newsswipe2020.com
Open in
urlscan Pro
162.214.113.72
Malicious Activity!
Public Scan
Effective URL: https://newsswipe2020.com/de/loewen1/?cep=coEZot1MIQaDfVNZLJ1HKfaLtcDljwPEsbFg-xOl7ArR5fwnIz7fxZhIyfaKMluw42eC3V-J3s0GVJzA...
Submission: On June 30 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 2nd 2020. Valid for: 3 months.
This is the only time newsswipe2020.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lion's Den Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 216.157.88.24 216.157.88.24 | 13768 (COGECO-PEER1) (COGECO-PEER1) | |
1 2 | 198.54.112.216 198.54.112.216 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 1 | 18.195.195.71 18.195.195.71 | 16509 (AMAZON-02) (AMAZON-02) | |
38 | 162.214.113.72 162.214.113.72 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
42 | 3 |
ASN13768 (COGECO-PEER1, CA)
PTR: forum.databasese.com
eaterla.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-195-71.eu-central-1.compute.amazonaws.com
implevel-walumes.icu |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.newsswipe2020.com
newsswipe2020.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
38 |
newsswipe2020.com
newsswipe2020.com |
2 MB |
2 |
wcitianka.com
1 redirects
7487.wcitianka.com |
782 B |
1 |
implevel-walumes.icu
1 redirects
implevel-walumes.icu |
2 KB |
1 |
eaterla.com
1 redirects
eaterla.com |
461 B |
0 |
maildailyonline.com
Failed
maildailyonline.com Failed |
|
42 | 5 |
Domain | Requested by | |
---|---|---|
38 | newsswipe2020.com |
7487.wcitianka.com
newsswipe2020.com |
2 | 7487.wcitianka.com | 1 redirects |
1 | implevel-walumes.icu | 1 redirects |
1 | eaterla.com | 1 redirects |
0 | maildailyonline.com Failed |
newsswipe2020.com
|
42 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
implevel-walumes.icu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
newsswipe2020.com cPanel, Inc. Certification Authority |
2020-06-02 - 2020-08-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://newsswipe2020.com/de/loewen1/?cep=coEZot1MIQaDfVNZLJ1HKfaLtcDljwPEsbFg-xOl7ArR5fwnIz7fxZhIyfaKMluw42eC3V-J3s0GVJzASBXVB94xgseQEWhJxTnNmo138RDh3KsyJFIR-9Up7aBBlyzul64S9bXVpgWsKK6msDbtu-iYdALkXTeBzFAWOfDLx_ZbyabcsogQWNGnmcypkSD_WcPV_0k2vkdUzvX1sP4WIqYWuPHXhAT7XxSMKlduG38KS5KyyujcdmesB1x1zQLcKeIJfas4o4eyR9iFTPb2n131pph6B7C9cLIF8-3nN-rKGoW7vDQ5S68I0SvlxIhjY7-xlg6KCmFiWB83O2LbfMf1uhF-PMz8nZ67uEh0q2BDv-GKOP93EVMs29XnDuXF8_yg8h_QTTbhwfYMULqXv1ho_sgzLw_1q4a70qdMLciHx3Ocx182n7LLzeUWqxFqknrQdfLdeDQT0viRAfoVsw&lptoken=15f3932c511467cc70c8&hsclick=1593514969.53-25301531-51365&target=apix07-eaterla.com&cost=0.005
Frame ID: B7D9DB1B7E86F9ACBA5E9E8595CB161F
Requests: 42 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://eaterla.com/
HTTP 302
http://7487.wcitianka.com/match-7487/51365/25301531/1593514968/mf_8008f34f-84a1-4a28-8374-e078c34eb9ce... Page URL
-
http://7487.wcitianka.com/match-7487/51365/25301531/1593514968/mf_8008f34f-84a1-4a28-8374-e078c34eb9ce...
