heuristic-hopper-4bee26.netlify.app
Open in
urlscan Pro
2a03:b0c0:3:e0::26f:c001
Malicious Activity!
Public Scan
Effective URL: https://heuristic-hopper-4bee26.netlify.app/?realm=WD1cbedxp3gL7Pg6VwM1BiwomglTVgrcJF4Uj4OZ4BvCQesLfkyhBjebJh4ZNKXMMt4DGQeusGhrm1Se4f2wznjkL...
Submission: On December 03 via manual from IN
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 4th 2020. Valid for: a year.
This is the only time heuristic-hopper-4bee26.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online) Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a00:1288:110... 2a00:1288:110:c104::2000 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
7 | 162.241.226.37 162.241.226.37 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
11 | 2a03:b0c0:3:e... 2a03:b0c0:3:e0::26f:c001 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 78.129.237.3 78.129.237.3 | 20860 (IOMART-AS) (IOMART-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
35 | 10 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5314.bluehost.com
copperkitchenmd.com |
ASN14061 (DIGITALOCEAN-ASN, US)
heuristic-hopper-4bee26.netlify.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
netlify.app
heuristic-hopper-4bee26.netlify.app |
651 KB |
7 |
copperkitchenmd.com
copperkitchenmd.com |
39 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
23 KB |
3 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
32 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
32 KB |
1 |
smtpjs.com
smtpjs.com |
782 B |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
yahoo.com
r.search.yahoo.com |
860 B |
0 |
google-analytics.com
Failed
www.google-analytics.com Failed |
|
35 | 9 |
Domain | Requested by | |
---|---|---|
11 | heuristic-hopper-4bee26.netlify.app |
copperkitchenmd.com
heuristic-hopper-4bee26.netlify.app |
7 | copperkitchenmd.com |
r.search.yahoo.com
copperkitchenmd.com |
3 | cdnjs.cloudflare.com |
copperkitchenmd.com
|
2 | maxcdn.bootstrapcdn.com |
copperkitchenmd.com
|
2 | fonts.googleapis.com |
copperkitchenmd.com
|
1 | ajax.googleapis.com |
heuristic-hopper-4bee26.netlify.app
|
1 | smtpjs.com |
heuristic-hopper-4bee26.netlify.app
|
1 | code.jquery.com |
copperkitchenmd.com
|
1 | r.search.yahoo.com | |
0 | www.google-analytics.com Failed |
copperkitchenmd.com
|
35 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.search.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-10-22 - 2021-04-13 |
6 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.netlify.app AlphaSSL CA - SHA256 - G2 |
2020-03-04 - 2021-03-05 |
a year | crt.sh |
smtpjs.com Let's Encrypt Authority X3 |
2020-11-11 - 2021-02-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://heuristic-hopper-4bee26.netlify.app/?realm=WD1cbedxp3gL7Pg6VwM1BiwomglTVgrcJF4Uj4OZ4BvCQesLfkyhBjebJh4ZNKXMMt4DGQeusGhrm1Se4f2wznjkLvF6qW68oTRvKzyZb6xtErJiaTocLm6ccjvd3pfaJ3j7Ni8ebe9bzgKeMUVTATIJRYM2SPsAsQohriol3AW4esc9kUSqjfXh1LdL3bRbgP7FFsVKwM3DYDI19JZDcwxjLsk6D2P6RFUbbEoisqrc6SVWxb4rsiXtY1
Frame ID: 1B7A511E1EC7C38DC20847FCE0084865
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://r.search.yahoo.com/_ylt=Awr9Ik7y08hff5gAeQJXNyoA;_ylu=Y29sbwNncTEEcG9zAzEEdnRpZANDMDkzNF8xBHNlY... Page URL
- http://copperkitchenmd.com/team/felicity-carmody/ Page URL
- https://heuristic-hopper-4bee26.netlify.app/?realm=WD1cbedxp3gL7Pg6VwM1BiwomglTVgrcJF4Uj4OZ4BvCQesLfkyhBjebJh4ZNKXMMt4DG... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache Traffic Server (Web Servers) Expand
Detected patterns
- headers server /ATS\/?([\d.]+)?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://r.search.yahoo.com/_ylt=Awr9Ik7y08hff5gAeQJXNyoA;_ylu=Y29sbwNncTEEcG9zAzEEdnRpZANDMDkzNF8xBHNlYwNzcg--/RV=2/RE=1607025779/RO=10/RU=http%3a%2f%2fcopperkitchenmd.com%2fteam%2ffelicity-carmody%2f/RK=2/RS=Q2eueYBmHwy1S046p3ZoB5D857o- Page URL
- http://copperkitchenmd.com/team/felicity-carmody/ Page URL
- https://heuristic-hopper-4bee26.netlify.app/?realm=WD1cbedxp3gL7Pg6VwM1BiwomglTVgrcJF4Uj4OZ4BvCQesLfkyhBjebJh4ZNKXMMt4DGQeusGhrm1Se4f2wznjkLvF6qW68oTRvKzyZb6xtErJiaTocLm6ccjvd3pfaJ3j7Ni8ebe9bzgKeMUVTATIJRYM2SPsAsQohriol3AW4esc9kUSqjfXh1LdL3bRbgP7FFsVKwM3DYDI19JZDcwxjLsk6D2P6RFUbbEoisqrc6SVWxb4rsiXtY1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- http://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.css?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.css?ver=1.0.0
- http://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js?ver=1.0.0
- http://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.js?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.js?ver=1.0.0
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
RS=Q2eueYBmHwy1S046p3ZoB5D857o-
r.search.yahoo.com/_ylt=Awr9Ik7y08hff5gAeQJXNyoA;_ylu=Y29sbwNncTEEcG9zAzEEdnRpZANDMDkzNF8xBHNlYwNzcg--/RV=2/RE=1607025779/RO=10/RU=http%3a%2f%2fcopperkitchenmd.com%2fteam%2ffelicity-carmody%2f/RK=2/ |
418 B 860 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
copperkitchenmd.com/team/felicity-carmody/ |
21 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
copperkitchenmd.com/wp-includes/css/dist/block-library/ |
53 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-container.min.css
copperkitchenmd.com/wp-content/plugins/simple-embed-code/css/ |
221 B 608 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.min.css
copperkitchenmd.com/wp-content/plugins/google-analytics-for-wordpress/assets/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ |
147 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/ Redirect Chain
|
