sitesumo.com
Open in
urlscan Pro
72.20.110.54
Malicious Activity!
Public Scan
Submission: On February 20 via manual from IT
Summary
This is the only time sitesumo.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Outlook Web Access (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 72.20.110.54 72.20.110.54 | 7151 (BAYAREA-AS) (BAYAREA-AS) | |
8 | 216.55.155.68 216.55.155.68 | 30447 (INFB2-AS) (INFB2-AS) | |
9 | 52.216.146.171 52.216.146.171 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.72.54.163 52.72.54.163 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 2 | 104.160.64.8 104.160.64.8 | 46469 (GETRESPON...) (GETRESPONSE-IMPLIX) | |
1 | 104.160.64.9 104.160.64.9 | 46469 (GETRESPON...) (GETRESPONSE-IMPLIX) | |
1 | 151.101.14.110 151.101.14.110 | 54113 (FASTLY) (FASTLY) | |
1 1 | 162.247.242.19 162.247.242.19 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
1 | 162.247.242.18 162.247.242.18 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
27 | 8 |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
tslp.s3.amazonaws.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-54-163.compute-1.amazonaws.com
jacobs.exch01-corp.com |
ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: getresponse.com
www.getresponse.com |
ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com
app.getresponse.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net
bam.nr-data.net |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
amazonaws.com
tslp.s3.amazonaws.com |
21 KB |
8 |
nccdn.net
0104.nccdn.net |
511 KB |
6 |
sitesumo.com
sitesumo.com |
264 KB |
3 |
getresponse.com
2 redirects
www.getresponse.com app.getresponse.com |
2 KB |
2 |
nr-data.net
1 redirects
bam.nr-data.net |
850 B |
1 |
newrelic.com
js-agent.newrelic.com |
9 KB |
1 |
exch01-corp.com
jacobs.exch01-corp.com |
763 B |
27 | 7 |
Domain | Requested by | |
---|---|---|
9 | tslp.s3.amazonaws.com |
sitesumo.com
|
8 | 0104.nccdn.net |
sitesumo.com
|
6 | sitesumo.com |
sitesumo.com
|
2 | bam.nr-data.net | 1 redirects |
2 | www.getresponse.com | 2 redirects |
1 | js-agent.newrelic.com |
sitesumo.com
|
1 | app.getresponse.com |
sitesumo.com
|
1 | jacobs.exch01-corp.com |
sitesumo.com
|
27 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2021-03-12 |
a year | crt.sh |
*.getresponse.com Go Daddy Secure Certificate Authority - G2 |
2018-04-11 - 2020-04-11 |
2 years | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://sitesumo.com/Outlook/main.html
Frame ID: B15A4F488A34BB22C30667457F88A4BC
Requests: 29 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: click here.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://www.getresponse.com/sales_tracking.html?x=a62b&i=vz&q=1 HTTP 307
- https://www.getresponse.com/sales_tracking.html?x=a62b&i=vz&q=1 HTTP 301
- https://app.getresponse.com/sales_tracking.html?i=vz&q=1&x=a62b
- http://bam.nr-data.net/1/1eb02dae32?a=16828251&v=918.2e0ff1d&to=J1oIRBZeWVQHSxwNBApRD14DHkZQDU4%3D&rst=3768&ap=12&be=3199&fe=512&dc=15&f=%5B%22err%22,%22xhr%22,%22stn%22,%22ins%22%5D&perf=%7B%22timing%22:%7B%22of%22:1582198101051,%22n%22:0,%22dl%22:1207,%22di%22:3213,%22ds%22:3213,%22de%22:3214,%22dc%22:3707,%22l%22:3707,%22le%22:3713,%22f%22:0,%22dn%22:0,%22dne%22:677,%22c%22:677,%22ce%22:689,%22rq%22:689,%22rp%22:1205,%22rpe%22:1630%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP 302
- https://bam.nr-data.net/1/1eb02dae32?a=16828251&v=918.2e0ff1d&to=J1oIRBZeWVQHSxwNBApRD14DHkZQDU4%3D&rst=3768&ap=12&be=3199&fe=512&dc=15&f=%5B%22err%22,%22xhr%22,%22stn%22,%22ins%22%5D&perf=%7B%22timing%22:%7B%22of%22:1582198101051,%22n%22:0,%22dl%22:1207,%22di%22:3213,%22ds%22:3213,%22de%22:3214,%22dc%22:3707,%22l%22:3707,%22le%22:3713,%22f%22:0,%22dn%22:0,%22dne%22:677,%22c%22:677,%22ce%22:689,%22rq%22:689,%22rp%22:1205,%22rpe%22:1630%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
main.html
sitesumo.com/Outlook/ |
105 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fat_eua.js
0104.nccdn.net/1_5/378/3af/1c4/ |
252 KB 253 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fat_freemona.css
0104.nccdn.net/1_5/0b7/097/28e/ |
41 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Museo300-Regular.css
sitesumo.com/Shared/Fonts/ |
69 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fat_freemona.js
0104.nccdn.net/1_5/13a/1c0/036/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgntopl.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgntopr.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
581 B 961 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgnexlogo.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
