guinne1e.beget.tech
Open in
urlscan Pro
5.101.152.146
Malicious Activity!
Public Scan
Submitted URL: http://guinne1e.beget.tech/Inloggen-Wachtwoord/
Effective URL: http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/login.php?nl=_submit-verfied
Submission: On January 04 via automatic, source openphish
Effective URL: http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/login.php?nl=_submit-verfied
Submission: On January 04 via automatic, source openphish
Summary
This website contacted 3 IPs
in 2 countries
across 4 domains to perform 42 HTTP transactions.
The main IP is 5.101.152.146, located in
Saint Petersburg, Russian Federation and
belongs to BEGET-AS, RU.
The main domain is guinne1e.beget.tech.
This is the only time guinne1e.beget.tech was scanned on urlscan.io!
This is the only time guinne1e.beget.tech was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: International Card Services (Financial)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 14 | 5.101.152.146 5.101.152.146 | 198610 (BEGET-AS) (BEGET-AS) | |
| 18 | 185.70.112.55 185.70.112.55 | 48645 (BITBRAINS) (BITBRAINS) | |
| 42 | 3 |
14
5.101.152.146
(Saint Petersburg, Russian Federation)
ASN198610 (BEGET-AS, RU)
PTR: m2.pinkman.beget.com
ASN198610 (BEGET-AS, RU)
PTR: m2.pinkman.beget.com
| guinne1e.beget.tech |
18
185.70.112.55
(Netherlands)
ASN48645 (BITBRAINS, NL)
PTR: 185-70-112-55.icscards.nl
ASN48645 (BITBRAINS, NL)
PTR: 185-70-112-55.icscards.nl
| www.icscards.nl |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 18 |
icscards.nl
www.icscards.nl |
|
| 14 |
beget.tech
2 redirects
guinne1e.beget.tech |
562 B |
| 0 |
jsbeautifiers.com
Failed
www.jsbeautifiers.com Failed |
|
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 42 | 4 |
| Domain | Requested by | |
|---|---|---|
| 18 | www.icscards.nl |
guinne1e.beget.tech
|
| 14 | guinne1e.beget.tech |
2 redirects
guinne1e.beget.tech
|
| 0 | www.jsbeautifiers.com Failed |
guinne1e.beget.tech
|
| 0 | lifbcibllhkdhoafpjfnlhfpfgnpldfl Failed |
guinne1e.beget.tech
|
| 42 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.icscards.nl Symantec Class 3 EV SSL CA - G3 |
2017-08-28 - 2018-09-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/login.php?nl=_submit-verfied
Frame ID: (85FADAC02D72654A514944794039462C)
Requests: 42 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://guinne1e.beget.tech/Inloggen-Wachtwoord/
HTTP 302
http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a HTTP 301
http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/ Page URL
- http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/login.php?nl=_submit-ve... Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
SWFObject
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /swfobject.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js/i
sIFR
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /sifr\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://guinne1e.beget.tech/Inloggen-Wachtwoord/
HTTP 302
http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a HTTP 301
http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/ Page URL
- http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/login.php?nl=_submit-verfied Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://guinne1e.beget.tech/Inloggen-Wachtwoord/ HTTP 302
- http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a HTTP 301
- http://guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/
42 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/ Redirect Chain
|
234 B 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
login.php
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/ |
12 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
reset.css
www.icscards.nl/theme/ics/style/ |
773 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
structure.css
www.icscards.nl/theme/ics/style/ |
2 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
components.css
www.icscards.nl/theme/ics/style/ |
97 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
jquery.keypad.css
www.icscards.nl/theme/ics/style/ |
4 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
js-enabled.css
www.icscards.nl/nlic/themes/html/ICS/style/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
headings.css
www.icscards.nl/nlic/themes/html/ICS/style/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-utils.min.js
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/uncte/ |
180 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sifr.js
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/uncte/ |
28 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
generale_style.js
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/uncte/ |
88 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sitestat-onclick.js
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/uncte/ |
311 B 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
swfobject.js
guinne1e.beget.tech/uncte/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
default.js
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/uncte/ |
41 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sifr-config.js
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/uncte/ |
1 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
document_iterator.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
find_proxy.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
get_html_text.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
global_constants.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
name_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
number_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
menu_injection_builder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
string_finder.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
change_sink.js
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-ics.gif
guinne1e.beget.tech/Inloggen-Wachtwoord/f2b6160fafe8c6136a51e43f3d4b497a/uncte/ |
