usa-health-news.today
Open in
urlscan Pro
2606:4700:30::681f:5adf
Malicious Activity!
Public Scan
Effective URL: https://usa-health-news.today/diet/omarosa/index-rl.html?cep=bFTZtstbtR784Ian7f0GBxS27AMdEO1pzKyPRxxzkq0e2spx47Sey7snAf7BA-JiQ...
Submission: On October 13 via manual from US
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 5th 2018. Valid for: 6 months.
This is the only time usa-health-news.today was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Weightloss Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 70.37.54.108 70.37.54.108 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 1 | 18.196.84.70 18.196.84.70 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
35 | 2606:4700:30:... 2606:4700:30::681f:5adf | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 54.230.202.153 54.230.202.153 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
41 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
rs-stripe.teaparty.org | |
tr.revstripe.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-84-70.eu-central-1.compute.amazonaws.com
affbrain.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
usa-health-news.today |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-153.fra50.r.cloudfront.net
api.pushnami.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
usa-health-news.today
usa-health-news.today |
2 MB |
1 |
pushnami.com
api.pushnami.com |
7 KB |
1 |
affbrain.com
1 redirects
affbrain.com |
2 KB |
1 |
revstripe.com
1 redirects
tr.revstripe.com |
923 B |
1 |
teaparty.org
1 redirects
rs-stripe.teaparty.org |
590 B |
0 |
usmag-online.com
Failed
www.usmag-online.com Failed |
|
0 |
wennermedia.com
Failed
assets.wennermedia.com Failed |
|
41 | 7 |
Domain | Requested by | |
---|---|---|
35 | usa-health-news.today |
usa-health-news.today
|
1 | api.pushnami.com |
usa-health-news.today
|
1 | affbrain.com | 1 redirects |
1 | tr.revstripe.com | 1 redirects |
1 | rs-stripe.teaparty.org | 1 redirects |
0 | www.usmag-online.com Failed |
usa-health-news.today
|
0 | assets.wennermedia.com Failed |
usa-health-news.today
|
41 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
hnnhnnhnnhnn.space |
www.facebook.com |
twitter.com |
www.pinterest.com |
plus.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni95088.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-10-05 - 2019-04-13 |
6 months | crt.sh |
*.pushnami.com Amazon |
2018-06-29 - 2019-07-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://usa-health-news.today/diet/omarosa/index-rl.html?cep=bFTZtstbtR784Ian7f0GBxS27AMdEO1pzKyPRxxzkq0e2spx47Sey7snAf7BA-JiQr4tAtbmwnpuvr48gkBlq_NWrG7X5YS5W2FKVLJu_YDonf4YqdK23Kg5NdMG5Om-elKUFFti2r3DWjCAhyxzNQWshnlcIQEbwJJJKA_Y7D79jepDrnSfRJpaMBEYhMhLgSWBx27ud_jUi4fZsc3xIJE-sh76WMJR5WVUekVvFre4-gSbfZefQ6nqgyRKI9pKX6vKuFgNWTy1pBO4GQyOTJZ4aIXF20yd62syWfFt6hhQgzRWGn6oYisrwskmegxClzJ8odnOSCdh5xuuvzghtnUboZNQ1V0CS7nw2Hv2y8XX3kdru2Xgq1jv5XqNXismdSg17TIy2VAd_LzY4G6ToVQFGA8KoxYlTLrB6P6KeY0&campaign=%7Bpi-diet-omarosa%7D©=%7Bomarosa-reveals-shocking-secret-about-trump%7D&subheading=%7Byou-wont-believe-what-it-is%7D&s4=%7Boma-trump%7D&source=%7Bpi%7D&vertical=%7Bdiet%7D&pi_targetdevicetype=all&pi_targetcontainertype=email&pi_adid=390678&pi_clickid=0f8f4b2ec59a40099e86ececa5acb664&pi_creativeid=422880
Frame ID: AB0168DE463347EAEF860C45307C48D5
Requests: 41 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://rs-stripe.teaparty.org/stripe/redirect?cs_email=david.mcrell@verizonbusiness.com&cs_sendid=0&cs_esp...
