www.sporters1.com
Open in
urlscan Pro
2606:4700:3031::681b:9016
Malicious Activity!
Public Scan
Effective URL: https://www.sporters1.com/so1skg/en/index-uni.html?cep=9nujQxK13ekaiKErcUcDpyEJ4ucKjZDa0omNaoPVLt6vTA267BPT3lH-YtDnaVAovj7...
Submission: On February 22 via api from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 12th 2020. Valid for: 8 months.
This is the only time www.sporters1.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 199.59.242.153 199.59.242.153 | 395082 (BODIS-NJ) (BODIS-NJ) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 3.216.243.46 3.216.243.46 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 35.158.38.217 35.158.38.217 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 2606:4700:303... 2606:4700:3031::681b:9016 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
25 | 8 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-243-46.compute-1.amazonaws.com
usd.veremund-hon.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-38-217.eu-central-1.compute.amazonaws.com
web.countertrck.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
sporters1.com
www.sporters1.com |
222 KB |
6 |
capiyalone360.com
1 redirects
capiyalone360.com |
14 KB |
2 |
veremund-hon.com
usd.veremund-hon.com |
4 KB |
2 |
gstatic.com
fonts.gstatic.com |
29 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
31 KB |
1 |
countertrck.com
1 redirects
web.countertrck.com |
2 KB |
1 |
google.com
www.google.com |
56 KB |
25 | 7 |
Domain | Requested by | |
---|---|---|
13 | www.sporters1.com |
usd.veremund-hon.com
www.sporters1.com |
6 | capiyalone360.com |
1 redirects
capiyalone360.com
|
2 | usd.veremund-hon.com |
capiyalone360.com
usd.veremund-hon.com |
2 | fonts.gstatic.com | |
1 | ajax.googleapis.com |
www.sporters1.com
|
1 | web.countertrck.com | 1 redirects |
1 | fonts.googleapis.com |
capiyalone360.com
|
1 | www.google.com |
capiyalone360.com
|
25 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
web.countertrck.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-12 - 2020-10-09 |
8 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sporters1.com/so1skg/en/index-uni.html?cep=9nujQxK13ekaiKErcUcDpyEJ4ucKjZDa0omNaoPVLt6vTA267BPT3lH-YtDnaVAovj7LUyyrjSN5Qk4pOQ6Ou_x8SAYsDBW1tO_H_FjY8BwyuSYOcW1OZtHjylx3ZkCqE-B4iyf1EGuwgjpi18X2svpXqQwmY0K407DGnyMbAODX6Y_zZfOVgXQiQb1KK8QjkapHqLNbwEgjwX7C_zqdPeT_ff0PU7PxK7Wea6RhRDmSQCwhY3xtIJvqodcFLX_Y6O1j_xnf2dKBVXnkRVXlHXNLjjkvTb1BX6hagKTyX4znYwyaW6cd9tIowSQ8ZB0zAAdSCNxLL2YtVGu1ahPa-CJW0EnfGPhsWgQah8NjmJtxyajPRH6OTg3Dm4Uhzl4NNvf_0SCyL_uQc8B-OAwNbPYZa36eDaLlwrdqmatuMGL9kOcNeyzTamqk46SI8N-OlazRabHNtcoQ7B52rj5LUHP6TLiUo3wEdT2fpNwtnIbc2RpYzCP-oMuxY8UArmEMnHr8WDlF19EvDuYXw4RopwVOuGE5I73Zk-8qGdAVXl-oMV6FYXr-EZSfzoYgjCl8FyFeSzWko3D_daiw4BpD-A&lptoken=15af82ba41ba59397466
Frame ID: E3A8FD6F90121CADE86648B11A487D28
Requests: 36 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://capiyalone360.com/ Page URL
-
http://capiyalone360.com/rz?u=http%3A%2F%2Fusd.veremund-hon.com%2Fzcvisitor%2F2ea18205-55cb-11ea-93bc...
HTTP 302
http://usd.veremund-hon.com/zcvisitor/2ea18205-55cb-11ea-93bc-12f9f1d8a235?campaignid=e5dbc150-6f19-11e8... Page URL
- http://usd.veremund-hon.com/zcredirect?visitid=2ea18205-55cb-11ea-93bc-12f9f1d8a235&type=js&browserWidth... Page URL
-
https://web.countertrck.com/zp-redirect?target=https%3A%2F%2Fwww.sporters1.com%2Fso1skg%2Fen%2Findex-uni...
