www.mt-lesershop.de
Open in
urlscan Pro
3.122.203.220
Malicious Activity!
Public Scan
Effective URL: https://www.mt-lesershop.de/
Submission: On July 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on June 8th 2024. Valid for: 3 months.
This is the only time www.mt-lesershop.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 35.158.163.209 35.158.163.209 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 3.122.203.220 3.122.203.220 | 16509 (AMAZON-02) (AMAZON-02) | |
33 | 52.85.65.10 52.85.65.10 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200e | 15169 (GOOGLE) (GOOGLE) | |
38 | 5 |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-163-209.eu-central-1.compute.amazonaws.com
mt-lesershop.de |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-203-220.eu-central-1.compute.amazonaws.com
www.mt-lesershop.de |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-10.muc50.r.cloudfront.net
cdn02.plentymarkets.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
plentymarkets.com
cdn02.plentymarkets.com — Cisco Umbrella Rank: 198192 |
3 MB |
3 |
mt-lesershop.de
1 redirects
mt-lesershop.de www.mt-lesershop.de |
77 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
165 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
38 | 4 |
Domain | Requested by | |
---|---|---|
33 | cdn02.plentymarkets.com |
www.mt-lesershop.de
cdn02.plentymarkets.com |
2 | www.googletagmanager.com |
www.mt-lesershop.de
www.googletagmanager.com |
2 | www.mt-lesershop.de |
cdn02.plentymarkets.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | mt-lesershop.de | 1 redirects |
38 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mt-lesershop.de Encryption Everywhere DV TLS CA - G2 |
2024-06-08 - 2024-09-07 |
3 months | crt.sh |
*.plentymarkets.com Amazon RSA 2048 M02 |
2024-04-09 - 2025-05-08 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.mt-lesershop.de/
Frame ID: 2D1445D860F581FB3CA9951B9DB28DC4
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
MindenerTageblattPage URL History Show full URLs
-
https://mt-lesershop.de/
HTTP 301
https://www.mt-lesershop.de/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mt-lesershop.de/
HTTP 301
https://www.mt-lesershop.de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.mt-lesershop.de/ Redirect Chain
|
313 KB 76 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular.ttf
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/ |
127 KB 77 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Logo.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-icons.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/css/ |
66 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-base.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/css/ |
345 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
208 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lighblue3-diamond.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl-logo.svg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Logos/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/js/dist/ |
899 KB 257 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Logo.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/documents/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-9.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/js/dist/chunks/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-3.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/js/dist/chunks/ |
88 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-14.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/js/dist/chunks/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-25.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/js/dist/chunks/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
304 B 0 |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Leonos_Slider_Sale.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Sliders/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Leonos_Slider_Strandkoerbe.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Sliders/ |
131 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Buecher02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
158 KB 158 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Garten02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
327 KB 327 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Regionales02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
239 KB 240 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Slider_Wohnen02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Slider/ |
171 KB 172 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Highlight_Buecher02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Highlights/ |
356 KB 357 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Highlight_Garten02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Highlights/ |
423 KB 424 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Highlight_Genuss02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Highlights/ |
