![](/screenshots/efd98ac3-7c90-49cc-a193-f863f7025143.png)
patchstack.com
Open in
urlscan Pro
18.65.39.71
Public Scan
Submission: On March 11 via api from IN — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 13th 2023. Valid for: a year.
This is the only time patchstack.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
40 | 18.65.39.71 18.65.39.71 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
3 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 6 | 2606:4700::68... 2606:4700::6810:7daf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
47 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-71.ams1.r.cloudfront.net
patchstack.com |
ASN15169 (GOOGLE, US)
www.googleoptimize.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
patchstack.com
patchstack.com |
2 MB |
6 |
unpkg.com
4 redirects
unpkg.com — Cisco Umbrella Rank: 754 |
17 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 |
67 KB |
1 |
gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1806 |
20 KB |
1 |
googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 892 |
45 KB |
47 | 5 |
Domain | Requested by | |
---|---|---|
40 | patchstack.com |
patchstack.com
|
6 | unpkg.com |
4 redirects
patchstack.com
|
3 | cdnjs.cloudflare.com |
patchstack.com
|
1 | secure.gravatar.com |
patchstack.com
|
1 | www.googleoptimize.com |
patchstack.com
|
47 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
app.patchstack.com |
docs.patchstack.com |
drive.google.com |
www.linkedin.com |
www.facebook.com |
twitter.com |
discord.gg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
patchstack.com Amazon RSA 2048 M01 |
2023-02-13 - 2024-03-13 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA |
2022-11-23 - 2023-12-24 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://patchstack.com/articles/psa-houzez-theme-unauthenticated-privilege-escalation-vulnerability-exploited-in-the-wild/
Frame ID: FB22BCBC4840189B9CE4898AD5CA34F1
Requests: 47 HTTP requests in this frame
Screenshot
![](/screenshots/efd98ac3-7c90-49cc-a193-f863f7025143.png)
Page Title
PSA: Houzez Theme Unauthenticated Privilege Escalation Vulnerability Exploited in The Wild - Patchstackclosechevron-rightchevron-downtwitter-squarefacebook-squarelinkedin-squarebarsangle-rightcrossmenuDetected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Oxygen.png)
Detected patterns
- <link [^>]*href=(?:"|')[^>]*wp-content/plugins/oxygen/
- wp-content/plugins/oxygen
![](/vendor/wappa/icons/Yoast SEO.png)
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Detected patterns
- googleoptimize\.com/optimize\.js
![](/vendor/wappa/icons/Highlight.js.png)
Detected patterns
- /(?:([\d.])+/)?highlight(?:\.min)?\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Login
Search URL Search Domain Scan URL
Title: Start FREE
Search URL Search Domain Scan URL
Title: Check for free
Search URL Search Domain Scan URL
Title: Documentation
Search URL Search Domain Scan URL
Title: Changelog
Search URL Search Domain Scan URL
Title: Media kit
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: hackuu
Search URL Search Domain Scan URL
Title: Join Discord
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://unpkg.com/@popperjs/core@2 HTTP 302
- https://unpkg.com/@popperjs/core@2.11.6 HTTP 302
- https://unpkg.com/@popperjs/core@2.11.6/dist/umd/popper.min.js
- https://unpkg.com/tippy.js@6 HTTP 302
- https://unpkg.com/tippy.js@6.3.7 HTTP 302
- https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
47 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
patchstack.com/articles/psa-houzez-theme-unauthenticated-privilege-escalation-vulnerability-exploited-in-the-wild/ |
164 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks.style.build.css
patchstack.com/wp-content/cache/min/1/wp-content/plugins/structured-content/dist/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ecf.css
patchstack.com/wp-content/cache/min/1/wp-content/uploads/elegant-custom-fonts/ |
833 B 745 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
patchstack.com/wp-includes/css/dist/block-library/ |
93 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
classic-themes.min.css
patchstack.com/wp-includes/css/ |
217 B 725 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.css
patchstack.com/wp-content/cache/min/1/wp-content/plugins/oxygen/component-framework/vendor/aos/ |