HTTP 302
https://www.sporters1.com/so1skg/en/index-uni.html?cep=9nujQxK13ekaiKErcUcDpyEJ4ucKjZDa0omNaoPVLt6vTA2... Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Claim Your $1,600 free (2) Spots Available
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://capiyalone360.com/ Page URL
-
http://capiyalone360.com/rz?u=http%3A%2F%2Fusd.veremund-hon.com%2Fzcvisitor%2F2ea18205-55cb-11ea-93bc-12f9f1d8a235%3Fcampaignid%3De5dbc150-6f19-11e8-9eb3-0e497388635c¬adsafe
HTTP 302
http://usd.veremund-hon.com/zcvisitor/2ea18205-55cb-11ea-93bc-12f9f1d8a235?campaignid=e5dbc150-6f19-11e8-9eb3-0e497388635c Page URL
- http://usd.veremund-hon.com/zcredirect?visitid=2ea18205-55cb-11ea-93bc-12f9f1d8a235&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
-
https://web.countertrck.com/zp-redirect?target=https%3A%2F%2Fwww.sporters1.com%2Fso1skg%2Fen%2Findex-uni.html%3Fcep%3D9nujQxK13ekaiKErcUcDpyEJ4ucKjZDa0omNaoPVLt6vTA267BPT3lH-YtDnaVAovj7LUyyrjSN5Qk4pOQ6Ou_x8SAYsDBW1tO_H_FjY8BwyuSYOcW1OZtHjylx3ZkCqE-B4iyf1EGuwgjpi18X2svpXqQwmY0K407DGnyMbAODX6Y_zZfOVgXQiQb1KK8QjkapHqLNbwEgjwX7C_zqdPeT_ff0PU7PxK7Wea6RhRDmSQCwhY3xtIJvqodcFLX_Y6O1j_xnf2dKBVXnkRVXlHXNLjjkvTb1BX6hagKTyX4znYwyaW6cd9tIowSQ8ZB0zAAdSCNxLL2YtVGu1ahPa-CJW0EnfGPhsWgQah8NjmJtxyajPRH6OTg3Dm4Uhzl4NNvf_0SCyL_uQc8B-OAwNbPYZa36eDaLlwrdqmatuMGL9kOcNeyzTamqk46SI8N-OlazRabHNtcoQ7B52rj5LUHP6TLiUo3wEdT2fpNwtnIbc2RpYzCP-oMuxY8UArmEMnHr8WDlF19EvDuYXw4RopwVOuGE5I73Zk-8qGdAVXl-oMV6FYXr-EZSfzoYgjCl8FyFeSzWko3D_daiw4BpD-A%26lptoken%3D15af82ba41ba59397466&caid=53c8519d-dbda-48a9-b0f2-6aadb0b9a2c6&zpid=2ea18205-55cb-11ea-93bc-12f9f1d8a235&cid=&rt=H
HTTP 302
https://www.sporters1.com/so1skg/en/index-uni.html?cep=9nujQxK13ekaiKErcUcDpyEJ4ucKjZDa0omNaoPVLt6vTA267BPT3lH-YtDnaVAovj7LUyyrjSN5Qk4pOQ6Ou_x8SAYsDBW1tO_H_FjY8BwyuSYOcW1OZtHjylx3ZkCqE-B4iyf1EGuwgjpi18X2svpXqQwmY0K407DGnyMbAODX6Y_zZfOVgXQiQb1KK8QjkapHqLNbwEgjwX7C_zqdPeT_ff0PU7PxK7Wea6RhRDmSQCwhY3xtIJvqodcFLX_Y6O1j_xnf2dKBVXnkRVXlHXNLjjkvTb1BX6hagKTyX4znYwyaW6cd9tIowSQ8ZB0zAAdSCNxLL2YtVGu1ahPa-CJW0EnfGPhsWgQah8NjmJtxyajPRH6OTg3Dm4Uhzl4NNvf_0SCyL_uQc8B-OAwNbPYZa36eDaLlwrdqmatuMGL9kOcNeyzTamqk46SI8N-OlazRabHNtcoQ7B52rj5LUHP6TLiUo3wEdT2fpNwtnIbc2RpYzCP-oMuxY8UArmEMnHr8WDlF19EvDuYXw4RopwVOuGE5I73Zk-8qGdAVXl-oMV6FYXr-EZSfzoYgjCl8FyFeSzWko3D_daiw4BpD-A&lptoken=15af82ba41ba59397466 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- http://capiyalone360.com/rz?u=http%3A%2F%2Fusd.veremund-hon.com%2Fzcvisitor%2F2ea18205-55cb-11ea-93bc-12f9f1d8a235%3Fcampaignid%3De5dbc150-6f19-11e8-9eb3-0e497388635c¬adsafe HTTP 302
- http://usd.veremund-hon.com/zcvisitor/2ea18205-55cb-11ea-93bc-12f9f1d8a235?campaignid=e5dbc150-6f19-11e8-9eb3-0e497388635c
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
capiyalone360.com/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caf.js
www.google.com/adsense/domains/ |
158 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
capiyalone360.com/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
capiyalone360.com/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glp
capiyalone360.com/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 768 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
gzb
capiyalone360.com/ |
199 B 516 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v17/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2ea18205-55cb-11ea-93bc-12f9f1d8a235
usd.veremund-hon.com/zcvisitor/ Redirect Chain
|
1010 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
usd.veremund-hon.com/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index-uni.html
www.sporters1.com/so1skg/en/ Redirect Chain
|