61 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgnbotl.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgnbotr.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alt_pixel_click_3e01f0.gif
jacobs.exch01-corp.com/ |
0 763 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
section_group.css
0104.nccdn.net/1_5/1e4/128/030/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fat_section_group.js
0104.nccdn.net/1_5/1e4/128/030/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sales_tracking.html
app.getresponse.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Museo500-Regular.css
sitesumo.com/Shared/Fonts/ |
69 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MyriadPro-Regular.css
sitesumo.com/Shared/Fonts/ |
256 KB 123 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Museo700-Regular.css
sitesumo.com/Shared/Fonts/ |
67 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_top_green.png
0104.nccdn.net/1_5/267/091/2ef/ |
479 B 795 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_main_green.jpg
0104.nccdn.net/1_5/2b4/2ec/20b/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.html
sitesumo.com/Outlook/ |
16 KB 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgntopm.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
58 B 437 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgnleft.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
290 B 670 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgnright.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
306 B 686 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lgnbotm.gif
tslp.s3.amazonaws.com/assets/owa2010/ |
276 B 656 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_shadow.png
0104.nccdn.net/1_5/153/01e/3c8/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
51 KB 51 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
192 KB 192 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nr-918.min.js
js-agent.newrelic.com/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1eb02dae32
bam.nr-data.net/1/ Redirect Chain
|
57 B 268 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Outlook Web Access (Online)249 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| sk_namespaces string| nsp object| nsp_elements object| nsp_prefix_arr number| j string| nsp_element string| prefix string| nsp_str function| IFrame function| Elements function| Cookie boolean| MooToolsPatched function| _$ function| $ boolean| THE_PAGE_IS_LOADED object| ONLOAD_FUNCTIONS function| Goto function| GotoEx function| Trim function| IsValidInteger function| IsValidNatural function| IsValidReal function| IsValid function| IsValidIdentifier function| IsValidEmail function| IsValidSQLDate function| SKPopup function| SKPopupHandle function| AreCookiesEnabled function| AlertNotEnabledCookiesMessage function| AlertSystemMessage function| RefreshCachedImages function| LoginToEdit function| ExecuteOnLoadFunctions function| IsPageLoaded function| FixURL function| ScrollTop function| GetCurrentLocationFileName function| AddImagenEncoding function| LoadCSS function| LoadScript object| MOUSEOVERS object| MOUSEOUTS string| SK__PAGE_ID function| MouseOver function| MouseOut function| MouseClick function| SK__ImageHL function| SK__CurrentItem function| SK__SetPageID function| SK__IsCurrentPage number| NN_4 number| IE number| NN_6 string| VISIBLE string| HIDDEN string| DISPLAY_ON string| DISPLAY_OFF boolean| LAYER__IS_NETSCAPE number| LAYER__NETSCAPE_TIME_PATCH_COEFFICIENT boolean| inited_mouse_actions object| LAYERS_HASH object| old_mouse_pos boolean| allow_default_dragging object| default_mousedown object| default_mousemove object| default_mouseup function| Layer function| Layer__DefaultDragging function| Layer__AllowDefaultDragging function| Layer__ForbidDefaultDragging function| Layer__GetLayerObj function| Layer__GetLayerObjStyle function| Layer__SetLayerPosition function| Layer__GetLayerPosition function| Layer__SetLayerDimentions function| Layer__SetLayerDimentions_NN function| Layer__GetLayerDimentions function| Layer__GetLayerDimentions_NN function| Layer__Move function| __Layer__Distance function| __Layer__Sign function| Layer__SetLayerVisible function| Layer__IsLayerVisible function| Layer__SetLayerDisplay function| Layer__HTML function| Layer__HTML_NN function| Layer__GetDocumentMargins function| Layer__GetDocumentMargins_NN function| Layer__Maximize function| Layer__Center function| Layer__InitDrag function| Layer__ReleaseDrag function| Layer__System__MOUSEDOWN function| Layer__System__MOUSEMOVE function| Layer__System__MOUSEUP function| Layer__System__ClickedOverLayer