25 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oxygen.css
patchstack.com/wp-content/cache/min/1/wp-content/plugins/oxygen/component-framework/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
patchstack.com/wp-content/cache/min/1/wp-content/plugins/wpdevdesign-oxygen-navigator/assets/css/ |
279 B 717 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.js
patchstack.com/wp-content/plugins/oxygen/component-framework/vendor/aos/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
patchstack.com/wp-includes/js/jquery/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.googleoptimize.com/ |
116 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.min.css
patchstack.com/wp-content/cache/min/1/ajax/libs/highlight.js/11.5.1/styles/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Faktum-Regular.woff
patchstack.com/wp-content/uploads/2021/05/ |
38 KB 39 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Faktum-WideRegular.woff
patchstack.com/wp-content/uploads/2021/05/ |
39 KB 40 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Faktum-WideMedium.woff
patchstack.com/wp-content/uploads/2021/05/ |
41 KB 41 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Faktum-WideSemiBold.woff
patchstack.com/wp-content/uploads/2021/05/ |
41 KB 41 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7201.css
patchstack.com/wp-content/cache/min/1/wp-content/uploads/oxygen/css/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7215.css
patchstack.com/wp-content/cache/min/1/wp-content/uploads/oxygen/css/ |
29 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
universal.css
patchstack.com/wp-content/cache/min/1/wp-content/uploads/oxygen/css/ |
338 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
patchstack.com/wp-content/uploads/2021/11/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7f009046884a335084f86ff1a1acadce
secure.gravatar.com/avatar/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-7.webp
patchstack.com/wp-content/uploads/2023/02/ |
63 KB 63 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_discord.svg
patchstack.com/wp-content/uploads/2022/12/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo.svg
patchstack.com/wp-content/uploads/2022/08/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eufunded-1.svg
patchstack.com/wp-content/uploads/2022/08/ |
19 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.webp
patchstack.com/wp-content/uploads/2021/01/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/11.5.1/ |
115 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
unpkg.com/@popperjs/core@2.11.6/dist/umd/ Redirect Chain
|
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tippy-bundle.umd.min.js
unpkg.com/tippy.js@6.3.7/dist/ Redirect Chain
|
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ |
63 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScrollTrigger.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.build.js
patchstack.com/wp-content/plugins/structured-content/dist/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forms.js
patchstack.com/wp-content/plugins/mailchimp-for-wp/assets/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie-player.min.js
patchstack.com/wp-content/plugins/oxyextras/components/assets/ |
337 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie-interactivity.js
patchstack.com/wp-content/plugins/oxyextras/components/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intersectionobserver.js
patchstack.com/wp-content/plugins/oxyextras/components/assets/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie-init.js
patchstack.com/wp-content/plugins/oxyextras/components/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alpinejs.intersect.3.10.5.js
patchstack.com/wp-content/plugins/oxygen/component-framework/vendor/alpinejs/ |
877 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alpinejs.3.10.5.js
patchstack.com/wp-content/plugins/oxygen/component-framework/vendor/alpinejs/ |
39 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-GUPqey7k7b4-unsplash-1024x683.jpg
patchstack.com/wp-content/uploads/2022/06/ |
110 KB 111 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Subscriber-Path-Traversal-Leading-to-Local-File-Inclusion-in-OceanWP-Theme-Patchstack-1024x539.png
patchstack.com/wp-content/uploads/2023/02/ |
513 KB 515 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patchstack-weekly-61-using-wordpress-as-headless-cms-1024x536.png