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/css/ |
22 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.min.js
copperkitchenmd.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.0.min.js
code.jquery.com/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Felicity-2-768x861.jpg
copperkitchenmd.com/wp-content/uploads/2020/01/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tether.min.js
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ Redirect Chain
|
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ |
46 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
owl.carousel.min.js
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/ Redirect Chain
|
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
theme.js
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wp-embed.min.js
copperkitchenmd.com/wp-includes/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
analytics.js
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wp-emoji-release.min.js
copperkitchenmd.com/wp-includes/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
heuristic-hopper-4bee26.netlify.app/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
heuristic-hopper-4bee26.netlify.app/ |
138 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smtp.js
smtpjs.com/v3/ |
871 B 782 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
heuristic-hopper-4bee26.netlify.app/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
heuristic-hopper-4bee26.netlify.app/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
heuristic-hopper-4bee26.netlify.app/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MaskedPassword.js
heuristic-hopper-4bee26.netlify.app/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
heuristic-hopper-4bee26.netlify.app/ |
12 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
heuristic-hopper-4bee26.netlify.app/ |
68 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
heuristic-hopper-4bee26.netlify.app/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
heuristic-hopper-4bee26.netlify.app/ |
50 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
heuristic-hopper-4bee26.netlify.app/ |
566 KB 566 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-content/uploads/2020/01/Felicity-2-768x861.jpg
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/owl.carousel.min.js?ver=1.0.0
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/theme.js?ver=1.0.0
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
- Domain
- www.google-analytics.com
- URL
- http://www.google-analytics.com/analytics.js
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online) Microsoft (Consumer)62 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Email function| $ function| jQuery function| axios function| MaskedPassword string| smtp_host string| smtp_username string| log_email function| loadForm function| redirect function| loadEmail function| loadPassword function| loadPasswordAgain undefined| userEmail undefined| userPassword undefined| confirmPassword function| processEmail function| processPassword function| processPassword2 function| displayPassword function| displayPassword2 function| show function| hide function| set function| sendDetails function| ValidateEmail function| sendEmail string| url_link object| emailDiv object| emailForm object| email_InputDiv object| email_input object| accountDiv object| creatAccountDiv object| accessDiv object| acesssAccountDiv object| next_buttonholderDiv object| next_buttonholder1 object| next_buttonholder2 object| next_buttonholder3 object| nextbutton object| passwordDiv object| passwordForm object| password_InputDiv object| password_input object| forgot_passwordDiv object| signin_buttonholderDiv object| signin_buttonholder1 object| signin_buttonholder2 object| signin_buttonholder3 object| signinbutton function| Popper object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block; report=https://csp.search.yahoo.com/xssreport |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
copperkitchenmd.com
fonts.googleapis.com
heuristic-hopper-4bee26.netlify.app
maxcdn.bootstrapcdn.com
r.search.yahoo.com
smtpjs.com
www.google-analytics.com
copperkitchenmd.com
www.google-analytics.com
162.241.226.37
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
2606:4700::6810:135e
2a00:1288:110:c104::2000
2a00:1450:4001:803::200a
2a00:1450:4001:815::200a
2a03:b0c0:3:e0::26f:c001
78.129.237.3
074d9505d547acdfced56ba7203b153958881abceb7a19326029f652acb75191
17ecfb633c2142af931d0e365019aaaa6668911ee61d374ffc00d5a99778da5c
1f3d6088c1dec16a0eb428f13fedea77e6a891b970613f3b343ce5253f32c3af
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
2c4566900d296e179c1219392f6a2062125bbb588b005117ec053974a8991f8c
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
354fce1efcafbdb49899662de2788dc99cc859eca3581073f962165f94010fa7
397fffe861c5970d383bd862bae5058a7ec307e03e27359cea074c6ce2cfb8c7
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4dd39a388ca6eaa02090722dd0f6871ded0df376abd3db07f83307d77d4d7a7a
52974e1f2c9fb2f17952ee8185bb18407775682348bf1848083163cf841b10da
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
7764c38d71f5ee52d39f237f08b4e82b4715c73bfa0afbaee30a60b0dfd058ca
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
c47d3e2095915a4de17f80a13ee6156c54252bdb3dd5296476eecf4e0201df19
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
d1b4ac7eaf5a32d56a3f3a374aef2169fbd9de47d56e276e5660f55f3313ea99
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e