HTTP 301
http://tr.revstripe.com/stripe/redirect?cs_email=david.mcrell@verizonbusiness.com&cs_sendid=0&cs_esp... HTTP 303
http://affbrain.com/79039a59-babc-4b3b-a48d-cf80746406c4?campaign={pi-diet-omarosa}©={omaros... HTTP 302
https://usa-health-news.today/diet/omarosa/index-rl.html?cep=bFTZtstbtR784Ian7f0GBxS27AMdEO1pzKyPRxxzkq0e2... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: #TheGame
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Retro Lean Forskolin
Search URL Search Domain Scan URL
Title: Tina Lewis
Search URL Search Domain Scan URL
Title: Tanya Porquez
Search URL Search Domain Scan URL
Title: Jennifer Jackson Mercer
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Amanda Gibson
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rs-stripe.teaparty.org/stripe/redirect?cs_email=david.mcrell@verizonbusiness.com&cs_sendid=0&cs_esp=dms&cs_offset=0&cs_stripeid=12775
HTTP 301
http://tr.revstripe.com/stripe/redirect?cs_email=david.mcrell@verizonbusiness.com&cs_sendid=0&cs_esp=dms&cs_offset=0&cs_stripeid=12775 HTTP 303
http://affbrain.com/79039a59-babc-4b3b-a48d-cf80746406c4?campaign={pi-diet-omarosa}©={omarosa-reveals-shocking-secret-about-trump}&subheading={you-wont-believe-what-it-is}&s4={oma-trump}&source={pi}&vertical={diet}&pi_targetdevicetype=all&pi_targetcontainertype=email&pi_adid=390678&pi_clickid=0f8f4b2ec59a40099e86ececa5acb664&pi_creativeid=422880 HTTP 302
https://usa-health-news.today/diet/omarosa/index-rl.html?cep=bFTZtstbtR784Ian7f0GBxS27AMdEO1pzKyPRxxzkq0e2spx47Sey7snAf7BA-JiQr4tAtbmwnpuvr48gkBlq_NWrG7X5YS5W2FKVLJu_YDonf4YqdK23Kg5NdMG5Om-elKUFFti2r3DWjCAhyxzNQWshnlcIQEbwJJJKA_Y7D79jepDrnSfRJpaMBEYhMhLgSWBx27ud_jUi4fZsc3xIJE-sh76WMJR5WVUekVvFre4-gSbfZefQ6nqgyRKI9pKX6vKuFgNWTy1pBO4GQyOTJZ4aIXF20yd62syWfFt6hhQgzRWGn6oYisrwskmegxClzJ8odnOSCdh5xuuvzghtnUboZNQ1V0CS7nw2Hv2y8XX3kdru2Xgq1jv5XqNXismdSg17TIy2VAd_LzY4G6ToVQFGA8KoxYlTLrB6P6KeY0&campaign=%7Bpi-diet-omarosa%7D©=%7Bomarosa-reveals-shocking-secret-about-trump%7D&subheading=%7Byou-wont-believe-what-it-is%7D&s4=%7Boma-trump%7D&source=%7Bpi%7D&vertical=%7Bdiet%7D&pi_targetdevicetype=all&pi_targetcontainertype=email&pi_adid=390678&pi_clickid=0f8f4b2ec59a40099e86ececa5acb664&pi_creativeid=422880 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index-rl.html
usa-health-news.today/diet/omarosa/ Redirect Chain
|
63 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
usa-health-news.today/diet/omarosa/images/ |
362 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
usa-health-news.today/diet/omarosa/images/ |
144 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.2.min.js
usa-health-news.today/diet/omarosa/images/ |
85 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
usa-health-news.today/diet/omarosa/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exc.png
usa-health-news.today/diet/omarosa/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
om-trump3.jpg
usa-health-news.today/diet/omarosa/images/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ivanka-transformation.jpg
usa-health-news.today/diet/omarosa/images/ |
179 KB 179 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gcozforskolin.png
usa-health-news.today/diet/omarosa/images/ |
308 KB 308 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manyba.jpg
usa-health-news.today/diet/omarosa/images/ |
208 KB 209 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forskolin2.jpg
usa-health-news.today/diet/omarosa/images/ |