HTTP 302
https://implevel-walumes.icu/8b573ed5-68e0-45b6-bece-390b762a1482?hsclick=1593514969.53-25301531-51365&ta... HTTP 302
https://newsswipe2020.com/de/loewen1/?cep=coEZot1MIQaDfVNZLJ1HKfaLtcDljwPEsbFg-xOl7ArR5fwnIz7fxZhIyfaK... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: DE
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://eaterla.com/
HTTP 302
http://7487.wcitianka.com/match-7487/51365/25301531/1593514968/mf_8008f34f-84a1-4a28-8374-e078c34eb9ce/YXBpeDA3LWVhdGVybGEuY29t/feed Page URL
-
http://7487.wcitianka.com/match-7487/51365/25301531/1593514968/mf_8008f34f-84a1-4a28-8374-e078c34eb9ce/YXBpeDA3LWVhdGVybGEuY29t
HTTP 302
https://implevel-walumes.icu/8b573ed5-68e0-45b6-bece-390b762a1482?hsclick=1593514969.53-25301531-51365&target=apix07-eaterla.com&cost=0.005 HTTP 302
https://newsswipe2020.com/de/loewen1/?cep=coEZot1MIQaDfVNZLJ1HKfaLtcDljwPEsbFg-xOl7ArR5fwnIz7fxZhIyfaKMluw42eC3V-J3s0GVJzASBXVB94xgseQEWhJxTnNmo138RDh3KsyJFIR-9Up7aBBlyzul64S9bXVpgWsKK6msDbtu-iYdALkXTeBzFAWOfDLx_ZbyabcsogQWNGnmcypkSD_WcPV_0k2vkdUzvX1sP4WIqYWuPHXhAT7XxSMKlduG38KS5KyyujcdmesB1x1zQLcKeIJfas4o4eyR9iFTPb2n131pph6B7C9cLIF8-3nN-rKGoW7vDQ5S68I0SvlxIhjY7-xlg6KCmFiWB83O2LbfMf1uhF-PMz8nZ67uEh0q2BDv-GKOP93EVMs29XnDuXF8_yg8h_QTTbhwfYMULqXv1ho_sgzLw_1q4a70qdMLciHx3Ocx182n7LLzeUWqxFqknrQdfLdeDQT0viRAfoVsw&lptoken=15f3932c511467cc70c8&hsclick=1593514969.53-25301531-51365&target=apix07-eaterla.com&cost=0.005 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://eaterla.com/ HTTP 302
- http://7487.wcitianka.com/match-7487/51365/25301531/1593514968/mf_8008f34f-84a1-4a28-8374-e078c34eb9ce/YXBpeDA3LWVhdGVybGEuY29t/feed
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
feed
7487.wcitianka.com/match-7487/51365/25301531/1593514968/mf_8008f34f-84a1-4a28-8374-e078c34eb9ce/YXBpeDA3LWVhdGVybGEuY29t/ Redirect Chain
|
417 B 503 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
newsswipe2020.com/de/loewen1/ Redirect Chain
|
46 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
newsswipe2020.com/de/loewen1/1_files/ |
120 KB 120 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-theme.min.css
newsswipe2020.com/de/loewen1/1_files/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
newsswipe2020.com/de/loewen1/1_files/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
newsswipe2020.com/de/loewen1/1_files/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DE1000x90.jpg
newsswipe2020.com/de/loewen1/1_files/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic1.jpg
newsswipe2020.com/de/loewen1/1_files/ |
91 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic2.jpg
newsswipe2020.com/de/loewen1/1_files/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic3.jpg
newsswipe2020.com/de/loewen1/1_files/ |
188 KB 189 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic4.jpg
newsswipe2020.com/de/loewen1/1_files/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bank2x.png
newsswipe2020.com/de/loewen1/1_files/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic5.jpg
newsswipe2020.com/de/loewen1/1_files/ |
138 KB 138 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic6.jpg
newsswipe2020.com/de/loewen1/1_files/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic7.jpg
newsswipe2020.com/de/loewen1/1_files/ |
46 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic8.jpg
newsswipe2020.com/de/loewen1/1_files/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic9.jpg
newsswipe2020.com/de/loewen1/1_files/ |
70 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryptosoft-step1.png
newsswipe2020.com/de/loewen1/1_files/ |
347 KB 347 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryptosoft-step2x.jpg
newsswipe2020.com/de/loewen1/1_files/ |
107 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryptosoft-step3x.png
newsswipe2020.com/de/loewen1/1_files/ |
69 KB 69 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blank-picture.jpg
newsswipe2020.com/de/loewen1/1_files/ |
987 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c1.jpg
newsswipe2020.com/de/loewen1/1_files/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c2.jpg
newsswipe2020.com/de/loewen1/1_files/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c3.jpg
newsswipe2020.com/de/loewen1/1_files/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c4.jpg
newsswipe2020.com/de/loewen1/1_files/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c5.jpg
newsswipe2020.com/de/loewen1/1_files/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c6.jpg
newsswipe2020.com/de/loewen1/1_files/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c7.jpg
newsswipe2020.com/de/loewen1/1_files/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c8.jpg
