semanticapp-de.com
Open in
urlscan Pro
94.237.29.184
Malicious Activity!
Public Scan
Effective URL: http://semanticapp-de.com/?a=3408&o=4093&s=5a9e34639381533ee206c809
Submission: On March 06 via manual from SG
Summary
This is the only time semanticapp-de.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 165.227.38.141 165.227.38.141 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
1 5 | 104.31.70.42 104.31.70.42 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 4 | 104.31.71.42 104.31.71.42 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 104.27.146.186 104.27.146.186 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 108.61.208.149 108.61.208.149 | 20473 (AS-CHOOPA) (AS-CHOOPA - Choopa) | |
11 | 94.237.29.184 94.237.29.184 | 202053 (UPCLOUD) (UPCLOUD) | |
2 | 108.161.189.121 108.161.189.121 | 54104 (AS-STACKPATH) (AS-STACKPATH - netDNA) | |
2 | 104.19.195.102 104.19.195.102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 172.217.21.200 172.217.21.200 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.21.202 172.217.21.202 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 172.217.21.195 172.217.21.195 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 172.217.21.206 172.217.21.206 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.22.14 172.217.22.14 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
32 | 11 |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: keep1.stop.magicappstudios.com
keep1.stop.magicappstudios.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dealfoever.com | |
www.dealfoever.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.dealfoever.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hotpingvin.com |
ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 108.61.208.149.vultr.com
ct-redirect.com |
ASN202053 (UPCLOUD, FI)
PTR: 94-237-29-184.de-fra1.host.upcloud.com
semanticapp-de.com |
ASN54104 (AS-STACKPATH - netDNA, US)
maxcdn.bootstrapcdn.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f202.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f195.1e100.net
fonts.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f206.1e100.net
www.google-analytics.com | |
s.ytimg.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f14.1e100.net
www.youtube.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
semanticapp-de.com
semanticapp-de.com |
302 KB |
9 |
dealfoever.com
2 redirects
dealfoever.com www.dealfoever.com |
128 KB |
4 |
gstatic.com
fonts.gstatic.com |
36 KB |
2 |
google-analytics.com
www.google-analytics.com |
14 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
40 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
30 KB |
1 |
ytimg.com
s.ytimg.com |
7 KB |
1 |
youtube.com
www.youtube.com |
804 B |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
21 KB |
1 |
ct-redirect.com
1 redirects
ct-redirect.com |
197 B |
1 |
hotpingvin.com
1 redirects
hotpingvin.com |
675 B |
1 |
magicappstudios.com
1 redirects
keep1.stop.magicappstudios.com |
319 B |
32 | 13 |
Domain | Requested by | |
---|---|---|
11 | semanticapp-de.com |
semanticapp-de.com
|
8 | www.dealfoever.com |
1 redirects
www.dealfoever.com
|
4 | fonts.gstatic.com |
semanticapp-de.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
semanticapp-de.com |
2 | cdnjs.cloudflare.com |
semanticapp-de.com
|
2 | maxcdn.bootstrapcdn.com |
semanticapp-de.com
|
1 | s.ytimg.com |
www.youtube.com
|
1 | www.youtube.com |
semanticapp-de.com
|
1 | fonts.googleapis.com |
semanticapp-de.com
|
1 | www.googletagmanager.com |
semanticapp-de.com
|
1 | ct-redirect.com | 1 redirects |
1 | hotpingvin.com | 1 redirects |
1 | dealfoever.com | 1 redirects |
1 | keep1.stop.magicappstudios.com | 1 redirects |
32 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://semanticapp-de.com/?a=3408&o=4093&s=5a9e34639381533ee206c809
Frame ID: (38C33204B1F48447AFE8A7D874F3C15E)
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://keep1.stop.magicappstudios.com/link.php?M=6609498&N=8&L=10&F=H
HTTP 302
http://dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=joerg... HTTP 302
http://www.dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=joerg... Page URL
-
http://www.dealfoever.com/urlshort_test/uid_long=7107&tracking_id=11132757&token=3RwRLOvLpZkIpT0eFZffQ...
