surveywoot.com
Open in
urlscan Pro
2606:4700:3032::ac43:abf0
Malicious Activity!
Public Scan
Effective URL: https://surveywoot.com/sweeps/iphone/en001US/indeq1.php?spo=Desktop&ip=2a01:4f8:192:5414::2&lpkey=160309d0872e26b084&uc...
Submission: On January 05 via manual from RO
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.
This is the only time surveywoot.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 2606:4700:303... 2606:4700:3033::6812:3bd8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
31 | 2606:4700:303... 2606:4700:3032::ac43:abf0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:e234 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
1 | 2606:4700:303... 2606:4700:3037::ac43:b0c1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 139.45.196.25 139.45.196.25 | 9002 (RETN-AS) (RETN-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
42 | 9 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
surveywoot.com
surveywoot.com |
466 KB |
3 |
angrydobby.xyz
1 redirects
angrydobby.xyz |
2 KB |
2 |
rtmark.net
my.rtmark.net |
2 KB |
2 |
fontawesome.com
use.fontawesome.com |
27 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
30 KB |
1 |
gstatic.com
fonts.gstatic.com |
15 KB |
1 |
lanilavi.com
aff.lanilavi.com |
2 KB |
1 |
onesignal.com
cdn.onesignal.com |
3 KB |
42 | 8 |
Domain | Requested by | |
---|---|---|
31 | surveywoot.com |
surveywoot.com
|
3 | angrydobby.xyz |
1 redirects
surveywoot.com
|
2 | my.rtmark.net |
surveywoot.com
|
2 | use.fontawesome.com |
surveywoot.com
use.fontawesome.com |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | aff.lanilavi.com |
surveywoot.com
|
1 | fonts.googleapis.com |
surveywoot.com
|
1 | cdn.onesignal.com |
surveywoot.com
|
1 | ajax.googleapis.com |
surveywoot.com
|
42 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-16 - 2021-07-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA |
2020-10-27 - 2021-11-26 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://surveywoot.com/sweeps/iphone/en001US/indeq1.php?spo=Desktop&ip=2a01:4f8:192:5414::2&lpkey=160309d0872e26b084&uclick=pmgxlptw&uclickhash=pmgxlptw-pmgxlptw-fyvr-17e2-168r-xsdvi4-xsdvfe-1f5cb3
Frame ID: D8D87733F9BAAAD6B1EEE04EFBABCD56
Requests: 42 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://angrydobby.xyz/click.php?key=jldg8ybakkuhhlhvvu5l&visitor_id=370390423211880866&cost=0.0035...
HTTP 302
https://surveywoot.com/sweeps/iphone/en001US/indeq1.php?spo=Desktop&ip=2a01:4f8:192:5414::2&lpkey=1... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://angrydobby.xyz/click.php?key=jldg8ybakkuhhlhvvu5l&visitor_id=370390423211880866&cost=0.003592&zoneid=2809530&campaignid=3959387&device=desktop&browser=opera&os=windows&osversion=win10&country=LU&language=en&isp=security%20made%20in%20letzebuerg%20smile%20gie&user_activity={user_activity}
HTTP 302
https://surveywoot.com/sweeps/iphone/en001US/indeq1.php?spo=Desktop&ip=2a01:4f8:192:5414::2&lpkey=160309d0872e26b084&uclick=pmgxlptw&uclickhash=pmgxlptw-pmgxlptw-fyvr-17e2-168r-xsdvi4-xsdvfe-1f5cb3 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
indeq1.php
surveywoot.com/sweeps/iphone/en001US/ Redirect Chain
|
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
surveywoot.com/sweeps/iphone/en001US/images/ |
152 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
surveywoot.com/sweeps/iphone/en001US/images/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub.min.js
surveywoot.com/sweeps/iphone/en001US/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
surveywoot.com/sweeps/iphone/en001US/images/ |
57 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
surveywoot.com/sweeps/iphone/en001US/images/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p1.min.js
surveywoot.com/sweeps/iphone/en001US/images/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sur.min.css
surveywoot.com/sweeps/iphone/en001US/images/ |
1 KB 838 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
surveywoot.com/sweeps/iphone/en001US/images/ |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ban.png
surveywoot.com/sweeps/iphone/en001US/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
principal.png
surveywoot.com/sweeps/iphone/en001US/images/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
survey.min.css
surveywoot.com/sweeps/iphone/en001US/images/ |
768 B 559 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box.min.css
surveywoot.com/sweeps/iphone/en001US/images/ |
2 KB 907 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-gift.png
surveywoot.com/sweeps/iphone/en001US/images/ |
101 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-01.png
surveywoot.com/sweeps/iphone/en001US/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-03.png
surveywoot.com/sweeps/iphone/en001US/images/ |
619 B 929 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-04.png
surveywoot.com/sweeps/iphone/en001US/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-02.png
surveywoot.com/sweeps/iphone/en001US/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-00.png
surveywoot.com/sweeps/iphone/en001US/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 632 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comments.min.css
