bwqywk5poo1zcsphp5xtihea7i4kpc.web.app
Open in
urlscan Pro
151.101.65.195
Malicious Activity!
Public Scan
Effective URL: https://bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/?realm=ZTPF3qFqgg49hnqoz7yelgBeXH2rimQyU96Mn3hOzdjZBBbwagupMZjD5PFuxScqcHvs14o1vCNy1y24NUT3ahU8l...
Submission: On December 08 via manual from CA
Summary
TLS certificate: Issued by GTS CA 1O1 on April 15th 2020. Valid for: a year.
This is the only time bwqywk5poo1zcsphp5xtihea7i4kpc.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a00:1288:110... 2a00:1288:110:c104::2000 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
10 | 162.241.226.37 162.241.226.37 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
2 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
11 | 151.101.65.195 151.101.65.195 | 54113 (FASTLY) (FASTLY) | |
1 | 78.129.237.3 78.129.237.3 | 20860 (IOMART-AS) (IOMART-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
35 | 10 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5314.bluehost.com
copperkitchenmd.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
web.app
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app |
221 KB |
10 |
copperkitchenmd.com
copperkitchenmd.com |
40 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
23 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
32 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
gstatic.com
www.gstatic.com |
7 KB |
1 |
smtpjs.com
smtpjs.com |
782 B |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
yahoo.com
r.search.yahoo.com |
848 B |
0 |
google-analytics.com
Failed
www.google-analytics.com Failed |
|
35 | 10 |
Domain | Requested by | |
---|---|---|
11 | bwqywk5poo1zcsphp5xtihea7i4kpc.web.app |
copperkitchenmd.com
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app |
10 | copperkitchenmd.com |
r.search.yahoo.com
copperkitchenmd.com |
3 | cdnjs.cloudflare.com |
copperkitchenmd.com
|
2 | maxcdn.bootstrapcdn.com |
copperkitchenmd.com
|
2 | fonts.googleapis.com |
copperkitchenmd.com
|
1 | www.gstatic.com |
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app
|
1 | smtpjs.com |
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app
|
1 | code.jquery.com |
copperkitchenmd.com
|
1 | r.search.yahoo.com | |
0 | www.google-analytics.com Failed |
copperkitchenmd.com
|
35 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.search.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-10-22 - 2021-04-13 |
6 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
web.app GTS CA 1O1 |
2020-04-15 - 2021-04-14 |
a year | crt.sh |
smtpjs.com Let's Encrypt Authority X3 |
2020-11-11 - 2021-02-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/?realm=ZTPF3qFqgg49hnqoz7yelgBeXH2rimQyU96Mn3hOzdjZBBbwagupMZjD5PFuxScqcHvs14o1vCNy1y24NUT3ahU8lbfY1H9t4hZ2Lyh3GWQTK9j6XEHAAKEs8yQxpL3XfxQfATxalQWr4Bo2rMtysgy5ucxoySEg6D9bIXeR1wiOb6zlYhqc3WeJvuCuDk5aPkN6P8IVABLwnn7pEOd4lL9GNh3n8tADiPe7WOenK8XfLrFRspUQsWxkmb
Frame ID: 1E37A582AB4AAAE88C971CE42597EBB0
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://r.search.yahoo.com/_ylt=A0geKeN8ts9fG.UA4_VXNyoA;_ylu=Y29sbwNiZjEEcG9zAzEEdnRpZANDMDkzNF8xBHNlY... Page URL
- http://copperkitchenmd.com/team/saon-brice/ Page URL
- https://bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/?realm=ZTPF3qFqgg49hnqoz7yelgBeXH2rimQyU96Mn3hOzdjZBBbwagupMZjD5PFuxScqcHvs1... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache Traffic Server (Web Servers) Expand
Detected patterns
- headers server /ATS\/?([\d.]+)?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://r.search.yahoo.com/_ylt=A0geKeN8ts9fG.UA4_VXNyoA;_ylu=Y29sbwNiZjEEcG9zAzEEdnRpZANDMDkzNF8xBHNlYwNzcg--/RV=2/RE=1607476989/RO=10/RU=http%3a%2f%2fcopperkitchenmd.com%2fteam%2fsaon-brice%2f/RK=2/RS=BgxZlJ7mBuNr8fonHp4wDEEAh9U- Page URL
- http://copperkitchenmd.com/team/saon-brice/ Page URL
- https://bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/?realm=ZTPF3qFqgg49hnqoz7yelgBeXH2rimQyU96Mn3hOzdjZBBbwagupMZjD5PFuxScqcHvs14o1vCNy1y24NUT3ahU8lbfY1H9t4hZ2Lyh3GWQTK9j6XEHAAKEs8yQxpL3XfxQfATxalQWr4Bo2rMtysgy5ucxoySEg6D9bIXeR1wiOb6zlYhqc3WeJvuCuDk5aPkN6P8IVABLwnn7pEOd4lL9GNh3n8tADiPe7WOenK8XfLrFRspUQsWxkmb Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- http://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.css?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.css?ver=1.0.0
- http://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js?ver=1.0.0
- http://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.js?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.js?ver=1.0.0
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
RS=BgxZlJ7mBuNr8fonHp4wDEEAh9U-
r.search.yahoo.com/_ylt=A0geKeN8ts9fG.UA4_VXNyoA;_ylu=Y29sbwNiZjEEcG9zAzEEdnRpZANDMDkzNF8xBHNlYwNzcg--/RV=2/RE=1607476989/RO=10/RU=http%3a%2f%2fcopperkitchenmd.com%2fteam%2fsaon-brice%2f/RK=2/ |
406 B 848 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
copperkitchenmd.com/team/saon-brice/ |
19 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
copperkitchenmd.com/wp-includes/css/dist/block-library/ |
53 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-container.min.css
