www.zidakainteriors.com
Open in
urlscan Pro
64.64.6.68
Malicious Activity!
Public Scan
Effective URL: https://www.zidakainteriors.com/manifests/*1*n*/
Submission: On December 19 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 20th 2018. Valid for: 3 months.
This is the only time www.zidakainteriors.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 143.204.101.95 143.204.101.95 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::2013 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 205.185.208.52 205.185.208.52 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 1 | 45.40.140.1 45.40.140.1 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
17 | 64.64.6.68 64.64.6.68 | 30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01 - Leaseweb USA) | |
2 | 2a02:26f0:6c0... 2a02:26f0:6c00:2bf::35c1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2603:1026:c06... 2603:1026:c06:2f::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
7 | 2a02:26f0:6c0... 2a02:26f0:6c00:2bf::753 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
35 | 8 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-95.fra50.r.cloudfront.net
powercorpcapital.docx.pro |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-140-1.ip.secureserver.net
x.co |
ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)
PTR: emails.globefinity.com
www.zidakainteriors.com |
ASN20940 (AKAMAI-ASN1, US)
secure.aadcdn.microsoftonline-p.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
outlook.office365.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
zidakainteriors.com
www.zidakainteriors.com |
3 MB |
8 |
office365.com
outlook.office365.com r1.res.office365.com |
647 KB |
4 |
docx.pro
powercorpcapital.docx.pro |
89 KB |
2 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com |
5 KB |
2 |
getmdl.io
code.getmdl.io |
200 KB |
1 |
x.co
1 redirects
x.co |
106 B |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
googleapis.com
fonts.googleapis.com |
430 B |
35 | 8 |
Domain | Requested by | |
---|---|---|
17 | www.zidakainteriors.com |
powercorpcapital.docx.pro
www.zidakainteriors.com |
7 | r1.res.office365.com |
www.zidakainteriors.com
|
4 | powercorpcapital.docx.pro |
powercorpcapital.docx.pro
|
2 | secure.aadcdn.microsoftonline-p.com |
www.zidakainteriors.com
|
2 | code.getmdl.io |
powercorpcapital.docx.pro
|
1 | outlook.office365.com |
www.zidakainteriors.com
|
1 | x.co | 1 redirects |
1 | code.jquery.com |
powercorpcapital.docx.pro
|
1 | fonts.googleapis.com |
powercorpcapital.docx.pro
|
35 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
passwordreset.microsoftonline.com |
login.live.com |
login.microsoftonline.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.docx.pro AlphaSSL CA - SHA256 - G2 |
2018-03-23 - 2020-03-23 |
2 years | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
getmdl.io Google Internet Authority G3 |
2018-04-30 - 2019-04-29 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
zidakainteriors.com cPanel, Inc. Certification Authority |
2018-10-20 - 2019-01-18 |
3 months | crt.sh |
secure.aadcdn.microsoftonline-p.com Microsoft IT TLS CA 1 |
2017-08-15 - 2019-08-15 |
2 years | crt.sh |
outlook.com DigiCert Cloud Services CA-1 |
2018-08-01 - 2020-08-01 |
2 years | crt.sh |
*.res.outlook.com Microsoft IT TLS CA 5 |
2017-11-27 - 2019-11-27 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.zidakainteriors.com/manifests/*1*n*/
Frame ID: D57263D5E763F08FCB6C2C1C2A1429EB
Requests: 18 HTTP requests in this frame
Frame:
https://www.zidakainteriors.com/manifests/*1*n*/
Frame ID: 4FC810980FBA3C97F13F1C9AE9564A33
Requests: 1 HTTP requests in this frame
Frame:
https://www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch.htm
Frame ID: 102F93205AD51AD8222810B311368103
Requests: 15 HTTP requests in this frame
Frame:
https://outlook.office365.com/owa/prefetch.aspx
Frame ID: C2E6733D25D32ECE8C53F4E83C3B3E9A
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://powercorpcapital.docx.pro/onmsOneDrive Page URL
- https://www.zidakainteriors.com/manifests/*1*n*/ Page URL
Detected technologies
Python (Programming Languages) ExpandDetected patterns
- headers server /gunicorn(?:\/([\d.]+))?/i
gunicorn (Web Servers) Expand
Detected patterns
- headers server /gunicorn(?:\/([\d.]+))?/i
HeadJS (JavaScript Libraries) Expand
Detected patterns
- env /^head$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Can'Â’t access your account?
