vodafone.official-deals.co.uk
Open in
urlscan Pro
2606:4700::6812:1889
Malicious Activity!
Public Scan
Submission: On June 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 21st 2024. Valid for: 3 months.
This is the only time vodafone.official-deals.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Vodafone (Telecommunication)Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-42.txl50.r.cloudfront.net
storage.rlvs.co.uk |
ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-39.txl50.r.cloudfront.net
assets.revlifter.io |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f164.1e100.net
www.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
rlvs.co.uk
storage.rlvs.co.uk |
850 KB |
7 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469 fonts.googleapis.com — Cisco Umbrella Rank: 83 |
35 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
273 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
44 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
48 KB |
3 |
official-deals.co.uk
vodafone.official-deals.co.uk |
47 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 8088 |
126 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3125 |
63 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136 |
416 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
2 |
vodafone.co.uk
cdn.vodafone.co.uk — Cisco Umbrella Rank: 218388 |
49 KB |
1 |
revlifter.io
assets.revlifter.io — Cisco Umbrella Rank: 26016 |
4 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1381 |
13 KB |
38 | 13 |
Domain | Requested by | |
---|---|---|
7 | storage.rlvs.co.uk |
vodafone.official-deals.co.uk
|
6 | fonts.googleapis.com |
vodafone.official-deals.co.uk
|
3 | www.googletagmanager.com |
vodafone.official-deals.co.uk
www.googletagmanager.com www.google-analytics.com |
3 | cdn.jsdelivr.net |
vodafone.official-deals.co.uk
|
3 | cdnjs.cloudflare.com |
vodafone.official-deals.co.uk
|
3 | vodafone.official-deals.co.uk |
vodafone.official-deals.co.uk
|
2 | www.google.de |
vodafone.official-deals.co.uk
|
2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | cdn.vodafone.co.uk |
vodafone.official-deals.co.uk
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | www.google.com |
vodafone.official-deals.co.uk
|
1 | assets.revlifter.io |
vodafone.official-deals.co.uk
|
1 | ajax.googleapis.com |
vodafone.official-deals.co.uk
|
1 | use.fontawesome.com |
vodafone.official-deals.co.uk
|
38 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.revlifter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
vodafone.official-deals.co.uk WE1 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.rlvs.co.uk Amazon RSA 2048 M02 |
2024-02-22 - 2025-03-22 |
a year | crt.sh |
*.official-coupons.com Amazon RSA 2048 M02 |
2024-05-29 - 2025-06-28 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
cdn.vodafone.co.uk DigiCert SHA2 Secure Server CA |
2023-08-18 - 2024-08-20 |
a year | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.de WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://vodafone.official-deals.co.uk/
Frame ID: 13678C6CD2E28E8F26C65343EFF57757
Requests: 38 HTTP requests in this frame
Screenshot
Page Title
Vodafone discount codes and vouchersDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Moment.js (JavaScript Libraries) Expand
Detected patterns
- moment(?:\.min)?\.js
Osano (Cookie compliance) Expand
Detected patterns
- cookieconsent\.min\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: https://www.revlifter.com/contact-us/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
vodafone.official-deals.co.uk/ |
292 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.11.2/css/ |
56 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/ |
188 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 634 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 634 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 634 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 633 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 970 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 633 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone-logo_v1_326_330.png
storage.rlvs.co.uk/31078655-dda5-4345-a2c5-113d98e88beb/ |
11 KB 11 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
vodafone.official-deals.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 847 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ |
52 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue@2.6.11
cdn.jsdelivr.net/npm/ |
91 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ |
57 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rcu_revpage.js
assets.revlifter.io/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
