hoppersurvey.com
Open in
urlscan Pro
111.90.159.195
Malicious Activity!
Public Scan
Effective URL: https://hoppersurvey.com/onlinevisitor_fr_ns/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Paris&...
Submission: On May 22 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 7th 2020. Valid for: 3 months.
This is the only time hoppersurvey.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Customer Survey Spam (Consumer) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.244.42.69 104.244.42.69 | 13414 (TWITTER) (TWITTER) | |
1 1 | 194.35.235.65 194.35.235.65 | 62240 (CLOUVIDER...) (CLOUVIDER London) | |
1 | 103.95.13.60 103.95.13.60 | 133296 (WEBWERKS-...) (WEBWERKS-AS-IN Web Werks India Pvt. Ltd.) | |
1 1 | 103.28.32.25 103.28.32.25 | 135918 (DVS-AS-VN...) (DVS-AS-VN VIET DIGITAL TECHNOLOGY LIABILITY COMPANY) | |
26 | 111.90.159.195 111.90.159.195 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
7 | 2600:9000:21f... 2600:9000:21f3:9c00:b:4623:cac0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE) | |
37 | 6 |
ASN62240 (CLOUVIDER London, United Kingdom, GB)
PTR: 194-35-235-65.net3me.com
explainedpurposes.com |
ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN)
softwarearrangement.com |
ASN135918 (DVS-AS-VN VIET DIGITAL TECHNOLOGY LIABILITY COMPANY, VN)
lvptrk.com |
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
hoppersurvey.com |
ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
hoppersurvey.com
hoppersurvey.com |
127 KB |
7 |
cloudfront.net
d3e1y4kxkqljcb.cloudfront.net |
49 KB |
1 |
gstatic.com
fonts.gstatic.com |
11 KB |
1 |
googleapis.com
fonts.googleapis.com |
548 B |
1 |
lvptrk.com
1 redirects
lvptrk.com |
825 B |
1 |
softwarearrangement.com
softwarearrangement.com |
476 B |
1 |
explainedpurposes.com
1 redirects
explainedpurposes.com |
281 B |
1 |
t.co
t.co |
430 B |
37 | 8 |
Domain | Requested by | |
---|---|---|
26 | hoppersurvey.com |
softwarearrangement.com
hoppersurvey.com |
7 | d3e1y4kxkqljcb.cloudfront.net |
hoppersurvey.com
|
1 | fonts.gstatic.com | |
1 | fonts.googleapis.com |
hoppersurvey.com
|
1 | lvptrk.com | 1 redirects |
1 | softwarearrangement.com |
t.co
|
1 | explainedpurposes.com | 1 redirects |
1 | t.co | |
37 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
dreamopinion.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
softwarearrangement.com Sectigo RSA Domain Validation Secure Server CA |
2019-11-21 - 2020-12-19 |
a year | crt.sh |
onlinesurve.com Let's Encrypt Authority X3 |
2020-04-07 - 2020-07-06 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hoppersurvey.com/onlinevisitor_fr_ns/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Paris&clickid=80473b78p8p3v716&campaign=565&user_id=1&clickcost=0&lander=220&time=1590137534&browser_version=74&device_model=Desktop&device_brand=Desktop&resolution=800x600&os_name=Mac%20OS%20X&os_version=10.14&country=France&country_code=FR&isp=Venus%20Business%20Communications%20Limited&ip=82.102.18.114&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/74.0.3729.169%20Safari/537.36&lpkey=157690ff15cf582c34&target=ld&device=DESKTOP&uclick=b78p8p3v&uclickhash=b78p8p3v-b78p8p3v-9r8n-17fe-xo3y-b47s-b48p-65141c
Frame ID: F2587CA806F8D85038C8FBBB4357EC99
Requests: 37 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://t.co/WjaNQ6ARk3?amp=1 Page URL
-
http://explainedpurposes.com/lidl.lidl?cbbbbccchGTccwvZ7cdcJrcmcvLBzckzFcbbbbc
HTTP 302
https://softwarearrangement.com/1761e86c1b0aff76000/2_20002_2436280/1937_800073_2356816_9/1 Page URL
-
https://lvptrk.com/click.php?key=tel3me7u7hr3ahln151l&externalid=1013424290&agentid=690128&targ...