3 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
import.css
guinne1e.beget.tech/content/ICS-VISA/style/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
style.js
www.jsbeautifiers.com/js/script/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
swfobject.js
guinne1e.beget.tech/uncte/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
bg-page.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
239 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
logo-ics.gif
www.icscards.nl/theme/ics/images/logos/ |
3 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
link-nav-left.gif
www.icscards.nl/theme/ics/images/hyperlinks/ |
732 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
link-nav-right.gif
www.icscards.nl/theme/ics/images/hyperlinks/ |
244 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
bg-field-shadow-tr.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
106 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
btn-site-search.gif
www.icscards.nl/theme/ics/images/buttons/ |
854 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
bg-form-btm.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
960 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
bg-form-top.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
173 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
SunOT-Regular.woff
www.icscards.nl/theme/ics/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
link-help.gif
www.icscards.nl/theme/ics/images/hyperlinks/ |
489 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
bg-help-panel.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
1 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
bg-form-buttons-btm.gif
www.icscards.nl/theme/ics/images/backgrounds/ |
259 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
btn-submit.gif
www.icscards.nl/theme/ics/images/buttons/ |
3 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
SunOT-Regular.ttf
www.icscards.nl/theme/ics/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/document_iterator.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/find_proxy.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/get_html_text.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/global_constants.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/name_injection_builder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/number_injection_builder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/menu_injection_builder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/string_finder.js
- Domain
- lifbcibllhkdhoafpjfnlhfpfgnpldfl
- URL
- chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/change_sink.js
- Domain
- www.jsbeautifiers.com
- URL
- http://www.jsbeautifiers.com/js/script/style.js
- Domain
- www.icscards.nl
- URL
- https://www.icscards.nl/theme/ics/fonts/SunOT-Regular.woff
- Domain
- www.icscards.nl
- URL
- https://www.icscards.nl/theme/ics/fonts/SunOT-Regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: International Card Services (Financial)120 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onafterprint object| onbeforeprint function| yeste function| rigl function| $ function| jQuery object| sIFR function| parseSelector string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno undefined| _uff undefined| _udh undefined| _udt number| _ubl string| _udo undefined| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx string| ML string| MI string| OT number| j function| ns_onclick object| FnDefault object| FnLanguageSelect object| FnToggleHelp object| FnAccordion object| FnAlphanumeric object| FnAutoTabCC object| FnTableSlide object| FnTableSlideExplain object| FnCarousel object| FnStyleSelect object| FnError object| FnDatePicker object| FnNewsTicker object| FnNoCopyPaste object| FnYearMonthSelectorDD object| FnExtendForm object| FnLimitInput object| FnToggleCheckboxDetails object| FnToggleRadioDetails object| FnExternalLinks object| FnPageList object| FnPinPad object| FnDebug object| FnLogin object| FnLogout object| FnSitestat object| FnSelectedOption object| FnAddress string| swfPath object| sunOTregular function| do_sIFR0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
guinne1e.beget.tech
lifbcibllhkdhoafpjfnlhfpfgnpldfl
www.icscards.nl
www.jsbeautifiers.com
lifbcibllhkdhoafpjfnlhfpfgnpldfl
www.icscards.nl
www.jsbeautifiers.com
185.70.112.55
5.101.152.146
0579bd53477bdda92837f4fab5449895c34e3e3b7bab417dd45a1f6fe8e9a272
05b6bc87e34b52eb71d64ea1c6992eb5c169a04c7ae52759b75b8232640e52ac
1a9e5defbf68ef0e716ee4076cd34f68e04c20f5bd1aefa41ab1877d373c9c2c
23e3ca8349931478ce6cc6ffb2b4b759871e6e54fb098884a3862487abb0a461
48d634debd2e08e938e281eed125d9c8cca52925817b89e3ab27b6353ed8e5d6
4fc4784ec1668192826e7224ea9687f0bbd0323aa57ae3810f63cb48891dbd50
514a0218dcd2219657e84af80a019a517a734175c24c1db30ae2bb29af2721cd
5553dbbd83d2c61187e91e1c6eeaa2c2af3f79b7111c609264dc9ec9a526d2d3
5eb5bbeec22e6bb2f9ae09032794d0c523547c429f5015613cdd609a2c25bb31
6cb1dc7b32b13a17aa93d1cd2c87eba69950911df46cf223e3db65b4c616c6d8
725b2b103a184d23c4b1b822ae1f11f7b6d462e78c3ce1919afa3e8675ad6495
7df6f886b7663c23da8cc7dde7e8502d037b07ceeaadd2dc39ad237ea5eca3f2
933e25cd232248b4cbb8b6e502bd0cb21fad0a053fd3e6b3a683798091b6cbc3
9d0e3549d2065b602f6c481986e612b1d47a2de961dfc23e98e739aa7f8894f0
a334faf2a1cf0ed7eab0606ae7f78b488967e5b0da9379ece5f13b70115b26a5
a81e4db1b5b0d3e699a56fb07a76a5951ee08d6f8ce0793b31c66d20e9612089
bc683373cd8b7d2340218bc84bf75f6f1840f1652d678338f1c283b271dd1406
c11b081b276221bc5f48ba2d805419958bbe65df6f15c6e0899166bd0bd162ff
ca6d99e3a56986fc18f24a525da1dec933ed5cddc5494db5e37b986e11f004d7
ccc203d87d538ef6d081289d30df3407c161ffcc08d7ed757804a71eab723751
cdace515ac10c355f53a364350c74a8dcaad2f15fa091c9da65a2a995c80c0b7
dd6f18397c2fda19a522184a518e30a0268fc0283590a18bc8c31d4aba652a79
e4523bb118f9bf48fd1f2da7fa37e2d2185413db69c968e1685f4984da61615a
f00805b6957e246fdc574176010969c85477e583a3dbaa100449f6e948d18be8