georgiel.com
Open in
urlscan Pro
162.241.69.86
Malicious Activity!
Public Scan
Submission: On May 18 via manual from GB
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 16th 2021. Valid for: 3 months.
This is the only time georgiel.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-69-86.unifiedlayer.com
georgiel.com |
ASN15133 (EDGECAST, US)
static-exp1.licdn.com |
ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin-ei.com |
ASN20940 (AKAMAI-ASN1, NL)
www.sailpoint.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-117.vie50.r.cloudfront.net
sb.scorecardresearch.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-203-160.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-91-199.eu-west-1.compute.amazonaws.com
lnkd.demdex.net |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-182-188.compute-1.amazonaws.com
trkn.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
licdn.com
static-exp1.licdn.com |
213 KB |
8 |
georgiel.com
georgiel.com |
21 KB |
6 |
linkedin-ei.com
platform.linkedin-ei.com www.linkedin-ei.com |
75 KB |
5 |
demdex.net
dpm.demdex.net lnkd.demdex.net |
8 KB |
4 |
trkn.us
2 redirects
trkn.us |
3 KB |
3 |
google.com
accounts.google.com |
2 KB |
2 |
facebook.com
www.facebook.com |
496 B |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net |
715 B |
2 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com |
821 B |
1 |
twitter.com
analytics.twitter.com |
583 B |
1 |
gstatic.com
ssl.gstatic.com |
39 KB |
1 |
sailpoint.com
www.sailpoint.com |
5 KB |
41 | 12 |
Domain | Requested by | |
---|---|---|
11 | static-exp1.licdn.com |
georgiel.com
static-exp1.licdn.com |
8 | georgiel.com |
static-exp1.licdn.com
|
5 | platform.linkedin-ei.com |
static-exp1.licdn.com
platform.linkedin-ei.com |
4 | trkn.us | 2 redirects |
3 | lnkd.demdex.net |
platform.linkedin-ei.com
|
3 | accounts.google.com |
static-exp1.licdn.com
ssl.gstatic.com |
2 | www.facebook.com | |
2 | cm.g.doubleclick.net | 2 redirects |
2 | dpm.demdex.net |
platform.linkedin-ei.com
|
2 | sb.scorecardresearch.com | 1 redirects |
1 | analytics.twitter.com | |
1 | ssl.gstatic.com |
accounts.google.com
|
1 | www.linkedin-ei.com |
static-exp1.licdn.com
|
1 | www.sailpoint.com |
static-exp1.licdn.com
|
41 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
georgiel.com cPanel, Inc. Certification Authority |
2021-05-16 - 2021-08-14 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-10-10 - 2021-10-14 |
2 years | crt.sh |
platform.linkedin.com DigiCert SHA2 Secure Server CA |
2020-07-03 - 2022-07-08 |
2 years | crt.sh |
www.sailpoint.com R3 |
2021-02-26 - 2021-05-27 |
3 months | crt.sh |
www.linkedin-ei.com DigiCert SHA2 Secure Server CA |
2021-04-30 - 2021-10-30 |
6 months | crt.sh |
*.scorecardresearch.com Amazon |
2021-02-28 - 2022-03-29 |
a year | crt.sh |
accounts.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
trkn.us Go Daddy Secure Certificate Authority - G2 |
2021-01-19 - 2022-02-20 |
a year | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://georgiel.com/CD/Login2021/Login.htm
Frame ID: 754DFC518FCD5C4F4C5D65AB7FCC37A4
Requests: 34 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 25A0732370F7D7B78A1EE4DCBA941C54
Requests: 3 HTTP requests in this frame
Frame:
https://lnkd.demdex.net/dest5.html?d_nsid=0
Frame ID: 815B203A63454CFD3FEB32D974E0A466
Requests: 4 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Community Guidelines
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://sb.scorecardresearch.com/b?c1=2&c2=6402952&c3=&c4=&c5=&c6=&c15=&ns__t=1621324524858&ns_c=windows-1252&c8=Office365%3A%20Log%20In&c7=https%3A%2F%2Fgeorgiel.com%2FCD%2FLogin2021%2FLogin.htm&c9= HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=6402952&c3=&c4=&c5=&c6=&c15=&ns__t=1621324524858&ns_c=windows-1252&c8=Office365%3A%20Log%20In&c7=https%3A%2F%2Fgeorgiel.com%2FCD%2FLogin2021%2FLogin.htm&c9=