309 KB 310 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Highlight_Gesundheit02022023.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Highlights/ |
255 KB 256 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ceres-client-0.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/375/ceres/js/dist/chunks/ |
19 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11130024---3.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/159/middle/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11130038---1.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/173/middle/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11130050.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/185/middle/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67207-BBQ-Gin.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1046330/middle/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11130024.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/159/middle/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11130024---2.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/159/middle/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11130024---1.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/159/middle/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11130050---1.jpg
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/185/middle/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.mt-lesershop.de/rest/io/session/ |
682 B 918 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
256 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Minden_Favicon.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ |
10 KB 10 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| ConsentManager function| loadCSS function| gtag object| dataLayer object| __INITIAL_STATE__ object| App function| __loadPluginChunk object| webpackJsonp function| setImmediate function| clearImmediate function| jQuery function| $ object| CeresMain object| CeresNotification function| createApp function| Vue object| Vuex object| NotificationService function| ceresTranslate object| vueEventHub object| ceresStore function| loadCashInAdvanceModal object| vueApp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mt-lesershop.de/ | Name: plentyID35 Value: eyJpdiI6ImJxb1VaNDJWVjNQeFNnSFl4dWlmK0E9PSIsInZhbHVlIjoiVC9uZW8vTFhWdEVscWtCZDkvWDgxZEFUT3VOTlZvVzNOcmR1T3Q2Lzl6Y1llcTY0QVkrU0lhUE5TSHlaLzJibSIsIm1hYyI6IjFkNzA1MzY3NWUwMTMzNzRjMWYxMWUzN2QxMjY0ODBmYzI1YTI0MzRhMzJjZjQ4OTM3MzkxODlkZjZjYTQxMWQiLCJ0YWciOiIifQ%3D%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn02.plentymarkets.com
mt-lesershop.de
www.google-analytics.com
www.googletagmanager.com
www.mt-lesershop.de
2a00:1450:4001:828::200e
2a00:1450:4001:830::2008
3.122.203.220
35.158.163.209
52.85.65.10
17f90fd9322a06522547fd88c55779f57f26c047997ed4066b95761f41b391ee
28abc5eaac615399854f6c2c07d97885c22a01aa7c984c7a528edbcb480d9841
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
391efcd04e3986e6601b8231af3e218975d25d00e7eb2a033e09dfea73c889b3
3d86e3038a9c48c8db2c49a160a5311b005db9085bf27f33aab94c9967638b08
419dfcc9f37aeb8bcb15e21e622b817ca2c9e989ffe4a043e6e9ac26ad68fd39
447f78e6256cf6357937af5c21bee4a0aefc883829b1672c97812965ea9ce2e4
471c3e099b7f720b142e6f4eb86d49888032daa298cf841a5b1f21c50499ff6e
48d20da6c316bca84df85d4b7109f5ffd50f2fe8ab3a62f09e165edb9149c07e
4c92416d95bb8169dc7a03c0a488536f6349677d06d32f45d9557ccdd162268f
511bd317daa93dc6b838c56de33a112e67c36bb26067f24064213b7b3d1d5bf1
5621b548bf8e3430a9e19201a3270b45578f5d1bc49ac4af688b9ff0fa00c1eb
56bdfaf2282cfd10fb4c3a26577b51d7c22055e0183196b0ccab3badda502221
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f
79896758f57df82d91ea1e88ce87082b4e2cc7c0b64c02d32d40e02f55a6c568
88328c8d7214404de6606195ae89c98ef555a21c94dc3d31ac22f43c97d2e363
8b119f9bb5997f39b92d557ef78be21aed6e50db87a7ad427cf21c9b6bd655f1
915abf18c7b20db34ca8873b8c42c63aaffacd11111803e1564c33665ef9f34d
9603addc34239ee4bcfda0b1da399ee52fa63b3694a2053a4f152b16158c6137
9aa1eb738bf178a0f5f1b45740a357376baeb2adf7937b0046a1cb7ead68f879
9f5cf1fe03ed67c604a6b434ece53c7f103bf4df18ed93519240d05dd023d68c
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a11da30ab951d61d409be021976aba12734de866c5d392db4de97a432a870614
a12355f3d507b130895538d61e039d75f2dbf74bd3fe19163a7cb46539fe32f4
a828ee8fa5fbe0c2c13d9c2feafb7ad113ec60cbd70e73858889f2d67dc2839f
a934168bffa7e453415636d20c129f762bb075a2c174c4556d71c29df93e6508
aadedaf8a10726aee2cc7f6dc5c14fc9f3f97ef1c76810845fa5bf305dca818d
ac3d9dd7462a34c90e2cc574f07c3cd20cc9b38d8370a0838078429821b750ae
ae69d9b1d3723dd6543c2629bf4cdd2b7e5610614ae6ed1f9ce3d931c854bf68
c20af9152bec0d63106de7ecb6ad1ae8b13005f894b90537083ea3b29e8e9469
c246ecf28db73310586769ff94ea92c51a9d3c351682bec85ec28c6bd744fa5f
c69eaa3aad84e2e3d6fb78b7b7e401039adf6f7948426f32b7f639f410c2661d
c7c2e215a20f8f0a2004d0f026295dcdd4a81ab530be442d2800c261efa78602
ce61eb85ce03edb8b908c0a11d435b599a9b90ff30360cafcf27d7728c3584f7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1480917050012b62e1126fc4ac4a9323269e5249601ae8c6964e6f2ad37a15e
ec46fbf5f723f4c13bf89f58f8c8688bfb1951e996ce91173247146f1f40d540