nrk.84newscast.com
Open in
urlscan Pro
2606:4700:3031::ac43:a78d
Malicious Activity!
Public Scan
Effective URL: http://nrk.84newscast.com/prelander/372_4/index.php?gs=tag5f44dfc29a44e6.99254571&prehit=d6c372472887174cc16f91b4e40e5d732...
Submission: On August 25 via manual from NO
Summary
This is the only time nrk.84newscast.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 51.158.66.79 51.158.66.79 | 12876 (Online SAS) (Online SAS) | |
1 46 | 2606:4700:303... 2606:4700:3031::ac43:a78d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
45 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
46 |
84newscast.com
1 redirects
nrk.84newscast.com |
5 MB |
1 |
harrycassin.com
1 redirects
harrycassin.com |
1 KB |
45 | 2 |
Domain | Requested by | |
---|---|---|
46 | nrk.84newscast.com |
1 redirects
nrk.84newscast.com
|
1 | harrycassin.com | 1 redirects |
45 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
oktrack.net |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://nrk.84newscast.com/prelander/372_4/index.php?gs=tag5f44dfc29a44e6.99254571&prehit=d6c372472887174cc16f91b4e40e5d732583200c&s2=75345ad9da9945aea42b80c99d886298&oq=1598349250
Frame ID: 9102884A3088142A172E6D338840C793
Requests: 49 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://harrycassin.com/link/cfaf091ab0ddda417d5f66163ad18e7c/75345ad9da9945aea42b80c99d886298
HTTP 302
http://nrk.84newscast.com/gopre/bee1e3c94bc05eb9cd14c526a4b8efa9/PRLND5e995b741746a1.98310551/s1=5905a... HTTP 302
http://nrk.84newscast.com/prelander/372_4/index.php?gs=tag5f44dfc29a44e6.99254571&prehit=d6c3724728871... Page URL
Detected technologies
Varnish (Cache Tools) ExpandDetected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Del på Twitter Del på Twitter
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://harrycassin.com/link/cfaf091ab0ddda417d5f66163ad18e7c/75345ad9da9945aea42b80c99d886298
HTTP 302
http://nrk.84newscast.com/gopre/bee1e3c94bc05eb9cd14c526a4b8efa9/PRLND5e995b741746a1.98310551/s1=5905aa070bfb6fb524b16a2bce2a5613&s2=75345ad9da9945aea42b80c99d886298&s3=22_279091 HTTP 302
http://nrk.84newscast.com/prelander/372_4/index.php?gs=tag5f44dfc29a44e6.99254571&prehit=d6c372472887174cc16f91b4e40e5d732583200c&s2=75345ad9da9945aea42b80c99d886298&oq=1598349250 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
nrk.84newscast.com/prelander/372_4/ Redirect Chain
|
123 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-fonts.min.css
nrk.84newscast.com/prelander/372_4/css/ |
193 B 602 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-css.min.css
nrk.84newscast.com/prelander/372_4/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
standard2.css
nrk.84newscast.com/prelander/372_4/css/ |
163 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sjanger.css
nrk.84newscast.com/prelander/372_4/css/ |
869 B 823 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
nrk.84newscast.com/prelander/372_4/css/ |
193 B 601 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
nrk.84newscast.com/prelander/372_4/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nrkno-masthead.min.css
nrk.84newscast.com/prelander/372_4/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hivju1.jpg
nrk.84newscast.com/prelander/372_4/images/ |
126 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xcYtoIl4cm9KOeoWxTmcXAsufHFHaaQM06421UIJiCOA.png
nrk.84newscast.com/prelander/372_4/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cz0qHLhm4D1UtCcGC5-cZwyA4sq0nea1JKWCV0j0BeHg.jpg
nrk.84newscast.com/prelander/372_4/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hivju2.jpg
nrk.84newscast.com/prelander/372_4/images/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hivju3.jpg
nrk.84newscast.com/prelander/372_4/images/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
muskbranson.jpg
nrk.84newscast.com/prelander/372_4/images/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dreamcar.jpg
nrk.84newscast.com/prelander/372_4/images/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scandi-family.jpg