function| Layer__System__CurrentMousePosition object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject object| MEDIA_OBJECT_PROPS object| AUDIO_MIME_TYPES function| MediaObject object| CVI_PENDING boolean| CVI_LOADED object| CVI_LOADER object| CVI_EFFECTS function| ApplyImageEffect string| LOADER_SINK object| LOADER_POOL number| LOADER_COUNT function| Loader function| Loader__clear function| Loader__load function| Loader__loadElement function| Loader__loadScript function| Loader__loadImage function| Loader__ready function| Loader__merge function| Loader__addResource function| Loader__getResource function| Loader__setLoaded function| Loader__setFailed function| Loader__notify function| LoadedHandler function| FailedHandler function| genuid function| StripLocation function| RemoveWWW function| ExtarctDomain function| GetReferrer function| StatsGetCookie function| StatsDeleteCookie function| HitStats function| SSOpenPage object| SK object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Hash function| $H function| SKResizeContainer function| SKResizeContainerObject number| HORIZONTAL number| VERTICAL number| STRIPE_BELOW_MAIN_ITEMS number| DROPDOWN_BELOW_MAIN_ITEMS number| DROPDOWN_BETWEEN_ITEMS number| DROPDOWN_AT_RIGHT string| SELECTED_CLASS_NAME string| CURRENT_CLASS_NAME string| CURRENT_SUBITEM_CLASS_NAME string| FIRST_BUTTON_CLASS_NAME string| LAST_BUTTON_CLASS_NAME object| SKSliderTimeouts object| SKSliderOptions object| SKSlider object| SKSliders function| SKTwoWaySlider object| SKMenuOptions object| SKAnimations object| SKDesigns object| hashFirstElementMap object| ITEMS_CACHE object| ITEMS_FX object| ITEMS_LOCKS function| SKElement function| SKUtils function| SKMenu function| SKMenuItem function| SKMainMenu object| EFFECTS_FACTORY_CACHE function| SKEffectsFactory object| SKEffectsFactoryObj function| SKMenuBehaviors number| SECTION_PADDING number| SLIDE_ANIMATION number| FADE_ANIMATION number| DEFAULT_ANIMATION object| FREEMONA_COLORS object| fm_mnav object| fm_sec_menu object| fm_menu_design_map object| fm_menu_animation_props_map function| LoadMainMenu function| LoadSecondaryMenu function| SetSelectedImage function| LoadStyles function| ApplyBorderSideImages function| RunDebugMode function| GetDOMChildren function| HasClass function| OpenFirstSubmenu object| oGlobalMenuObjects number| nMenuObjectsCount function| DynamicFlashMenu string| CVI_LIBRARY_URL object| NREUM object| newrelic function| __nr_require number| NORMAL number| TABBED number| ACCORDION number| ANIMATED_TABBED string| SG_ROOT_CLASSNAME object| SECTION_GROUP1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sitesumo.com/ | Name: sksession_sid Value: 1582198102_10716_568560429 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0104.nccdn.net
app.getresponse.com
bam.nr-data.net
jacobs.exch01-corp.com
js-agent.newrelic.com
sitesumo.com
tslp.s3.amazonaws.com
www.getresponse.com
104.160.64.8
104.160.64.9
151.101.14.110
162.247.242.18
162.247.242.19
216.55.155.68
52.216.146.171
52.72.54.163
72.20.110.54
086b4c6c44b31eb9d52041e591708704acb958e039ae4d07c8b0122aadbeb7f9
0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b
13259e25966b432814e9e2da1f985362a3fcc3c1cac4002103c452fcc37caf47
134ef2792342c521c50238860a9416f19c41d2550d5d783bedd1102fea120766
2355e9f9cae03e9fa671d57f378245f488918d30286d4e70633c6e6d828db44f
2bcf0d75a352f2a147dc5f830cd5e1aaf13ab8e7176c2044a2274cb2c6e4f4b9
4ff20f3c5b35488aef1ba15a8156f6227562c82bf189166e723efc5534e45d5a
6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a
7b75e8a797ce8ab39dcb61b5e30856a0f16ed93d60332f54922c149484417682
96813fb26deeea27079ba375bacb3aeca50c505cf31a99eca3844a88af9214cc
96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185
97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9d6f654d1812c583339ea131acea957f2e37d85b5b12949ab967a10dc9c822ad
9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6
a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775
ac3b39150db3dd5e2d30ad71845424c4f46a351cf876c9d437a690cc6f8cbb89
b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4
b28b47694f0502a9dc864a40e6b7f8ecaad76af93fb1080e65dae56e15060420
b478b93f8f9a262321211d8ce812cdd6accdfb4ede6e0230ccf44e77ad161f97
bb9e82ce1451ce8701cfdad98833d8e0157d8d0af657dd5384d2786ec09945d4
c3fc5f2881ecae8471c177db4ac075ca79b37221c7e12a5420ad58b1b3095d2b
d88f9f935886e69629dec6c7fc67aeac9317de2b5c341a737dd9a18a966f2b77
df02ae529f109c25a31c189b9350609506e70d58c6222bbb72e7e831e591f9b0
e2a0556a55ecf892337198eeab83a3fa6e5826a0bb031796b38c52d2f339c78e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23