www.prandellidemolizioni.it
Open in
urlscan Pro
194.125.242.15
Malicious Activity!
Public Scan
Submitted URL: https://www.cowescaravanpark.com.au/Copyright.html
Effective URL: https://www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/login.php?cmd=login_submit&...
Submission: On January 19 via manual from US
Effective URL: https://www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/login.php?cmd=login_submit&...
Submission: On January 19 via manual from US
Summary
This website contacted 3 IPs
in 3 countries
across 4 domains to perform 35 HTTP transactions.
The main IP is 194.125.242.15, located in
Italy and
belongs to LINEACOM-AS, IT.
The main domain is www.prandellidemolizioni.it.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 9th 2018. Valid for: 3 months.
This is the only time www.prandellidemolizioni.it was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on January 9th 2018. Valid for: 3 months.
This is the only time www.prandellidemolizioni.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discover (Financial)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 103.9.169.172 103.9.169.172 | 45638 (SYNERGYWH...) (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD) | |
| 1 34 | 194.125.242.15 194.125.242.15 | 25002 (LINEACOM-AS) (LINEACOM-AS) | |
| 1 | 54.148.84.95 54.148.84.95 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 2 | 192.186.220.3 192.186.220.3 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
| 35 | 3 |
1
103.9.169.172
(Sydney, Australia)
ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU)
PTR: youlehosting.com.au
ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU)
PTR: youlehosting.com.au
| www.cowescaravanpark.com.au |
34
194.125.242.15
(Italy)
ASN25002 (LINEACOM-AS, IT)
PTR: serverweb.absol.it
ASN25002 (LINEACOM-AS, IT)
PTR: serverweb.absol.it
| www.prandellidemolizioni.it |
1
54.148.84.95
(Boardman, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-84-95.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-84-95.us-west-2.compute.amazonaws.com
| www.sitepoint.com |
2
192.186.220.3
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-192-186-220-3.ip.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-192-186-220-3.ip.secureserver.net
| csscheckbox.com | |
| www.csscheckbox.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 34 |
prandellidemolizioni.it
1 redirects
www.prandellidemolizioni.it |
2 MB |
| 2 |
csscheckbox.com
1 redirects
csscheckbox.com www.csscheckbox.com |
1 KB |
| 1 |
sitepoint.com
www.sitepoint.com |
6 KB |
| 1 |
cowescaravanpark.com.au
1 redirects
www.cowescaravanpark.com.au |
378 B |
| 35 | 4 |
| Domain | Requested by | |
|---|---|---|
| 34 | www.prandellidemolizioni.it |
1 redirects
www.prandellidemolizioni.it
|
| 1 | www.csscheckbox.com |
www.prandellidemolizioni.it
|
| 1 | csscheckbox.com | 1 redirects |
| 1 | www.sitepoint.com |
www.prandellidemolizioni.it
|
| 1 | www.cowescaravanpark.com.au | 1 redirects |
| 35 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| prandellidemolizioni.it Let's Encrypt Authority X3 |
2018-01-09 - 2018-04-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/login.php?cmd=login_submit&id=631ceaa1abe4dcc8659f7477bbe1f4bf631ceaa1abe4dcc8659f7477bbe1f4bf&session=631ceaa1abe4dcc8659f7477bbe1f4bf631ceaa1abe4dcc8659f7477bbe1f4bf
Frame ID: (47B9A641138B408196EFDB1B6EF8006F)
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.cowescaravanpark.com.au/Copyright.html
HTTP 301
https://www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/ HTTP 302
https://www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/login.p... Page URL
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.cowescaravanpark.com.au/Copyright.html
HTTP 301
https://www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/ HTTP 302
https://www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/login.php?cmd=login_submit&id=631ceaa1abe4dcc8659f7477bbe1f4bf631ceaa1abe4dcc8659f7477bbe1f4bf&session=631ceaa1abe4dcc8659f7477bbe1f4bf631ceaa1abe4dcc8659f7477bbe1f4bf Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- http://csscheckbox.com/checkboxes/u/csscheckbox_dee0fdecdbc35b79fe3ee96c338d8059.png HTTP 301
- http://www.csscheckbox.com/checkboxes/u/csscheckbox_dee0fdecdbc35b79fe3ee96c338d8059.png
35 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
login.php
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/ Redirect Chain
|
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
MaskedPassword.js
www.sitepoint.com/examples/password/MaskedPassword/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds3.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
391 KB 391 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds1.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds2.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds4.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
