best-profits-for-you1.com
Open in
urlscan Pro
92.63.192.131
Malicious Activity!
Public Scan
Effective URL: https://best-profits-for-you1.com/?u=u348mwe&o=6h104vf&t=112&cid=rrt?&owqqj=ZNqv16
Submission: On September 09 via api from CH
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 28th 2019. Valid for: 3 months.
This is the only time best-profits-for-you1.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.111.136.123 192.111.136.123 | 46562 (TOTAL-SER...) (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C.) | |
3 | 2a00:1450:400... 2a00:1450:4001:809::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 54.38.152.27 54.38.152.27 | 16276 (OVH) (OVH) | |
3 | 216.58.210.2 216.58.210.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 33 | 92.63.192.131 92.63.192.131 | 47981 (FOPSERVER) (FOPSERVER) | |
1 | 185.50.248.73 185.50.248.73 | 209813 (FASTCONTENT) (FASTCONTENT) | |
42 | 7 |
ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US)
v.ht |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com | |
adservice.google.de | |
adservice.google.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
securepubads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
best-profits-for-you1.com
1 redirects
best-profits-for-you1.com |
728 KB |
3 |
doubleclick.net
securepubads.g.doubleclick.net |
84 KB |
1 |
tdsjsext4.com
tdsjsext4.com |
923 B |
1 |
google.com
adservice.google.com |
476 B |
1 |
google.de
adservice.google.de |
476 B |
1 |
top4top.net
up.top4top.net |
1 KB |
1 |
goo.gl
1 redirects
goo.gl |
617 B |
1 |
googletagservices.com
www.googletagservices.com |
13 KB |
1 |
v.ht
v.ht |
2 KB |
0 |
googlesyndication.com
Failed
tpc.googlesyndication.com Failed |
|
42 | 10 |
Domain | Requested by | |
---|---|---|
33 | best-profits-for-you1.com |
1 redirects
v.ht
best-profits-for-you1.com |
3 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net |
1 | tdsjsext4.com |
best-profits-for-you1.com
|
1 | adservice.google.com |
www.googletagservices.com
|
1 | adservice.google.de |
www.googletagservices.com
|
1 | up.top4top.net |
v.ht
|
1 | goo.gl | 1 redirects |
1 | www.googletagservices.com |
v.ht
|
1 | v.ht | |
0 | tpc.googlesyndication.com Failed |
securepubads.g.doubleclick.net
|
42 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.g.doubleclick.net GTS CA 1O1 |
2019-08-23 - 2019-11-21 |
3 months | crt.sh |
*.top4top.net AlphaSSL CA - SHA256 - G2 |
2018-03-03 - 2020-04-03 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2019-08-23 - 2019-11-21 |
3 months | crt.sh |
best-profits-for-you1.com Let's Encrypt Authority X3 |
2019-07-28 - 2019-10-26 |
3 months | crt.sh |
tdsjsext4.com Let's Encrypt Authority X3 |
2019-08-16 - 2019-11-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://best-profits-for-you1.com/?u=u348mwe&o=6h104vf&t=112&cid=rrt?&owqqj=ZNqv16
Frame ID: 1DEF4FF0A5710085F73171A86B47CF1E
Requests: 49 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://v.ht/ZNqv16 Page URL
-
http://best-profits-for-you1.com/?u=u348mwe&o=6h104vf&t=112&cid=rrt?&owqqj=ZNqv16
HTTP 301
https://best-profits-for-you1.com/?u=u348mwe&o=6h104vf&t=112&cid=rrt?&owqqj=ZNqv16 Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+data-react/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://v.ht/ZNqv16 Page URL
-
http://best-profits-for-you1.com/?u=u348mwe&o=6h104vf&t=112&cid=rrt?&owqqj=ZNqv16
HTTP 301
https://best-profits-for-you1.com/?u=u348mwe&o=6h104vf&t=112&cid=rrt?&owqqj=ZNqv16 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://goo.gl/lYyE0T HTTP 302
- https://up.top4top.net/images/spacer.gif
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
ZNqv16
v.ht/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
40 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
up.top4top.net/images/ Redirect Chain
|
807 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 476 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 476 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2019082901.js