nrk.84newscast.com/prelander/372_4/images/ |
69 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EmbellishedDeliriousArmyworm-size_restricted.gif
nrk.84newscast.com/prelander/372_4/images/ |
612 KB 613 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NO-check.jpg
nrk.84newscast.com/prelander/372_4/images/ |
129 KB 129 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step1-NO.jpg
nrk.84newscast.com/prelander/372_4/images/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step2-NO.jpg
nrk.84newscast.com/prelander/372_4/images/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step3-NO.jpg
nrk.84newscast.com/prelander/372_4/images/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scandi-male(1).jpg
nrk.84newscast.com/prelander/372_4/images/ |
596 KB 596 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scandi-male(2).jpg
nrk.84newscast.com/prelander/372_4/images/ |
39 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scandi-female(4).jpg
nrk.84newscast.com/prelander/372_4/images/ |
109 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scandi-male(3).jpg
nrk.84newscast.com/prelander/372_4/images/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scandi-female(1).jpg
nrk.84newscast.com/prelander/372_4/images/ |
152 KB 152 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Tobias%20Tangen%20&%20Alexander.jpg
nrk.84newscast.com/prelander/372_4/images/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side7.png
nrk.84newscast.com/prelander/372_4/images/ |
853 KB 853 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkmark.png
nrk.84newscast.com/prelander/372_4/images/ |
341 B 779 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s1.png
nrk.84newscast.com/prelander/372_4/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s2.jpg
nrk.84newscast.com/prelander/372_4/images/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s3.jpg
nrk.84newscast.com/prelander/372_4/images/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_hiANDSKoqKHMXoElD0aXQ4k1kpsO5T3kP3e_2fhUf0Q.jpg
nrk.84newscast.com/prelander/372_4/images/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1rsH8eBktI1R1hR2h3ql6gR5s2JNczJ6hfh2BHaefo9A.jpg
nrk.84newscast.com/prelander/372_4/images/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
elglobo-2f2411ea.css
nrk.84newscast.com/prelander/372_4/css/ |
37 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TFdd6Ftzgzej7avWJGYAhQ9lwxlI8S-WLl1Mv8W8lTlg.jpg
nrk.84newscast.com/prelander/372_4/images/ |
159 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RWnHkyks6zMMXLfhZV6KXQ9TD7nmiRpKTUDBLWrQjkoQ.jpg
nrk.84newscast.com/prelander/372_4/images/ |
91 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6meK7w8h-sZ4w5ooWweM4g_rh_pvAsFMhnOSWU727CRg.jpg
nrk.84newscast.com/prelander/372_4/images/ |
144 KB 145 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nVXAU-ejEYGdjC6tI_ekwwYUoQjjhh9yKtw1eQoLrRGg.jpg
nrk.84newscast.com/prelander/372_4/images/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
R2T-UAsr2v2NcMBedYVrcQOTbMOlqbGc99YX3MlfeH2g.jpg
nrk.84newscast.com/prelander/372_4/images/ |
88 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
null
nrk.84newscast.com/prelander/372_4/images/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j6EYrrpyCH8hEoZ6BUaaLgVgeAjMtvR3nYwjtD4SN4nA.jpg
nrk.84newscast.com/prelander/372_4/images/ |
193 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f_v2GiTW8L4nQDUS0CLOhQZDDJXtC4JLczDGo4M6d9iw.jpg
nrk.84newscast.com/prelander/372_4/images/ |
66 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u4_3JES-Egginklwx3v2-AyaXKxE1doFdS8kTKIAmFBg.jpg
nrk.84newscast.com/prelander/372_4/images/ |
125 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bottommenu.css
nrk.84newscast.com/prelander/372_4/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
304 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
152 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
