mrronnies.com
Open in
urlscan Pro
45.40.135.135
Malicious Activity!
Public Scan
Submission: On June 16 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 1st 2020. Valid for: 3 months.
This is the only time mrronnies.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Deutsche Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
35 | 45.40.135.135 45.40.135.135 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
2 | 185.54.150.11 185.54.150.11 | 60164 (WEBTREKK-AS) (WEBTREKK-AS) | |
1 | 160.83.8.105 160.83.8.105 | 8373 (DEUBA-NET...) (DEUBA-NET Germany) | |
1 | 185.54.150.12 185.54.150.12 | 60164 (WEBTREKK-AS) (WEBTREKK-AS) | |
39 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-45-40-135-135.ip.secureserver.net
mrronnies.com |
ASN60164 (WEBTREKK-AS, DE)
cdn.mateti.net | |
849715076759606.mateti.net |
ASN8373 (DEUBA-NET Germany, DE)
PTR: tp.tec.db.com
tp.deutsche-bank.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
mrronnies.com
mrronnies.com |
1 MB |
3 |
mateti.net
cdn.mateti.net r.mateti.net 849715076759606.mateti.net |
102 KB |
1 |
deutsche-bank.de
tp.deutsche-bank.de |
844 B |
39 | 3 |
Domain | Requested by | |
---|---|---|
35 | mrronnies.com |
mrronnies.com
|
1 | 849715076759606.mateti.net |
mrronnies.com
|
1 | r.mateti.net |
mrronnies.com
|
1 | tp.deutsche-bank.de |
mrronnies.com
|
1 | cdn.mateti.net |
mrronnies.com
|
39 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.deutsche-bank.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mrronnies.com cPanel, Inc. Certification Authority |
2020-06-01 - 2020-08-30 |
3 months | crt.sh |
*.mateti.net Go Daddy Secure Certificate Authority - G2 |
2018-01-11 - 2021-01-11 |
3 years | crt.sh |
tp.deutsche-bank.de DigiCert Global CA G2 |
2020-03-18 - 2021-04-04 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/sm_acc.php?=&fca128f27480061fc62334872e8c86af
Frame ID: D57D680BD509A4D07D575DCD939DEB8B
Requests: 37 HTTP requests in this frame
Frame:
https://mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ls.html
Frame ID: 30D5A74533116A30654CFD6C5C0D56D9
Requests: 1 HTTP requests in this frame
Frame:
https://849715076759606.mateti.net/mcp/ls.html?trackId=849715076759606
Frame ID: 0C459BA215874B78AB09DB1D23F6360A
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Clipboard.js (Miscellaneous) Expand
Detected patterns
- script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Märkte
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
sm_acc.php
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/ |
38 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json2.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global-jquery.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nouislider.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clipboard.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
10 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demokonto_jquery.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demokonto.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar_002.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
66 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
69 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar-de.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
334 KB 334 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demokonto.css
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mct.css
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
31 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common2fa.css
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2fa.css
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onsite.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
129 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.gif
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
233 KB 233 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
photoTAN.png
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartphone_detect.png
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartphone_push_de.png
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
65 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartphone_home_menu.png
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartphone_push_loader.gif
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
25 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mct_operationSuccessful.gif
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
117 B 359 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtrekkV4.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clipboard.min.js
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/lib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ |
12 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls.html
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/index_fichiers/ Frame 30D5 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_headerContainer.svg
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/img/ |
24 KB 24 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UniversDeutscheBankW01-Reg.woff
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/webfonts/ |
48 KB 48 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pfbicons.woff
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/webfonts/ |
57 KB 57 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_additionalInfos.png
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tan_keyboard_icon.svg
