essentialremembrance.club
Open in
urlscan Pro
188.209.49.16
Malicious Activity!
Public Scan
Effective URL: https://essentialremembrance.club/?swim=phelps&brand=Desktop&model=Desktop&td=track.mithril-scimitar.com&cep=ArLrBnz7XUm_IIe8ym4nk...
Submission: On May 09 via api from CA
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 6th 2019. Valid for: 3 months.
This is the only time essentialremembrance.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 104.27.243.24 104.27.243.24 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 104.25.118.11 104.25.118.11 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 104.25.119.11 104.25.119.11 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 35.157.125.133 35.157.125.133 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
21 | 188.209.49.16 188.209.49.16 | 49349 (DOTSI) (DOTSI) | |
1 | 2606:4700:30:... 2606:4700:30::681b:ae4d | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
24 | 4 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
circultural.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
normour.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
normour.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
track.mithril-scimitar.com |
ASN49349 (DOTSI, PT)
PTR: hosted-by.blazingfast.io
essentialremembrance.club |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app.superpush.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
essentialremembrance.club
essentialremembrance.club |
121 KB |
2 |
normour.com
1 redirects
normour.com |
1 KB |
2 |
circultural.com
1 redirects
circultural.com |
2 KB |
1 |
superpush.io
app.superpush.io |
1 KB |
1 |
mithril-scimitar.com
1 redirects
track.mithril-scimitar.com |
1 KB |
24 | 5 |
Domain | Requested by | |
---|---|---|
21 | essentialremembrance.club |
essentialremembrance.club
|
2 | normour.com | 1 redirects |
2 | circultural.com | 1 redirects |
1 | app.superpush.io |
essentialremembrance.club
|
1 | track.mithril-scimitar.com | 1 redirects |
24 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssl381364.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-03-01 - 2019-09-07 |
6 months | crt.sh |
ssl389556.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-04-23 - 2019-10-30 |
6 months | crt.sh |
essentialremembrance.club Let's Encrypt Authority X3 |
2019-05-06 - 2019-08-04 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-02-18 - 2020-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://essentialremembrance.club/?swim=phelps&brand=Desktop&model=Desktop&td=track.mithril-scimitar.com&cep=ArLrBnz7XUm_IIe8ym4nkdXBFVcjV1ui0ICtPR8CLvw9P_RhOCsCGYF6ZTBhBtJlQDwcQAcQ9wWJHRyd3a8YNrvnCA_SaZ-VXYgUTDHFECpYaImJpNTy-IvWFz2tsWYnBOJglhIK8-kfgdWbbPel-OOPb-KwLAYNCss2wTDPJrORil_uT4Q20jcWI0spZ3oCFEFXkTUUTV0pSBAlNFC0_WVoc0m9Pgbjg7jsSvqARl0vm9P0o3UFdTl_lsCz4KZR6HXxHUfUlOOYEnxNQrqWKSaYGMUfep5lGVc1CZ7jlxs&clickid=f3a9891e-727b-11e9-9e45-11409239b80b&pub_id=774_741f4a68c864amp&_uu=
Frame ID: 4DAEBF7C7BF764013F96606228731BA8
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://circultural.com/v/829da28a-7278-11e9-9193-019fff2ff115/c/4a09b84f-9a9f-11e5-b565-02f6361de07...
HTTP 301
https://circultural.com/v/829da28a-7278-11e9-9193-019fff2ff115/c/4a09b84f-9a9f-11e5-b565-02f6361de07... Page URL
-
http://normour.com/r/f3a9891e-727b-11e9-9e45-11409239b80b/0/?_rh=bbf8krsVNJ_Pf1SisHYy-i0z6Sgse5...
HTTP 301
https://normour.com/r/f3a9891e-727b-11e9-9e45-11409239b80b/0/?_rh=bbf8krsVNJ_Pf1SisHYy-i0z6Sgse5... Page URL
-
https://track.mithril-scimitar.com/3f04ac3a-d4b8-47fe-a3b3-6b8b8fb57056?clickid=f3a9891e-727b-11e9-9e45-1140923...
