lbfcjeqlbp1va59usgsonuttelclxl.web.app
Open in
urlscan Pro
151.101.65.195
Malicious Activity!
Public Scan
Effective URL: https://lbfcjeqlbp1va59usgsonuttelclxl.web.app/?realm=AupZ9TbkWIPvjNWHCB8ZrgOrpu1fz8ILO5s9XhRFH8NLtsyVZZA9SPuWIP3fElPBN6XTgwlehZQINEmjLfBBbvavJ...
Submission: On December 03 via automatic, source openphish
Summary
TLS certificate: Issued by GTS CA 1O1 on April 15th 2020. Valid for: a year.
This is the only time lbfcjeqlbp1va59usgsonuttelclxl.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 162.241.226.37 162.241.226.37 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
2 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
12 | 151.101.65.195 151.101.65.195 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 78.129.237.3 78.129.237.3 | 20860 (IOMART-AS) (IOMART-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
36 | 10 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5314.bluehost.com
copperkitchenmd.com |
ASN54113 (FASTLY, US)
irkceamrzb333x7ysdglh8hqonncga.web.app | |
lbfcjeqlbp1va59usgsonuttelclxl.web.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
web.app
irkceamrzb333x7ysdglh8hqonncga.web.app lbfcjeqlbp1va59usgsonuttelclxl.web.app |
222 KB |
10 |
copperkitchenmd.com
copperkitchenmd.com |
41 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
23 KB |
2 |
gstatic.com
www.gstatic.com |
13 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
32 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
smtpjs.com
smtpjs.com |
782 B |
1 |
jquery.com
code.jquery.com |
30 KB |
0 |
google-analytics.com
Failed
www.google-analytics.com Failed |
|
36 | 9 |
Domain | Requested by | |
---|---|---|
11 | lbfcjeqlbp1va59usgsonuttelclxl.web.app |
irkceamrzb333x7ysdglh8hqonncga.web.app
lbfcjeqlbp1va59usgsonuttelclxl.web.app |
10 | copperkitchenmd.com |
copperkitchenmd.com
|
3 | cdnjs.cloudflare.com |
copperkitchenmd.com
|
2 | www.gstatic.com |
irkceamrzb333x7ysdglh8hqonncga.web.app
lbfcjeqlbp1va59usgsonuttelclxl.web.app |
2 | maxcdn.bootstrapcdn.com |
copperkitchenmd.com
|
2 | fonts.googleapis.com |
copperkitchenmd.com
|
1 | smtpjs.com |
lbfcjeqlbp1va59usgsonuttelclxl.web.app
|
1 | irkceamrzb333x7ysdglh8hqonncga.web.app |
copperkitchenmd.com
|
1 | code.jquery.com |
copperkitchenmd.com
|
0 | www.google-analytics.com Failed |
copperkitchenmd.com
|
36 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
web.app GTS CA 1O1 |
2020-04-15 - 2021-04-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
smtpjs.com Let's Encrypt Authority X3 |
2020-11-11 - 2021-02-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lbfcjeqlbp1va59usgsonuttelclxl.web.app/?realm=AupZ9TbkWIPvjNWHCB8ZrgOrpu1fz8ILO5s9XhRFH8NLtsyVZZA9SPuWIP3fElPBN6XTgwlehZQINEmjLfBBbvavJoZfZjKKDzmGtvZMnkioNCWtrSkBQLhHwydTAfpmQroGQ2aJ3aPSo4oHORzJItEYqnBsRqo6MRYcXl4UCGc8reEhHdfxz2gEhd7VWpJxJ5YrfwjyhjgnlTreyytAoxa7lmMpzHoOfDlA2R4ChQxnsGzLu2qMqgQSoq
Frame ID: 1884A5C86DDFFCDEDA6C6F12B0F80AD7
Requests: 36 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://copperkitchenmd.com/team/jennifer-devos/ Page URL
- https://irkceamrzb333x7ysdglh8hqonncga.web.app/?realm=Wh6RW6PvrKvy66ak8Ow3K9fOOJVceHJ3CWlvfgFR84kr2c6td9cYn3zroW9BWnxIVFLdr... Page URL
- https://lbfcjeqlbp1va59usgsonuttelclxl.web.app/?realm=AupZ9TbkWIPvjNWHCB8ZrgOrpu1fz8ILO5s9XhRFH8NLtsyVZZA9SPuWIP3fElPBN6XTg... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://copperkitchenmd.com/team/jennifer-devos/ Page URL
- https://irkceamrzb333x7ysdglh8hqonncga.web.app/?realm=Wh6RW6PvrKvy66ak8Ow3K9fOOJVceHJ3CWlvfgFR84kr2c6td9cYn3zroW9BWnxIVFLdrJMGu9CjzNyo7YiQ2UBsQ8f4LKWSbeRmTemZIUtFOpMiglHyzVUwqphLauZeDkHvoCAHCeLLPQhirrY5pqGdSnh4S64AkNPomZL2dMjS1OWEF3A4CXneDl53IW8IMgipNmSWOPqrv5bYzt4e5r4xeSmXwiqpPbj3Rl428BUDDEi5dIe1J6TYfO Page URL
- https://lbfcjeqlbp1va59usgsonuttelclxl.web.app/?realm=AupZ9TbkWIPvjNWHCB8ZrgOrpu1fz8ILO5s9XhRFH8NLtsyVZZA9SPuWIP3fElPBN6XTgwlehZQINEmjLfBBbvavJoZfZjKKDzmGtvZMnkioNCWtrSkBQLhHwydTAfpmQroGQ2aJ3aPSo4oHORzJItEYqnBsRqo6MRYcXl4UCGc8reEhHdfxz2gEhd7VWpJxJ5YrfwjyhjgnlTreyytAoxa7lmMpzHoOfDlA2R4ChQxnsGzLu2qMqgQSoq Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- http://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.css?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.css?ver=1.0.0
- http://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js?ver=1.0.0
- http://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.js?ver=1.0.0 HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.js?ver=1.0.0
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
copperkitchenmd.com/team/jennifer-devos/ |
20 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
copperkitchenmd.com/wp-includes/css/dist/block-library/ |
