avocadoo.blob.core.windows.net
Open in
urlscan Pro
20.150.90.68
Public Scan
Submission Tags: @phish_report
Submission: On February 25 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 27th 2023. Valid for: a year.
This is the only time avocadoo.blob.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 20.150.90.68 20.150.90.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 77.245.159.14 77.245.159.14 | 42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200e | 15169 (GOOGLE) (GOOGLE) | |
7 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
10 | 2a00:1450:400... 2a00:1450:4001:80f::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 11 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
avocadoo.blob.core.windows.net |
ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co |
ASN15169 (GOOGLE, US)
mersin-merhaba-dernegi.business.site |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
394 KB |
10 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 47 |
814 KB |
4 |
windows.net
avocadoo.blob.core.windows.net |
90 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32 maps.googleapis.com — Cisco Umbrella Rank: 369 |
192 KB |
2 |
cloakan.co
www.cloakan.co |
722 B |
1 |
google.com
apis.google.com — Cisco Umbrella Rank: 104 |
7 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
21 KB |
1 |
business.site
mersin-merhaba-dernegi.business.site |
56 KB |
34 | 8 |
Domain | Requested by | |
---|---|---|
10 | lh3.googleusercontent.com |
mersin-merhaba-dernegi.business.site
|
7 | www.gstatic.com |
mersin-merhaba-dernegi.business.site
www.gstatic.com |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | avocadoo.blob.core.windows.net |
avocadoo.blob.core.windows.net
|
2 | fonts.googleapis.com |
mersin-merhaba-dernegi.business.site
|
2 | www.cloakan.co |
avocadoo.blob.core.windows.net
|
1 | maps.googleapis.com |
mersin-merhaba-dernegi.business.site
|
1 | apis.google.com |
mersin-merhaba-dernegi.business.site
|
1 | www.google-analytics.com |
mersin-merhaba-dernegi.business.site
|
1 | mersin-merhaba-dernegi.business.site |
www.cloakan.co
|
34 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.blob.core.windows.net Microsoft RSA TLS CA 01 |
2023-09-27 - 2024-09-27 |
a year | crt.sh |
cloakan.co R3 |
2024-01-02 - 2024-04-01 |
3 months | crt.sh |
*.business.site GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.apis.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://avocadoo.blob.core.windows.net/web/8x8bc0519cx.html
Frame ID: ECCE0498395928D017A88CDC2F45F07A
Requests: 6 HTTP requests in this frame
Frame:
https://mersin-merhaba-dernegi.business.site/
Frame ID: 77B6C6CCC8ED811FF17E5F9192213EE4
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Mersin Merhaba Derneği - Dernek Veya ÖrgütDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Plus (Widgets) Expand
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
8x8bc0519cx.html
avocadoo.blob.core.windows.net/web/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
avocadoo.blob.core.windows.net/web/ |
86 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cloakan.js
avocadoo.blob.core.windows.net/web/ |
309 B 718 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
avocadoo.blob.core.windows.net/web/ |
166 B 568 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.php
www.cloakan.co/ |
55 B 321 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nv.php
www.cloakan.co/ |
258 B 401 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
mersin-merhaba-dernegi.business.site/ Frame 77B6 |
166 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=_b,_tp
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.fi.66USzmFS5Yw.es5.O/am=gIFmEAgB/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das1uGgSCoecKwhCsxpVYdfsaZ6pCfw/ Frame 77B6 |
187 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ Frame 77B6 |
619 B 683 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 77B6 |
3 KB 688 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipOlkp82fG8HJYYECM08T-5bJijz6qEp_s1yCFy4=w1080-h608-p-no-v0
lh3.googleusercontent.com/p/ Frame 77B6 |
156 KB 156 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipPEvYcxa9wUZWB2o7X6CzdLQT5XVkDyrlIyKvQb=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipPwRCVn_nWUm7alXcVH3BV93mnRif8Q35jlBV32=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
87 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipO8ASC-vpnW_wmawwnkLuGxsVJDxV61nl_bYUxL=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipNP_PbrlFXSyWopEvKRHj47s6T-GxMZAZv62UdT=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
56 KB 56 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipMLxgo4SyjiHZdm-FQhi6IQDLAHK3rU9mf693wJ=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
61 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipOKLkIppbzfLeUvk7jiOVsroDPpFwSXoHZZmXNS=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipMETSRQCPy6ZQ98PWUiu06Fua8Czd-s5wQA0oOm=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
95 KB 95 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipNkKXXKbTCKfrmh2HyMaq80SDKLm2JaxUnQ0IdM=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AF1QipOlkp82fG8HJYYECM08T-5bJijz6qEp_s1yCFy4=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ Frame 77B6 |
98 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 77B6 |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.gstatic.com/feedback/ Frame 77B6 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
apis.google.com/js/ Frame 77B6 |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
staticmap
maps.googleapis.com/maps/api/ Frame 77B6 |
191 KB 191 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 77B6 |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXp-obK4.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 77B6 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJHMXBBA.woff2
fonts.gstatic.com/s/materialiconsextended/v150/ Frame 77B6 |
159 KB 159 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L0xhDFMnlVwD4h3Lt9JWnbX3jG-2X3LAE1ofE5OtS8U.woff2
fonts.gstatic.com/s/domine/v20/ Frame 77B6 |
17 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w3aXp-obK4ALg.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 77B6 |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L0xhDFMnlVwD4h3Lt9JWnbX3jG-2X3LAE1QfE5OtS8WFKw.woff2
fonts.gstatic.com/s/domine/v20/ Frame 77B6 |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KU...
