ospedalesanraffaele.welcomedicine.it
Open in
urlscan Pro
52.49.98.216
Malicious Activity!
Public Scan
Submitted URL: http://ospedalesanraffaele.welcomedicine.it/
Effective URL: https://ospedalesanraffaele.welcomedicine.it/
Submission: On November 22 via manual from IN — Scanned from IT
Effective URL: https://ospedalesanraffaele.welcomedicine.it/
Submission: On November 22 via manual from IN — Scanned from IT
Summary
This website contacted 6 IPs
in 4 countries
across 5 domains to perform 30 HTTP transactions.
The main IP is 52.49.98.216, located in
Dublin, Ireland and
belongs to AMAZON-02, US.
The main domain is ospedalesanraffaele.welcomedicine.it.
TLS certificate: Issued by Amazon on March 19th 2022. Valid for: a year.
This is the only time ospedalesanraffaele.welcomedicine.it was scanned on urlscan.io!
TLS certificate: Issued by Amazon on March 19th 2022. Valid for: a year.
This is the only time ospedalesanraffaele.welcomedicine.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 34.241.206.243 34.241.206.243 | 16509 (AMAZON-02) (AMAZON-02) | |
| 25 | 52.49.98.216 52.49.98.216 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 30 | 6 |
1
34.241.206.243
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-206-243.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-206-243.eu-west-1.compute.amazonaws.com
| ospedalesanraffaele.welcomedicine.it |
25
52.49.98.216
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-98-216.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-98-216.eu-west-1.compute.amazonaws.com
| ospedalesanraffaele.welcomedicine.it |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 26 |
welcomedicine.it
1 redirects
ospedalesanraffaele.welcomedicine.it |
7 MB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201 |
10 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
12 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 669 |
77 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
875 B |
| 30 | 5 |
| Domain | Requested by | |
|---|---|---|
| 26 | ospedalesanraffaele.welcomedicine.it |
1 redirects
ospedalesanraffaele.welcomedicine.it
|
| 2 | cdnjs.cloudflare.com |
ospedalesanraffaele.welcomedicine.it
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | code.jquery.com |
ospedalesanraffaele.welcomedicine.it
|
| 1 | fonts.googleapis.com |
ospedalesanraffaele.welcomedicine.it
|
| 30 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| app.welmed.it |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| welcomedicine.it Amazon |
2022-03-19 - 2023-04-17 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ospedalesanraffaele.welcomedicine.it/
Frame ID: B6DD98159B02D0914A8608A97889892E
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
Telemedicina e visite mediche online dell'Ospedale San RaffaelePage URL History Show full URLs
-
http://ospedalesanraffaele.welcomedicine.it/
HTTP 301
https://ospedalesanraffaele.welcomedicine.it/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
DataTables
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- dataTables.*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://app.welmed.it/ospedalesanraffaele/login
Title: Accedi
Title: Accedi
Search URL Search Domain Scan URL
URL: https://app.welmed.it/ospedalesanraffaele/registration/patient
Title: Registrati come Paziente
Title: Registrati come Paziente
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ospedalesanraffaele.welcomedicine.it/
HTTP 301
https://ospedalesanraffaele.welcomedicine.it/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
ospedalesanraffaele.welcomedicine.it/ Redirect Chain
|
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
ospedalesanraffaele.welcomedicine.it/assets/css/ |
215 KB 216 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
ospedalesanraffaele.welcomedicine.it/portali/4/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dataTables.bootstrap.css
ospedalesanraffaele.welcomedicine.it/assets/datatables/ |
9 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/ |
52 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
705 B 875 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.8.3.js
code.jquery.com/ |
260 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MaskedPassword.js
ospedalesanraffaele.welcomedicine.it/js/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
w-logo.svg
ospedalesanraffaele.welcomedicine.it/portali/4/images/ |
33 KB 34 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
support_icon.svg
ospedalesanraffaele.welcomedicine.it/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
play_blue.png
ospedalesanraffaele.welcomedicine.it/assets/images/video/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
preview_osr.png
ospedalesanraffaele.welcomedicine.it/assets/images/video/ |
185 KB 187 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom-dropdown.js
ospedalesanraffaele.welcomedicine.it/assets/javascripts/ |
518 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom-dropdown.css
ospedalesanraffaele.welcomedicine.it/assets/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sticky-header.js
ospedalesanraffaele.welcomedicine.it/assets/javascripts/ |
496 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sticky-header.css
ospedalesanraffaele.welcomedicine.it/assets/css/ |
493 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookiechoices.js
ospedalesanraffaele.welcomedicine.it/js/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
patch_cookiechoiches.js