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTI4NjczNDcwODU0NjYxODE4NzEzNDQ4MTc4NzA3NTEzNTA0NzQ= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTI4NjczNDcwODU0NjYxODE4NzEzNDQ4MTc4NzA3NTEzNTA0NzQ=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIXOYI31v5sAieYdn3gD9Y4&google_cver=1?gdpr=0&gdpr_consent=
- https://trkn.us/pixel/conv/ppt=10786;g=linkedin_flagship_homepage;gid=32238 HTTP 302
- https://trkn.us/pixel/conv/ppt=10786;g=linkedin_flagship_homepage;gid=32238;ip=217.138.199.44;cuidchk=1
- https://trkn.us/pixel/conv/ppt=4993;g=homepage;gid=20238 HTTP 302
- https://trkn.us/pixel/conv/ppt=4993;g=homepage;gid=20238;ip=217.138.199.44;cuidchk=1
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login.htm
georgiel.com/CD/Login2021/ |
17 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8ydw65f5rrq0abzg6qp6hozyf
static-exp1.licdn.com/sc/h/ |
244 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i7yy27vuazesg2cko8tip629
static-exp1.licdn.com/sc/h/ |
156 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d1354rry4y9g3t1lbdz6uigm8
static-exp1.licdn.com/sc/h/ |
104 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
platform.linkedin-ei.com/js/ |
60 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o365-logo.svg
www.sailpoint.com/wp-content/uploads/identity-for/o365/ |
12 KB 5 KB |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b4jgwnrrzl0qfc47qjfws95pj
static-exp1.licdn.com/sc/h/ |
820 B 602 B |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddi43qwelxeqjxdd45pe3fvs1
static-exp1.licdn.com/sc/h/ |
2 KB 1 KB |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cyolgscd0imw2ldqppkrb84vo
static-exp1.licdn.com/sc/h/ |
201 B 825 B |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b8nmakf6h0x06rajxf1vxrb8g
static-exp1.licdn.com/sc/h/ |
108 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b045gzzgfxgfysptabriery88
static-exp1.licdn.com/sc/h/ |
185 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3m4tgpbdz7gbldapvl63mrnxz
static-exp1.licdn.com/sc/h/ |
14 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3b678qey22i0i8cxykw5gjupc
static-exp1.licdn.com/sc/h/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
gauge
georgiel.com/homepage-guest/api/ingraphs/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user
www.linkedin-ei.com/litms/api/metadata/ |
324 B 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
platform.linkedin-ei.com/litms/utag/homepage-guest-frontend/ |
133 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
64 B 330 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 25A0 |
513 B 630 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
georgiel.com/li/ |
315 B 515 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
accounts.google.com/gsi/ |
40 B 995 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3855939171-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 25A0 |
112 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
georgiel.com/li/ |
315 B 515 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
iframerpc
accounts.google.com/o/oauth2/ Frame 25A0 |
15 B 59 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
georgiel.com/li/ |
315 B 516 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
i7yy27vuazesg2cko8tip629
static-exp1.licdn.com/sc/h/ |
0 184 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
admin
georgiel.com/fizzy/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
611 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.107.js
platform.linkedin-ei.com/litms/utag/homepage-guest-frontend/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.109.js
platform.linkedin-ei.com/litms/utag/homepage-guest-frontend/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.119.js
platform.linkedin-ei.com/litms/utag/homepage-guest-frontend/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
georgiel.com/li/ |
315 B 515 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
georgiel.com/li/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
lnkd.demdex.net/ Frame 815B |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
