avventura.be
Open in
urlscan Pro
2a00:1c98:1000:1042:0:1:4e99:2270
Malicious Activity!
Public Scan
Effective URL: https://avventura.be/area/-/default.php?id=8krl1e
Submission: On August 11 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 29th 2023. Valid for: a year.
This is the only time avventura.be was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: National Bank of Greece (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 208.75.122.11 208.75.122.11 | 40444 (ASN-CC) (ASN-CC) | |
1 1 | 178.159.0.10 178.159.0.10 | 42831 (UKSERVERS...) (UKSERVERS-AS UK Dedicated Servers) | |
1 23 | 2a00:1c98:100... 2a00:1c98:1000:1042:0:1:4e99:2270 | 34762 (COMBELL-AS) (COMBELL-AS) | |
5 | 2a00:1450:400... 2a00:1450:4001:828::2004 | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6810:5614 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
38 | 7 |
ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: server.24xservice.com
al-kauther.info |
ASN15169 (GOOGLE, US)
www.gstatic.com | |
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
avventura.be
1 redirects
avventura.be |
468 KB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
408 KB |
5 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
68 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 245 |
438 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356 |
23 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 752 |
30 KB |
1 |
al-kauther.info
1 redirects
al-kauther.info |
239 B |
1 |
rs6.net
1 redirects
r20.rs6.net — Cisco Umbrella Rank: 6527 |
353 B |
38 | 8 |
Domain | Requested by | |
---|---|---|
23 | avventura.be |
1 redirects
avventura.be
|
5 | www.google.com |
avventura.be
www.gstatic.com www.google.com |
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
2 | fonts.gstatic.com |
www.google.com
|
1 | cdnjs.cloudflare.com |
avventura.be
|
1 | cdn.jsdelivr.net |
avventura.be
|
1 | code.jquery.com |
avventura.be
|
1 | al-kauther.info | 1 redirects |
1 | r20.rs6.net | 1 redirects |
38 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.avventura.be Sectigo RSA Domain Validation Secure Server CA |
2023-03-29 - 2024-04-26 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://avventura.be/area/-/default.php?id=8krl1e
Frame ID: 456A47BE12296124E421D665B9308125
Requests: 28 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LemNponAAAAAJqbSxKCX3mf8BU1Fm_3notNeaVg&co=aHR0cHM6Ly9hdnZlbnR1cmEuYmU6NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=vd8ruu7kj5aq
Frame ID: 15AFB38838FD8CCEF1E0471A6BF9D3FB
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
NBG i-bankPage URL History Show full URLs
-
https://r20.rs6.net/tn.jsp?f=0014dp1u5I8kLb2dh60EKtWNRa3j8iVMA3RmwHNMm0G6LGVU8hNbkYi1VOqCPRM8wwx...
HTTP 302
https://al-kauther.info/img/img.php HTTP 302
https://avventura.be/area/-/ Page URL
-
https://avventura.be/area/-/includes/unlock.php
HTTP 302
https://avventura.be/area/-/default.php?id=8krl1e Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://r20.rs6.net/tn.jsp?f=0014dp1u5I8kLb2dh60EKtWNRa3j8iVMA3RmwHNMm0G6LGVU8hNbkYi1VOqCPRM8wwxJSd7XqtnFGDmensCo_81ErvZnF_RraPTXaoqHiqQbuhbgjkSVcHfhlRkVkRKWPkiLSl2hZXwc2qmahRcaEmG1wjf7KiPy_Ys&c=W8QPAri7LSRiylhevFNidbECxt3_y6v3QJ7WxwTlzVndk-sL_w47cw==&ch=1LDDRrpURqDC6YeBWP1nz1L-JQIH4PRJ5RFkbio34CV2QOGaKVfkSg==
HTTP 302
https://al-kauther.info/img/img.php HTTP 302
https://avventura.be/area/-/ Page URL
-
https://avventura.be/area/-/includes/unlock.php
HTTP 302
https://avventura.be/area/-/default.php?id=8krl1e Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://r20.rs6.net/tn.jsp?f=0014dp1u5I8kLb2dh60EKtWNRa3j8iVMA3RmwHNMm0G6LGVU8hNbkYi1VOqCPRM8wwxJSd7XqtnFGDmensCo_81ErvZnF_RraPTXaoqHiqQbuhbgjkSVcHfhlRkVkRKWPkiLSl2hZXwc2qmahRcaEmG1wjf7KiPy_Ys&c=W8QPAri7LSRiylhevFNidbECxt3_y6v3QJ7WxwTlzVndk-sL_w47cw==&ch=1LDDRrpURqDC6YeBWP1nz1L-JQIH4PRJ5RFkbio34CV2QOGaKVfkSg== HTTP 302
- https://al-kauther.info/img/img.php HTTP 302
- https://avventura.be/area/-/
- https://avventura.be/area/-/includes/unlock.php HTTP 302
- https://avventura.be/area/-/default.php?id=Lho3YP
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
avventura.be/area/-/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.css
avventura.be/area/-/assets/css/ |
198 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 870 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
avventura.be/area/-/assets/img/ |
14 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nbg-logo-full-black.svg
avventura.be/area/-/assets/img/ |
57 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
avventura.be/area/-/assets/css/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
avventura.be/area/-/assets/css/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ |
436 KB 176 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff
avventura.be/area/-/assets/css/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
avventura.be/area/-/assets/css/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 15AF |
50 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 15AF |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 15AF |