securepubads.g.doubleclick.net/gpt/ |
158 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
371 B 675 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_rendering_2019082901.js
securepubads.g.doubleclick.net/gpt/ |
66 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
best-profits-for-you1.com/ Redirect Chain
|
90 KB 90 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
best-profits-for-you1.com/media/binary/mirror6/en/ |
49 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag-icon.css
best-profits-for-you1.com/util/flag-icon/css/ |
39 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_dumbest1.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_husband2.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_husband3.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
profitformula1.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
profitformula2.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
61 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
profitformula3.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
18423978_10210643158807484_4625467277978165616_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11880513_10153182441573635_6391766102196689121_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
18119267_10155363709609924_958378663814436125_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
17265090_10158355004655716_6815458511175803011_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
16406523_1345882538809440_8201065904356080273_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
16807461_10211764664812826_5680036435541740063_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
13631522_1146706165402703_3256702316997043506_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
540562_430147157013818_32273000_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
12088299_1047136358664501_9121132063381418917_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
12651359_1104018629642643_1802809274505192979_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
14222287_1065953200155875_6514575430883754204_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
18222397_10156169859605550_2186676355225458227_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
26254_100854763287133_3441493_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
16174412_10211484033439027_3968979027246986980_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
12669670_10207353042137627_8224718532595991020_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
13417709_10156999054495156_89965319140675792_n.jpg
best-profits-for-you1.com/media/binary/mirror6/en/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sidebar.png
best-profits-for-you1.com/media/binary/mirror6/en/ |
159 KB 159 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bbo.js
best-profits-for-you1.com/media/ |
932 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.cookie2.js
best-profits-for-you1.com/cookie/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils-bn.js
best-profits-for-you1.com/util/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
251 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
424 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
450 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
517 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
577 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
283 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
like.png
best-profits-for-you1.com/media/binary/mirror6/en/ |
569 B 833 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getextparams
tdsjsext4.com/ExtService.svc/ |
624 B 923 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gb.svg
best-profits-for-you1.com/util/flag-icon/flags/1x1/ |
926 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alert.mp3