HTTP 302
https://essentialremembrance.club/?swim=phelps&brand=Desktop&model=Desktop&td=track.mithril-scimitar.com&cep=A... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://circultural.com/v/829da28a-7278-11e9-9193-019fff2ff115/c/4a09b84f-9a9f-11e5-b565-02f6361de079/?_i=1&_s=829da2b2-7278-11e9-9194-019fff2ff1dd&aff_id=20586&off_id=64905&sub_id=20922&transaction_id=AQJnRRcAAAFqnXN7RAAA_YkAAFL7&_d=7t|1|60|0|1|1|t|t|375x812|0|3|Apple%20Computer%20Inc.|1|32|32|288|74-65f3f4e4|0|0|95|0|n|t|t|1zskzu,of5vy8,2|en-GB|iPhone|aaaa0|20030107|5.0%20(iPhone;%20CPU%20iPhone%20OS%2012_2%20like%20Mac%20OS%20X)%20AppleWebKit/605.1.15%20(KHTML,%20like%20Gecko)%20Mobile/15E148%20CamScanner_IP_FREE/5.9.7.1904121924|0|u|t|t|t|t|t|a6t6j|WebGL%201.0|Apple%20Inc.|Apple%20GPU|ex:fw4k2|1|u|t|n|n|n|n|0x0|0|0|t|0|t|n|cs_sk
HTTP 301
https://circultural.com/v/829da28a-7278-11e9-9193-019fff2ff115/c/4a09b84f-9a9f-11e5-b565-02f6361de079/?_i=1&_s=829da2b2-7278-11e9-9194-019fff2ff1dd&aff_id=20586&off_id=64905&sub_id=20922&transaction_id=AQJnRRcAAAFqnXN7RAAA_YkAAFL7&_d=7t|1|60|0|1|1|t|t|375x812|0|3|Apple%20Computer%20Inc.|1|32|32|288|74-65f3f4e4|0|0|95|0|n|t|t|1zskzu,of5vy8,2|en-GB|iPhone|aaaa0|20030107|5.0%20(iPhone;%20CPU%20iPhone%20OS%2012_2%20like%20Mac%20OS%20X)%20AppleWebKit/605.1.15%20(KHTML,%20like%20Gecko)%20Mobile/15E148%20CamScanner_IP_FREE/5.9.7.1904121924|0|u|t|t|t|t|t|a6t6j|WebGL%201.0|Apple%20Inc.|Apple%20GPU|ex:fw4k2|1|u|t|n|n|n|n|0x0|0|0|t|0|t|n|cs_sk Page URL
-
http://normour.com/r/f3a9891e-727b-11e9-9e45-11409239b80b/0/?_rh=bbf8krsVNJ_Pf1SisHYy-i0z6Sgse5YzI9ow1CES1W2HTvrsOqqS2dDmdmSY7zyfVD8oHZIymq5nLQXbUAGU-87PTRTHo9n-nSW2F8APPiVOmpF9DZj_Fiup2ml0XZ0FiY_tGuOSGYLKf86M15FjRq2p19vk5AuOv3GviMlC-xXwmWuULwDIX2J1VwNmXvLSeiXObvlhFaG1FJPG6NOcMhxetKlZ0a1BYzEiCgXS3oUsmrvahabWLc27uGBIhChQk8oViDHRRMWM5ChpQpnXh7DWQh6tIQkEpClFUbfjqLHZt52n95GvHnHH7sADPaYeZuz_z2li1aU3I-CMHlNTDTBDYwole88Inb14h_P9Qqnsvuvd6vrZZwzkN0D-Dv9FNWdeadPpqgb9W62aBC3TQCiO1aJlwFImxlRU
HTTP 301
https://normour.com/r/f3a9891e-727b-11e9-9e45-11409239b80b/0/?_rh=bbf8krsVNJ_Pf1SisHYy-i0z6Sgse5YzI9ow1CES1W2HTvrsOqqS2dDmdmSY7zyfVD8oHZIymq5nLQXbUAGU-87PTRTHo9n-nSW2F8APPiVOmpF9DZj_Fiup2ml0XZ0FiY_tGuOSGYLKf86M15FjRq2p19vk5AuOv3GviMlC-xXwmWuULwDIX2J1VwNmXvLSeiXObvlhFaG1FJPG6NOcMhxetKlZ0a1BYzEiCgXS3oUsmrvahabWLc27uGBIhChQk8oViDHRRMWM5ChpQpnXh7DWQh6tIQkEpClFUbfjqLHZt52n95GvHnHH7sADPaYeZuz_z2li1aU3I-CMHlNTDTBDYwole88Inb14h_P9Qqnsvuvd6vrZZwzkN0D-Dv9FNWdeadPpqgb9W62aBC3TQCiO1aJlwFImxlRU Page URL
-
https://track.mithril-scimitar.com/3f04ac3a-d4b8-47fe-a3b3-6b8b8fb57056?clickid=f3a9891e-727b-11e9-9e45-11409239b80b&pub_id=774_741f4a68c864amp&_uu=
HTTP 302
https://essentialremembrance.club/?swim=phelps&brand=Desktop&model=Desktop&td=track.mithril-scimitar.com&cep=ArLrBnz7XUm_IIe8ym4nkdXBFVcjV1ui0ICtPR8CLvw9P_RhOCsCGYF6ZTBhBtJlQDwcQAcQ9wWJHRyd3a8YNrvnCA_SaZ-VXYgUTDHFECpYaImJpNTy-IvWFz2tsWYnBOJglhIK8-kfgdWbbPel-OOPb-KwLAYNCss2wTDPJrORil_uT4Q20jcWI0spZ3oCFEFXkTUUTV0pSBAlNFC0_WVoc0m9Pgbjg7jsSvqARl0vm9P0o3UFdTl_lsCz4KZR6HXxHUfUlOOYEnxNQrqWKSaYGMUfep5lGVc1CZ7jlxs&clickid=f3a9891e-727b-11e9-9e45-11409239b80b&pub_id=774_741f4a68c864amp&_uu= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://circultural.com/v/829da28a-7278-11e9-9193-019fff2ff115/c/4a09b84f-9a9f-11e5-b565-02f6361de079/?