HTTP 302
https://hoppersurvey.com/onlinevisitor_fr_ns/index.php?device_name=Desktop&browser_name=Chrome&langua... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: ici
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://t.co/WjaNQ6ARk3?amp=1 Page URL
-
http://explainedpurposes.com/lidl.lidl?cbbbbccchGTccwvZ7cdcJrcmcvLBzckzFcbbbbc
HTTP 302
https://softwarearrangement.com/1761e86c1b0aff76000/2_20002_2436280/1937_800073_2356816_9/1 Page URL
-
https://lvptrk.com/click.php?key=tel3me7u7hr3ahln151l&externalid=1013424290&agentid=690128&target=ld
HTTP 302
https://hoppersurvey.com/onlinevisitor_fr_ns/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Paris&clickid=80473b78p8p3v716&campaign=565&user_id=1&clickcost=0&lander=220&time=1590137534&browser_version=74&device_model=Desktop&device_brand=Desktop&resolution=800x600&os_name=Mac%20OS%20X&os_version=10.14&country=France&country_code=FR&isp=Venus%20Business%20Communications%20Limited&ip=82.102.18.114&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/74.0.3729.169%20Safari/537.36&lpkey=157690ff15cf582c34&target=ld&device=DESKTOP&uclick=b78p8p3v&uclickhash=b78p8p3v-b78p8p3v-9r8n-17fe-xo3y-b47s-b48p-65141c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://explainedpurposes.com/lidl.lidl?cbbbbccchGTccwvZ7cdcJrcmcvLBzckzFcbbbbc HTTP 302
- https://softwarearrangement.com/1761e86c1b0aff76000/2_20002_2436280/1937_800073_2356816_9/1
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
WjaNQ6ARk3
t.co/ |
428 B 430 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
1
softwarearrangement.com/1761e86c1b0aff76000/2_20002_2436280/1937_800073_2356816_9/ Redirect Chain
|
163 B 476 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
hoppersurvey.com/onlinevisitor_fr_ns/ Redirect Chain
|
19 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_style.css
hoppersurvey.com/onlinevisitor_fr_ns/css/ |
16 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.1.min.js
hoppersurvey.com/onlinevisitor_fr_ns/ |
94 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
hoppersurvey.com/onlinevisitor_fr_ns/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
hoppersurvey.com/onlinevisitor_fr_ns/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag_fr.png
d3e1y4kxkqljcb.cloudfront.net/survey_fr/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2ebdcbbe75f2e771343491a1541c83b7.png
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0039d2a7dcbf1a1b449884e25d738020.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
646 B 773 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1e6d83832acbb01290e1bfa1a8e8fb92.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dfc8d9b89c6dddb687ed0ba468ef093d.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
275a3c6d7250fc618c5f32e5bd565b9a.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9687746dd2c717af90e79afa47b8c92b.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
52480de1a60ed5f717a3f73abef62e13.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13863e1661e2893d8bb6c5d912b2f59f.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c8734e402669d30dc61702ea6c74bed3.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0b3bc245a0c981a9acdd428fab1d725d.jpeg
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcf7f117acc460e9148a3031c5b6c4e4.png
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countdown.js
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
497 B 631 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect_bin.js
hoppersurvey.com/ |
295 B 429 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back_link.js
hoppersurvey.com/ |
42 B 175 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.css
hoppersurvey.com/onlinevisitor_fr_ns/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offers_1_d_low.json
hoppersurvey.com/onlinevisitor_fr_ns/datas/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.json
hoppersurvey.com/onlinevisitor_fr_ns/datas/ |
914 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 548 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone_11pro.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_fr/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9227ed9e10072ce0bac69dc54109221b.png