69 KB 69 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tinder2.jpg
usa-health-news.today/diet/omarosa/images/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tinder1.jpg
usa-health-news.today/diet/omarosa/images/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usweeklyba.png
usa-health-news.today/diet/omarosa/images/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
retro-lean.png
usa-health-news.today/diet/omarosa/images/ |
75 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img1.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img2.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img3.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img4.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img5.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img6.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img7.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img8.jpg
usa-health-news.today/diet/omarosa/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img9.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmnt-img10.jpg
usa-health-news.today/diet/omarosa/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xtinawh.jpg
usa-health-news.today/diet/omarosa/images/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beforeafter_3.jpg
usa-health-news.today/diet/omarosa/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beforeafter_6.jpg
usa-health-news.today/diet/omarosa/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beforeaftermini3.jpg
usa-health-news.today/diet/omarosa/images/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beforeafter_1.jpg
usa-health-news.today/diet/omarosa/images/ |
160 KB 161 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button.png
usa-health-news.today/diet/omarosa/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.a2aecbcd812b27e6.js
usa-health-news.today/diet/omarosa/images/ |
305 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
usa-health-news.today/diet/omarosa/images/ |
55 B 146 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
5aa810bbc7953444a94f5d61
api.pushnami.com/scripts/v1/pushnami-adv/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rs-social.woff
assets.wennermedia.com/usweekly/type/rs-social/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
rs-social.ttf
assets.wennermedia.com/usweekly/type/rs-social/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff2
www.usmag-online.com/g1/v1/perf/mm-01a/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff
www.usmag-online.com/g1/v1/perf/mm-01a/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.ttf
www.usmag-online.com/g1/v1/perf/mm-01a/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us-logo.html
usa-health-news.today/diet/omarosa/ |
564 B 564 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
relay-cond-regular.woff
usa-health-news.today/diet/omarosa/images/ |
27 KB 27 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- assets.wennermedia.com
- URL
- http://assets.wennermedia.com/usweekly/type/rs-social/rs-social.woff
- Domain
- assets.wennermedia.com
- URL
- http://assets.wennermedia.com/usweekly/type/rs-social/rs-social.ttf
- Domain
- www.usmag-online.com
- URL
- http://www.usmag-online.com/g1/v1/perf/mm-01a/fonts/glyphicons-halflings-regular.woff2
- Domain
- www.usmag-online.com
- URL
- http://www.usmag-online.com/g1/v1/perf/mm-01a/fonts/glyphicons-halflings-regular.woff
- Domain