436 KB 175 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 15AF |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15AF |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15AF |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame 15AF |
102 B 134 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
reload
www.google.com/recaptcha/api2/ Frame 15AF |
33 KB 19 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
default.php
avventura.be/area/-/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
reload
www.google.com/recaptcha/api2/ Frame 15AF |
33 KB 19 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
default.php
avventura.be/area/-/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
reload
www.google.com/recaptcha/api2/ Frame 15AF |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
avventura.be/area/-/assets/css/ |
238 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ |
82 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/js/ |
1 MB 438 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-logo.el.png
avventura.be/area/-/assets/img/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-retail.4b5338cdd40e01d7a961e2e0f5429f77.jpg
avventura.be/area/-/assets/css/fonts/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
help-faq.svg
avventura.be/area/-/assets/icons/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.svg
avventura.be/area/-/assets/icons/ |
1 KB 731 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.svg
avventura.be/area/-/assets/icons/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube.svg
avventura.be/area/-/assets/icons/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin.svg
avventura.be/area/-/assets/icons/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.svg
avventura.be/area/-/assets/icons/ |
1 KB 803 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
avventura.be/area/-/assets/css/fonts/ |
93 KB 94 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PFDinDisplayPro-Medium.61e7fd90675f0eb31beed62b660edde2.woff2
avventura.be/area/-/assets/css/fonts/ |
92 KB 93 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibredesign.f0ceac6f3471ca7186d40de1d3e2f374.woff
avventura.be/area/-/assets/css/fonts/ |
10 KB 10 KB |
Font
x-font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
avventura.be/area/-/assets/css/fonts/ |
87 KB 87 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- avventura.be
- URL
- https://avventura.be/area/-/default.php?id=Lho3YP
- Domain
- www.google.com
- URL
- https://www.google.com/recaptcha/api2/reload?k=6LemNponAAAAAJqbSxKCX3mf8BU1Fm_3notNeaVg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: National Bank of Greece (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.google.com/recaptcha | Name: _GRECAPTCHA Value: 09AP5ubKcXFDh8Z6rL02PUhkxP-AnTn7RElmli9p2uNsTWnavKY-ZQ2v1jkMYFhXSNoF7qxvuA0qciNOQfxMWNscs |
|
avventura.be/ | Name: PHPSESSID Value: 56e33e9c30f1ef50a44cb22f11cabc66 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
al-kauther.info
avventura.be
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
r20.rs6.net
www.google.com
www.gstatic.com
avventura.be
www.google.com
178.159.0.10
2001:4de0:ac18::1:a:3b
208.75.122.11
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1c98:1000:1042:0:1:4e99:2270
0635b39f3b1e22581332086dbba3d443440eb6f841ba601b97915fc48d795b02
161761d367e7686d40033c1a0daeb88006e9e90b676c3e1368362748a2791fda
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21bdc339e4790a92409ca02d53b91c0812316d9805cdff2cceac1bed926ef232
37734d015f69976e46ac6cba87ea668960976a2fbf82c7b3ef38d338ba0f9719
3afd03b9002ac810e2184558d71ff59c4888a68eb5e6efaa69bf2781b17d5ab0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47d9fa63be365662a3b1ba978c004791f260dff22054a1653f7b63004bcbf723
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d80a5cbcf265c948c12488092134720b97dc8d983a53c9af0403c0c200c11d3
5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419
657bea5fc93d3f34725e07ac72fd20201673054ebe4e88507efee5b8331d0305
724be1d544d3f4044e97e8e515f23c0f33f08e96e421021c6729947e62f10642
7583021663983a838e88f47a0721d751a51a302d45c69595780c083cd2e99909
75ca5d1ab7947e7c19b4914a8ebaf31f5ef8547fee7fe3c4b49125fa9159fee4
7a95f0a36d31f363f9789ef519f3c11b63b5ae3dc51d0a26bced8af0c1bd001d
7eaddeb2eaff03e45ce46c2b46ebce3739fa54c7ccad58a640ca4f819eac5ef2
836716a39f6c2c6b5c798b6356a80eadd18c7a6379a5e1117f721307e6f221c6
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
909457e7d2ab71d52c2fa3386917fee5031be62e179b01804940a6cc9f5d61ac
91dc715405d0bb25103890b512621749faeacf1fb13299fbda4eac81f15e7cab
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9ffdc3a68b780337a39d808139258907be67d951cc439a149443e4da7b36129e
a2f2447ea2c696232412fb46b12c8344dc93740b712a8689d324031e0428beb2
a7291d2136d459077949df2e28734f6307acd3b245d20e8958b07dfd81f23951
ab9872644e58c312c6c45df79fd68e005b03423385801e0689d96cadbd0620bb
d64128871d43599f5ed3d4e54b39f4323cf4df861c82980f94be1ba7b0667b99
d6497465709e16d6be1151fc014554b415f7b355024cec20e6a450bf6ab2cbd2
e9c2b4de315286960d825b2f0779412187f20114e4bf59116f87bc646844aba7
eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d