl
www.icscards.nl |
ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
icscards.nl
www.icscards.nl |
50 KB |
13 |
dakwerken.com
3 redirects
www.dakwerken.com |
118 KB |
1 |
nr-data.net
bam.nr-data.net |
261 B |
1 |
newrelic.com
js-agent.newrelic.com |
9 KB |
1 |
speednames.com
user56769.vs.speednames.com |
491 B |
0 |
jsbeautifiers.com
Failed
www.jsbeautifiers.com Failed |
|
0 |
Failed
function sub() { [native code] }. Failed |
|
44 | 7 |
Domain | Requested by | |
---|---|---|
18 | www.icscards.nl |
www.dakwerken.com
|
13 | www.dakwerken.com |
3 redirects
www.dakwerken.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
www.dakwerken.com
|
1 | user56769.vs.speednames.com | |
0 | www.jsbeautifiers.com Failed |
www.dakwerken.com
|
0 | lifbcibllhkdhoafpjfnlhfpfgnpldfl Failed |
www.dakwerken.com
|
44 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied
Frame ID: F9F0BB236248C5777CA549973A810589
Requests: 44 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://user56769.vs.speednames.com/awd.html Page URL
-
http://www.dakwerken.com/images/image/ICS/Inloggen
HTTP 301
http://www.dakwerken.com/images/image/ICS/Inloggen/ HTTP 302
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893 HTTP 301
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/ Page URL
- http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_sub... Page URL
Detected technologies
CentOS (Operating Systems) ExpandDetected patterns
- headers server /CentOS/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
New Relic (Analytics) Expand
Detected patterns
- env /^NREUM/i
SWFObject (Miscellaneous) Expand
Detected patterns
- script /swfobject.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
sIFR (Font Scripts) Expand
Detected patterns
- script /sifr\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://user56769.vs.speednames.com/awd.html Page URL
-
http://www.dakwerken.com/images/image/ICS/Inloggen
HTTP 301
http://www.dakwerken.com/images/image/ICS/Inloggen/ HTTP 302
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893 HTTP 301
http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/ Page URL
- http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/login.php?nl=_submit-verfied Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://www.dakwerken.com/images/image/ICS/Inloggen HTTP 301
- http://www.dakwerken.com/images/image/ICS/Inloggen/ HTTP 302
- http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893 HTTP 301
- http://www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
awd.html
user56769.vs.speednames.com/ |
191 B 491 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.php
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/ |
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
www.icscards.nl/theme/ics/style/ |
773 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
structure.css
www.icscards.nl/theme/ics/style/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components.css
www.icscards.nl/theme/ics/style/ |
97 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.keypad.css
www.icscards.nl/theme/ics/style/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js-enabled.css
www.icscards.nl/nlic/themes/html/ICS/style/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headings.css
www.icscards.nl/nlic/themes/html/ICS/style/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-utils.min.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ |
180 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sifr.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ |
28 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generale_style.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sitestat-onclick.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ |
311 B 630 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
www.dakwerken.com/uncte/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ |
41 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sifr-config.js
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ |
1 KB 790 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
document_iterator.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
find_proxy.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
get_html_text.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
global_constants.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
name_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
number_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
menu_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
string_finder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
change_sink.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-ics.gif
www.dakwerken.com/images/image/ICS/Inloggen/301a0a3ea541928599a942807381b893/uncte/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
import.css
www.dakwerken.com/content/ICS-VISA/style/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.js
www.jsbeautifiers.com/js/script/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-page.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
239 B 917 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-form-btm.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
960 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-form-buttons-btm.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
259 B 939 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-form-top.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
173 B 852 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
