hitpoetry.com
Open in
urlscan Pro
5.189.140.77
Malicious Activity!
Public Scan
Submission: On May 08 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 1st 2019. Valid for: 3 months.
This is the only time hitpoetry.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
31 | 5.189.140.77 5.189.140.77 | 51167 (CONTABO) (CONTABO) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:283::34ef | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a02:26f0:6c0... 2a02:26f0:6c00:29f::34ef | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 192.0.77.32 192.0.77.32 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
3 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
2 | 192.0.76.3 192.0.76.3 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
1 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
44 | 9 |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
s0.wp.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
secure.gravatar.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
stats.wp.com | |
pixel.wp.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: s.w.org
s.w.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
hitpoetry.com
hitpoetry.com |
939 KB |
3 |
gravatar.com
secure.gravatar.com |
9 KB |
3 |
wp.com
s0.wp.com stats.wp.com pixel.wp.com |
6 KB |
2 |
googleapis.com
fonts.googleapis.com |
1 KB |
2 |
gfx.ms
auth.gfx.ms |
280 KB |
1 |
w.org
s.w.org |
524 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
7 KB |
1 |
live.com
msagfx.live.com |
116 KB |
44 | 8 |
Domain | Requested by | |
---|---|---|
31 | hitpoetry.com |
hitpoetry.com
|
3 | secure.gravatar.com |
hitpoetry.com
|
2 | fonts.googleapis.com |
hitpoetry.com
|
2 | auth.gfx.ms |
hitpoetry.com
|
1 | pixel.wp.com |
hitpoetry.com
|
1 | s.w.org |
hitpoetry.com
|
1 | stats.wp.com |
hitpoetry.com
|
1 | s0.wp.com |
hitpoetry.com
|
1 | maxcdn.bootstrapcdn.com |
hitpoetry.com
|
1 | msagfx.live.com |
hitpoetry.com
|
44 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
signup.live.com |
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hitpoetry.com cPanel, Inc. Certification Authority |
2019-04-01 - 2019-06-30 |
3 months | crt.sh |
msagfx.live.com Microsoft IT TLS CA 4 |
2017-07-27 - 2019-07-17 |
2 years | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-04-16 - 2019-07-09 |
3 months | crt.sh |
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
*.wp.com Go Daddy Secure Certificate Authority - G2 |
2018-04-10 - 2020-05-11 |
2 years | crt.sh |
*.gravatar.com COMODO RSA Domain Validation Secure Server CA |
2018-09-06 - 2020-09-05 |
2 years | crt.sh |
*.w.org Go Daddy Secure Certificate Authority - G2 |
2016-11-29 - 2019-12-29 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://hitpoetry.com/qw/hotmail/index.php
Frame ID: 0E01EF52E8678B459B6091ABC3E6E3EB
Requests: 10 HTTP requests in this frame
Frame:
https://hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/prefetch.html
Frame ID: 47929FC7EB347BEDBC69B7AF09944D04
Requests: 34 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Create one!
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
index.php
hitpoetry.com/qw/hotmail/ |
43 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Converged_v21033.css
hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/ |
93 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ConvergedLoginPaginatedStrings.EN.js.download
hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/ |
16 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ConvergedLogin_PCore.js.download
hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/ |
428 KB 428 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.svg
hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ellipsis_white.svg
hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/ |
915 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ellipsis_grey.svg
hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/ |
915 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ConvergedLogin_PCore.js
msagfx.live.com/16.000.27853.1/ |
428 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.html
hitpoetry.com/qw/hotmail/Sign%20in%20to%20your%20Microsoft%20account2_files/ Frame 4792 |
20 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0-small.jpg
auth.gfx.ms/16.000.27853.1/images/Backgrounds/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.jpg
auth.gfx.ms/16.000.27853.1/images/Backgrounds/ |
277 KB 277 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
hitpoetry.com/wp-includes/css/dist/block-library/ Frame 4792 |
29 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
hitpoetry.com/wp-content/plugins/contact-form-7/includes/css/ Frame 4792 |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 4792 |
1 KB 514 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simple-alert-boxes.css
hitpoetry.com/wp-content/plugins/simple-alert-boxes/css/ Frame 4792 |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 4792 |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zilla-likes.css
hitpoetry.com/wp-content/plugins/zilla-likes/styles/ Frame 4792 |
710 B 951 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 4792 |
12 KB 949 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
hitpoetry.com/wp-content/themes/basic/ Frame 4792 |
29 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instag-slider.css