253 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background_image
vodafone.official-deals.co.uk/ |
9 B 82 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone-bold.woff
cdn.vodafone.co.uk/assets/fonts/ |
23 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone-light.woff
cdn.vodafone.co.uk/assets/fonts/ |
25 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
235 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vodafone-75-amazon-giftcard_v1_410_300.jpg
storage.rlvs.co.uk/31078655-dda5-4345-a2c5-113d98e88beb/ |
130 KB 131 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafone-sim-only_v1_290_290.png
storage.rlvs.co.uk/31078655-dda5-4345-a2c5-113d98e88beb/ |
136 KB 137 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
broad123_v1_290_290.jpg
storage.rlvs.co.uk/31078655-dda5-4345-a2c5-113d98e88beb/ |
52 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simcreative_v1_290_290.png
storage.rlvs.co.uk/31078655-dda5-4345-a2c5-113d98e88beb/ |
125 KB 125 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vodafoneofferside_v1_676_1416.png
storage.rlvs.co.uk/31078655-dda5-4345-a2c5-113d98e88beb/ |
391 KB 392 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 232 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
291 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 57 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_v1_16_16.ico
storage.rlvs.co.uk/31078655-dda5-4345-a2c5-113d98e88beb/ |
1 KB 1 KB |
Other
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Vodafone (Telecommunication)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery object| dataLayer function| getParameterByName function| generateIcon function| lightOrDark function| moment function| Vue object| bootstrap object| rcu object| cookieconsent object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.vodafone.official-deals.co.uk/ | Name: _ga Value: GA1.4.41474886.1719160237 |
|
.vodafone.official-deals.co.uk/ | Name: _gid Value: GA1.4.73168569.1719160237 |
|
.vodafone.official-deals.co.uk/ | Name: _gat_UA-110119954-2 Value: 1 |
|
.vodafone.official-deals.co.uk/ | Name: _ga_PVD49KC6GJ Value: GS1.4.1719160237.1.0.1719160237.60.0.0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
assets.revlifter.io
cdn.jsdelivr.net
cdn.vodafone.co.uk
cdnjs.cloudflare.com
fonts.googleapis.com
region1.analytics.google.com
stats.g.doubleclick.net
storage.rlvs.co.uk
use.fontawesome.com
vodafone.official-deals.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.17.24.14
142.250.184.195
142.250.185.72
151.101.193.229
18.64.103.42
18.64.79.39
2001:4860:4802:32::36
216.58.212.164
2600:9000:2260:ba00:6:5ff:f1c0:93a1
2606:4700:3036::6815:1b98
2606:4700::6812:1889
2a00:1450:4001:806::200a
2a00:1450:4001:812::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c0a::9b
2a04:4e42:200::485
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
07246cefc608e756dbd0505aa83e41bdab9cf745cfbda7f9b6844dd1cbb9589f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0eb9f6049a59171d667799754ff39abf8aed07c7c6a4dd87cb0884e2acea9954
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
1595db862bb68a4ac57eafeb735a5effc898fc9d7a985abb063c40e5c7f307ea
15dddb522a041af6d48c54d4097791c9e27b21e2db45edbffca9931becd6cedd
18c47557634845df3e8255cc4abe8e89db940043d337016b55fb91215ab43b5c
1eae84d47a02419a0d8ac8aeb8dd586a2d40a3f3d4c317b3b93e689c34f2b17a
229a820104469626468720c0ecebada5ab2d5dc0df54d043d53357180b49dbd7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b
39928737f7f0b2f8d09cbd4dc50e688ef6bbba99e7bdb856fb738a3ef23399b4
43ca0d1d4cf8f59aadcd0fdd515ce570cb721d0e4d7fa6279fcd51013394ce46
592ab05046891f937aa24962838b5fe5a18e7f15feff9d2db138a3c2bd986405
60f898607136a042e3c47c55e19a0b3463839bceefb5bdf3bb1cc41db8454035
6ef1403b3641f8755a52899ad992cbcf8f2638626d0f73fb7ecb23c2b2d09e89
81c2d53f92f0fabed31389663e6a1f0c8890681a143a8b54940b5486daee9f7b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9579dc5f695716e4ef297e0001dcace3bcc7b06012cfd7dc2d67812748d9d183
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
bdbcada3279a45a2e3bb4cc7a752cbc4c47ed1c27587a2facb5af07c55d1f81b
c55bb187432531f48be10df58477eb1ab34d4ec4b7aecfb4c179845a5227fcd2
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cd5e33c01f0602a827740f5be9ef96191eb2dd6a85c8c0a7a1cb0de8d8fd3cc0
d2355b02f3c159e5459d8a80e5cf8a18208347ec707fa1fe9e1603c93bd24b12
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e6735fcf658ee11a9779e559f2b1e2e51bf43555fcc519eb81baf0b8262763ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4ab2e3139332e0eecf026c91ee21394032f4272892719d1db8fe6329000d5e
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4