paypal.verfications.co
Open in
urlscan Pro
91.235.142.34
Malicious Activity!
Public Scan
Effective URL: https://paypal.verfications.co/
Submission Tags: phishing malicious Search All
Submission: On August 04 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 1st 2020. Valid for: 3 months.
This is the only time paypal.verfications.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 91.235.142.34 91.235.142.34 | 30860 (YURTEH-AS) (YURTEH-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 192.54.57.158 192.54.57.158 | 9009 (M247) (M247) | |
11 | 151.101.114.133 151.101.114.133 | 54113 (FASTLY) (FASTLY) | |
3 | 23.8.10.104 23.8.10.104 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2606:4700::68... 2606:4700::6810:84e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 2 | 64.4.245.84 64.4.245.84 | 17012 (PAYPAL) (PAYPAL) | |
4 | 23.8.7.81 23.8.7.81 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
35 | 12 |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-10-104.deploy.static.akamaitechnologies.com
c.paypal.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-7-81.deploy.static.akamaitechnologies.com
t.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
paypalobjects.com
www.paypalobjects.com |
115 KB |
9 |
paypal.com
1 redirects
c.paypal.com b.stats.paypal.com dub.stats.paypal.com t.paypal.com |
23 KB |
5 |
verfications.co
1 redirects
paypal.verfications.co |
185 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com |
35 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
7 KB |
1 |
jquery.com
code.jquery.com |
24 KB |
1 |
onlinewebfonts.com
db.onlinewebfonts.com |
687 B |
1 |
googleapis.com
fonts.googleapis.com |
689 B |
35 | 8 |
Domain | Requested by | |
---|---|---|
11 | www.paypalobjects.com |
paypal.verfications.co
|
5 | paypal.verfications.co |
1 redirects
paypal.verfications.co
www.paypalobjects.com |
4 | t.paypal.com |
paypal.verfications.co
|
3 | c.paypal.com |
paypal.verfications.co
c.paypal.com |
1 | dub.stats.paypal.com |
paypal.verfications.co
|
1 | b.stats.paypal.com | 1 redirects |
1 | stackpath.bootstrapcdn.com |
paypal.verfications.co
|
1 | cdnjs.cloudflare.com |
paypal.verfications.co
|
1 | code.jquery.com |
paypal.verfications.co
|
1 | db.onlinewebfonts.com |
paypal.verfications.co
|
1 | fonts.googleapis.com |
paypal.verfications.co
|
1 | maxcdn.bootstrapcdn.com |
paypal.verfications.co
|
35 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypal.com |
paypal.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.verfications.co cPanel, Inc. Certification Authority |
2020-08-01 - 2020-10-30 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
onlinewebfonts.com Sectigo RSA Domain Validation Secure Server CA |
2019-08-20 - 2020-10-18 |
a year | crt.sh |
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA |
2019-12-09 - 2021-12-13 |
2 years | crt.sh |
c.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-01-09 - 2022-01-13 |
2 years | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA |
2020-03-13 - 2022-06-03 |
2 years | crt.sh |
t.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-01-09 - 2022-01-12 |
2 years | crt.sh |
This page contains 5 frames:
Primary Page:
https://paypal.verfications.co/
Frame ID: AA50692A702AF957727452C19A601A7F
Requests: 31 HTTP requests in this frame
Frame:
https://www.paypalobjects.com/web/res/4d6/a02b22c203d633997d6f93dbefb31/recaptcha/grcenterprise_v3.html
Frame ID: 41A686748C7449396187FA6873332D35
Requests: 1 HTTP requests in this frame
Frame:
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: EE5884414D82D9FEE1BBD65E01DFF69F
Requests: 1 HTTP requests in this frame
Frame:
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD04ODFhOWUyZGFjYzE0NmNhYTBjMDg5OGE2ZTZiNDgxMiZpPTc5LjE0MS4xNjIuODEmdD0xNTk1MDkyNTg4LjkxJmE9MjEmcz1VTklGSUVEX0xPR0lOrbiBJMJRO9d4db20pDG7BpBpFWQ
Frame ID: 32CE463E2B6029853EC7FCCB5325931C
Requests: 1 HTTP requests in this frame
Frame:
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 1558AE9C2F034AA6E524AEEB031195CE
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://paypal.verfications.co/
HTTP 301
https://paypal.verfications.co/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Having trouble logging in?
