albertoramosyasocsa.com.ar
Open in
urlscan Pro
190.105.225.101
Malicious Activity!
Public Scan
Submission: On August 09 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 7th 2018. Valid for: 3 months.
This is the only time albertoramosyasocsa.com.ar was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
28 | 190.105.225.101 190.105.225.101 | 52270 (X-Host SRL) (X-Host SRL) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:283::34ef | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:29f::34ef | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 151.139.237.11 151.139.237.11 | 54104 (AS-STACKPATH) (AS-STACKPATH - netDNA) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0c::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
37 | 10 |
ASN52270 (X-Host SRL, AR)
PTR: mail.umancomunica.com.ar
albertoramosyasocsa.com.ar |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: s.w.org
s.w.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
albertoramosyasocsa.com.ar
albertoramosyasocsa.com.ar |
1 MB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
14 KB |
2 |
gfx.ms
auth.gfx.ms |
293 KB |
1 |
w.org
s.w.org |
499 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
102 B |
1 |
googletagmanager.com
www.googletagmanager.com |
21 KB |
1 |
rawgit.com
cdn.rawgit.com |
3 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
7 KB |
1 |
googleapis.com
fonts.googleapis.com |
630 B |
37 | 9 |
Domain | Requested by | |
---|---|---|
28 | albertoramosyasocsa.com.ar |
albertoramosyasocsa.com.ar
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | auth.gfx.ms |
albertoramosyasocsa.com.ar
|
1 | s.w.org |
albertoramosyasocsa.com.ar
|
1 | stats.g.doubleclick.net |
albertoramosyasocsa.com.ar
|
1 | www.googletagmanager.com |
albertoramosyasocsa.com.ar
|
1 | cdn.rawgit.com |
albertoramosyasocsa.com.ar
|
1 | maxcdn.bootstrapcdn.com |
albertoramosyasocsa.com.ar
|
1 | fonts.googleapis.com |
albertoramosyasocsa.com.ar
|
37 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.live.com |
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
albertoramosyasocsa.com.ar cPanel, Inc. Certification Authority |
2018-07-07 - 2018-10-05 |
3 months | crt.sh |
msagfx.live.com Microsoft IT TLS CA 4 |
2017-07-27 - 2019-07-17 |
2 years | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2018-07-24 - 2018-10-02 |
2 months | crt.sh |
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2017-10-03 - 2018-10-13 |
a year | crt.sh |
rawgit.com COMODO RSA Domain Validation Secure Server CA |
2018-01-03 - 2019-01-13 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2018-07-24 - 2018-10-02 |
2 months | crt.sh |
*.google.com Google Internet Authority G3 |
2018-07-24 - 2018-10-02 |
2 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2018-08-07 - 2018-10-16 |
2 months | crt.sh |
*.w.org Go Daddy Secure Certificate Authority - G2 |
2016-11-29 - 2019-12-29 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://albertoramosyasocsa.com.ar/share/docc/verificationAttempt.php?sf58gfd1s689sxd2sdf8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
Frame ID: 352780D262B4C746B373F79DC97835D3
Requests: 6 HTTP requests in this frame
Frame:
https://albertoramosyasocsa.com.ar/share/docc/files/prefetch.html
Frame ID: 27394AEE5C01A5085855547CFACBC0AF
Requests: 31 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Forgot my password
Search URL Search Domain Scan URL
Title: Sign in with a different Microsoft account
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1425106484&t=pageview&_s=1&dl=https%3A%2F%2Falbertoramosyasocsa.com.ar%2Fshare%2Fdocc%2Ffiles%2Fprefetch.html&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20no%20encontrada%20-%20Alberto%20Ramos%20%26%20Asociados&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAAAB~&jid=1082974953&gjid=1390956594&cid=607949582.1533854127&tid=UA-106657195-1&_gid=144681653.1533854127&_r=1>m=G7nKG5RRPW&z=1282750668 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106657195-1&cid=607949582.1533854127&jid=1082974953&_gid=144681653.1533854127&gjid=1390956594&_v=j68&z=1282750668
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
verificationAttempt.php
albertoramosyasocsa.com.ar/share/docc/ |
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Converged1033.css
albertoramosyasocsa.com.ar/share/docc/files/ |
85 KB 85 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.svg
albertoramosyasocsa.com.ar/share/docc/files/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picker_account_msa.svg
albertoramosyasocsa.com.ar/share/docc/files/ |
379 B 700 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.html
albertoramosyasocsa.com.ar/share/docc/files/ Frame 2739 |
24 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.jpg
auth.gfx.ms/16.000.27457.4/images/Backgrounds/ |
291 KB 291 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0-small.jpg
auth.gfx.ms/16.000.27457.4/images/Backgrounds/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ Frame 2739 |
3 KB 630 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-socializer.min.css
albertoramosyasocsa.com.ar/wp-content/plugins/wp-socializer/public/css/ Frame 2739 |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2739 |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
socializer.min.css
cdn.rawgit.com/vaakash/socializer/aaa23968/css/ Frame 2739 |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grid.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/css/ Frame 2739 |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/css/ Frame 2739 |
13 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/css/ Frame 2739 |
109 KB 109 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shortcodes.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/css/ Frame 2739 |
