![](/screenshots/9940167b-5773-4b82-8333-eebcd42e56fc.png)
surveymega.com
Open in
urlscan Pro
2606:4700:3031::6815:25b8
Malicious Activity!
Public Scan
Effective URL: http://surveymega.com/diet/usweekly/?img=keto-sf.png&trk=x.secondpromo.com&city=Gunzenhausen&state=Bayern&name=SlimFit...
Submission Tags: phishing
Submission: On February 16 via api from US
Summary
This is the only time surveymega.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Weightloss Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a00:1450:400... 2a00:1450:4001:812::2010 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 162.0.233.93 162.0.233.93 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 65.98.109.100 65.98.109.100 | 25653 (FORTRESSITX) (FORTRESSITX) | |
1 1 | 2606:4700:303... 2606:4700:3035::ac43:9e7f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3036::ac43:be86 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 36 | 2606:4700:303... 2606:4700:3031::6815:25b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
37 | 3 |
ASN15169 (GOOGLE, US)
storage.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
surveymega.com
1 redirects
surveymega.com |
2 MB |
1 |
secondpromo.com
1 redirects
x.secondpromo.com |
2 KB |
1 |
lazorita.com
1 redirects
t6.lazorita.com |
2 KB |
1 |
hockian.com
hockian.com |
469 B |
1 |
joinhoney.life
1 redirects
joinhoney.life |
322 B |
1 |
googleapis.com
storage.googleapis.com |
446 B |
37 | 6 |
Domain | Requested by | |
---|---|---|
36 | surveymega.com |
1 redirects
hockian.com
surveymega.com |
1 | x.secondpromo.com | 1 redirects |
1 | t6.lazorita.com | 1 redirects |
1 | hockian.com | |
1 | joinhoney.life | 1 redirects |
1 | storage.googleapis.com | |
37 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
x.secondpromo.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.storage.googleapis.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
hockian.com Go Daddy Secure Certificate Authority - G2 |
2020-06-10 - 2021-08-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://surveymega.com/diet/usweekly/?img=keto-sf.png&trk=x.secondpromo.com&city=Gunzenhausen&state=Bayern&name=SlimFit%20Keto&cep=KEYtLeTk0Q1XIOVoOtNxkvOA6zUjtQvviX5XrpfRnfKl5fVsZb4r4z4dU3n_cLPncQU3OUEH5W--LAXVoR2vSejOzzcPsTBpv_1rHL-sN1HQ70-3EkwhqVZqM0TkjV-kEjb2bqbEfV9Sk3LPt_mntoU6ZYHsU_yZvRhWkdHNYNbmR4lo_uN-QpLKNs-NDCfl5E9LSCAIw6xfZyOIGMOQhCDlAUnB_aTmdAQ4ttI7T-ti0qzq3LU0ZN-1p9xpbDKU3YtGV3f9BDwC1tw3NFzN2SuQdeW3WfwYQnryd_nTgmGaofSBp1qsw0jeXA72cxhl9RUwKn2oQ4x5ZCf9tT6N5m7Ot0OuTtvj4OB6guo-aYJkljaMH-hjrpRBscGOIgZtB1CysWM9eFsJfJbQTFtjxGGN6PUZCdJiG4b1-BT1nfPAcPxO3dVMllX_FeuESBgeNT91RPVW1tDTROs8mHwi-4zgq3pln39uV0WOlfy7Ci1mqAK1diffw06nu-5XUMNn2BrRO2VqlSG_DM8qpmDClTGNYXzjopv6WQa8InIymac&lptoken=16f01393493048e30857&offer_id=688&keyword=&source=nd&affiliate_id=1506&aff_sub2=1006141131&aff_sub3=77473183&aff_sub4=0&aff_sub5=&aff_id=push_aff_id&vid=%7Bvid%7D&cpc=0.0&clickid=1020c775fe8c8229cb1cd760f7f166&tracker=x.secondpromo.com
Frame ID: 8769AB984975A573CCE83F1E2F1E1CE6
Requests: 37 HTTP requests in this frame
Screenshot
![](/screenshots/9940167b-5773-4b82-8333-eebcd42e56fc.png)
Page URL History Show full URLs
- https://storage.googleapis.com/sdffsdfsd/KETOcaR.html Page URL
-
http://joinhoney.life/r.php?t=c&d=0&l=0&c=0&cr=8792
HTTP 302
https://hockian.com/100835ae3fa23f0a8a2/0/0/0/0 Page URL
-
http://t6.lazorita.com/aff_c?offer_id=688&aff_id=1506&source=nd&aff_sub2=1006141131&aff_sub3=774731...
