wallsurveys.com
Open in
urlscan Pro
104.238.196.199
Malicious Activity!
Public Scan
Effective URL: https://wallsurveys.com/?f7e3f7b79b84e7f085c3cb4c114b821c
Submission Tags: 6716901
Submission: On August 03 via api from NL
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 3rd 2020. Valid for: 3 months.
This is the only time wallsurveys.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 172.245.1.37 172.245.1.37 | 55286 (SERVER-MANIA) (SERVER-MANIA) | |
1 3 | 104.238.196.199 104.238.196.199 | 396932 (HOSTINSANITY) (HOSTINSANITY) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
38 | 52.219.116.120 52.219.116.120 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE) | |
46 | 7 |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com
s3-us-west-1.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
38 |
amazonaws.com
s3-us-west-1.amazonaws.com |
524 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
33 KB |
2 |
wallsurveys.com
wallsurveys.com |
132 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
1 |
largebalsa.com
1 redirects
largebalsa.com |
263 B |
1 |
hatios.com
hatios.com |
524 B |
46 | 7 |
Domain | Requested by | |
---|---|---|
38 | s3-us-west-1.amazonaws.com |
wallsurveys.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
wallsurveys.com |
2 | wallsurveys.com |
hatios.com
wallsurveys.com |
1 | www.googletagmanager.com |
wallsurveys.com
|
1 | fonts.googleapis.com |
wallsurveys.com
|
1 | ajax.googleapis.com |
wallsurveys.com
|
1 | largebalsa.com | 1 redirects |
1 | hatios.com | |
46 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.hatios.com Go Daddy Secure Certificate Authority - G2 |
2019-12-07 - 2021-02-05 |
a year | crt.sh |
wallsurveys.com Let's Encrypt Authority X3 |
2020-07-03 - 2020-10-01 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.s3-us-west-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2020-12-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wallsurveys.com/?f7e3f7b79b84e7f085c3cb4c114b821c
Frame ID: 6639140297C9FA8DC5DE2370C163A094
Requests: 46 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://hatios.com/1996e8675ed3a14000/walmart/wal/wa Page URL
-
https://largebalsa.com/index.php?brand=brand&t202kw=M15.US.WALM.RS&clickid=930731806&pubid=472042&i...
HTTP 302
https://wallsurveys.com/?f7e3f7b79b84e7f085c3cb4c114b821c Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://hatios.com/1996e8675ed3a14000/walmart/wal/wa Page URL
-
https://largebalsa.com/index.php?brand=brand&t202kw=M15.US.WALM.RS&clickid=930731806&pubid=472042&isplit=c3&wsplit=c4&i=158&c5=c5&c6=c6&c7=c7&subindex=subindex&rg=84&t=s
HTTP 302
https://wallsurveys.com/?f7e3f7b79b84e7f085c3cb4c114b821c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
wa
hatios.com/1996e8675ed3a14000/walmart/wal/ |
232 B 524 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
wallsurveys.com/ Redirect Chain
|
131 KB 132 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.0/ |
90 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amazon.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
640 B 1006 B |
Stylesheet
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
107 KB 108 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
365 B 720 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notify.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr-2.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
survey10.css
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
830 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 477 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Walmart.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/other/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
147b40c94712dee60e2e4dfd813cd3c7.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4-5.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d0e69996a6c6bae5aefe0c67167ed3e3.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
394f88a0fb1b960fca9d8e09e5a38f1b.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
91d52a1fe268b4444c56424ee154ee6b.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
de323fe6db9b99ae287f7e0fc72408fc.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
64a29f0821105f58e3b48f9ef07f66f4.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9e9608bf94e5d9a16fecda2ef86acc45.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d0a7ec442e47e2b6ac1370b4acc91201.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
99f63124d0133df87e49bc474ae7695e.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3e3306e4f564240a214648cdbaeb65cd.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hannah.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Kathryn.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Tony.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Molly.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Stormin.png
s3-us-west-1.amazonaws.com/imgcenter/image_center/comments/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5star.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
45star.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4star.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