patchstack.com/wp-content/uploads/2023/02/ |
522 KB 524 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
link-arrow.svg
patchstack.com/wp-content/uploads/2022/08/ |
191 B 706 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Faktum-SemiBold.woff
patchstack.com/wp-content/uploads/2021/11/ |
39 KB 39 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Faktum-Bold.woff
patchstack.com/wp-content/uploads/2021/11/ |
37 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo_Hover_Animation_v2.json
patchstack.com/wp-content/uploads/2021/11/ |
19 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo_Hover_Animation_v2.json
patchstack.com/wp-content/uploads/2021/11/ |
19 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
54 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| AOS undefined| $ function| jQuery object| google_tag_manager object| dataLayer object| google_optimize object| alpineIntersect object| alpine object| mc4wp object| hljs object| Popper function| tippy object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| ScrollTrigger function| oxygen_init_reading_progress object| Alpine object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| LottieInteractivity function| oxygen_init_lottie function| triggerScriptLoader function| loadScripts0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
patchstack.com
secure.gravatar.com
unpkg.com
www.googleoptimize.com
18.65.39.71
2606:4700::6810:7daf
2606:4700::6811:180e
2a00:1450:4001:831::200e
2a04:fa87:fffe::c000:4902
012aa6aaa002263206a81950d85ba67dc3840cd90c1b53d5deb4e45c984de878
01da3239bb68389cf95c71c9afeeabd54dd1bde1180831e07df206a838d08f6d
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
068b6cce4ba0c45621e5c2947ebcc3f6701a90c841ce4f210c935f0047a19ead
09da43ac477c8766515aff8803c5d230b14b0baba45f6d5d65fcb99b9cb9a448
0cf1d099c031abc93530470f82ba4c0654caf04752e3ee0d2f64940382b4c5a2
12a618537a5ecc700c5cd76816ded0793c5c369fa6d786ce82b7199e34b080a3
17fe5ef946f2b68c88c30f43b185aa85998c64813381668cea4fd7935a95a790
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
26c20102b99fba14b488f348ba46bcdc7c10e1b2ea2fa256bc377620daa140c6
2ecf4239c2478344fdb091c031ccf0a9010cf529c02b5152340669ec94a312b8
338bddef7f37b72a80de683dd16e0373aaeb18607a006b43349ba4846b9b528b
36765572da8f1a28f7916e6ab8ca524b9434998a807098b185ec15e843bb48ae
3986673333826891a3b1d289891efd0689a800f8dbd7a897e016ed1f80e429ea
3b26cbd5127fc44ede850029f2a4a1d084a4182a8cab4a4a62d0f0a7b0116232
3e75a9dac0016e7a2ea02c5aebf07882b499fc6eb191ce5b38e11d303f7c3757
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
3f674d5373e9daec3bfdd45d31899878a2445646d188d56560ad9055c9936ebe
442cc4aa9e87e997e346afff9f3e85275956ade99f0be9b6dd720dba38ddfff3
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
4fb8f9059ead43cda5a1f9e01bb4fcfb7346671740e67b83dd58c2335ea8b265
51d8feeca7862a3ded9c5e3aa88cc5e115b912ec937224a5448adb7f3ae5e1ab
52a97d73800a552fd1b886a62982a7ba2f17dcd27d331f2ba99f7e95f505ae14
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b02426e749fbc4999d6407083463b9bcb5511f073f413249a56e21643bb6bd8
640807dde06a6339c8e9a8813261b8a143aca409ba4ac8568fb52cb2b009b4a8
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e53ed8c3d86f9e204995aab1066ecc8b236d842772dceb7b57b0fcfe213c811
6e5655295b678abdf0533e40aaf82cbb5cf9267b6e65e86fee3cce92ae7de700
70656995a69cdca5cc1ff5dcbf78378494de4368f2383ab78cd8eb167d43f2b0
7a64fec47d0797ad2e0b377b26bdc0967c377794fbe2d284abe5b4bb80ae42e2
7d31127fbc6c7cdfef1eb59800f9ec50cedb15efa81ff571dcfa5d13a0ad90f4
8a01817173eee8b82e5d4ac97b6c7168ce351346ea09cf5b6c7514957cc46bf1
90aa21b052dcdc72d57f11715edcf51d44fe1a5c37544202b663052eafe9e03e
9e62a5da9cceba33ccc322380461a756d5d3f84ae39bd170a952c1de5c3146a6
9f9806aff71bf183827384d70fa3069e6f3811c9ec6b36b0e20271a084b6f460
a42ca2a7149389313bcbd1501e8256979f1acc1454f4070a1300a3736760094a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cefad5aae60ab4750509d2ab08a970df72978efb9cfc4b8bc642a7360e7ac87e
d5242ec44e2753c8403909b8686c8a0eaa84d4c5d44419e8808bae57acb9cbf8
d8f681d20d59065735726d85eb3d3e3536794c936818b3f797ecb13c96cf5d4f
da8b9c6562cee0bad877c0f9c7fbae8cb2d594e23e9ba583cfc3c63886af5191
daff5d5612a5e61f4573f7505fffebbea08cf2eafeb9f3a1400d55dcf656b632
eabc90c688fba82b41c3e6dfc565ce341a257e4d1cb2e9e82045d8682711737b
fbde0ac0921d86c356c41532e7319c887a23bd1b8ff00060cab447249f03c7cf