surveywoot.com/sweeps/iphone/en001US/images/ |
964 B 598 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
875 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.png
surveywoot.com/sweeps/iphone/en001US/images/ |
466 B 775 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
winners.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.jpg
surveywoot.com/sweeps/iphone/en001US/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.8.1/css/ |
54 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub.min.js
aff.lanilavi.com/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.js
my.rtmark.net/ |
697 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click.php
angrydobby.xyz/ |
0 409 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
my.rtmark.net/ |
43 B 707 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click.php
angrydobby.xyz/ |
0 419 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| GetRequest function| getURLParameter string| portal string| theme string| template string| brand_country object| dayNames object| monthNames string| img_regalo string| minutos_y string| segundos string| url_f object| modalOptions object| OneSignal object| strs boolean| box_ini object| o function| pushToTrackerViaImage function| pushAfterTimeout number| TIMEOUT_IN_SECONDS number| t string| back_url function| getURLParam_default string| base_url string| offer_url function| go string| pm_tag string| pm_pid function| exit_offer function| Popper object| bootstrap function| setCookie function| getCookie function| checkCookie function| stepfinal function| goToUrlFinish function| getBrowser function| getPlatform object| canvasConfetti object| ctx number| W_Confetti number| H_Confetti function| getUrlParameter function| setSecondary number| mp_Confetti undefined| deactivationTimerHandler undefined| reactivationTimerHandler number| animationHandler object| particles number| angleConfetti number| tiltAngle boolean| confettiActive boolean| confettiIniciated boolean| animationComplete object| particleColors function| confettiParticle function| SetGlobalsConfetti function| InitializeConfetti function| Draw function| RandomFromTo function| UpdateConfetti function| CheckForRepositionConfetti function| stepParticleConfetti function| repositionParticleConfetti function| StartConfetti function| ClearTimers function| DeactivateConfetti function| StopConfetti function| RestartConfetti function| SetupConfetti object| boxRoot number| count number| intentos boolean| puedo object| tid object| tsource object| tpp3 object| tcode function| requestAnimFrame2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
surveywoot.com/ | Name: prlwge_count_undefined Value: 1 |
|
.surveywoot.com/ | Name: __cfduid Value: d721f615b0240f8ee92ad549fc79e84811609872384 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aff.lanilavi.com
ajax.googleapis.com
angrydobby.xyz
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
surveywoot.com
use.fontawesome.com
139.45.196.25
23.111.9.35
2606:4700:3032::ac43:abf0
2606:4700:3033::6812:3bd8
2606:4700:3037::ac43:b0c1
2606:4700::6812:e234
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:820::200a
01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40
04f6abfdaebd7170b5c22848a8ab4f2a5e9fcd76276d5de379d5ab0f14645fb2
0c8c4d8a81e34cd4ca0005ade119cfe0125004fd430d27846a63c530ce78ed9e
0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327
18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248
2342d3a2e8e2f6380e101e556711932825768b2414934e960a15ca4ebcbef4c7
23fc529affbe970738e55a27804f715ea55fd6ad2538bb2c35c16fe35154147a
264a6de1de64461a9c1cb75c7be52cae8d50d4362239d9d65458b8b58d966298
2e47f6803f61ca30955c2dcf1d7b2d7361891cdb2a3ad96d667f71a5079a2931
315ab0d49d98f20092fcf9a6740ef0296abae8a4d911e9c72ac10c203cd566a0
384dca5964e83339b172ea883c94ba2cad1bbc9b09333a3817087c9e1b999605
389ef660c81de223f4b5426d4104797deabf56c632cc9bb6fce03fd7427bcf13
3bed521d3697c9045b7e0f4d169f918b12daa2ca845a29145a487454251a9514
3e9a040bb4f7b3256878d462c0e3667304441e5fcbb043ae45a7aac058af48ea
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54e854b9bf6c8872d81d0396b34e796583edc80deed43d318b930d317f13ba1e
57cac78ffe00e972d33615478f16bac1f5faff504177c47d3b5141792a1ebf53
62ef8545e701490af1969de54d5cf81f2c3d50c4b0821b69e8c559d805f7815f
6571c3b7e24aa451aea09d3aba800ec8a0aed5a6556757155b75e453032b979b
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc
8e739b1a5d43554330c55fc3aa9824d5daf49350d5f683b9d681902687f8f2f3
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
9d425d2ee401fde3ddf7481b9df7ce8f724b7e1f2166fedda4ba0e6a94da85f5
a6c658f5d0455459da519e4613aeff96b53ed75332eec8acadfc599a73b5285c
aec4a6d57afdc6321ed925550b53c1f223fcaa301c8adaf9f5f2aee3c717da28
b0a79f2bd09a605d906f23c84884ecaf4cf9fee5f0286040e9a0f889d6790ca0
b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1
b2c483b6d8c950e42861316d8d173917da86ee1304e93cf04d4eb81b70d59c09
c15bda93fb2eb38365797716a9beb926d2c10aca0b686f93aaca647ced752dc5
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
d54827b29a373902ec1a2108761077b84fde812dd7c41cbd085fe6d96e0396e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ff874c2b83c588ad438f4001460941f9077b3fcce6bdc4e6e2c80a4730c2c18d