HTTP 302
https://x.secondpromo.com/88d81469-dc6b-46de-893e-26f72d27130d?offer_id=688&keyword=&source=nd&affilia... HTTP 302
https://surveymega.com/diet/usweekly?img=keto-sf.png&trk=x.secondpromo.com&city=Gunzenhausen&state=... HTTP 301
http://surveymega.com/diet/usweekly/?img=keto-sf.png&trk=x.secondpromo.com&city=Gunzenhausen&state... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: #TheGame
Search URL Search Domain Scan URL
Title: Tina Lewis
Search URL Search Domain Scan URL
Title: Tanya Porquez
Search URL Search Domain Scan URL
Title: Jennifer Jackson Mercer
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Amanda Gibson
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://storage.googleapis.com/sdffsdfsd/KETOcaR.html Page URL
-
http://joinhoney.life/r.php?t=c&d=0&l=0&c=0&cr=8792
HTTP 302
https://hockian.com/100835ae3fa23f0a8a2/0/0/0/0 Page URL
-
http://t6.lazorita.com/aff_c?offer_id=688&aff_id=1506&source=nd&aff_sub2=1006141131&aff_sub3=77473183&aff_sub4=0
HTTP 302
https://x.secondpromo.com/88d81469-dc6b-46de-893e-26f72d27130d?offer_id=688&keyword=&source=nd&affiliate_id=1506&aff_sub2=1006141131&aff_sub3=77473183&aff_sub4=0&aff_sub5=&aff_id=push_aff_id&vid={vid}&cpc=0.0&clickid=1020c775fe8c8229cb1cd760f7f166 HTTP 302
https://surveymega.com/diet/usweekly?img=keto-sf.png&trk=x.secondpromo.com&city=Gunzenhausen&state=Bayern&name=SlimFit%20Keto&cep=KEYtLeTk0Q1XIOVoOtNxkvOA6zUjtQvviX5XrpfRnfKl5fVsZb4r4z4dU3n_cLPncQU3OUEH5W--LAXVoR2vSejOzzcPsTBpv_1rHL-sN1HQ70-3EkwhqVZqM0TkjV-kEjb2bqbEfV9Sk3LPt_mntoU6ZYHsU_yZvRhWkdHNYNbmR4lo_uN-QpLKNs-NDCfl5E9LSCAIw6xfZyOIGMOQhCDlAUnB_aTmdAQ4ttI7T-ti0qzq3LU0ZN-1p9xpbDKU3YtGV3f9BDwC1tw3NFzN2SuQdeW3WfwYQnryd_nTgmGaofSBp1qsw0jeXA72cxhl9RUwKn2oQ4x5ZCf9tT6N5m7Ot0OuTtvj4OB6guo-aYJkljaMH-hjrpRBscGOIgZtB1CysWM9eFsJfJbQTFtjxGGN6PUZCdJiG4b1-BT1nfPAcPxO3dVMllX_FeuESBgeNT91RPVW1tDTROs8mHwi-4zgq3pln39uV0WOlfy7Ci1mqAK1diffw06nu-5XUMNn2BrRO2VqlSG_DM8qpmDClTGNYXzjopv6WQa8InIymac&lptoken=16f01393493048e30857&offer_id=688&keyword=&source=nd&affiliate_id=1506&aff_sub2=1006141131&aff_sub3=77473183&aff_sub4=0&aff_sub5=&aff_id=push_aff_id&vid=%7Bvid%7D&cpc=0.0&clickid=1020c775fe8c8229cb1cd760f7f166&tracker=x.secondpromo.com HTTP 301
http://surveymega.com/diet/usweekly/?img=keto-sf.png&trk=x.secondpromo.com&city=Gunzenhausen&state=Bayern&name=SlimFit%20Keto&cep=KEYtLeTk0Q1XIOVoOtNxkvOA6zUjtQvviX5XrpfRnfKl5fVsZb4r4z4dU3n_cLPncQU3OUEH5W--LAXVoR2vSejOzzcPsTBpv_1rHL-sN1HQ70-3EkwhqVZqM0TkjV-kEjb2bqbEfV9Sk3LPt_mntoU6ZYHsU_yZvRhWkdHNYNbmR4lo_uN-QpLKNs-NDCfl5E9LSCAIw6xfZyOIGMOQhCDlAUnB_aTmdAQ4ttI7T-ti0qzq3LU0ZN-1p9xpbDKU3YtGV3f9BDwC1tw3NFzN2SuQdeW3WfwYQnryd_nTgmGaofSBp1qsw0jeXA72cxhl9RUwKn2oQ4x5ZCf9tT6N5m7Ot0OuTtvj4OB6guo-aYJkljaMH-hjrpRBscGOIgZtB1CysWM9eFsJfJbQTFtjxGGN6PUZCdJiG4b1-BT1nfPAcPxO3dVMllX_FeuESBgeNT91RPVW1tDTROs8mHwi-4zgq3pln39uV0WOlfy7Ci1mqAK1diffw06nu-5XUMNn2BrRO2VqlSG_DM8qpmDClTGNYXzjopv6WQa8InIymac&lptoken=16f01393493048e30857&offer_id=688&keyword=&source=nd&affiliate_id=1506&aff_sub2=1006141131&aff_sub3=77473183&aff_sub4=0&aff_sub5=&aff_id=push_aff_id&vid=%7Bvid%7D&cpc=0.0&clickid=1020c775fe8c8229cb1cd760f7f166&tracker=x.secondpromo.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://joinhoney.life/r.php?t=c&d=0&l=0&c=0&cr=8792 HTTP 302
- https://hockian.com/100835ae3fa23f0a8a2/0/0/0/0