mrronnies.com/meine.deutsche/ver/trxm/UNT_frm=712879/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onsite.min.js
cdn.mateti.net/mcp/ |
129 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wt.pl
tp.deutsche-bank.de/849715076759606/ |
43 B 844 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rdfs
r.mateti.net/ |
770 KB 58 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls.html
849715076759606.mateti.net/mcp/ Frame 0C45 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Deutsche Bank (Banking)107 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| loadScript function| loadContactWidget function| handlePricingTables function| handleAnnotations function| toggleSepaDetails function| addIBANCopyHelper function| styleSEPADomesticTransferConfirmation function| debug function| setOPRAPortalTeaserContainer function| updateOPRAPortalTeaserContainerSize function| enhanceLayout function| efaFontsize function| setFontsize function| toggleContent function| collapseTable function| displayCompletedSteps function| setBackgroundImage function| printPage function| validateLogin function| setWidth function| toggleTooltip function| hoverButtons function| observeEnterKey function| addHeadline function| addTANKeypad function| enterTan function| openWin function| openWinWithEvent function| nativeLinkHandler function| openWinFromIframe function| findRelevantAnchor function| finalizeFontSize function| heightBalancing function| AKK_enhanceLayout function| cookieRepair function| getSessionIds function| handleCookieConsentBox function| handleESafe string| language string| ua object| browser object| isiPad boolean| isMac string| sourcePath string| scriptPath object| Cookie object| noUiSlider function| number_format function| checkLength function| showMaxChars function| isInIframe function| escapeHTML function| Zapatec function| enmCalendar function| enmCalendarDist function| checkId function| triggerHTMLEvent function| upDate function| addCalendar function| updateToday string| calendarIcon string| calendarClass string| destroyString number| destroyDelay object| showTimeout number| showDelay string| sortFormat number| overDay number| overMonth number| xOffset number| yOffset string| alignment function| ct number| msecsPerDay object| today number| todayUpdater object| calendar function| pushNotificationPopup function| submitForPushApproval function| onClickPushApprovedButton function| onClickPushRejectButton function| initSmartphone function| wt_scrollposition object| webtrekkConfig object| wts undefined| wt_safetagConfig boolean| wt_isGlobalVisitorIdTriggerStarted function| wt_teaserTracking function| wt_testingOptimization function| wt_marketingAutomation object| wt_dfp object| wt_mcp_config string| wt_mcp_eid object| webtrekkUnloadObjects object| webtrekkLinktrackObjects object| webtrekkHeatmapObjects function| WebtrekkV3 function| webtrekkV3 object| pageconfig object| wt object| wt_tt object| webtrekk object| closure_lm_492950 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
849715076759606.mateti.net
cdn.mateti.net
mrronnies.com
r.mateti.net
tp.deutsche-bank.de
160.83.8.105
185.54.150.11
185.54.150.12
45.40.135.135
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
0354334b6187f44b20603099532309fdb93d313b1f6eee38143aa4ac8a966792
0801ca059f88d579b8047115f6c339a7477e1a04b417ef7de8c97c797260f3c9
0a9e481286c7b092e56c30dc363235075e26db8d329c6940681baf1ca799a730
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
113dbe0da0d58c4b6fc9fef38129f0665175e7a43d0715f014861ad0990c8cff
2423e34cbf78c5ef550078ac75fd26f7791232c473629314d6363ff86f6dac70
2ced565ab5a60bcb5497bda8b3f86caec986656cd15a6022df830318efdbb070
4383414339548cad971d6f8219325c860ea3ae674ec53b650426459c4f60fa97
4713858ba9e8292ca443bde63df83f9d13b3eab4c92e7455a2983de7d2e4165c
4d2c64ec0fe4897d8401ad2aee7dd738fa1c7f487b971ba1e356eaa1e561b91a
4f75b532725adcef5efb538117483dd56fea307b313c9426841152735c76e755
5302c9916b9a9df4167084fbc9c69d0930e4cc70dcac73a74963f57b20b955f8
677a43c6ab99636d2525adc4d330d6efab758769d72091f295107cf2a123b5be
707fda842300d2ea7e2e2e5dd0afde22b79c16196c442737fd54bdc8df141fba
7274c97d9d713e6c4a515d61678edb6a3cb6e61d855276a64f37d41c3e25e354
72a94ea5013f9a9267db4514651725aa1e7e64a088ba0f1e6d8deb9808df2c9d
748b86c63d59f06bafa1315d8f44ed701213609874a2bc9c7e59555054f2d8ad
854b128f201ebfce514b7d9bbb9921911748f11eb56ba4162c8dc76307dcaec7
8892df3f5603d541c3513ee35bc25da0526e864b9734829bca938ba228e2113b
9262dbfa53a29e4577d36a4fc360759764771809c70c47d6ec713f2c889caf74
9605e2e3af194f73125b09ad8ef5cc6531dba2a847949844ab6f55cb2fc5a001
9a2278d01a2eaa031240775e932b50f65471e956a9d23fd0cdf57e178546f69b
9ad8478925b9c5d28672c14ad7b15aa406d0f6dd0f16946652c32248b4f4ba2c
a9a9bb326717c0010da98f33db90289e8a0648876290790e7192322208db4d59
ad17a13a610fa6c9f7868740a775090f40c7cee2e07c991bf3bd7e5785cfb8a1
ae6884468c14ccc137553a72673bd7f02d0dbc010c6b69402b5c34b245b51f15
af364ba4d93aed93b458674a817641c707d7218a5f00c72f93103c1e84c6f2d0
b111b9f5e0d72c31f7d84ce85c7ea15c4db69250b4bcf995b8d7fa11dec633df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc19288c40abfc1d89fe1a4e86343d95ee185fc1116609722c567ec8d60d1ed2
cf45a9434c8f1a811199ceb38cb03514e8808c746d4ee380bf439441e8ee7408
d23380312855974288b53eac31834160d97f26084c8f3865494a5370e2d8bf81
d36d5b7a4770bc6d3f6065afa45412476487c8263cc465575c95029938aa7ae5
db8888b33853691831767fa83e8f12ab72f18e9c8b48ca7e94a094d3ad214196
f13478ad93e3615c4dea4ab939215662302883bc3047dbedff4ae9e43458be19