Search URL Search Domain Scan URL
Title: Sign in with a Microsoft account
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://powercorpcapital.docx.pro/onmsOneDrive Page URL
- https://www.zidakainteriors.com/manifests/*1*n*/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://x.co/OneDr1v3S1 HTTP 302
- https://www.zidakainteriors.com/manifests/*1*n*/
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
onmsOneDrive
powercorpcapital.docx.pro/ |
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consent.css
powercorpcapital.docx.pro/static/styles/ |
9 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 430 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material.indigo-blue.min.css
code.getmdl.io/1.3.0/ |
138 KB 138 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material.min.js
code.getmdl.io/1.3.0/ |
61 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.js
powercorpcapital.docx.pro/static/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint.js
powercorpcapital.docx.pro/static/js/ |
61 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.zidakainteriors.com/manifests/*1*n*/ Frame 4FC8 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.zidakainteriors.com/manifests/*1*n*/ |
40 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hover.css
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ |
89 B 325 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ |
107 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aad.js
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ |
164 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
heroillustration.jpg
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bannerlogo.png
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.png
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.4653.2/content/cdnbundles/ |
89 B 547 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.htm
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/ Frame 102F |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.js
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch_data/ Frame 102F |
610 KB 610 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot_003.js
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch_data/ Frame 102F |
608 KB 608 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot_004.js
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch_data/ Frame 102F |
609 KB 609 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot_002.js
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch_data/ Frame 102F |
610 KB 610 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.png
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch_data/ Frame 102F |
17 KB 17 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.css
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch_data/ Frame 102F |
7 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.css
www.zidakainteriors.com/manifests/*1*n*/Sign%20in%20to%20your%20account_files/prefetch_data/ Frame 102F |
178 KB 178 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
prefetch.aspx
outlook.office365.com/owa/ Frame C2E6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.0.mouse.js
r1.res.office365.com/owa/prem/16.1389.11.2087567/scripts/ Frame 102F |
610 KB 166 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.1.mouse.js
r1.res.office365.com/owa/prem/16.1389.11.2087567/scripts/ Frame 102F |
608 KB 150 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.2.mouse.js
r1.res.office365.com/owa/prem/16.1389.11.2087567/scripts/ Frame 102F |
609 KB 156 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.3.mouse.js
r1.res.office365.com/owa/prem/16.1389.11.2087567/scripts/ Frame 102F |
610 KB 132 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.png
r1.res.office365.com/owa/prem/16.1389.11.2087567/resources/images/0/ Frame 102F |
17 KB 17 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.css
r1.res.office365.com/owa/prem/16.1389.11.2087567/resources/images/0/ Frame 102F |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.mouse.css
r1.res.office365.com/owa/prem/16.1389.11.2087567/resources/styles/0/ Frame 102F |
178 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| $Config object| $Do object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B boolean| isTouch string| cssId object| head object| link undefined| msViewportStyle function| $ function| jQuery function| pageOnReady object| MSLogin object| proxy object| ErrorCodes object| Constants object| Context object| Background object| Logo object| Instrument object| User object| tenant_info object| EmailDiscovery function| origHide function| origShow function| origAddClass function| origRemoveClass object| Support object| MSLogout object| ThirdPartyCookieStates object| PostType object| LoginOption object| Post object| TenantBranding object| users object| Tiles object| $Debug object| $Api object| jQuery1112043455906390962173 object| StrongAuthCheck object| Util object| WindowsBrowserSso object| body4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
outlook.office365.com/ | Name: OWAPF Value: p:11111111&v:16.2750.1.2638403&l:mouse& |
|
outlook.office365.com/ | Name: OIDC Value: 1 |
|
outlook.office365.com/ | Name: ClientId Value: AC058B2D31E84C6190869210E5AC8D09 |
|
www.zidakainteriors.com/manifests/*1*n* | Name: testcookie Value: testcookie |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.getmdl.io
code.jquery.com
fonts.googleapis.com
outlook.office365.com
powercorpcapital.docx.pro
r1.res.office365.com
secure.aadcdn.microsoftonline-p.com
www.zidakainteriors.com
x.co
143.204.101.95
205.185.208.52
2603:1026:c06:2f::2
2a00:1450:4001:815::2013
2a00:1450:4001:81f::200a
2a02:26f0:6c00:2bf::35c1
2a02:26f0:6c00:2bf::753
45.40.140.1
64.64.6.68
0fe0ea9396dc0c2c19a3bf596fab95f4f755b7bb311fded98021284bd5e17898
146513df5737112eb2a37f1217e5965035bed28efd9b1012724f36f9c654bf97
14d4e89d55b1f962a895050b05a52c71c399a59764bbf5649ec09a72cd64fdbe
15f6c0df09cd41626f2190908edd91543f3199f55b58860edb6d60120e15faac
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17847032fcfccc743e8c8c345d66b870e3dbfb4ab84eea70389b3730d262d6cf
1c5b35d58708fef1d20982144818440f686f93745fb46e724ac457c90c02dbde
38a6c7d1c25a3dd3d0132489c5e969e3e2130ebfe95c8b2f561314e7c922edc3
3c27eee3e7e742ba78c0d9956e337579a5f82db3af39e8da6f450e8632decebc
5a592f6204759aa5a27ff418cbfbc2da0e05544eb3f9851a88c7998577cfc127
651e9d3e0c636b1f1080012ca5283b89ce6283bb3a8b3b2be479c9dcc575dc75
6ebdbdf01e78babe586c8cc981e09e38b3c080a54a8fdc16d5e4d757a866307b
6fb48083f76fce3fb1e55f4ba99f7a80bbb74a51242c088eea3cc5191d55011e
7bed7d7ef6d5fe30a99e1d4e97d0c565797a296b3bbee72c9627c9a9b24fe2b7
90017a8862b85603193609dd23c161f615ac22cea6aac0e22c9b0e831be79c52
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
988e349f2bf4e87154738c7b2c1fa86618713a8cfa0cef60a046f5add89bd9de
99722099e48f952b93c648fc74432bfe7edd3b0127775639701e6051be47a8f1
9fdb62c92091b48f08570b19077d643a182799347c2bcdf77ca610bddad3cbe6
c926ede3a9b3a6d8bfd123479367e378efefefb22a8e936b73c58b3c78137dea
cd19bed80762262e9da6298734225a26283d5b88ed83a66f17a7ec3297c597aa
cf59603c69d84bc89e5cbbe38788a95a7f67e00f3f5f234bb350962856a36da1
f8e464e200dabbe37896ed2cc50b0c89e9f517091de3c8a2dd29c999b050f1ec
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603