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mostpopuler.png
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iphone_11pro_max.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_fr/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s20.png
d3e1y4kxkqljcb.cloudfront.net/survey_fr/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
macbook.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_nl/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iphone_xs_max.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_fr/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mostpopuler_fr.png
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeue-Medium500.otf
hoppersurvey.com/onlinevisitor_fr_ns/files/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gift_title_ld.png
d3e1y4kxkqljcb.cloudfront.net/survey_fr/gift/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCj6KZ0a9NXjG8dWCvZtUSI.woff2
fonts.gstatic.com/s/bevan/v11/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Customer Survey Spam (Consumer) Generic (Online)35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| months object| days object| time object| d string| dateNow function| socle function| $ function| jQuery object| jQuery111105378117051743627 function| $_GET string| targets function| loadingData function| drawszlider function| timer string| target string| ip object| jsc function| skip_fd function| showModal object| comments number| slidewhere number| holvanszlider object| mydate number| year number| day number| month number| daym string| redirect_url string| back_url_link function| loadingOffers function| timer1 function| startTimer string| titleOut0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | referrer always; |
Strict-Transport-Security | max-age=0 |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d3e1y4kxkqljcb.cloudfront.net
explainedpurposes.com
fonts.googleapis.com
fonts.gstatic.com
hoppersurvey.com
lvptrk.com
softwarearrangement.com
t.co
103.28.32.25
103.95.13.60
104.244.42.69
111.90.159.195
194.35.235.65
2600:9000:21f3:9c00:b:4623:cac0:21
2a00:1450:4001:814::200a
2a00:1450:4001:81b::2003
0118d9d560180d600dcea7397e510abff451d9693b06223a391f5c8e22889fb1
043549cd1f0ca2f0b296a1d9bf6b053e2aae338c187b7ab0f6785a91ddcd186e
05fc8ac585c53a36fbe350744ef07e77f525b82f544f13251febd1ce75ec70bb
0ac816e41740bfa7bbbfcadd182df3177e0d440368d57bc4b45074f95d2caf1b
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
0f3b236e89ca45e623234a8767e955f7f771e078ba5909310f51881e8d4b5a7d
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
2b0c81aa2f2e5fda1c499501edad4927ade4d57d5d31887c076e5769e9ea2866
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
52625eb5c94d0d268cda935ccc2b592d87ae5cd1ee156fa2ecf0703d52ca3785
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55afc77bab1ce43c7f886eea07b455b0d8313598cb26e34344c54e265a8d5970
596505ae2d99cbcc964752ea4c998a6b51c5c829c6b8befd5ec5e90571ac6c0a
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
59e8c1cc2798c595b576b3e023a3f6645fe27afaf79ae55529313d57d1aa1b9b
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
78e22131742b537c50b809817fcc1319f0858b59bb51ae2d7243ad784e77b95d
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
902ce7ee1c9b5178954a7fa87e65a08e758f02f41cfacb2471c92efe16ef2128
912c89610d99f3697c57adee48ed4612efa47ce8902e7d7025bd192a73d5dfd1
966bf2cf08edea1ec6272ae40608eb075f29b8853e59f48db90c64be691ad580
9d5ee216b1a1f2c1033d1c839fb3b2b8bfd2a50ef191c7a92c3a9c4c4e3d2088
a5dc50ae35f4117057e5c3b3612b6396d05f6b6155160f5b5f7d47c0d6c3e468
acdbb507399cf91d06d28c73e8500279d2b6eb8023cdd86b938ecac324c2fd28
b3a72304494bcab99116d0209f2a871b66ec447e5a8fbea8b1f4d927bbc78ee1
c74712a757934cf5ea59996d00440c06e2a5f73b096bdf352d48f27b7a34c821
c84c0bbb678ff7c4d5453406311c94617ebdebee22bf4bc86763884c390b5c8a
cee3c4d44ed911f0fd72860c37a8447f4b9b207fad90cce2fdd811bbe1c3f5ca
d5747b7ac1aeb9601b02efd347477f528da377d87eeb5f850a21b9b1504196a7
eab6f3ff3498a7691a01cff25231a9d274c0c25af64d4079e876b21668a355d5
ee3bf6a7fcc1702c0535a7814f4479fa6c57e796f8e99617529dd904b03ce220
fa814d19350e33bdb911935e9ecb8765a02174097a955e88c5c07f2224c19bc7