182 KB 182 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magnific-popup.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/js/aviapopup/ Frame 2739 |
7 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mediaelementplayer.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/js/mediaelement/skin-1/ Frame 2739 |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enfold.css
albertoramosyasocsa.com.ar/wp-content/uploads/dynamic_avia/ Frame 2739 |
149 KB 150 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/css/ Frame 2739 |
707 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
albertoramosyasocsa.com.ar/wp-includes/js/jquery/ Frame 2739 |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
albertoramosyasocsa.com.ar/wp-includes/js/jquery/ Frame 2739 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
avia-compat.js
albertoramosyasocsa.com.ar/wp-content/themes/enfold/js/ Frame 2739 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ Frame 2739 |
60 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
albertoramosyasocsa.com.ar/wp-includes/js/ Frame 2739 |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
albertoramosyasocsa.com.ar/wp-content/themes/enfold/css/ Frame 2739 |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ Frame 2739 |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ Frame 2739 Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mediaelement-and-player.min.js
albertoramosyasocsa.com.ar/wp-includes/js/mediaelement/ Frame 2739 |
153 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mediaelement-migrate.min.js
albertoramosyasocsa.com.ar/wp-includes/js/mediaelement/ Frame 2739 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_arya_2017.png
albertoramosyasocsa.com.ar/wp-content/uploads/2017/08/ Frame 2739 |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
avia.js
albertoramosyasocsa.com.ar/wp-content/themes/enfold/js/ Frame 2739 |
126 KB 126 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shortcodes.js
albertoramosyasocsa.com.ar/wp-content/themes/enfold/js/ Frame 2739 |
154 KB 154 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.magnific-popup.min.js
albertoramosyasocsa.com.ar/wp-content/themes/enfold/js/aviapopup/ Frame 2739 |
20 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-mediaelement.min.js
albertoramosyasocsa.com.ar/wp-includes/js/mediaelement/ Frame 2739 |
914 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
albertoramosyasocsa.com.ar/wp-includes/js/ Frame 2739 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-socializer.min.js
albertoramosyasocsa.com.ar/wp-content/plugins/wp-socializer/public/js/ Frame 2739 |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
2716.svg
s.w.org/images/core/emoji/11/svg/ Frame 2739 |
500 B 499 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| empty4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.albertoramosyasocsa.com.ar/ | Name: _gat_UA-106657195-1 Value: 1 |
|
.albertoramosyasocsa.com.ar/ | Name: _gid Value: GA1.3.144681653.1533854127 |
|
.albertoramosyasocsa.com.ar/ | Name: _ga Value: GA1.3.607949582.1533854127 |
|
albertoramosyasocsa.com.ar/ | Name: PHPSESSID Value: 82edd2ee1231fb52d24efa79099d11f1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
albertoramosyasocsa.com.ar
auth.gfx.ms
cdn.rawgit.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
s.w.org
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
151.139.237.11
190.105.225.101
192.0.77.48
209.197.3.15
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200a
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:283::34ef
2a02:26f0:6c00:29f::34ef
01b8750160e5bf68f88e239744798faa56fb412157bfa122d67172571587f230
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0df34b37d2d23a2a5056ac368248444c36789c9f71b7e15c13e056b722f335ff
2ce96538fb3933424b4b4639d15684ea20b977b34edcb0c92168902bce1a00e1
3388a37d2e367f063b4993f6b38fd0d3cc773d461161a2372d2bd4a389888da4
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
35010cd2cc5d5e794cd3bb8a365de93d723d8c1fd2450373b204f849d3660726
37c2d942edf25a9cd60511b0a5cd9462f99ba84b45a1241124d40d07ee58256a
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380
611969fcccd89efd6c58a4e957ed5811d4f48efe3c1c1f04bcdafb8d04adfa91
624d78d353f7840a718477744fef2b0879b25ad9df70efdecab196daf281cf63
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214
632af363989d420500a3fc1546178648f5aaa4f9aabb98666e62c3035fa423d1
69aff18e54732eae1bb02c82d045c33f45675b017ba6dfdade80ab63a8e26bc5
742e82e875716c35e4c4347106f66177f268e03593f01d8c28c19cf0dffe0e23
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fa5089c37a32c5be8938c9ab9fb7aad4345b2c7cc4dcd1055e07cf8c9f0581
9b19160817827db92719cc1bb713dca7a294ad7ee3c7e92135cd5f74d9a3f2ea
9ba038cfff7227800dd23bac5a76b0eb90e3b4b3315bacdb307a606914eb1373
b0ed16f109bf97c1177c0bb5c53425b26e0bbefdacb73ef6beedaa1de278c218
bc046f86e599be3cdff46217a977723654449d7355c7b95830bbc53cb2d03e3d
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
c23c074f291ac0a56708a8eeb83d6972663c9ffcde0554183c80742deb2e623f
ca7dadc7b472f7f632ccf39b643da66e9ed98d2bbc5261d70c4613f3c6cc8f3d
cb04c84b625847684f6b428b2acc5772b549e12d18acf8ca9b6a356cdb661fbc
d1078b2eb3bfd0d036e2aac2f83f3977befd8e8574c4280a9afdd16e241b1225
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d6a8bf1f2a5d494feca74153daf9a45952a3258b43a93d94f059fc6134650d84
d8e4c36e000345e67552643da87fdb32064ad591e9e08cb634444c4f1d9dc4a7
d9e3f45179711015aa2dcac0689784ad76fd2055a3b13da58a88a1590057b719
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
efdd464e865bd091ac6944b9d999124c8e19fa28a23f25f55651bbdea9a4bda9
f71f3cef7c1ddf2365f5c3b37ddd8028b657259eb8117b6b5d0cea670736046a
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e