HTTP 302
http://hotpingvin.com/tracking/5a952d9431fc7238b26f4fa5?src=57b4462f221b89875443b630&s1=&s2=3jSI9&... HTTP 302
http://ct-redirect.com/kD8Vo?a=3408&o=4093&s=5a9e34639381533ee206c809 HTTP 302
http://semanticapp-de.com/?a=3408&o=4093&s=5a9e34639381533ee206c809 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://keep1.stop.magicappstudios.com/link.php?M=6609498&N=8&L=10&F=H
HTTP 302
http://dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=joerg.popiecz@db.com HTTP 302
http://www.dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=joerg.popiecz@db.com Page URL
-
http://www.dealfoever.com/urlshort_test/uid_long=7107&tracking_id=11132757&token=3RwRLOvLpZkIpT0eFZffQuw9ZW3EbZ5q7FU1wFMQ&preview=0&subid_json=eyJzdWJpZDEiOiIxNDk4OWstREUxNjAxMjAxOC1ydXBzIiwic3ViaWQiOiIxNDk4OWstREUxNjAxMjAxOC1ydXBzIiwic3ViaWQyIjoiam9lcmcucG9waWVjekBkYi5jb20ifQ==
HTTP 302
http://hotpingvin.com/tracking/5a952d9431fc7238b26f4fa5?src=57b4462f221b89875443b630&s1=&s2=3jSI9&s3=&s4=&s5=&k=5a9946fa31fc7238b27315d5 HTTP 302
http://ct-redirect.com/kD8Vo?a=3408&o=4093&s=5a9e34639381533ee206c809 HTTP 302
http://semanticapp-de.com/?a=3408&o=4093&s=5a9e34639381533ee206c809 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://keep1.stop.magicappstudios.com/link.php?M=6609498&N=8&L=10&F=H HTTP 302
- http://dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=joerg.popiecz@db.com HTTP 302
- http://www.dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=joerg.popiecz@db.com
- http://www.youtube.com/iframe_api HTTP 307
- https://www.youtube.com/iframe_api
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
subid=14989k-DE16012018-rups&subid2=joerg.popiecz@db.com
www.dealfoever.com/survey/javscde/source=TADE-JavTemp/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.dealfoever.com/js/ |
278 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
www.dealfoever.com/js/ |
67 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
www.dealfoever.com/js/plugins/jqueryCookie/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
survey
www.dealfoever.com/survey/ |
11 B 759 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
survey
www.dealfoever.com/survey/ |
14 B 762 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
survey
www.dealfoever.com/survey/ |
18 B 763 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
semanticapp-de.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ |
118 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout_semantic.css
semanticapp-de.com/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
crazypopup.css
semanticapp-de.com/css/ |
1 KB 882 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
semantic_logo.png
semanticapp-de.com/images/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
security_icons.min.png
semanticapp-de.com/images/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usr_j0gh56.jpg
semanticapp-de.com/images/users/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usr_bdf520.jpg
semanticapp-de.com/images/users/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usr_fsd415023.jpg
semanticapp-de.com/images/users/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
semanticapp-de.com/js/ |
598 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
58 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
videoBg.jpg
semanticapp-de.com/images/ |
87 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
P5sMzZCDf9_T_10ZxCFuj5-v.woff2
fonts.gstatic.com/s/arimo/v11/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
847 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
P5sCzZCDf9_T_10c9CNkiL2t2dk.woff2
fonts.gstatic.com/s/arimo/v11/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
5aU19_a8oxmIfNJdERySjRhc9V0.woff2
