kfaalarabiasa.com
Open in
urlscan Pro
111.90.150.166
Malicious Activity!
Public Scan
Submitted URL: https://kfaalarabiasa.com/8ik7j/cn/auth.php
Effective URL: https://kfaalarabiasa.com/8ik7j/cn/error.php?email=
Submission Tags: @ipnigh
Submission: On July 06 via api from GB
Effective URL: https://kfaalarabiasa.com/8ik7j/cn/error.php?email=
Submission Tags: @ipnigh
Submission: On July 06 via api from GB
Summary
This website contacted 8 IPs
in 3 countries
across 8 domains to perform 32 HTTP transactions.
The main IP is 111.90.150.166, located in
Rwanda and
belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY.
The main domain is kfaalarabiasa.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 1st 2019. Valid for: 3 months.
This is the only time kfaalarabiasa.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 1st 2019. Valid for: 3 months.
This is the only time kfaalarabiasa.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 22 | 111.90.150.166 111.90.150.166 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:821::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:819::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81c::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80b::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 172.217.23.162 172.217.23.162 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 32 | 8 |
22
111.90.150.166
(Rwanda)
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: dc-ca46eaba-mail1.bird-shop.top
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: dc-ca46eaba-mail1.bird-shop.top
| kfaalarabiasa.com |
2
2a00:1450:4001:81c::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google-analytics.com |
2
2a00:1450:4001:821::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.gstatic.com |
1
2a00:1450:4001:819::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.googletagmanager.com |
2
2a00:1450:4001:81c::2004
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.com |
1
2a00:1450:4001:80b::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| googleads.g.doubleclick.net |
2
172.217.23.162
(United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net
| www.googleadservices.com |
1
2a00:1450:4001:808::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.de |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
kfaalarabiasa.com
1 redirects
kfaalarabiasa.com |
488 KB |
| 2 |
googleadservices.com
www.googleadservices.com |
18 KB |
| 2 |
google.com
www.google.com |
729 B |
| 2 |
gstatic.com
www.gstatic.com |
184 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
19 KB |
| 1 |
google.de
www.google.de |
156 B |
| 1 |
doubleclick.net
googleads.g.doubleclick.net |
1 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
25 KB |
| 32 | 8 |
| Domain | Requested by | |
|---|---|---|
| 22 | kfaalarabiasa.com |
1 redirects
kfaalarabiasa.com
|
| 2 | www.googleadservices.com |
kfaalarabiasa.com
|
| 2 | www.google.com |
kfaalarabiasa.com
|
| 2 | www.gstatic.com |
kfaalarabiasa.com
www.google.com |
| 2 | www.google-analytics.com |
kfaalarabiasa.com
|
| 1 | www.google.de |
kfaalarabiasa.com
|
| 1 | googleads.g.doubleclick.net |
kfaalarabiasa.com
|
| 1 | www.googletagmanager.com |
kfaalarabiasa.com
|
| 32 | 8 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.dhlparcel.nl |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| kfaalarabiasa.com cPanel, Inc. Certification Authority |
2019-07-01 - 2019-09-29 |
3 months | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
| *.google.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
| www.google.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
| *.g.doubleclick.net Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
| www.googleadservices.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
| www.google.de Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kfaalarabiasa.com/8ik7j/cn/error.php?email=
Frame ID: 96797A72344829FB7035077D023F8C6B
Requests: 32 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://kfaalarabiasa.com/8ik7j/cn/auth.php
HTTP 302
https://kfaalarabiasa.com/8ik7j/cn/error.php?email= Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
URL: https://www.dhlparcel.nl/en
Title: dhlparcel.cn
Title: dhlparcel.cn
Search URL Search Domain Scan URL
URL: https://www.dhlparcel.nl/en/send-parcel-within-benelux
Title: 帮
Title: 帮
Search URL Search Domain Scan URL
URL: https://www.dhlparcel.nl/en/private?_ga=2.60691181.1710228766.1561505279-242867688.1561505279
Title: 私人的
Title: 私人的
Search URL Search Domain Scan URL
URL: https://www.dhlparcel.nl/en/business
Title: 商业
Title: 商业
Search URL Search Domain Scan URL
URL: https://www.dhlparcel.nl/en/become-a-deliverer?_ga=2.60691181.1710228766.1561505279-242867688.1561505279
Title: 成为一个合伙人(参与者
Title: 成为一个合伙人(参与者
Search URL Search Domain Scan URL
URL: https://www.dhlparcel.nl/en/contact
Title: 联系
Title: 联系
Search URL Search Domain Scan URL
URL: https://www.dhlparcel.nl/en/privacy
Title: 隐私免责声明aimer
Title: 隐私免责声明aimer
Search URL Search Domain Scan URL
URL: https://www.dhlparcel.nl/en/terms-and-conditions
Title: 条款和条件
Title: 条款和条件
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://kfaalarabiasa.com/8ik7j/cn/auth.php
HTTP 302