158 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nrk.84newscast.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Ijk1YjB1TUVvN2ZGNzRFQ1ZEUzZLYnc9PSIsInZhbHVlIjoiZG5Mbk9uN0szeTB5emtteTBSWkRZVDNLT3JXeWt1YjBCK09wb0pROW1YelpoQkdrWTBMVHJFaUhldHhTZEF6QSIsIm1hYyI6IjRkYzNhMWZhMzIxYmExMDZjYjlhYjgyY2QzYzE3MzAxNGY3ODY1ODBiNDE2NDMzNDA5OWQ3MTE4OTZkMzkwNjgifQ%3D%3D |
|
nrk.84newscast.com/ | Name: laravel_session Value: eyJpdiI6Ikp2aFlxUWFyWnFhTUVsTnc4YVhSZFE9PSIsInZhbHVlIjoialVDWjBhRnJNaUFFZkdpNGNZUzc2Q1RLZzZwMEZ1NEtIMzM5T3B1eEhkeFBiYUQ1WkJoXC9QdVduUmQrQTFSU0MiLCJtYWMiOiI0YzY4YWExYzkyYzc2N2RkY2Y0MmE2NTc5YWZlYzA3OTA5MmZlNWVkMjQ4ZjhmNmJmM2M2YTA4ZWY4YzNkMzE4In0%3D |
|
nrk.84newscast.com/ | Name: PHPSESSID Value: 5sohv0p0d9n0jc1jf2uqogujdr |
|
.84newscast.com/ | Name: __cfduid Value: dc5a831cb71bd51975a5997a382ff01fc1598347327 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
harrycassin.com
nrk.84newscast.com
2606:4700:3031::ac43:a78d
51.158.66.79
0c14b376eb3051bf1745180fc9de1b7e3caedf3a5a9885243951fbb63c955ef2
0ed7bbeb5f442c29a91d04ef13d12f5cef4b51793c48a8449248206a86c1e383
0f39779363103bc98fe7c144a3d5953fee84c3cbaa0ae9ceea8f9aca519d386c
1164c5948b489b3a3592fd8eaaa3da110350c564ebe0de55f0ddfa6f17ba0532
186cd0100eb1fb5cb8e5da3714ce06eead471747298caf2bc63afdb8f9fc0389
199615ebe62deca8e9cc1e2cff3e8855b7789f2aeffb5cb8760fe5da0dbb7027
1b124c217762c7954863b2943e1f434016dbfeadb35ba2c174f630c186da0bdd
1c00c4cd6f5ec862518aecd354f390f67fc0beae92ccda01b2fefdaf472bc568
2a04a8b912e13b484574aafc33178945ee3d77364a068821d7ccdd4ac8cf8f38
34d82b84a1c9be5e7d0125192e89eb03c927454e6b94f87d2fa399f91e8aa65e
397a2712a279f0b3b21705b1b4bf5d01f2715019122e0dc402418b5ecc355ec9
40b5567fc41c4d43ddcbfcdcec96e77b2f34ce16cef165f970c0770c3b6ab0f3
462851a2c02e7e25f5fe5886cb2868adfa58c3895aa9bbf25ba871e6818f1b16
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
601d6c9ddf6afc04659eb191130a2511cc9dc132c1d6fad0969472fac771a8bd
65d2c5b8906cf48d59ed947b5b81d382693ca7b94aa7d76aa5c3232ce5631e8b
811299c8de97ea4a99ac281aed3f2ef43f51ae42e3ade9a2f2194595075abdd5
81f29e7fb86313f27f7f8f1981a678f38887b6db039a541166c34e95449be94b
8489da887dc67b96e9540bbbbf53e99558c3be1b73fd2bd38751225f31ebef0a
892d064011701b8744d19d5e0c771ca22ffec6a24df35b7a20a1d14090493159
89404c35bee75fa4edc70dda98a073d5ecc503d0674b524e250fc2ecc14202ed
89de577de8f862e95a454c41ac90d87fbe4cec0d1a904cbdae70c2f5c0a4d430
8a86a8958d65e8c9fb8a41243de6884de83b95a2f50183fc210662f25b9662aa
9767e4f6ed035a7cf829e6840efbcaec880c36f682b6db1aacbdd55ba9ef9cdc
9b2757c2e6da570e9749de19d3800d32d8543ea00f738bc90231a6c02b516285
a0f0ad46d56a87d44b5e6d211994d9fbd63e312bff7bb4614a8c978ed40f2b2a
a35198e6d03cc627ba15a02de17a8aad3587ef0b42c4f7f7f1a16ad7126e042a
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
a55a57af07a27ba3969148df331ff596869f0ebbdc1051f1586f19c4588f4aaa
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a8646235b667b5208f2959cc0310c32fee71a2be1933fdbbff96f9f28e763ff1
abbe3154132d647cbae93eadbe2ca2b3778cf0c6eb69a3dfcc17b1014139ace8
b0bbd63a7c641029c57a981f503f240ff35d86116178a337e040e87423bc2e8e
b49e955b8c5a850733bdc2952720045920696d0bb38d1f5833e4ad0995f19753
b56b9596cf55456df5889ec126d31fa68f27eb012035ed34215dc9c120232895
b806da8c7d6f603a3ae46d75a27616829f82b9a1f571b28f97fff9e1ad3764e3
bc2178b8bbe69eee725a2ba18dd47a103a4d14178ef6fdc83d528156e156e151
c2653539ae2c52298149a8f2923b47672a33dbef2d2bcc67f77d8baf59f8f368
c6a324f81625305961d630e6ff8aaad5e738a94c8a1d7ccc47e3b483a7e85334
c8e04c29dc338ab297c7d78e474660aee595f0b8ee1a9043ee54d55bfba1db37
cfd68bb52a0636666acad64e03c9139544e6e893d47fb80c7d2ba139075af00b
d1cd0881a74d89d2d7c84a9db58abd997e14dda885b897e116de73efdf77dc1a
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
ebc41129ed3764312282619740e1f95fa16520188422c910189921fac72bcdcf
ed20018cec40a655e7b2dacf79674124d0abc3eeb9dfea83dd14b256f87df814
edbaba79fd4eae532360a7fd6f558bd6e6701969dabb498f601f8c35d02c5d24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629