53 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-container.min.css
copperkitchenmd.com/wp-content/plugins/simple-embed-code/css/ |
221 B 608 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.min.css
copperkitchenmd.com/wp-content/plugins/google-analytics-for-wordpress/assets/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ |
147 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/ Redirect Chain
|
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/css/ |
22 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.min.js
copperkitchenmd.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.0.min.js
code.jquery.com/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Jen-2-768x876.jpg
copperkitchenmd.com/wp-content/uploads/2020/10/ |
22 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tether.min.js
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ Redirect Chain
|
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ |
46 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
owl.carousel.min.js
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/ Redirect Chain
|
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.js
copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/ |
1 KB 938 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
copperkitchenmd.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
analytics.js
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wp-emoji-release.min.js
copperkitchenmd.com/wp-includes/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
irkceamrzb333x7ysdglh8hqonncga.web.app/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/8.1.1/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
138 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smtp.js
smtpjs.com/v3/ |
871 B 782 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
13 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MaskedPassword.js
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
17 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
86 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
52 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
firebase-app.js
www.gstatic.com/firebasejs/8.1.1/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
8 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.png
lbfcjeqlbp1va59usgsonuttelclxl.web.app/ |
147 KB 138 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-content/themes/copperkitchen/assets/js/owl.carousel.min.js?ver=1.0.0
- Domain
- www.google-analytics.com
- URL
- http://www.google-analytics.com/analytics.js
- Domain
- copperkitchenmd.com
- URL
- http://copperkitchenmd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer) Generic (Online)50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Email function| axios function| MaskedPassword function| $ function| jQuery function| Popper function| getAllUrlParams object| bootstrap object| firebase object| firebaseConfig string| smtp_host string| smtp_username string| log_email string| userEmail undefined| userPassword1 undefined| confirmPassword function| redirect function| processEmail function| load function| processPassword function| displayPassword function| show function| hide function| set function| processPassword2 function| sendDetails function| ValidateEmail function| loadPasswordAgain function| sendEmail string| url_link object| passwordDiv object| passwordForm object| password_InputDiv object| password_input object| accountDiv object| forgot_passwordDiv object| signin_buttonholderDiv object| signin_buttonholder1 object| signin_buttonholder2 object| signin_buttonholder3 object| signinbutton0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
code.jquery.com
copperkitchenmd.com
fonts.googleapis.com
irkceamrzb333x7ysdglh8hqonncga.web.app
lbfcjeqlbp1va59usgsonuttelclxl.web.app
maxcdn.bootstrapcdn.com
smtpjs.com
www.google-analytics.com
www.gstatic.com
copperkitchenmd.com
www.google-analytics.com
151.101.65.195
162.241.226.37
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
2606:4700::6810:125e
2a00:1450:4001:803::200a
2a00:1450:4001:814::2003
2a00:1450:4001:816::2003
78.129.237.3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
75e44068da4d508132edf26d1ff802128910a826b8fe6460146a0af0ce64d18c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
aaf3c1c89c14c923de6a895b42b2605a0cb687c93960b4a1e79dcc54440140f1
c12ecb5d3ede9d92495edbbfb9378c8bc8e5763a1216f8aed2197bf14c851abc
c86b7fbaf2d10eb038f8de9d28a515cb9a3ddf8e6fdad6125e6e990886703020
d5cb690a14f6552b1bb1bc9cca7b7809bdefd5ac82f9a94e7e59300ec004b9b5
d91e70c9354154fe8d198bc468eb406b556e70f824d778d2b0aef7d653045a45
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e