fonts.gstatic.com/s/hind/v8/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
freeAccessStripe.png
semanticapp-de.com/images/ |
831 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iframe_api
www.youtube.com/ Redirect Chain
|
740 B 804 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
P5sBzZCDf9_T_1Wi4TRDrZKF09E3.woff2
fonts.gstatic.com/s/arimo/v11/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflZ8rDo4/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| $cookies object| gajus function| onYouTubeIframeAPIReady function| $ function| jQuery object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: _otICGxZWVU |
|
.semanticapp-de.com/ | Name: _ga Value: GA1.2.1759242798.1520317540 |
|
.youtube.com/ | Name: PREF Value: f1=50000000 |
|
.semanticapp-de.com/ | Name: _gat_UA-109151931-6 Value: 1 |
|
semanticapp-de.com/ | Name: a Value: 3408 |
|
semanticapp-de.com/ | Name: lic_time_cookie Value: 10015 |
|
semanticapp-de.com/ | Name: spots_available Value: 30 |
|
semanticapp-de.com/ | Name: s Value: 5a9e34639381533ee206c809 |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: 1_4LIe-hbjg |
|
semanticapp-de.com/ | Name: o Value: 4093 |
|
.semanticapp-de.com/ | Name: _gid Value: GA1.2.1269931265.1520317540 |
|
semanticapp-de.com/ | Name: lic_time_helper_cookie Value: 2148 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
ct-redirect.com
dealfoever.com
fonts.googleapis.com
fonts.gstatic.com
hotpingvin.com
keep1.stop.magicappstudios.com
maxcdn.bootstrapcdn.com
s.ytimg.com
semanticapp-de.com
www.dealfoever.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.19.195.102
104.27.146.186
104.31.70.42
104.31.71.42
108.161.189.121
108.61.208.149
165.227.38.141
172.217.21.195
172.217.21.200
172.217.21.202
172.217.21.206
172.217.22.14
94.237.29.184
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e217c1eec8def8665e6e8f96bb4f6d3ef8e5a2b75a046cce8b0a34515bcffe4
1788e03e3e73ac4909fab4e67529368bfb3568e8e8e51f9ee1bd9051a3169cce
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
20c32db9f1d6493e57d9d9ad4d7bf923ce3eb1bf0e42d289291ff516d5d74df0
23152f09df921eb0f0de8bfec64f8b28f27eff0890875febf7f9f71407a58ac8
459355157789738ca74c236b3a2e7bafd58151fe80eb1a30edb04130b44529d3
529ea932c3716323c67777b128ef52bb8a5190c1918fe1c6844c7c2b045baa06
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
5e041b6acd299048c96414687b3c84482c875856a9818df6626b953eeea95370
6e4b7463530509313b51167190f55cebfa5be57f85c06f4115d57b2a686739cc
79def6e15a0c70a3d77556c9bcbf2e200825dec16c9aa7dfcdaa590d621c722b
7bf6856f5108171c365b58a0e7adcca977e9447c2337a0874b7329437c5533b3
7fef3f198316e1c3a692f120c0c752f5b5222b0521c464715e0e675049537f73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
882b20b3f7b33f97760b05ee662ef42e42a96c1f08df1d001fa5cb38bac40700
930bd3dca9f0581f01df5c4d8e9e14e555eb55a9e1e4344f95927becf7e5b158
94372df32700bbe4e6bedda1885a654298b25f8b4d44fed081304a59bc798971
a01a023d5f6aca7857eb3ec6333e870eeb9cdcfbff36364cdfcfbd66e66b712d
a2c119fd54bdd0e0148ab84a5fe314357a8e5c9dd7c15c0ef574749128437830
a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5
a69ea33bdaaa0d88072e69964ae80235cf96167d87b206aad76baa5d245d5360
acf23759b6edd8eb9edbf22ebd52cfbcdd0103fca4af93053e68f9b673098240
b711bf106e56b54fcb06d2abd26fd61e41575ac591a82fd02a6fbae9137fb66f
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c61d7869048bbcf313c537eeef405c62dd1577bc82dfeb68fc91c8e44350e34c
dbba28e9b677544acf6efc72cbde75947ebf9ff538457fa1801468d1e94bcb4b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e01a475425b48a40b7dd1c70f9f2172ec2f4c7a456b85a97fbfe12e308051f30
ee463534f5237559e041e9525c2c8475402585f4c4dbb469d3d89df4da3665bf
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7