semanticapp-de.com
Open in
urlscan Pro
94.237.29.184
Malicious Activity!
Public Scan
Effective URL: http://semanticapp-de.com/?a=3408&o=4093&s=5a9e355a31fc7238b27ce868
Submission: On March 06 via manual from SG
Summary
This is the only time semanticapp-de.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 104.31.71.42 104.31.71.42 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 5 | 104.31.70.42 104.31.70.42 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 104.27.147.186 104.27.147.186 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 108.61.208.149 108.61.208.149 | 20473 (AS-CHOOPA) (AS-CHOOPA - Choopa) | |
11 | 94.237.29.184 94.237.29.184 | 202053 (UPCLOUD) (UPCLOUD) | |
2 | 94.31.29.16 94.31.29.16 | 6461 (ZAYO-6461) (ZAYO-6461 - Zayo Bandwidth) | |
2 | 104.19.192.102 104.19.192.102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 172.217.21.200 172.217.21.200 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 216.58.206.10 216.58.206.10 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 216.58.206.3 216.58.206.3 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 172.217.21.206 172.217.21.206 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.22.110 172.217.22.110 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
32 | 11 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.dealfoever.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.dealfoever.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hotpingvin.com |
ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 108.61.208.149.vultr.com
ct-redirect.com |
ASN202053 (UPCLOUD, FI)
PTR: 94-237-29-184.de-fra1.host.upcloud.com
semanticapp-de.com |
ASN6461 (ZAYO-6461 - Zayo Bandwidth, US)
PTR: 94.31.29.16.IPYX-077437-ZYO.above.net
maxcdn.bootstrapcdn.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f3.1e100.net
fonts.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f206.1e100.net
www.google-analytics.com | |
s.ytimg.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f110.1e100.net
www.youtube.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
semanticapp-de.com
semanticapp-de.com |
302 KB |
8 |
dealfoever.com
1 redirects
www.dealfoever.com |
127 KB |
4 |
gstatic.com
fonts.gstatic.com |
36 KB |
2 |
google-analytics.com
www.google-analytics.com |
14 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
40 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
30 KB |
1 |
ytimg.com
s.ytimg.com |
8 KB |
1 |
youtube.com
www.youtube.com |
1 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
21 KB |
1 |
ct-redirect.com
1 redirects
ct-redirect.com |
197 B |
1 |
hotpingvin.com
1 redirects
hotpingvin.com |
643 B |
32 | 12 |
Domain | Requested by | |
---|---|---|
11 | semanticapp-de.com |
semanticapp-de.com
|
8 | www.dealfoever.com |
1 redirects
www.dealfoever.com
|
4 | fonts.gstatic.com |
semanticapp-de.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
semanticapp-de.com |
2 | cdnjs.cloudflare.com |
semanticapp-de.com
|
2 | maxcdn.bootstrapcdn.com |
semanticapp-de.com
|
1 | s.ytimg.com |
www.youtube.com
|
1 | www.youtube.com |
semanticapp-de.com
|
1 | fonts.googleapis.com |
semanticapp-de.com
|
1 | www.googletagmanager.com |
semanticapp-de.com
|
1 | ct-redirect.com | 1 redirects |
1 | hotpingvin.com | 1 redirects |
32 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://semanticapp-de.com/?a=3408&o=4093&s=5a9e355a31fc7238b27ce868
Frame ID: (918B75DD555E6F37EFAC1D4C97216F0D)
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=a.a@g... Page URL
-
http://www.dealfoever.com/urlshort_test/uid_long=7107&tracking_id=11133033&token=uqIDBweeUg17xN9lI6gr0...
HTTP 302
http://hotpingvin.com/tracking/5a952d9431fc7238b26f4fa5?src=57b4462f221b89875443b630&s1=&s2=3jSLK&... HTTP 302
http://ct-redirect.com/kD8Vo?a=3408&o=4093&s=5a9e355a31fc7238b27ce868 HTTP 302
http://semanticapp-de.com/?a=3408&o=4093&s=5a9e355a31fc7238b27ce868 Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.dealfoever.com/survey/javscde/source=TADE-JavTemp/subid=14989k-DE16012018-rups&subid2=a.a@google.com Page URL
-
http://www.dealfoever.com/urlshort_test/uid_long=7107&tracking_id=11133033&token=uqIDBweeUg17xN9lI6gr0jsdsxLb1gHiXpbKVUAS&preview=0&subid_json=eyJzdWJpZDEiOiIxNDk4OWstREUxNjAxMjAxOC1ydXBzIiwic3ViaWQiOiIxNDk4OWstREUxNjAxMjAxOC1ydXBzIiwic3ViaWQyIjoiYS5hQGdvb2dsZS5jb20ifQ==
HTTP 302
http://hotpingvin.com/tracking/5a952d9431fc7238b26f4fa5?src=57b4462f221b89875443b630&s1=&s2=3jSLK&s3=&s4=&s5=&k=5a9946fa31fc7238b27315d5 HTTP 302
http://ct-redirect.com/kD8Vo?a=3408&o=4093&s=5a9e355a31fc7238b27ce868 HTTP 302
http://semanticapp-de.com/?a=3408&o=4093&s=5a9e355a31fc7238b27ce868 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- http://www.youtube.com/iframe_api HTTP 307
- https://www.youtube.com/iframe_api
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
subid=14989k-DE16012018-rups&subid2=a.a@google.com
www.dealfoever.com/survey/javscde/source=TADE-JavTemp/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.dealfoever.com/js/ |
278 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
www.dealfoever.com/js/ |
67 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
www.dealfoever.com/js/plugins/jqueryCookie/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
survey
www.dealfoever.com/survey/ |