copperkitchenmd.com/wp-content/plugins/simple-embed-code/css/ |
221 B 608 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.min.css
copperkitchenmd.com/wp-content/plugins/google-analytics-for-wordpress/assets/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ |
147 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/ Redirect Chain
|
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/css/ |
22 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.min.js
copperkitchenmd.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.0.min.js
code.jquery.com/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Chef-SaonBrice-768x1153.jpg
copperkitchenmd.com/wp-content/uploads/2019/02/ |
14 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tether.min.js
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ Redirect Chain
|
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ |
46 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
owl.carousel.min.js
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/ Redirect Chain
|
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.js
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/ |
1 KB 938 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
copperkitchenmd.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
analytics.js
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wp-emoji-release.min.js
copperkitchenmd.com/wp-includes/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
138 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smtp.js
smtpjs.com/v3/ |
871 B 782 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
13 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MaskedPassword.js
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
17 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
86 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
52 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/8.1.2/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
8 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.png
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app/ |
147 KB 138 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/owl.carousel.min.js?ver=1.0.0
- Domain
- www.google-analytics.com
- URL
- http://www.google-analytics.com/analytics.js
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer) Generic (Online)50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Email function| axios function| MaskedPassword function| $ function| jQuery function| Popper function| getAllUrlParams object| bootstrap object| firebase object| firebaseConfig string| smtp_host string| smtp_username string| log_email string| userEmail undefined| userPassword1 undefined| confirmPassword function| redirect function| processEmail function| load function| processPassword function| displayPassword function| show function| hide function| set function| processPassword2 function| sendDetails function| ValidateEmail function| loadPasswordAgain function| sendEmail string| url_link object| passwordDiv object| passwordForm object| password_InputDiv object| password_input object| accountDiv object| forgot_passwordDiv object| signin_buttonholderDiv object| signin_buttonholder1 object| signin_buttonholder2 object| signin_buttonholder3 object| signinbutton0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block; report=https://csp.search.yahoo.com/xssreport |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bwqywk5poo1zcsphp5xtihea7i4kpc.web.app
cdnjs.cloudflare.com
code.jquery.com
copperkitchenmd.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
r.search.yahoo.com
smtpjs.com
www.google-analytics.com
www.gstatic.com
copperkitchenmd.com
www.google-analytics.com
151.101.65.195
162.241.226.37
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:2b
2606:4700::6810:125e
2a00:1288:110:c104::2000
2a00:1450:4001:803::200a
2a00:1450:4001:814::2003
78.129.237.3
074d9505d547acdfced56ba7203b153958881abceb7a19326029f652acb75191
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
2838f631ab0b30ce7036d6644b7288ee70ce95fb7524cc2740ed7b4e8d448da1
2bf9ba2c938e8c924d88b7cedeee31ccb2e4898db5d832583ce22187051d8d46
2c4566900d296e179c1219392f6a2062125bbb588b005117ec053974a8991f8c
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
397fffe861c5970d383bd862bae5058a7ec307e03e27359cea074c6ce2cfb8c7
434800d40123d00dc8260e19366d917930e6d984578f0b039f1fd2278908db12
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
52974e1f2c9fb2f17952ee8185bb18407775682348bf1848083163cf841b10da
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974
aaf3c1c89c14c923de6a895b42b2605a0cb687c93960b4a1e79dcc54440140f1
ab6f9ecaa435d7c0cd122d32895948e3a11e1b0a1c5c26b4af877119b272a9c8
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
c47d3e2095915a4de17f80a13ee6156c54252bdb3dd5296476eecf4e0201df19
c86b7fbaf2d10eb038f8de9d28a515cb9a3ddf8e6fdad6125e6e990886703020
d5cb690a14f6552b1bb1bc9cca7b7809bdefd5ac82f9a94e7e59300ec004b9b5
d91e70c9354154fe8d198bc468eb406b556e70f824d778d2b0aef7d653045a45
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e