https://kfaalarabiasa.com/8ik7j/cn/error.php?email= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
error.php
kfaalarabiasa.com/8ik7j/cn/ Redirect Chain
|
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1560753160450/ |
264 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.js
kfaalarabiasa.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
65 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor-962372c7.css
kfaalarabiasa.com/8ik7j/cn/assets/ |
18 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app-d55f42e1.css
kfaalarabiasa.com/8ik7j/cn/assets/ |
243 KB 243 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
843 B 562 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
consumer_nl_usabilla-c9776ac1.js
kfaalarabiasa.com/8ik7j/cn/assets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947758933/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-ae105abf.svg
kfaalarabiasa.com/8ik7j/cn/assets/images/ |
750 B 995 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-communicator-awards-bff24bc6.svg
kfaalarabiasa.com/8ik7j/cn/assets/images/ |
7 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dhl-the-lovie-awards-2017-winner-5ae5e9a4.png
kfaalarabiasa.com/8ik7j/cn/assets/images/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
papaparse.min-b3df6cf7.js
kfaalarabiasa.com/8ik7j/cn/assets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor-e62da96a.js
kfaalarabiasa.com/8ik7j/cn/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app-3cdd536a.js
kfaalarabiasa.com/8ik7j/cn/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracking-snippets-9caacdfb.js
kfaalarabiasa.com/8ik7j/cn/assets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1561357937155/ |
264 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/947758933/ |
42 B 167 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/947758933/ |
42 B 156 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bodybg-030c5262.png
kfaalarabiasa.com/8ik7j/cn/assets/assets/images/ |
366 B 366 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
graydot-c4e8e2c6.gif
kfaalarabiasa.com/8ik7j/cn/assets/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_bg_big-b767574f.jpg
kfaalarabiasa.com/8ik7j/cn/assets/images/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dhl_icons-bc13edd9.woff
kfaalarabiasa.com/8ik7j/cn/assets/fonts/ |
6 KB 6 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerCondensedBQ-Roman-5e2a94af.woff
kfaalarabiasa.com/8ik7j/cn/assets/fonts/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
papaparse.min-b3df6cf7.js
kfaalarabiasa.com/8ik7j/cn/assets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor-e62da96a.js
kfaalarabiasa.com/8ik7j/cn/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app-3cdd536a.js
kfaalarabiasa.com/8ik7j/cn/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracking-snippets-9caacdfb.js
kfaalarabiasa.com/8ik7j/cn/assets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| gaplugins function| ga object| google_tag_data object| recaptcha object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_tag_manager object| dataLayer function| GooglemKTybQhCsO object| google_conversion_id object| google_conversion_format object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_enable_display_cookie_match object| google_gtag_event_data object| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| google_conversion_date object| google_conversion_time object| google_conversion_js_version object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params function| google_trackConversion0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
googleads.g.doubleclick.net
kfaalarabiasa.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
111.90.150.166
172.217.23.162
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:819::2008
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:821::2003
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0c74c4e497891e92d908560789d3293a4b83573fb761b7d6ade1b589ea2c1838
121f21ec5625d491f89ef1648e8e0005e9ccdba51db0aadcb100136848f0ef5b
217ffb95c1f2a6cbe31e85114cf5e67d522be3ed3011e4a722bca24c1fe68a5f
22567497011739d9c51c0b387e8a54e35c62ba2b66296725776484193b08aa41
22b65a8de886f6d2655c6d7f4d6fe929f38f819170ac17e11e7e653da97b9cd6
450fdb8872e57ac200c691b1d61b4b9510ba564ff2e342b32ce5ff431b912f85
6545c4d7e7c4fa643fb3dbc74cdb699d9289b83a4882bb8625206974a547c4f8
6dde233b91f4f087e893d8617975d17211aabb3513eed09f57532012cf06fe52
7cd1078992b70d36df9daa369219e956ec0bfe482e71a5ca6c8f3701360e5a38
88d3e1e3e325a93a14820633ae25e5bd5c792e5deaab31c08e14937bf22a4471
8dab48fdefdec9b7c64f4844e86ff79cd1f5ac029494d33e0638ddb6e4d67a7c
9457e237742ea06b679eacbecf597f8d2f715e28bc02bbf9d9d29434fb397d51
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a94294ee310ea3f67681ea2926d42629bea8ec6db517e2681f944297c5dc6d5d
be7973b96b48eedea961943c3ee3e29908f96e14a2b3a61ece45f7a155cd782b
cc900a14f6b6e17c5299c3f619b98ac2048780932d3b409cc9c5be79db70d15a
d54651d4c8931daa88f1d6a1b8aa51c2a5344e3d402676cde828a7e9b55a336f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1471aef85b01795b4edf64804081bc4db4cf9e2223b8ee0e03142df279af582
f65ecc85bbd04a4ec20aef65120cc82d506af93f416083fd1d1084d35d2e4e9b