lnkd.demdex.net/ |
689 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEIXOYI31v5sAieYdn3gD9Y4&google_cver=1
dpm.demdex.net/ Frame 815B Redirect Chain
|
42 B 975 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
lnkd.demdex.net/ |
689 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 815B |
44 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ppt=10786;g=linkedin_flagship_homepage;gid=32238;ip=217.138.199.44;cuidchk=1
trkn.us/pixel/conv/ Redirect Chain
|
42 B 780 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
tr
www.facebook.com/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ Frame 815B |
43 B 583 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ppt=4993;g=homepage;gid=20238;ip=217.138.199.44;cuidchk=1
trkn.us/pixel/conv/ Redirect Chain
|
42 B 780 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| getDfd object| lazyloader object| tracking object| impressionTracking object| ingraphTracking object| utag_data object| utag_cfg_ovrd string| GoogleAnalyticsObject function| ga object| gapi object| _ object| gadgets object| osapi object| ___jsl object| oauth2 object| default_gsi object| closure_lm_423731 object| google object| __G_ID_CLIENT__ object| tealiumDil boolean| utag_condload number| timestamp object| utag boolean| __tealium_twc_switch function| DIL object| adobe function| Visitor object| s_c_il number| s_c_in object| __core-js_shared__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
analytics.twitter.com
cm.g.doubleclick.net
dpm.demdex.net
georgiel.com
lnkd.demdex.net
platform.linkedin-ei.com
sb.scorecardresearch.com
ssl.gstatic.com
static-exp1.licdn.com
trkn.us
www.facebook.com
www.linkedin-ei.com
www.sailpoint.com
104.244.42.3
142.250.185.98
162.241.69.86
23.22.182.188
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
2620:1ec:21::16
2a00:1450:4001:802::2003
2a00:1450:4001:802::200d
2a02:26f0:6c00::210:ba20
2a02:26f0:6c00::210:bb43
2a03:2880:f11c:8183:face:b00c:0:25de
52.18.91.199
54.195.203.160
99.86.242.117
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11217ec0619b280ee4f6769cdbdb8010b89d652087a4641d9c39a4e798f97a12
377b969e708cef4e923896c0b04a9d2c7f697b298e671955851137317d0e5a2e
4302a585bea38471bdd3becee2c509d48d29330db3cd18adacd8615330e69f1e
4bb74553d51eeaa273e436ced599605fa611b00075d17f9b538a71f62d07a681
4c2708dead2fa906f902389a8e16dfdaac951c68c8ef460caac1982784b725c0
4e4dd4a48f09e4b97670bcbcaeaff07d8a4d78f83160729d96c318521b229f2c
557a1b897ea6f9552d456c6ccc82304af8f0891e5258789d6202d7453f08743d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dea289458c160d62903c19b22c602ee5c8bb5b61ce9dcfca76d286b9aed7a9e
80d06424a1604d445a957f6ccd808edbee50645e4e876f3b8f724fba2f084502
82656ca4d468185926a38539404ccecac58e9699ada6794972d1dca8c5304d73
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
870436155a72b520f5918f62c6d8f981ef76510e3cd8280266a7c270f6fdad49
915d641f7a0cd3f67449d0ea2697d2e209d19111c797a2596a34aa0112b585a6
91accbd403145a495830fff20fd76d53580931c38273dc52630517a2d43226f2
98cbd903bb1c24e80e83648dcff48baa7b672d7a03b879df4d83a05e551a5159
a0660eb3ebeffd391234295fcb828cff0bf037d6b22d8c0ac309cee829126d4d
a46caa90beeaa669500456473ad15e71aa7285ffcce103b614dd5b6e02ca850f
a87bdd5cbc3c2e653d8aeaabc5313ead5e4104c6ba63ea3b95ba7ae19f37479e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
affe486de5aeb7dcfa7eaa5a69b6866b138243413e68600554a32958420576f3
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b43584d60114c811c14d1d25b113c9a622aa31e9109da468c3efc01957a241ea
bc675001c961b25b2ab8736a67c41a65754ce28471d0e740c8c2e7ef2cf25751
be57e5537107dcd03d6062c832b38c362cde9a9ff8f8fe6fa315bf5ce94ec826
c6737086b7d5121d9b73988c310046850799d3a354fe2d78fd64d797a417d011
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d960843fe85cfd71159433734acd16a8406bce0491bef7c4c361d6139168c64e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee701e167f6e0f16463e84fac42d93665c904b716e2ed6b328821d2ea477a616
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629