newsswipe2020.com/de/loewen1/1_files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c9.jpg
newsswipe2020.com/de/loewen1/1_files/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c10.jpg
newsswipe2020.com/de/loewen1/1_files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c11.jpg
newsswipe2020.com/de/loewen1/1_files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zc728.gif
newsswipe2020.com/de/loewen1/1_files/ |
55 KB 55 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mumaston.jpg
newsswipe2020.com/de/loewen1/1_files/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zc300.gif
newsswipe2020.com/de/loewen1/1_files/ |
49 KB 50 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryptosoft-side-step1.png
newsswipe2020.com/de/loewen1/1_files/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryptosoft-side-step2x.png
newsswipe2020.com/de/loewen1/1_files/ |
128 KB 128 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryptosoft-side-step3x.png
newsswipe2020.com/de/loewen1/1_files/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff2
maildailyonline.com/news/bingo/mail_d/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff
maildailyonline.com/news/bingo/mail_d/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.ttf
maildailyonline.com/news/bingo/mail_d/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
newsswipe2020.com/de/loewen1/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- maildailyonline.com
- URL
- http://maildailyonline.com/news/bingo/mail_d/fonts/glyphicons-halflings-regular.woff2
- Domain
- maildailyonline.com
- URL
- http://maildailyonline.com/news/bingo/mail_d/fonts/glyphicons-halflings-regular.woff
- Domain
- maildailyonline.com
- URL
- http://maildailyonline.com/news/bingo/mail_d/fonts/glyphicons-halflings-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lion's Den Scam (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| month object| mydate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
7487.wcitianka.com
eaterla.com
implevel-walumes.icu
maildailyonline.com
newsswipe2020.com
maildailyonline.com
162.214.113.72
18.195.195.71
198.54.112.216
216.157.88.24
0dda8de290bad8137339fe4ea3f2d9a8bc255ae25ff64c2f73fe0e86fa2ac8c0
267ded37bff34b6c9c17a119f515d124afd19640a98f0700721a299d3e76584f
28cd6ae0689ea61fc30e814912e7faa0341cd1113f54ff15dc6523838f5091cf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30c4f2a06b46d153de2d1bbb71ac78058ff5aaebf2a01adb7915b7fd7605e90c
37287ee10a33b199ce475c3e78f6ad6f484081e5afde950c89cf64848e368a26
3b22f058a297d6519aba85e7247f340ddde7ca2e17ffe8913fb1fac55b4176b9
40d25441b57f62a77590e477d68813262c3f4bf194fefe1bf3158ec133d261bb
466d67df57051fe93bbb61526c75b8fc83d259d36ff2a6e180b8a85e81fce4fa
4a8f5151ccbbcc6e0e0c5bd5e8eef4fccd5e2c14799f165288374605be56acef
4ac22e2844438de6fc853400800b79a713bd789060d8300efe3930ca5050a71c
4e71aa69d845e9f87ead2049af97c48d05ba591c4cb0733794e4ad941c96a5da
4ecca8847738754b523b7ebca048eb8c1ef7f1d12fca7ea9274f98f6e19f99e1
4f51b53dba3c024c6ddb381aa17367a54be11c30b3a9411d9b0691aa3493882e
51ab370b12bef1a91462d909330ad7f662d1f51328cdc42cc10430adee216078
51ddd4031d6e6c7f45983e762ed2991fcafc10c6da7421dc900757adb5ef135e
6376998b639079dc8b1c1e0ec30353228a51186572ac7d5a080ac2390625847e
649276b83a6c46de2b2a92771a91755fcfcb5fa2d02de515ddacd953f2ce3621
65412da3035591480b68c6d11ad2a63f73afc3cb8f3bf52314f03332bcdd7f24
68d900100a626ce8a6149344561ebe975bc0242fe5af81a08544b9ea92d7682d
697cf4aac12fee8bf88ef8cf390d94c084d9357a518fecba1e72b6bec0b0dc14
6e05f8972470d6bccf73a1a2c30a6d9ae73d6a9420f6fb80f3479ad9ead269b1
6ef18c874e412f0827a0830ddf7f9f6ace52e3ba01e85dfb0de890601d085b30
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84813588f22626ff09211d295273ed0509dcac62ca039e4c292656e43d88b8e9
85fef7ef2f9ebbfa23e62a16892c1d3733988a5c7570ec15f25275af966571cf
9a8d9686811adca37caee23522b06a8d14e9c07af0bda12e4c12e3c4da9d737a
a59bdfdb9c97b53b6b7fb88344b805c7a95f46534ef597ff883291eedddafb5c
c155aa91c885690a76b7980782929e024d0a9c1c0eb718467f1984b190e91e39
c198f7a25dd69091e16e311975d1ea1238c1ab32e68034bfd26c38fab26ae40a
c2d47b2f8de827b87b4f1ee9a8708af5526b74a59de8d3132761af77a062594c
cb0c14eb0a0f572a692f9c51d6184cd123249b36a7250e36d1a2c37572316157
ce028c15caeeca2f22dc16af2d02aede9b6c380fc77aeeb30eda08b1eb8ea204
d2053c6a628df3b6aab7bdb1b9fe6c6f76910ca812f260f268a16eb321b2143d
db6c441dfa36c970c69365f936df7a1e0fa1734a5695284680183fed462a4491
df024ac4e613502cc92f36041fbca4a41549614c39792e9f589b9d11b4991693
efe345bc9012c7eb798ef6545d33371e7b3b25b2b2cb457d374dec3b94b39786
f52b8fadeafc834ea927c6e4aab36c211402afe99d2e1847d4c02dd9736a6ff3