guarantee.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secureSiteLogo.png
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
countdownScript.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/survey_files/ |
932 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
countdown.js
s3-us-west-1.amazonaws.com/imgcenter/s/2/js/ |
497 B 866 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
s3-us-west-1.amazonaws.com/imgcenter/js_public/ |
60 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
85 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
error.php
wallsurveys.com/ |
345 B 498 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online) Generic (Online)60 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| asdf function| datehax object| html5 object| Modernizr function| yepnope object| respond function| goToQ1 function| goToQ2 function| goToQ3 function| goToQ4 function| goToQ5 function| goToQ6 function| goToQ7 function| goToQ8 function| HideAllQuestions function| onbeforeload string| msg string| msg2 function| ViewOffer235 function| ViewOffer132 function| ViewOffer243 function| ViewOffer200 function| ViewOffer171 function| ViewOffer74 function| ViewOffer77 function| ViewOffer111 function| ViewOffer78 function| ViewOffer184 object| jQuery1101010093832297082406 function| countdown function| getScore function| getScore_recaptcha function| loading2 function| loading3 function| ff function| ff2 object| jsc function| move_offers function| u60000 function| a60000 function| Z60000 object| Sbta function| rns object| BetterJsPop function| getCookie function| setCookie function| stupid_timer function| startTimer function| reset_timer function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wallsurveys.com/ | Name: _gat_gtag_UA_79983506_1 Value: 1 |
|
.wallsurveys.com/ | Name: _gid Value: GA1.2.2070049952.1596481363 |
|
.wallsurveys.com/ | Name: _ga Value: GA1.2.1843530333.1596481363 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
hatios.com
largebalsa.com
s3-us-west-1.amazonaws.com
wallsurveys.com
www.google-analytics.com
www.googletagmanager.com
104.238.196.199
172.245.1.37
2a00:1450:4001:801::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:81f::200a
52.219.116.120
0022991f5411533001f3e11715a5491bf6ba00f71dfa783e09d4be8a62d758de
0ac816e41740bfa7bbbfcadd182df3177e0d440368d57bc4b45074f95d2caf1b
0db44aae459671e58025883d934a4fb13d644159e8cf0a21acdd024c095975a9
1140156c09c0ad7bafc0fd18078c3911d765fac83ddcb2e1b2b877998f000491
15cc18999315c5ab1e3167ed6a6f3d606433623094ddc34e51d57741d099e385
17610a222c902eeaac76b5c50f97289ea6fcbf3dc617540cf66314ed9c034dc5
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2b3b805be857f10588248df328cf2e025f5eb925b35b3a51246dacda7ef5bbdd
33a18b4288cb7f433820ab2e6b03f605d42334113829b574325787306b724c14
39b67a18f2c153b3b8f844e1b7c4ce829f36f8d591350036a918d66117d4ab43
41dbe73ecf6039e9fe21f76a9934927d6e031964e44d72bfac6b74211290208b
480fa844721e791ae69b3640b084440afe6581bc21528638dc14d63899318a26
4a942229e38aad23a58db9ce42e999e69160b4fce178519eef947e5640d7f909
4d3938fc65148e3b1d23351e9ab5bc58d86d669326d303b85ee539a5a0e7b810
5462f1cb351b9d7a318515632e14826b02c2487bf8cdd69560e65a5291cdea82
64b8557e7ba553c8cf58b98410b7145fd90b2662d32a4902c3c822e0d4aafa56
6d5da2e20499b56d5e9d26a92a1103c56caff35138e428cb825c8b0e47f96e61
707398ee3591cf9f21344fb30e2b336d7e5ca4e45caf04fbf523865a54eac571
7aa12b34ae56d90634c9b76e6a5c90a4435d0881030fab44716795241f83ee2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
895364e0d4faf386bb36793de06b7387a0e8fe56dd260ab7c97bda71b7dd317b
8a1132ecace649a94b946826058b9d73202d697fb5ec0c73609cc128d4ccef5e
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
941c5d51fcbd0aea0506ba84b10327da362a293eacea53d5a75320e1ae29bd60
96e2939bdd22ce52a706eebb7fd2928a4c7cb466892bdf8964c37b4c0741f879
a5489a0f2b654ddaa9303dac229a8cbdb57266a33ec3603b3132f59dd8fcc097
a8d7dd5dfc23b9b17ae827e9500c098009d4fbb0792d344e10cbd7371601dfe4
ae0eb56848ba1e0ebce039d2eb328385b6e06d3e74fe0b8319b3000b885a26e2
b255671a4af52695376763781b94d5ea0831b943eaf3a96bfd8b172224f7039c
b9865dd52473cbd6602d1017c6f2865e83430ded0ce1be8fe6a676d5edd84a2d
bb5306a5d524e4736d018809faacfb6269a5a3a79f0b29758397c1d40bdea6fa
bca9da88a5fe44257f40fe7b90f875fc67aed49cc0851ef4fe0ac3bea48b96cf
bdc33b7781d596fa87aefbfd3fdc626573e1ba2947f758995c4e0633b4fab64a
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
c05c396e05422383b42a0f95dba45b5844101118a0c7aa6402c255c4d80b1224
c17bbabff12f8dbaffdbad470bf3d9a8f3e870f1dd03bc1b6b35fddb744d74a9
c30e9ee87dba0cb0e81d45ed53f6751c32d52cef6cb4b2af6240d33bd64625cc
c45a701c8c7ef2eb262e1d8cc7c6848919583187ed3427a497d4d01e30dc5fa1
cd043a1c0f6467465a1e924853a2a323fe0eba1293498908a991f3d1a9df4858
d19647636279a73935a245d0f6481424232df65a77da5bab61899132dc92ab30
e3869e4c11355fea392574784fc3a74429ac141fa7cefb42abb046316eff7074
e4ca16c7fa1ebccdcbc2f3550dd88a5d5c20c60db192720b5218fefc0f0617c7
f3d577c228bfea41c5c87f3967f34e403578ea27a6c94daa034910e9eb4eaec0
f41f68f6cebc61615428108a71b627484a2390fa0e015e5aa87d06b48233c8fb
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955