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
KETOcaR.html
storage.googleapis.com/sdffsdfsd/ |
179 B 446 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() hockian.com/100835ae3fa23f0a8a2/0/0/0/ Redirect Chain
|
175 B 469 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
surveymega.com/diet/usweekly/ Redirect Chain
|
63 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
surveymega.com/diet/usweekly/images/ |
398 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
surveymega.com/diet/usweekly/images/ |
150 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1543727682230-logo.png
surveymega.com/diet/usweekly/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exc.png
surveymega.com/diet/usweekly/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1543728405358-mc2.jpg
surveymega.com/diet/usweekly/images/ |
128 KB 128 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1543728426025-mc3.jpg
surveymega.com/diet/usweekly/images/ |
63 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1543728507632-mc.jpg
surveymega.com/diet/usweekly/images/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1554833540209-dynamic_image1_forskolin.png
surveymega.com/diet/usweekly/images/ |
308 KB 309 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
manyba.jpg
surveymega.com/diet/usweekly/images/ |
208 KB 209 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1554833546963-dynamic_image_2_forskolin.jpg
surveymega.com/diet/usweekly/images/ |
69 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tinder2.jpg
surveymega.com/diet/usweekly/images/ |
38 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tinder1.jpg
surveymega.com/diet/usweekly/images/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usweeklyba.png
surveymega.com/diet/usweekly/images/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keto-sf.png
surveymega.com/images/ |
148 KB 148 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img1.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img2.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img3.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img4.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img5.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img6.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img7.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img8.jpg
surveymega.com/diet/usweekly/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img9.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cmnt-img10.jpg
surveymega.com/diet/usweekly/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xtinawh.jpg
surveymega.com/diet/usweekly/images/ |
82 KB 83 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beforeafter_3.jpg
surveymega.com/diet/usweekly/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beforeafter_6.jpg
surveymega.com/diet/usweekly/images/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beforeaftermini3.jpg
surveymega.com/diet/usweekly/images/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beforeafter_1.jpg
surveymega.com/diet/usweekly/images/ |
160 KB 161 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1566497864887-button.png
surveymega.com/diet/usweekly/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min.a2aecbcd812b27e6.js
surveymega.com/diet/usweekly/images/ |