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Worldwide
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://paypal.verfications.co/
HTTP 301
https://paypal.verfications.co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://b.stats.paypal.com/v1/counter.cgi?r=cD04ODFhOWUyZGFjYzE0NmNhYTBjMDg5OGE2ZTZiNDgxMiZpPTc5LjE0MS4xNjIuODEmdD0xNTk1MDkyNTg4LjkxJmE9MjEmcz1VTklGSUVEX0xPR0lOrbiBJMJRO9d4db20pDG7BpBpFWQ HTTP 302
- https://dub.stats.paypal.com/v1/counter2.cgi?r=cD04ODFhOWUyZGFjYzE0NmNhYTBjMDg5OGE2ZTZiNDgxMiZpPTc5LjE0MS4xNjIuODEmdD0xNTk1MDkyNTg4LjkxJmE9MjEmcz1VTklGSUVEX0xPR0lOrbiBJMJRO9d4db20pDG7BpBpFWQ
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
paypal.verfications.co/ Redirect Chain
|
64 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
paypal.verfications.co/css/ |
117 KB 118 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 689 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d8040e905cf0216b6e1b4e39b28d519a
db.onlinewebfonts.com/c/ |
1 KB 687 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-PN-check.png
www.paypalobjects.com/images/shared/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fn-sync-telemetry-min.js
www.paypalobjects.com/web/res/c0e/6ca529a45d99f5eaa05cdff0777ab/js/lib/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-split.js
www.paypalobjects.com/web/res/c0e/6ca529a45d99f5eaa05cdff0777ab/js/ |
130 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ioc.js
www.paypalobjects.com/web/res/c0e/6ca529a45d99f5eaa05cdff0777ab/js/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pa.js
www.paypalobjects.com/pa/js/min/ |
45 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptchav3.js
paypal.verfications.co/auth/createchallenge/19b2eb189fa710f8/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ |
122 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.js
c.paypal.com/da/r/ |
55 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ |
57 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grcenterprise_v3.html
www.paypalobjects.com/web/res/4d6/a02b22c203d633997d6f93dbefb31/recaptcha/ Frame 41A6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d8040e905cf0216b6e1b4e39b28d519a.woff2
db.onlinewebfonts.com/t/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d8040e905cf0216b6e1b4e39b28d519a.woff
db.onlinewebfonts.com/t/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d8040e905cf0216b6e1b4e39b28d519a.ttf
db.onlinewebfonts.com/t/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d8040e905cf0216b6e1b4e39b28d519a.woff2
db.onlinewebfonts.com/t/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d8040e905cf0216b6e1b4e39b28d519a.woff
db.onlinewebfonts.com/t/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d8040e905cf0216b6e1b4e39b28d519a.ttf
db.onlinewebfonts.com/t/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint-paypal.png
www.paypalobjects.com/images/shared/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i
c.paypal.com/v1/r/d/ Frame EE58 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter2.cgi
dub.stats.paypal.com/v1/ Frame 32CE Redirect Chain
|
42 B 299 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i
c.paypal.com/v1/r/d/ Frame 1558 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 780 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tealeaftarget
paypal.verfications.co/platform/ |
2 KB 2 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 748 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 780 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 780 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- db.onlinewebfonts.com