240 KB 240 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds5.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds6.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
130 KB 131 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds7.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds8.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
137 KB 137 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds9.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds11.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds10.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds12.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds13.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
259 KB 259 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds14.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
228 KB 229 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds15.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds16.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
line.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
260 B 577 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds17.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds18.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds19.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds20.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds21.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds22.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds23.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds24.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds27.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds28.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds25.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ds26.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
forg.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.png
www.prandellidemolizioni.it//layouts/vtg/B578E33B4FBA09D0CC9EB4DCB68355DE/sorted_index/Dashboard/images/ |
801 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
csscheckbox_dee0fdecdbc35b79fe3ee96c338d8059.png
www.csscheckbox.com/checkboxes/u/ Redirect Chain
|
846 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discover (Financial)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onafterprint object| onbeforeprint function| MaskedPassword function| unhideBody0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
csscheckbox.com
www.cowescaravanpark.com.au
www.csscheckbox.com
www.prandellidemolizioni.it
www.sitepoint.com
103.9.169.172
192.186.220.3
194.125.242.15
54.148.84.95
054f13b944279ddb32cae9138cded97678d4df327ec01e75b2fa7fe9fffc94c2
070c6b831529be71a2fd9ab8f5ec63334cce59b621fd6ca032747ecd1cd79517
09d4a993e5c94823581efc4dd0931f79b97086cb263fc38163746febe4887ea7
09e2d7850d22a9981e717b8f3a242ffe8c49d6d945be29b9e713ec9dcf989dda
12009b1aa466621e3e3f7483d28cfc9f2e544feaf3c0690a211e0ec7da2b3e94
12515a2004b562a51ec893462b0951e293dee308074d563761b1d5a49c841584
162b7c767ec98b094823f79a81e6b304b3905d3ac21758c209af394d1f7c02a6
1e5bf7862977702838d6f007bf5c8d3639012c0f78b7810c7f5fa84c164667ec
1eb51b1e7b44e7f8e6fbb69e9cad2777d603cf36c78cd573130828e49b0552d9
20310e2379ee62d524e070ae2001c6be7663eec41b004705463325970bf5d8d0
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
3a11b8e017543ebc3e65242c670efd1294340396dc767b5c5f104c04692eba65
3b2b9d4801d409ce945f229bd6991ce678ea15798310fac285b85cea3bf2f81c
3efa1638ac50176a69516f1039951a31a5dd02e815bc6d873538f15d8ce29c20
4e4969b6cf75b590777975fe9cef8d48d528b4901cc4a1fb216ecc391d03075d
5873f9537d293df5b93b6b050118e21c4812fde418fee2f5104f5c07679d9e8e
622fca72f77b769d314a7cda043f6b63986a990c7183f38e2f7b8474e595d1c7
6b27ecd562af884103626590f5a0f7c55aaa3042fd81ae7f7eb8ce9cae6a27a4
6fa07bdbb8fbc43d2754fa1659dd60900b23b9a1efa4e007e70170f0cfc640f2
72c13da8ebb6e0edf529083aed4215cabe30a4baac688ca584b22b579d129693
78817fbd680db2a0dcad5adb7ad09ddd2dd60d73c28f05f42f63464e95598faa
7bd2a8f66fecf091898f3c7a12ad55c87e1e1dc788f85a1c3c1e6367b3cf5590
802a84946f790406d130bc60d3c1838702d0b6ff3b627e399c34eeda9790b17b
867d9a3c805ee7124657825e6adad3d1dc367ed9e338f586c963840862b1d55c
92cb9b8516eb157f6a4427ab61bce644327407d4d524ade2b4fa2000aa716900
a33cac9cdb3e15468d8612135e91f1bcaa43617e2b8099ef5de9768acaac1cc7
a9c57d8fcd52679341ed38855efc1489d4d53a35f36bb7c5e9b17326c86d233b
aee1b291b96ce13eeb335a4c987ed9cb2fbadab2975ef622b3a4e83f0c014e3c
d5f0a4d5a9339b285fe27eb1243272fc0cc388caa9eeb0cee050f4159045a662
d9eeecbc331f7708a0371bd0eec3dadf145218add6b4a2dbcd83cfcca4f3f767
db42cf8fdde61cd692cdaf0fa3cc1c0663c48386f1954cbe6da89fc1aa23aa51
e348cc14b19bf319ca8e58552d520c17ad84f709813483ef8b3701f121d33c7a
eec4b694b9d81884865b13e5036bbd33d521ed583c697cb7c4c4c295d1208942
eee49822ac38014063aabdb99b46f11468637950cdffa63478d8e16026f3cf5f
fb8819800eff9fa276cfc46b71a0106e9298d625a1630d08b9b974776d88c2dc