502 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us-logo.html
surveymega.com/diet/usweekly/ |
276 B 276 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
relay-cond-regular.woff
surveymega.com/diet/usweekly/images/ |
122 B 862 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
relay-cond-regular.ttf
surveymega.com/diet/usweekly/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Weightloss Scam (Online)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| makeDateMinus1 function| makeDatePlus1 function| today function| kgConverter function| jQuery function| Waypoint string| waypointContextKey function| transitionEnd object| nunjucks object| nunjucksPrecompiled1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.surveymega.com/ | Name: __cfduid Value: d8180fe4c61ff3d055fe099b6074ddd7f1613493012 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hockian.com
joinhoney.life
storage.googleapis.com
surveymega.com
t6.lazorita.com
x.secondpromo.com
162.0.233.93
2606:4700:3031::6815:25b8
2606:4700:3035::ac43:9e7f
2606:4700:3036::ac43:be86
2a00:1450:4001:812::2010
65.98.109.100
10ca4cc739472ad2fdc1eda8173139366889ec905bd7a5c0ebbadd51e46f2761
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61
2157ef64a25c095e190484a39647b65c135e20da18b3d153ee49a051bd7fb5a7
24586fc3ad9a2779de96962593c3544301b6c33fbe73b7231a435f2e6a085661
2b7e2fc206216e574c74e588ed77ac22dbde696dc7f141503b91e3458bca002e
2e30bb0617e3723c92cec5e3021d7a027c77e1c2b0c9c01ebb7cdd75bbeb1ba9
31b06f0e20e9d3f41561b9dfef3c547ff682b7a764be175d63e3b457a576017b
360c327c76e977c35a3834c85f37e2ecd5614815d2dae6466809525cf44e3f16
4f84eac91dadbd38c36c2781d7946efd8d1f94b5320b3b7a39ef8c1abe4fd835
4fa4bcfacee70e904da94f7ab695b150a67a6e320f7a515b7a8453f3a505d553
55ee3b9602e64f8eff7a6e7928a53f41ae90cb3f54a0bfb7ff19b3e2b7a0f6ad
5eb7ac7002921cfbe8ba63f552d498050bd60187b7de927c751c4fa8a6d1e652
6232a350eb7c455295ac5fdd77e5890405210d37373b217ceafd8ba553b08c32
69e24d542169477c6a4cac7e42dc9f61e8dad2ae77b8bbdcfe6d9fd95af5b1a1
7779c36fd9b18abef04c56d09c8002ffd2afe27476e275bc573106cacd56d03a
7af8705234afe7a2275f30775d05334d50063fa7e03585aa36bcb3170bdaf551
7d71570a1bb64b61d21f3f9d41979a87de941581e512683980670211c7b3a220
7df14c5576c3d08888a3c366f7e5ea9081ac3c75823aeaee132a9a9074a05b5c
85505973b3cee61d15820735b9eeb7c7f38eec1d4cd79f50f4375a6af8d0d774
9880e4754fc35545040aa45bbfb67f251a970dd6677d41ca4ae0e1c64acd83ff
9c739463a37ac8c97881664363c2a704d64224377d361c342c613db56c77eb95
a1e73dfc45fd3119ee07980ef6a0e08c7938f0a2f07646477e9ca035de7c1763
a271c5383b5f731b588e8711715829380869fc9aead91f4b95b9d2e6c072bf39
a5113c8f8dec4af3f8a613eff397bdb2da967acd3fe3dc45ad3e3793a05cb829
aeb1cc873e215b5148fb5b7afa46043340259e66ec5ce1885eee5332fc8e60ab
b600d23e2cf83e74cbae25741dda71e1947c5a548c43c9261b455627e7e012a9
c362390442240c54aaabdb32340bd1a14fddf5ca8058255ec5cc9b3d864a9e8d
c695baf22f4b6e88665f9046d30801761588574232f89d1d493e59894cab62ca
c8ec2b5a44d99b3a57d4b72fe94b93d1703a2363d64627f0f4d1ddfa4594c210
d87cc5affd1bbdc6df6a5a2361b02b9e4617a8210999368e9e229ab973f49632
ed560cb5a3488116a1a96fba9f33a6dbd050c3cd02e6ac4b84746a0354ce3f8b
eee5e7db47c1275932e80ad67f4872afedaeeb4a4ae69df5a92d4feceb51e76a
f15f9a4a42046156f3fc0e69be9df6e873356209f6a177e6c4ea93e110c2d731
f4e98e2aed3af4ca8c1e3dd89c04f36393bfd08c44efeb1d95f47593c355a1c3