11 B 767 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
survey
www.dealfoever.com/survey/ |
19 B 769 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
survey
www.dealfoever.com/survey/ |
18 B 763 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
semanticapp-de.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ |
118 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout_semantic.css
semanticapp-de.com/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
crazypopup.css
semanticapp-de.com/css/ |
1 KB 882 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
semantic_logo.png
semanticapp-de.com/images/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
security_icons.min.png
semanticapp-de.com/images/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usr_j0gh56.jpg
semanticapp-de.com/images/users/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usr_bdf520.jpg
semanticapp-de.com/images/users/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usr_fsd415023.jpg
semanticapp-de.com/images/users/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
semanticapp-de.com/js/ |
598 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
58 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
videoBg.jpg
semanticapp-de.com/images/ |
87 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
P5sMzZCDf9_T_10ZxCFuj5-v.woff2
fonts.gstatic.com/s/arimo/v11/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
847 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
P5sCzZCDf9_T_10c9CNkiL2t2dk.woff2
fonts.gstatic.com/s/arimo/v11/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
5aU19_a8oxmIfNJdERySjRhc9V0.woff2
fonts.gstatic.com/s/hind/v8/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
freeAccessStripe.png
semanticapp-de.com/images/ |
831 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iframe_api
www.youtube.com/ Redirect Chain
|
740 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
P5sBzZCDf9_T_1Wi4TRDrZKF09E3.woff2
fonts.gstatic.com/s/arimo/v11/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflZ8rDo4/ |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| $cookies object| gajus function| onYouTubeIframeAPIReady function| $ function| jQuery object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: wqJXMz300c0 |
|
.semanticapp-de.com/ | Name: _ga Value: GA1.2.548123387.1520318064 |
|
.youtube.com/ | Name: PREF Value: f1=50000000 |
|
.semanticapp-de.com/ | Name: _gat_UA-109151931-6 Value: 1 |
|
semanticapp-de.com/ | Name: a Value: 3408 |
|
semanticapp-de.com/ | Name: lic_time_cookie Value: 15196 |
|
semanticapp-de.com/ | Name: spots_available Value: 30 |
|
semanticapp-de.com/ | Name: s Value: 5a9e355a31fc7238b27ce868 |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: UX6HPcEiA4A |
|
semanticapp-de.com/ | Name: o Value: 4093 |
|
.semanticapp-de.com/ | Name: _gid Value: GA1.2.1024573275.1520318064 |
|
semanticapp-de.com/ | Name: lic_time_helper_cookie Value: 23349 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
ct-redirect.com
fonts.googleapis.com
fonts.gstatic.com
hotpingvin.com
maxcdn.bootstrapcdn.com
s.ytimg.com
semanticapp-de.com
www.dealfoever.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.19.192.102
104.27.147.186
104.31.70.42
104.31.71.42
108.61.208.149
172.217.21.200
172.217.21.206
172.217.22.110
216.58.206.10
216.58.206.3
94.237.29.184
94.31.29.16
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e217c1eec8def8665e6e8f96bb4f6d3ef8e5a2b75a046cce8b0a34515bcffe4
1788e03e3e73ac4909fab4e67529368bfb3568e8e8e51f9ee1bd9051a3169cce
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
20c32db9f1d6493e57d9d9ad4d7bf923ce3eb1bf0e42d289291ff516d5d74df0
23152f09df921eb0f0de8bfec64f8b28f27eff0890875febf7f9f71407a58ac8
459355157789738ca74c236b3a2e7bafd58151fe80eb1a30edb04130b44529d3
529ea932c3716323c67777b128ef52bb8a5190c1918fe1c6844c7c2b045baa06
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
5e041b6acd299048c96414687b3c84482c875856a9818df6626b953eeea95370
6e4b7463530509313b51167190f55cebfa5be57f85c06f4115d57b2a686739cc
79def6e15a0c70a3d77556c9bcbf2e200825dec16c9aa7dfcdaa590d621c722b
7fef3f198316e1c3a692f120c0c752f5b5222b0521c464715e0e675049537f73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
882b20b3f7b33f97760b05ee662ef42e42a96c1f08df1d001fa5cb38bac40700
94372df32700bbe4e6bedda1885a654298b25f8b4d44fed081304a59bc798971
a01a023d5f6aca7857eb3ec6333e870eeb9cdcfbff36364cdfcfbd66e66b712d
a2c119fd54bdd0e0148ab84a5fe314357a8e5c9dd7c15c0ef574749128437830
a3a340354c4e6e02859ba068cdeadb13f4a297a980575ed5a8d0c46294c62364
a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5
a69ea33bdaaa0d88072e69964ae80235cf96167d87b206aad76baa5d245d5360
acf23759b6edd8eb9edbf22ebd52cfbcdd0103fca4af93053e68f9b673098240
b711bf106e56b54fcb06d2abd26fd61e41575ac591a82fd02a6fbae9137fb66f
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c61d7869048bbcf313c537eeef405c62dd1577bc82dfeb68fc91c8e44350e34c
dbba28e9b677544acf6efc72cbde75947ebf9ff538457fa1801468d1e94bcb4b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e01a475425b48a40b7dd1c70f9f2172ec2f4c7a456b85a97fbfe12e308051f30
e69e632fd455bb94aa01816ae5530a7eb04e5ac5bc0a63d5f96d7d12f8a3f7b3
ee463534f5237559e041e9525c2c8475402585f4c4dbb469d3d89df4da3665bf
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7