best-profits-for-you1.com/media/binary/mirror6/en/ |
2 KB 3 KB |
XHR
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tpc.googlesyndication.com
- URL
- https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dayNames object| monthNames object| now function| faviconPulse string| sMobile string| sDesktop function| isMobileDevice string| sound boolean| PreventBb function| getUrlParameter function| getUrlWithParam number| exDays boolean| validNavigation function| wireUpEvents function| Cookies function| docReady function| getParameterByName function| hideUnsub function| languageDetection function| writeLocation function| showLocation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
best-profits-for-you1.com
goo.gl
securepubads.g.doubleclick.net
tdsjsext4.com
tpc.googlesyndication.com
up.top4top.net
v.ht
www.googletagservices.com
tpc.googlesyndication.com
185.50.248.73
192.111.136.123
216.58.210.2
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200e
54.38.152.27
92.63.192.131
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
06aec797c33a6f209a3b3f05408bedd0c0fdad7a43b5dfac68b234dcd35532e9
0fc931320d26a7650972d1a2857c2760fc133c7c0453c2e092ff1a5474bce99d
0ff67950270f183120ba9a274fb90f1b153ca7d2c04687cd4eede48148e65d9a
1403ed4e78187d1ce465c9757b8d3718a9d359518dbda1ac301d99968e962d3f
159212c4e10aafcf3a4f86467c7697fb28992dc2485ee107b5684ebcc5307098
1a9fc670809d25180e38952461ce0ef9a95bb064988fb62f159d12fb0846bbbc
2a24c2fa67a1b131e597c59792028b201ae850f8760364172471a001ad9504c4
394290991dfae24b59c0e9c0b6da72fba4ca730e4e86970255cea1a48481a1a9
3d238db3c8d2e02314bda9910801f41e8a9827e2d371dbffa9f05681d84f90b9
45545fb1b42a1e5099e67a5128da16a20625ec501471d61f552b13f064e8985c
4c6e1b17906245186e5438d29321fa3784ae5e2b26bcf9d8669bb541021a9c93
4f9faf3281b436fda7ce849ef0ca972e0bd6f4b8aa87dfdb3dff2da9dcd350ec
589e6373958f4838e6f498ac2984cd44a7350ae6b7bc1c71b0abd4ddaaf8a353
5a9176e3bf579b07143f9966407045efb46ddd7283234c2fc07c96783bac9bf8
5c8a90f440c6157396a943f3a5b8f3402674a1704723cc7f72d674aa2fbdfa99
62a41a50496e5b05f93e1750130fe21af45fb238edbe744d21ad17dce780eb92
67a6dc7e24f4a3c142724bb37a358037538befb731478c33d58f236ba836ed78
6a35b23abf3fb7c510b2722412b093a924ab9463af33ba1305a46acec8148629
6beaf400b234f7ac6674149c64bb746feb25d823f1d30b402edebec2316acd21
6bf788214f0920f04146aa23bc2d8588b55a3e81b5c7f25acc4377b895030979
6ded3702d8a8c2a08b69da4972f68ab51433a16d17bb6e8ce8ea0e0f13ad5035
6ef391daf379b1fad212bb81f9b554ed2f8c23994004fab5d7e5aa3392e5d018
759a75f78365ae447a91dc9a5349a6eefd25093184637f261269bff5b96434aa
77ab3e7c902a1e37997cd164119231534784760d324e03593e36b36af6541fb5
7bc7a8dc98dc5829b38d5102084ec6383663a8e36c3f696d46c516e13af70dbe
7fca6ca9524cebbe547edf2af50d5c406abc91d4df691cfe4042f029c510d0d0
819dcf06ebcd42b36f897f6e2e32b44672cfa91d7d90ec09e00184f73a8d2ea1
8365398344479ffe6999dbbb92682af35ad4323caf37bc735f559cfa64f85712
83c57090e32ee0061e25d55bbbc7312b755724c1cf5a84987376ba38b2fec8d6
83ca062573c09a668eeba3b0afcd43ca832f60d5fea8369822c3f644ffe52bcd
88a4773d600fcf4f66bd68e1fbae638a5a975012cb9ef0271dbddcdf3cf2c638
8cca67a56a5dde8dd7194c6135345d43202a609e2cd8b514a8be75f68d6f337d
9222d5c5a378f3e59e036575359a0c7006a2ad9d4d0658c30c9a25ef1f815421
97a717fe2ce9e30c8d9cf1cd1f685449a6861139529e254a040df484dbb907ec
a18b23541063d54fc8d902005ad6637714c1ecc98caf2c8af1fb98aec12f2f4c
a391da0eb361d11571788bf37d4b4bb2fbee1b763e6ce0ba064f155c36e321d5
aae68f8c9ffa2d16e7618b23d92a3e99b14b0a206a71d7ff5bdaae34b2bd3f78
ab7404d13200f744c7fc58dadf53c0aa866ba620886d9da9e54e669967ecef51
cf37fcc3c7a71a0aa5e3fb9ee6ab31cf3e903e8b1febd80993dbeb3d30614364
dda5dedf6b0f45b54a6e03bea93b5e9a18a69086ed6f2f54e98bccf8fb3f52a4
e668758b3d4c8739c0b1372252466545092d2f661648a8ec79a9e534ea9c6048
e888a9122d26e45c8a0f4b7332fb9005633986ee40f98cb8a6dc4b3ca6ce47cf
e92d3cbb33a4bd6389df584dfab50471081f4148e23cd14795ff629dc15f4d57
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956