_i=1&_s=829da2b2-7278-11e9-9194-019fff2ff1dd&aff_id=20586&off_id=64905&sub_id=20922&transaction_id=AQJnRRcAAAFqnXN7RAAA_YkAAFL7&_d=7t|1|60|0|1|1|t|t|375x812|0|3|Apple%20Computer%20Inc.|1|32|32|288|74-65f3f4e4|0|0|95|0|n|t|t|1zskzu,of5vy8,2|en-GB|iPhone|aaaa0|20030107|5.0%20(iPhone;%20CPU%20iPhone%20OS%2012_2%20like%20Mac%20OS%20X)%20AppleWebKit/605.1.15%20(KHTML,%20like%20Gecko)%20Mobile/15E148%20CamScanner_IP_FREE/5.9.7.1904121924|0|u|t|t|t|t|t|a6t6j|WebGL%201.0|Apple%20Inc.|Apple%20GPU|ex:fw4k2|1|u|t|n|n|n|n|0x0|0|0|t|0|t|n|cs_sk HTTP 301
- https://circultural.com/v/829da28a-7278-11e9-9193-019fff2ff115/c/4a09b84f-9a9f-11e5-b565-02f6361de079/?_i=1&_s=829da2b2-7278-11e9-9194-019fff2ff1dd&aff_id=20586&off_id=64905&sub_id=20922&transaction_id=AQJnRRcAAAFqnXN7RAAA_YkAAFL7&_d=7t|1|60|0|1|1|t|t|375x812|0|3|Apple%20Computer%20Inc.|1|32|32|288|74-65f3f4e4|0|0|95|0|n|t|t|1zskzu,of5vy8,2|en-GB|iPhone|aaaa0|20030107|5.0%20(iPhone;%20CPU%20iPhone%20OS%2012_2%20like%20Mac%20OS%20X)%20AppleWebKit/605.1.15%20(KHTML,%20like%20Gecko)%20Mobile/15E148%20CamScanner_IP_FREE/5.9.7.1904121924|0|u|t|t|t|t|t|a6t6j|WebGL%201.0|Apple%20Inc.|Apple%20GPU|ex:fw4k2|1|u|t|n|n|n|n|0x0|0|0|t|0|t|n|cs_sk
- http://normour.com/r/f3a9891e-727b-11e9-9e45-11409239b80b/0/?_rh=bbf8krsVNJ_Pf1SisHYy-i0z6Sgse5YzI9ow1CES1W2HTvrsOqqS2dDmdmSY7zyfVD8oHZIymq5nLQXbUAGU-87PTRTHo9n-nSW2F8APPiVOmpF9DZj_Fiup2ml0XZ0FiY_tGuOSGYLKf86M15FjRq2p19vk5AuOv3GviMlC-xXwmWuULwDIX2J1VwNmXvLSeiXObvlhFaG1FJPG6NOcMhxetKlZ0a1BYzEiCgXS3oUsmrvahabWLc27uGBIhChQk8oViDHRRMWM5ChpQpnXh7DWQh6tIQkEpClFUbfjqLHZt52n95GvHnHH7sADPaYeZuz_z2li1aU3I-CMHlNTDTBDYwole88Inb14h_P9Qqnsvuvd6vrZZwzkN0D-Dv9FNWdeadPpqgb9W62aBC3TQCiO1aJlwFImxlRU HTTP 301
- https://normour.com/r/f3a9891e-727b-11e9-9e45-11409239b80b/0/?_rh=bbf8krsVNJ_Pf1SisHYy-i0z6Sgse5YzI9ow1CES1W2HTvrsOqqS2dDmdmSY7zyfVD8oHZIymq5nLQXbUAGU-87PTRTHo9n-nSW2F8APPiVOmpF9DZj_Fiup2ml0XZ0FiY_tGuOSGYLKf86M15FjRq2p19vk5AuOv3GviMlC-xXwmWuULwDIX2J1VwNmXvLSeiXObvlhFaG1FJPG6NOcMhxetKlZ0a1BYzEiCgXS3oUsmrvahabWLc27uGBIhChQk8oViDHRRMWM5ChpQpnXh7DWQh6tIQkEpClFUbfjqLHZt52n95GvHnHH7sADPaYeZuz_z2li1aU3I-CMHlNTDTBDYwole88Inb14h_P9Qqnsvuvd6vrZZwzkN0D-Dv9FNWdeadPpqgb9W62aBC3TQCiO1aJlwFImxlRU
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
circultural.com/v/829da28a-7278-11e9-9193-019fff2ff115/c/4a09b84f-9a9f-11e5-b565-02f6361de079/ Redirect Chain
|
619 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
normour.com/r/f3a9891e-727b-11e9-9e45-11409239b80b/0/ Redirect Chain
|
89 B 514 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
essentialremembrance.club/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.min.css
essentialremembrance.club/ |
2 KB 929 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
superpushSDK.js
app.superpush.io/static/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.jpg
essentialremembrance.club/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
len-de.png
essentialremembrance.club/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
media-750.jpg
essentialremembrance.club/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
essentialremembrance.club/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
essentialremembrance.club/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.png
