hirenitiy.site
Open in
urlscan Pro
2606:4700:3034::6815:21c0
Malicious Activity!
Public Scan
Effective URL: https://hirenitiy.site/aidate/
Submission: On March 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 10th 2024. Valid for: 3 months.
This is the only time hirenitiy.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BDDK (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3035::ac43:94e9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 33 | 2606:4700:303... 2606:4700:3034::6815:21c0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:20:... 2606:4700:20::681a:507 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 31.3.2.127 31.3.2.127 | 21245 (MEDIANOVA...) (MEDIANOVA-CDN) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:10:... 2606:4700:10::6816:4bab | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
40 | 7 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
hirenitiy.site
3 redirects
hirenitiy.site |
500 KB |
4 |
e-devlet.gov.tr
cdn.e-devlet.gov.tr — Cisco Umbrella Rank: 108442 |
72 KB |
1 |
amung.us
whos.amung.us — Cisco Umbrella Rank: 18264 |
206 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368 |
32 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310 |
25 KB |
1 |
waust.at
waust.at — Cisco Umbrella Rank: 50725 |
4 KB |
40 | 6 |
Domain | Requested by | |
---|---|---|
35 | hirenitiy.site |
3 redirects
hirenitiy.site
ajax.googleapis.com |
4 | cdn.e-devlet.gov.tr |
hirenitiy.site
cdn.e-devlet.gov.tr |
1 | whos.amung.us |
waust.at
|
1 | ajax.googleapis.com |
hirenitiy.site
|
1 | cdn.jsdelivr.net |
hirenitiy.site
|
1 | waust.at |
hirenitiy.site
|
40 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hirenitiy.site GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-06-04 - 2024-06-03 |
a year | crt.sh |
cdn.e-devlet.gov.tr GlobalSign RSA OV SSL CA 2018 |
2024-02-22 - 2025-03-25 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hirenitiy.site/aidate/
Frame ID: 45FD095A960AC82A7498167DA6675677
Requests: 41 HTTP requests in this frame
Screenshot
Page Title
e-Devlet KapısıPage URL History Show full URLs
-
http://hirenitiy.site/
HTTP 301
https://hirenitiy.site/ Page URL
-
https://hirenitiy.site/aidate
HTTP 301
http://hirenitiy.site/aidate/ HTTP 301
https://hirenitiy.site/aidate/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hirenitiy.site/
HTTP 301
https://hirenitiy.site/ Page URL
-
https://hirenitiy.site/aidate
HTTP 301
http://hirenitiy.site/aidate/ HTTP 301
https://hirenitiy.site/aidate/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://hirenitiy.site/ HTTP 301
- https://hirenitiy.site/
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
hirenitiy.site/ Redirect Chain
|
526 B 817 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
hirenitiy.site/aidate/ Redirect Chain
|
31 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.js
waust.at/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/ |
156 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
cdn.e-devlet.gov.tr/themes/izmir/css/ |
82 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header.js
hirenitiy.site/aidate/all/files/ |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
giris.css
hirenitiy.site/aidate/all/files/ |
40 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.png
hirenitiy.site/aidate/all/files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0046.png
hirenitiy.site/aidate/all/banklogo/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0203.png
hirenitiy.site/aidate/all/banklogo/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0135.png
hirenitiy.site/aidate/all/banklogo/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0125.png
hirenitiy.site/aidate/all/banklogo/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0134.png
hirenitiy.site/aidate/all/banklogo/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0103.png
hirenitiy.site/aidate/all/banklogo/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0111.png
hirenitiy.site/aidate/all/banklogo/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0062.png
hirenitiy.site/aidate/all/banklogo/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0012.png
hirenitiy.site/aidate/all/banklogo/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0123.png
hirenitiy.site/aidate/all/banklogo/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0099.png
hirenitiy.site/aidate/all/banklogo/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0205.png
hirenitiy.site/aidate/all/banklogo/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0146.png
hirenitiy.site/aidate/all/banklogo/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0059.png
hirenitiy.site/aidate/all/banklogo/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0032.png
hirenitiy.site/aidate/all/banklogo/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0206.png
hirenitiy.site/aidate/all/banklogo/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0064.png
hirenitiy.site/aidate/all/banklogo/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0015.png
hirenitiy.site/aidate/all/banklogo/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0067.png
hirenitiy.site/aidate/all/banklogo/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0010.png
hirenitiy.site/aidate/all/banklogo/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.js
hirenitiy.site/aidate/all/files/ |
662 KB 191 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
giris.js
hirenitiy.site/aidate/all/files/ |
30 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jcryption.js
hirenitiy.site/aidate/all/files/ |
74 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.4/ |
90 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
hirenitiy.site/aidate/all/js/ |
57 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
edkkds.svg
hirenitiy.site/aidate/all/files/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