- URL
- http://db.onlinewebfonts.com/t/d8040e905cf0216b6e1b4e39b28d519a.woff2
- Domain
- db.onlinewebfonts.com
- URL
- http://db.onlinewebfonts.com/t/d8040e905cf0216b6e1b4e39b28d519a.woff
- Domain
- db.onlinewebfonts.com
- URL
- http://db.onlinewebfonts.com/t/d8040e905cf0216b6e1b4e39b28d519a.ttf
- Domain
- db.onlinewebfonts.com
- URL
- http://db.onlinewebfonts.com/t/d8040e905cf0216b6e1b4e39b28d519a.woff2
- Domain
- db.onlinewebfonts.com
- URL
- http://db.onlinewebfonts.com/t/d8040e905cf0216b6e1b4e39b28d519a.woff
- Domain
- db.onlinewebfonts.com
- URL
- http://db.onlinewebfonts.com/t/d8040e905cf0216b6e1b4e39b28d519a.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| PAYPAL function| $ function| _classCallCheck function| _typeof function| _createClass number| HTTPOK string| HTTPGET string| HTTPPOST number| DEFAULT_XHR_TIMEOUT object| fpti string| fptiserverurl object| _ifpti object| pako object| TLT object| _0xa1a9 function| _0xe09f object| d function| fbeacefbaa object| err function| jQuery function| Popper object| bootstrap4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.paypal.com/ | Name: ts_c Value: vr%3D240efc305a87ef1%26vt%3D6c61d5363e680ef2 |
|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1691109868%26vteXpYrS%3D1596503668%26vr%3D240efc305a87ef1%26vt%3D6c61d5363e680ef2 |
|
paypal.verfications.co/ | Name: laravel_session Value: eyJpdiI6IjFrcjBFUTNsQWtBSWd6aWprb1NaS0E9PSIsInZhbHVlIjoieGFIbHRGa1NOd05vdndtRlhzcjlqVmVoVDN3Wkluak80Q0JvVVZWV0RNTjNxMndZZHRUa0hFREdqN2JBOG43OSIsIm1hYyI6IjEzZmMwMzU5YjNiZGU3Nzk5NmFhMTFiNDlhYjc3ZGQxMWUzOTRlNTA5ZTg3M2VjZTc5MTk1MGQxYjJlYWE0NWQifQ%3D%3D |
|
paypal.verfications.co/ | Name: XSRF-TOKEN Value: eyJpdiI6ImZHdWk4MVJXeTEwa1VDQ1pMVEFLT2c9PSIsInZhbHVlIjoiU2F6aUF5NjFaeEgyNXRSTkthMG1YQldYaTRKYXBZTmVIL3ZWMlZvRFEyUVhkeS9OTHVyVkU2UkIzV00xN09maiIsIm1hYyI6ImYyZTBkYTJlOTRlODA5OWU5N2Y3ZDM3MTI3OWE1MDcxMjhkOGI1YTJlYmQ3NWYzMTFlOWUyMGNhM2YxOWI0NmYifQ%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b.stats.paypal.com
c.paypal.com
cdnjs.cloudflare.com
code.jquery.com
db.onlinewebfonts.com
dub.stats.paypal.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
paypal.verfications.co
stackpath.bootstrapcdn.com
t.paypal.com
www.paypalobjects.com
db.onlinewebfonts.com
151.101.114.133
192.54.57.158
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
23.8.10.104
23.8.7.81
2606:4700::6810:84e5
2a00:1450:4001:81f::200a
64.4.245.84
91.235.142.34
07d4a44d248156a0e3d0c604d7359e54f3b021eeec70b7c3a1d127a141f76d97
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
219fe3382fabdbb0444747aa0073d75f3815cc9aba97bed4fe3ceca97afc38e8
258682bcb3d7d927aaf47bfe1c01788db1f0cda4bf2240001e5e7408a6f559ae
306886746f1d9fde1c39b0bd5d425287268bb1d869ad3a07cfde402f5b824acd
3355f98d2cb28c01c581f84fb482ee2f8b6dae87aa021b9e41d0542b8b93d46c
3ccb6fb38b0f1977cec98ffee293a7d26eb040f0f399b3cdcc5ad523b68a0660
3ce8325ef2c96088c941fdf2467466b5f94f73563e5e72e259be344afa110c86
3d9694d4605fd934422db49544a5f583e630f0af9ac297573a04f7a825266972
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
61ce0ee4efd0b82c90eb9c78bc3c93cf9e6703ce670237bedd1f88a6af82e004
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
70e9a2e0be33ecddb7ad79c4c9bff5d61c2c2b6d4d886bbb2872e4251ea4135d
8356ff3eb802d52db40a1714aee50ae9ae36aa6e3d789aae7126a53c620156dd
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e4a681e7be852be85518241d0174a68a00853e20920761c23a03be30c989df9b