hitpoetry.com/wp-content/plugins/instagram-slider-widget/assets/css/ Frame 4792 |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
hitpoetry.com/ Frame 4792 |
2 B 298 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jetpack.css
hitpoetry.com/wp-content/plugins/jetpack/css/ Frame 4792 |
69 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
hitpoetry.com/wp-includes/js/jquery/ Frame 4792 |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
hitpoetry.com/wp-includes/js/jquery/ Frame 4792 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zilla-likes.js
hitpoetry.com/wp-content/plugins/zilla-likes/scripts/ Frame 4792 |
706 B 960 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.flexslider-min.js
hitpoetry.com/wp-content/plugins/instagram-slider-widget/assets/js/ Frame 4792 |
22 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
hitpoetry.com/wp-includes/js/ Frame 4792 |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
photon.min.js
hitpoetry.com/wp-content/plugins/jetpack/_inc/build/photon/ Frame 4792 |
782 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
hitpoetry.com/wp-content/plugins/contact-form-7/includes/js/ Frame 4792 |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
devicepx-jetpack.js
s0.wp.com/wp-content/js/ Frame 4792 |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.rateyo.min.js
hitpoetry.com/wp-content/plugins/penci-recipe/js/ Frame 4792 |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rating_recipe.js
hitpoetry.com/wp-content/plugins/penci-recipe/js/ Frame 4792 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.easypiechart.min.js
hitpoetry.com/wp-content/plugins/penci-review/js/ Frame 4792 |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
review.js
hitpoetry.com/wp-content/plugins/penci-review/js/ Frame 4792 |
790 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gprofiles.js
secure.gravatar.com/js/ Frame 4792 |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wpgroho.js
hitpoetry.com/wp-content/plugins/jetpack/modules/ Frame 4792 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
functions.js
hitpoetry.com/wp-content/themes/basic/js/ Frame 4792 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lazy-images.min.js
hitpoetry.com/wp-content/plugins/jetpack/_inc/build/lazy-images/js/ Frame 4792 |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
hitpoetry.com/wp-includes/js/ Frame 4792 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e-201919.js
stats.wp.com/ Frame 4792 |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f642.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ Frame 4792 |
525 B 524 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hovercard.min.css
secure.gravatar.com/dist/css/ Frame 4792 |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
services.min.css
secure.gravatar.com/dist/css/ Frame 4792 |
3 KB 564 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.gif
pixel.wp.com/ Frame 4792 |
50 B 97 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| PROOF object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry undefined| ServerData object| StringRepository boolean| __ConvergedLoginPaginatedStrings function| webpackJsonp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.gfx.ms
fonts.googleapis.com
hitpoetry.com
maxcdn.bootstrapcdn.com
msagfx.live.com
pixel.wp.com
s.w.org
s0.wp.com
secure.gravatar.com
stats.wp.com
192.0.76.3
192.0.77.32
192.0.77.48
209.197.3.15
2a00:1450:4001:808::200a
2a02:26f0:6c00:283::34ef
2a02:26f0:6c00:29f::34ef
2a04:fa87:fffe::c000:4902
5.189.140.77
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
224742113aba4655bb90a7021ce4d3ea350f10cb0a34074a88abbf4755de7957
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3dc038ebc96a345c60dd4ba308c38f576f4ca999df5de66af07e4394174c9899
448c3244ca87729d88d82a897dfefe32b2e37624a9efffc10dad50f05ec56598
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
50deeb5590f52d9e52c82f0aa04d34371b4a89770452e41e68503a9fcd551eba
528ed787a4bd37642413945a1622bcfb77860d14711673fd1bf06346d870052b
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
72c186e3649c620aa209d95bbebb9f34568298786662eeb639a25233f921c9cb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
807e31593f231fd9393910b4991d0af7e62e638576e30f03b70410eb15ea827f
8aa5e703df09904f718e78de85b3748cd913b36bd0b48ad39d012a9233329202
9203d6ad5cbfacb8b940e31f198e7f647edf31acf81c066f132c9ec7d43a1bdd
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
9892e46edf665b396b880eba6989cbd3120cb8a4ad4a7155ca6c02d1b73c2294
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
a649aff75f85ed89d4e5a181a309e9e6cf8221f585a92a775ce265f71de08139
ac9c1c8ba28a6616a0a2193bf991a8b11c03cddeb44d71c6fca53e3ef90f8312
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8cd24d6f26982c09feb549a43610db9beb91e9b4ce73c843fc2c45c24eb0bf7
bb6012657118fdf3303ad7b3ca0ae9d8cc294b6538dafb3191da1aa4f257589b
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af
c8531b58b14c9920eadfeb4b6aa66e1f9d1493742e28d52f8aba66c12ee1eae5
e8db019b981b38cf5593efcea25cb8eb973aaaf83250a6132a87ad86da5e538d
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ead01b22e60dfe55a7c2759f7be6d010640639bf29d33d108f4e9c0620e1c360
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723
fa4e440b6feeb607d98189a0ca51fd3ab47159f58fb3597d71c9619ab33546a9
ff3d360a7d7277cafa9c3d56fa6bb1a19cc6ac00d0142cde3dbea016df0cdc73