- www.usmag-online.com
- URL
- http://www.usmag-online.com/g1/v1/perf/mm-01a/fonts/glyphicons-halflings-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Weightloss Scam (Online)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| mr function| gd function| cu function| xf function| hp function| $ function| jQuery string| al string| c object| dataLayer function| makeDateMinus1 function| makeDatePlus1 function| today function| kgConverter object| dataLayerOnLoad object| pushWrap undefined| o object| Pushnami function| Waypoint string| waypointContextKey function| transitionEnd object| nunjucks object| nunjucksPrecompiled string| parameters1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.usa-health-news.today/ | Name: __cfduid Value: de8b8e6e0b9547d458673e7148e94d7b11539456041 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
affbrain.com
api.pushnami.com
assets.wennermedia.com
rs-stripe.teaparty.org
tr.revstripe.com
usa-health-news.today
www.usmag-online.com
assets.wennermedia.com
www.usmag-online.com
18.196.84.70
2606:4700:30::681f:5adf
54.230.202.153
70.37.54.108
037ece4bd5836bb4e07008fb27a2835ed18f3d7e91e0f177e03468c4bc7f3d1b
0bddf6442fb808b6e1d36f8c4c2ef970794fc104d52716140ccb4610466bdbde
10ca4cc739472ad2fdc1eda8173139366889ec905bd7a5c0ebbadd51e46f2761
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61
2157ef64a25c095e190484a39647b65c135e20da18b3d153ee49a051bd7fb5a7
24586fc3ad9a2779de96962593c3544301b6c33fbe73b7231a435f2e6a085661
296087d3e0ca77b37c308fbd83f46aa7000db22475bd25993694f37b8923419a
3147c8a43b3b2baa0f24121d70bd245c9aebff0b23721b26a596b8141bc05212
360c327c76e977c35a3834c85f37e2ecd5614815d2dae6466809525cf44e3f16
3e7c483c09991c9c86fa05b78d67cde45b46dee93b2f3762ddfb783c58021bc8
41f31804af979835e2d8161c5d0406d6e312c44a32e93ac18a28ff55e3e05eac
48833462b6953d74bba8b863e8cf9faee5ca6a8ac4728e9fbebe73c9f11d242d
4f84eac91dadbd38c36c2781d7946efd8d1f94b5320b3b7a39ef8c1abe4fd835
55ee3b9602e64f8eff7a6e7928a53f41ae90cb3f54a0bfb7ff19b3e2b7a0f6ad
5eb7ac7002921cfbe8ba63f552d498050bd60187b7de927c751c4fa8a6d1e652
6232a350eb7c455295ac5fdd77e5890405210d37373b217ceafd8ba553b08c32
69e24d542169477c6a4cac7e42dc9f61e8dad2ae77b8bbdcfe6d9fd95af5b1a1
747f2626878ac5421b554cc251d772ea55ac155a7b8e2b471b1ceac3f149aee8
7779c36fd9b18abef04c56d09c8002ffd2afe27476e275bc573106cacd56d03a
7af8705234afe7a2275f30775d05334d50063fa7e03585aa36bcb3170bdaf551
7df14c5576c3d08888a3c366f7e5ea9081ac3c75823aeaee132a9a9074a05b5c
9b8cd1b7287d7b7c37dd349de03703ffa47d348631eab8caed00ff8017f1285e
a1e73dfc45fd3119ee07980ef6a0e08c7938f0a2f07646477e9ca035de7c1763
a95ca8cdf0e93c4cae4ff7ad9c375a45634fe67c62b97897a856dc15c96dc984
aeb1cc873e215b5148fb5b7afa46043340259e66ec5ce1885eee5332fc8e60ab
af9615170e0106db7e6512bdfe8b347361420ffe65dcbaa3bb9b32f3e45b4998
c362390442240c54aaabdb32340bd1a14fddf5ca8058255ec5cc9b3d864a9e8d
c695baf22f4b6e88665f9046d30801761588574232f89d1d493e59894cab62ca
c8ec2b5a44d99b3a57d4b72fe94b93d1703a2363d64627f0f4d1ddfa4594c210
c8f4b747d4d7a4f22cb2927f902f08f7a29aadda342db89b61f9611d4e2cb7f9
cab538fd1647961eb35348c1bd84e1fde389ad89672587d2fe3c007a0bc9e67f
d87cc5affd1bbdc6df6a5a2361b02b9e4617a8210999368e9e229ab973f49632
ed560cb5a3488116a1a96fba9f33a6dbd050c3cd02e6ac4b84746a0354ce3f8b
eee5e7db47c1275932e80ad67f4872afedaeeb4a4ae69df5a92d4feceb51e76a
f15f9a4a42046156f3fc0e69be9df6e873356209f6a177e6c4ea93e110c2d731
f4e98e2aed3af4ca8c1e3dd89c04f36393bfd08c44efeb1d95f47593c355a1c3