37 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.sporters1.com/so1skg/en/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slot-start.png
www.sporters1.com/so1skg/en/images/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slot-spin.gif
www.sporters1.com/so1skg/en/images/ |
86 KB 86 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slot-result-1.png
www.sporters1.com/so1skg/en/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slot-result-2.png
www.sporters1.com/so1skg/en/images/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slot-win.png
www.sporters1.com/so1skg/en/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red-arrow-left.png
www.sporters1.com/so1skg/en/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red-arrow-right.png
www.sporters1.com/so1skg/en/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert.ogg
www.sporters1.com/so1skg/en/ |
6 KB 6 KB |
Media
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
win.mp3
www.sporters1.com/so1skg/en/sounds/ |
10 KB 10 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spin.mp3
www.sporters1.com/so1skg/en/sounds/ |
9 KB 9 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow.png
www.sporters1.com/so1skg/en/ |
154 B 389 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| clickMe function| countdown number| hoursleft number| minutesleft number| secondsleft number| millisecondsleft string| finishedtext function| cd object| end object| now object| diff number| timerID string| index string| indexPrefix string| indexSuffix number| value1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sporters1.com/ | Name: __cfduid Value: d788481ca635e5afe7a5156de38051ac51582414174 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
capiyalone360.com
fonts.googleapis.com
fonts.gstatic.com
usd.veremund-hon.com
web.countertrck.com
www.google.com
www.sporters1.com
199.59.242.153
2606:4700:3031::681b:9016
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:81f::200a
3.216.243.46
35.158.38.217
0bcba7f42db36125f64a38441c9be4ad802180f45d40521892f5e7555424ed26
12a3e7ad9d84dbc9e45c175408b4db97922c13d644547b561b95750151b548d2
230f75cd63ef8c26f6111d6edaa7f8df56245107d00765e587567143baced202
26e13d692f377e570c055163dee942742e6d775f278888fc875536acc3436c89
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
5351d7b058d47812c8a2c74bccef9389a11e3df9cd19874d95b7000c8ab9ea9e
635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
6c24b85e36500836887748ab5fcfa2663bd6ab39d28f73e75aa5a669bf9386cb
7a5e8d7df9f594cb643406fcdf72c733fe1909ccb4092763004175623dfe86c9
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
879bd0f30ace2e268eede07e3d9c8cf2a7d4719a91c7e480f6b66795e3f0aaed
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8f798cd47bee2334199d71a280167eeefccd622dd838ad55a29807d664f89f03
9091dcb5a0201dadf5a42878958736471c4205775bf1c54ee97c5378d2c81c11
98da92b2ad25d0d5da1132b4c3d348a71ad1610887009dee10bf8ec86a5b9c02
9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
bf1a1d18310dd4aa6d9f193fc50694cefb80c766309d5819993abe4fd06499f4
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
ce61eff54c08699ceffacfebc5997a633e9cc65e1845502d8b65bf3f0bff2995
e1abb99fd254d74431481fd6026f6095123ca1f830b7415f91452157efefe981
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef342fb61629c3603ca0dc0b366caedfd1914d1c8d709d9471d7b54168b0094d
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
f1ec80b148a8759d0e57d91b6225dd3243a8911c2e88f109759544ebd01d7c3c
f5239c0d7c611e4657206ef3c32e1fb9683a70b61da207434dea053844ac9dfa
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205