link-nav-left.gif
www.icscards.nl/theme/ics/images/hyperlinks/ |
732 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
link-nav-right.gif
www.icscards.nl/theme/ics/images/hyperlinks/ |
244 B 923 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-ics.gif
www.icscards.nl/theme/ics/images/logos/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-field-shadow-tr.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
106 B 785 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn-site-search.gif
www.icscards.nl/theme/ics/images/buttons/ |
854 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SunOT-Regular.woff
www.icscards.nl/theme/ics/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
link-help.gif
www.icscards.nl/theme/ics/images/hyperlinks/ |
489 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-help-panel.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn-submit.gif
www.icscards.nl/theme/ics/images/buttons/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SunOT-Regular.ttf
www.icscards.nl/theme/ics/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nr-1071.min.js
js-agent.newrelic.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a30010f2fa
bam.nr-data.net/1/ |
57 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/document_iterator.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/find_proxy.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/get_html_text.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/global_constants.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/name_injection_builder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/number_injection_builder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/menu_injection_builder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/string_finder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/change_sink.js
- Domain
- www.dakwerken.com
- URL
- http://www.dakwerken.com/content/ICS-VISA/style/import.css
- Domain
- www.jsbeautifiers.com
- URL
- http://www.jsbeautifiers.com/js/script/style.js
- Domain
- www.icscards.nl
- URL
- https://www.icscards.nl/theme/ics/fonts/SunOT-Regular.woff
- Domain
- www.icscards.nl
- URL
- https://www.icscards.nl/theme/ics/fonts/SunOT-Regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: International Card Services (Financial)121 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| yeste function| rigl object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| sIFR function| parseSelector string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno undefined| _uff undefined| _udh undefined| _udt number| _ubl string| _udo undefined| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx string| ML string| MI string| OT number| j function| ns_onclick object| FnDefault object| FnLanguageSelect object| FnToggleHelp object| FnAccordion object| FnAlphanumeric object| FnAutoTabCC object| FnTableSlide object| FnTableSlideExplain object| FnCarousel object| FnStyleSelect object| FnError object| FnDatePicker object| FnNewsTicker object| FnNoCopyPaste object| FnYearMonthSelectorDD object| FnExtendForm object| FnLimitInput object| FnToggleCheckboxDetails object| FnToggleRadioDetails object| FnExternalLinks object| FnPageList object| FnPinPad object| FnDebug object| FnLogin object| FnLogout object| FnSitestat object| FnSelectedOption object| FnAddress string| swfPath object| sunOTregular function| do_sIFR0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
js-agent.newrelic.com
lifbcibllhkdhoafpjfnlhfpfgnpldfl
user56769.vs.speednames.com
www.dakwerken.com
www.icscards.nl
www.jsbeautifiers.com
lifbcibllhkdhoafpjfnlhfpfgnpldfl
www.dakwerken.com
www.icscards.nl
www.jsbeautifiers.com
151.101.114.110
162.247.242.19
178.208.33.230
185.70.113.55
91.194.151.35
0579bd53477bdda92837f4fab5449895c34e3e3b7bab417dd45a1f6fe8e9a272
05b6bc87e34b52eb71d64ea1c6992eb5c169a04c7ae52759b75b8232640e52ac
1a9e5defbf68ef0e716ee4076cd34f68e04c20f5bd1aefa41ab1877d373c9c2c
23e3ca8349931478ce6cc6ffb2b4b759871e6e54fb098884a3862487abb0a461
4fc4784ec1668192826e7224ea9687f0bbd0323aa57ae3810f63cb48891dbd50
514a0218dcd2219657e84af80a019a517a734175c24c1db30ae2bb29af2721cd
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5eb5bbeec22e6bb2f9ae09032794d0c523547c429f5015613cdd609a2c25bb31
611e989c10ca265978d94ec6453e893f184a353dd97669d65abc06a995dad3c3
6cb1dc7b32b13a17aa93d1cd2c87eba69950911df46cf223e3db65b4c616c6d8
725b2b103a184d23c4b1b822ae1f11f7b6d462e78c3ce1919afa3e8675ad6495
7df6f886b7663c23da8cc7dde7e8502d037b07ceeaadd2dc39ad237ea5eca3f2
933e25cd232248b4cbb8b6e502bd0cb21fad0a053fd3e6b3a683798091b6cbc3
9d0e3549d2065b602f6c481986e612b1d47a2de961dfc23e98e739aa7f8894f0
a334faf2a1cf0ed7eab0606ae7f78b488967e5b0da9379ece5f13b70115b26a5
a81e4db1b5b0d3e699a56fb07a76a5951ee08d6f8ce0793b31c66d20e9612089
ba877c980018ab8f51f25e73c92588facedaca0d04c7a2fba1e097e6c35ec6a3
bc683373cd8b7d2340218bc84bf75f6f1840f1652d678338f1c283b271dd1406
c11b081b276221bc5f48ba2d805419958bbe65df6f15c6e0899166bd0bd162ff
c935641944e43a1525b457adbc6056c284eecf9164dfe1067487a6e51e5d15d7
ca6d99e3a56986fc18f24a525da1dec933ed5cddc5494db5e37b986e11f004d7
ccc203d87d538ef6d081289d30df3407c161ffcc08d7ed757804a71eab723751
cdace515ac10c355f53a364350c74a8dcaad2f15fa091c9da65a2a995c80c0b7
dd6f18397c2fda19a522184a518e30a0268fc0283590a18bc8c31d4aba652a79
e4523bb118f9bf48fd1f2da7fa37e2d2185413db69c968e1685f4984da61615a
f00805b6957e246fdc574176010969c85477e583a3dbaa100449f6e948d18be8
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23