auth-methods.2225.svg
hirenitiy.site/themes/izmir/images/ |
808 B 808 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin-regular.176.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/opensans/ |
19 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin-600.176.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/opensans/ |
20 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin-300.176.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/opensans/ |
19 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
whos.amung.us/pingjs/ |
28 B 206 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
%3C
hirenitiy.site/aidate/ |
808 B 836 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
439 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BDDK (Banking)156 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| BigInt object| _wau object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| html5 object| Modernizr function| LanguageFetcher function| loadTextTrack function| parseSRT object| textTrack object| textTrackCounter object| currentText undefined| viewMode undefined| textMode string| staticServer string| ajaxServer function| toggleText function| toggleSize function| add_printable_footer object| os function| fix_colour_dots_on_firefox object| locales object| datePickerController function| DeepLinker function| open_accessibility_menu function| close_accessibility_menu function| is_accessibility_menu_open function| toggle_accessibility_menu function| open_user_menu function| close_user_menu function| is_user_menu_open function| toggle_user_menu function| $ function| jQuery function| FastClick function| moment function| RateYo function| Cookies function| timecode_min function| timecode_max function| tcsecs function| tmpl function| Marquee function| analytics function| Sifter object| MicroPlugin function| Selectize object| is function| initializeHelpers number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger undefined| maxDigits undefined| ZERO_ARRAY undefined| bigZero undefined| bigOne number| dpl10 object| highBitMasks object| hexatrigesimalToChar object| hexToChar object| lowBitMasks function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod object| Aes object| Base64 object| Utf8 number| charSize string| b64pad number| hexCase function| Int_64 function| str2binb function| hex2binb function| binb2hex function| binb2b64 function| rotl_32 function| rotr_32 function| rotr_64 function| shr_32 function| shr_64 function| parity_32 function| ch_32 function| ch_64 function| maj_32 function| maj_64 function| sigma0_32 function| sigma0_64 function| sigma1_32 function| sigma1_64 function| gamma0_32 function| gamma0_64 function| gamma1_32 function| gamma1_64 function| safeAdd_32_2 function| safeAdd_32_4 function| safeAdd_32_5 function| safeAdd_64_2 function| safeAdd_64_4 function| safeAdd_64_5 function| coreSHA1 function| coreSHA2 function| jsSHA object| bootstrap function| gonder object| x string| x1 string| x20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.e-devlet.gov.tr
cdn.jsdelivr.net
hirenitiy.site
waust.at
whos.amung.us
2606:4700:10::6816:4bab
2606:4700:20::681a:507
2606:4700:3034::6815:21c0
2606:4700:3035::ac43:94e9
2606:4700::6810:5814
2a00:1450:4001:806::200a
31.3.2.127
0b155ade172e77bc397377c1856af15289b509590b332b351e48f5c11f73a35e
0b1cd21a0d2d81488163c7046d431f7279b859d06e17466bbc98cc2bd33632d5
18ec983b74a0be521f86e727094bc1932eff87dee6035e2bccaf1b74c077b77f
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
2301608990fe517120f3bd2170d23b1a8885c76d3750c8abe3c808aecde16bcd
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
2eea9d0bdba83fab04d2c3cabc7b6d5dd6876d21b0ebe7b3f6b9c9eefcc20968
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
33662db54cac27cd49939cdd3b6cb8d501e9bf7eab967e338425d350e9f2c0c1
390a5054197e2457b1760b50d4cbd3405335aac4a1a627e49af36adfc2bdd063
39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691
3b2bd1452889d967ddaa5ee65b294b2f7f7040637d565a918e257e2334a317eb
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
4192f791a3ffd4bd899f21e0cd63d83cdd35a7249d25d3bc5145f9758eb89d14
4637236d1927010c49cdedc3aa088bd9259ea520ab99de09f507e9700a27b8c8
46690f2f6bca8ad77615d4626fb62ff036b2e8218ecd659be64b635a59186412
4f738d116235f28753d0b5e537b885741cc6765104077f2e65e3671e0b0511de
500d8ffd5f9a858dbb7d356684295665174d6e5e6afdd9634003374ae86193a2
537d46273fe124bbced2f098f26222fa3155741e9d76f906c3c39e7fa09bf6a8
6478901d24715fee38c2b6039d98580749df4c82153af33166c5ddbebbbeaea7
65859d8a82e1c214cf9908c84f4a9b77149f1183a6150493378b8271fcd048e2
814a3f4f20f812103033c8345c9bbd27f561a5462f34843e88c94f6f5dc4092c
86171ede3bb20c55675e7ce0bf4f8f4c1b75bb1ab8861893abaa825c0caff7d3
ae17577c149f97bdbabaa9dc9fa1fc8778d90f15fa76f38f3bdfb01e6c467634
b0bd53a2033a2228d1cb275cf6731c30439cd8b10262922520e024d69f8957a7
b368506469f3d6988946739e1986634f35c9b2c90aad793a5271ac72d132690f
b43e656f6fc43045f09a73737230cfdc65c8297d6f8a692b7566a2eed8bf56c0
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bddbf6ecb960eb6fa4696bd91ddbf07f0f81f9341b075b14a41510cd785318c3
cb653ff1d7c81dcce0be0a57640806de84d4681628e5661775c5d5f341cb0ec0
cfcbd4fa7443e2d30e009470840adab2eb0eba1a3eba68b63faeded29c249a5f
d35f9f0ce157ff6b60188c2d48b61c0dd4bf0922af62d44cb070761cbbb499bd
d3e29447105d8c630880edbf8f643026c11dc436e562fb136191baec01b289bd
d7a12e87c79d1132dd90ac658f1d100e63ed95b63037cabeeae34a28d2eeeb5a
e22f2b7eb9103702312bb2c6e5bea4c3958319268bd4ddfd3fa1236f41223614
e56b35eaa3d94fd62d9edff15fd9160d08c1e3ae6f19bd62761766066e4f439d
ee750a9f2a8957938c5e20de95dec1699209884fce025cd8801207489bafb821
f43f8046c13d4c2bb86db180597505bf5f63a002490dda5922e6609b6b246a61
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fbc077c2292d141f216b9b77ad329e1c0604a8795275368e361d29411446ceb4