essentialremembrance.club/ |
469 B 603 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.jpg
essentialremembrance.club/ |
875 B 1010 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.jpg
essentialremembrance.club/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.jpg
essentialremembrance.club/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.jpg
essentialremembrance.club/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.jpg
essentialremembrance.club/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.jpg
essentialremembrance.club/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
winners.jpg
essentialremembrance.club/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.jpg
essentialremembrance.club/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.jpg
essentialremembrance.club/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10.jpg
essentialremembrance.club/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.jpg
essentialremembrance.club/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21.gif
essentialremembrance.club/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
essentialremembrance.club/ |
15 KB 15 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| superPush object| params undefined| appPublicKey undefined| swRegistration function| getURLParameter object| btn object| dayNames object| monthNames object| now function| startTimer function| fb_token object| _0x91ae function| fadeOut function| fadeIn function| survey string| a function| speak function| funcc function| exit_a10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.superpush.io
circultural.com
essentialremembrance.club
normour.com
track.mithril-scimitar.com
104.25.118.11
104.25.119.11
104.27.243.24
188.209.49.16
2606:4700:30::681b:ae4d
35.157.125.133
0543888b3a7999ffcc401b55735c0172f3596882805edd74bdab59e0a72babaf
0e4c3d99efa3b2c5bc62e7e9775f6df76aedb4439717f62dea63e33855dfac92
0f7476367287cf4091b0ab6504a2dadc508a8f7dfe86970bc8435f9161b1229a
13db92730bcd226ba81f638e994b1731bd41b83a44ae533a4087db022f5fceda
1a381623bd87f77b8b642d150404adf1f6edba167de3caa88cccf0385791b2e3
1c4606232b522c700d783c3d0690978f8ffa4fde90293f587d0aba7cd1f54bb8
1fcf1c3afe8ad15c35a8738872ce7b6640b390b3dcb44ce42c581637a2a01e01
3f4f746c80e27c660c9e6df3da619301ae93bb83793446892405d113ec28979f
4af80cd4501374556cd4c6c7fb2800eb3c72bd5eb7b2971f64f441a97c9e4b97
4d52b2fa6c5c1f04781bd68da07c9e2d7002dd0c8cb79ff7604a7b11f6c3c0d2
608a1ba3c0fe1420b29c8f4494979cf99e17963ec1865e751ba86611422b91f5
64ef066211b7218254295043e0e7bffe0962943446af423f64752c80004b65b1
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
89b96da54a848883c3105080d3eba4483d7a0a95f703782dc76d9adf8b0959d4
8faa2373bb49912f7d74e626c6fa9cc959c1e75496accc6fa5658a67f0082b73
9860f4ce37af4594415edd7ff4b0a83d5fb72e9175cfd748e2254133a86cf17e
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
9d425d2ee401fde3ddf7481b9df7ce8f724b7e1f2166fedda4ba0e6a94da85f5
c3ba4b8f1b708bf9fb64f6b530ffea5feb0ec53711ea00cd58ac7fa295e528ce
d59184d19acac5e205e0dd8dbead7cf1e39ed3dbc2eb0707fea809ff78d7e391
eed5cda3c2b6142c96bb7853ad354b86b1e00e835217a78c4c86a7fa99ea0b16
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987