ospedalesanraffaele.welcomedicine.it/js/ |
435 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor.js
ospedalesanraffaele.welcomedicine.it/assets/javascripts/ |
376 KB 377 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
ospedalesanraffaele.welcomedicine.it/assets/javascripts/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.dataTables.min.js
ospedalesanraffaele.welcomedicine.it/assets/datatables/ |
78 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dataTables.type.js
ospedalesanraffaele.welcomedicine.it/assets/datatables/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
token.js
ospedalesanraffaele.welcomedicine.it/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom.js
ospedalesanraffaele.welcomedicine.it/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
background_2.png
ospedalesanraffaele.welcomedicine.it/img/ |
6 MB 6 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
green.svg
ospedalesanraffaele.welcomedicine.it/img/ |
494 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v23/ |
11 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Noe_Display_Regular.otf
ospedalesanraffaele.welcomedicine.it/fonts/ |
70 KB 71 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Replica%20Regular.woff
ospedalesanraffaele.welcomedicine.it/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
351 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| MaskedPassword function| controlla object| jQuery18309469468007679978 function| submitExistRegistration object| playButton object| videoElement function| openDropdownList object| cookieChoices function| patchCookieChoicesToRefreshPageOnDismiss function| onYouTubePlayerAPIReady function| onYouTubePlayerReady object| mejs function| FastClick object| html5 object| Modernizr object| Foundation function| Stellar function| MediaElement function| MediaElementPlayer function| WOW function| richiesta_file function| chiudi_richiesta_file function| cambia_ordine_cookie function| cambia_ordine_datatable function| txt_blacklist function| solo_numeri function| goBack5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| ospedalesanraffaele.welcomedicine.it/ | Name: PHPSESSID Value: ebkdrdu8646gccu4d9d4e4gb4n |
|
| ospedalesanraffaele.welcomedicine.it/ | Name: AWSALBTG Value: pvoAsKBEgEk+H6w/QVwyQO2Qw5VSeD8Y6ByhEqHrIO6I/ZD5zzhAghn29i0WBHNXVSExXn6wgs0ywAnq632arRr4M9xuxCqVTHJXgnMNS5XDNHsHR98tD6+/896dA3fHG+WosjtHUvkB/gc6PKWA2jKzuU2RHdaDtaO1DbVJPBtk641LkSQ= |
|
| ospedalesanraffaele.welcomedicine.it/ | Name: AWSALBTGCORS Value: pvoAsKBEgEk+H6w/QVwyQO2Qw5VSeD8Y6ByhEqHrIO6I/ZD5zzhAghn29i0WBHNXVSExXn6wgs0ywAnq632arRr4M9xuxCqVTHJXgnMNS5XDNHsHR98tD6+/896dA3fHG+WosjtHUvkB/gc6PKWA2jKzuU2RHdaDtaO1DbVJPBtk641LkSQ= |
|
| ospedalesanraffaele.welcomedicine.it/ | Name: AWSALB Value: 4n4oQN2AK9T6IXzf5SiWEFx15d5VqwfdWC7xQlao4cxFqv0jjfPYE7tLlL4RIKYeruLCPfjDgqIdUIfRve+d0rBU/CN/kGWYsAYUEys5qLL/SJAY+leCfzIYF1nD |
|
| ospedalesanraffaele.welcomedicine.it/ | Name: AWSALBCORS Value: 4n4oQN2AK9T6IXzf5SiWEFx15d5VqwfdWC7xQlao4cxFqv0jjfPYE7tLlL4RIKYeruLCPfjDgqIdUIfRve+d0rBU/CN/kGWYsAYUEys5qLL/SJAY+leCfzIYF1nD |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
ospedalesanraffaele.welcomedicine.it
2001:4de0:ac18::1:a:3b
2606:4700::6811:190e
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
34.241.206.243
52.49.98.216
04987f54f9692ff92d03809e3fa043c37f8dd172851b2a4654d3d0eee03af50b
05b130b348148b4f7b9f3df2c3873cd38907890ebb8b7b6d68142859c19fef43
13e33d50326b706e8bfe71475eb6304ecfc3afb30cc18092ea99903be7624dc1
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
18695db6b0edd6b33cf7f05377c453317fc427635013d67df1bc882610845dd8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2270513dccf699d6274897840c05997a3fa9532dad0ed24aff66239767c1ac49
28f0a278193d792ce9c8d04b80a8cb588c25080b7b1fb40fb96f7414badfb6fc
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
3001d6df652ee9927d7012277251f66a0d11e6a72c54c91679140bb0ee496442
33365bd5ac2d8cb362a6bbe34792e676ffa6711278888888049b17701ddf4f0c
36ac71a244104c88492b85c8176a94cd8633cf137010046873512dc760de66c8
4426ecb964bd2b3cd1663b5feb152295ff0edcf1996a6e6b504207cfc6b8909c
4540e462094bd755703641d563310a061395591d3145085446a95ba92a96acbb
4570a59729261a9585c65062742dea3edcd352c503579de049bbce3e85efc172
4e5ef6ed94a1f4ddbd188ac14074708b7f5901425c00369643b5d978d9546dbe
4e9cc0e94dbb727bd1ed465f5092de75f7c6210c742a0bbbdfed50efb64853e4
5133565168ae0824015e72a9358170913edb1e5c8ccd4c7c58f2ecfef7b2a1b6
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6c3a691c3d7a93885f506e67bce87f2134d6500db660e96b6fecc71049c7708c
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
719fd309f62ba519dd579bdea2390df02e9fccf03f53eebbc9fb9bf96937ba53
7375706ca6d61c3e070f4d29b955e9e3fbf6750e4fd18040773cc35d97b5419f
756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
92518b07bdf95afdf256edfa1809bfc894fa65dea66e033b0d37fb4075cd9bd4
bb02ccb2a85f5dfe18c15061f954f61797fcea7dfbff432126a7ec75e12394f6
c6103237f637083f07dde7fdddfc930cfb39088e59a9081882415e64a2bd4e94
c6bb6c4c3af992617edd0d37bb2bc9380f1162b04148bd8030b23f9407afc6e2
d612214a5a30838bea68567f6e290f31f106c1280cd05b48b3b9b1d4f0031c29
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
df8610340e9a5f5760c585a1fac37a4e1c6e793eb6c6b7a37e58f169de89c577
e798f56e70c21a7eabf69d33a9186328afef2b23c81eb39f9ad388e87cf27109
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f1d49864d7441e5eee6250adaec05e03e2e4134b47ce839f511321ea81f7f1d1
f2a4157484b0130b49306409d15e833ec497a967fa172b38bc5c707831fa818d