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.fi.66USzmFS5Yw.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.-jf4yRFrkss.L.W1.O/am=gIFmEAgB/d=1/exm=_b,_tp/excm=_b,_tp,siteview/ed=1/... Frame 77B6 |
251 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=JbzNG
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.fi.66USzmFS5Yw.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.-jf4yRFrkss.L.W1.O/am=gIFmEAgB/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c... Frame 77B6 |
1 KB 625 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=RqjULd
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.fi.66USzmFS5Yw.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.-jf4yRFrkss.L.W1.O/am=gIFmEAgB/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c... Frame 77B6 |
18 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=bm51tf
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.fi.66USzmFS5Yw.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.-jf4yRFrkss.L.W1.O/am=gIFmEAgB/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c... Frame 77B6 |
1 KB 791 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.fi.66USzmFS5Yw.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.-jf4yRFrkss.L.W1.O/am=gIFmEAgB/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c... Frame 77B6 |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery function| cloakan string| data number| data2 object| xmlHttp string| hash object| ifrm0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apis.google.com
avocadoo.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
maps.googleapis.com
mersin-merhaba-dernegi.business.site
www.cloakan.co
www.google-analytics.com
www.gstatic.com
20.150.90.68
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
77.245.159.14
1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80
2862968aa9c079aed671a6f6975bc501d6c9f6b707f724abe41c40c994ff9757
38e0e57af54cff47d6ad8756d80d79d1f88e5c87ceee06794e34a1fc8d385b37
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
52bddd8e15e41426c107fd7e21aeb7a31bb3f02649a6d571f3c95f4382df403e
57c5986e1d66b4a7df90c5eca77001cf29582f2362af22aa98c1d1d99d08280c
66e22dbc47f1d6957f356f771a15ca4e017624d5b200e546aae66f17a1e4bb1d
78ec8eaf9fc18998399c5a6bb7cf94d209d3b5b68be9897a62eb7fd457e2b75e
7ed77a7754691e8b0db174444dbcd3a1ce74038a476d9e6dcb4f9939c341e6e2
89e8f90f08a0698d63d241a1db1dd20b49a4c390dd2dfaa41aad3703e55bfa4e
98160d16e23afc381965f4a4419834532fa5a53f2f9821fd66419c14703151c3
a06dee01fefc35e7bc6656aa9ffb01c3aeca186a5e4ffac0c551a634a4a9078e
a1e1de4ee9b31e22d2ee0df172314a2ba203280ffadd25686000f1752eb76bdb
a1fab3b4b220f32438597d0a60f7ca9367d76f967e703e5b8c03bfe870ab39a5
a52aa33181d101ccbfaa888837a043ad818ec744ae265b6cdb051861fe994f00
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
aa0078fd02bc69e25d5a82bbbfd23c18f13fb352091abeb8776109615580227f
b0e1e38a8e4aaa6f46ae1aed146b26a7517e84231982e6e0ee68de27c9632b79
b93a01e5be38f237516aa4fdef0ff5ee78ceb30e6f69c11d12fe0c89fb5936f9
b9cf3c33001b39e7ae4fcf43b0974f75d7d90d5006066df6be5d98fc4a65c658
bcb299a568b16b55b83de1c2cef2daee382b5154f8e75a880df4ee3ca79b089c
bd10ee5aa0ab227d8516b73a3d9bb83a01267595c8fca9e96c2e2ea331399f4c
c801f4d06504ee6fd0b5b3b133333d6406eaf0039e2dc3b0f59c10882af575b8
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
d8acfe3fa10b92dca620e20c3f4e3eb9ff6d06ae598a4abd87e0ed73ed068e03
dcfe4bf1068d31a9cca873fc19a3313bdfeb5635b8e6d6275033687d70983372
dd12a792055d2e55a51f9b944b48b1226eb6241bd77e1b607cd633c44987500a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e37952f06c0262b93575fdb7082cda07d48ed7cb0c23560f07f5c00c78c699f7
e4c59fa65a203822378a478b1a7bc30d88d0f57db61a9b801bdf30157220f4b4
e520af3b0e8ecbf10986719decc27730484f07eb98f046f43ece6a20a7ea3e03
ed1856c8fed9dea40fa984788b118c46e66508d7d6920d903e06cd9e554f6787
f56f17ddd9db2d4f6120bf4ec8b5f82911d07cb0bd3d1dfeacfe4ea7d4c10fb8
f8b5aae89c331c3312ddb2e9abcacfa1f3480cd8e636a3a8b6969183f46621bf
fa8a7b50cc81666face11917356a7badbbe6054e16af141f8c894e0f15296c26