www.apk4now.com
Open in
urlscan Pro
188.114.97.3
Malicious Activity!
Public Scan
Effective URL: https://www.apk4now.com/apk/133584/conquistas/download
Submission Tags: @phish_report
Submission: On July 30 via api from FI — Scanned from NL
Summary
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.
This is the only time www.apk4now.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 17 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2a00:1450:400... 2a00:1450:4001:80b::2016 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:800::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.185.130 142.250.185.130 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200e | () () | |
34 | 11 |
ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
apk4now.com
3 redirects
apk4now.com www.apk4now.com |
69 KB |
10 |
googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 324 lh3.googleusercontent.com — Cisco Umbrella Rank: 129 |
62 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123 |
21 KB |
2 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 |
196 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
163 KB |
2 |
ggpht.com
lh4.ggpht.com — Cisco Umbrella Rank: 48781 lh6.ggpht.com — Cisco Umbrella Rank: 34811 |
14 KB |
1 |
google.com
fundingchoicesmessages.google.com |
|
34 | 7 |
Domain | Requested by | |
---|---|---|
11 | www.apk4now.com |
www.apk4now.com
|
6 | play-lh.googleusercontent.com |
www.apk4now.com
|
6 | apk4now.com |
3 redirects
apk4now.com
|
4 | lh3.googleusercontent.com |
www.apk4now.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | pagead2.googlesyndication.com |
www.apk4now.com
pagead2.googlesyndication.com |
2 | www.googletagmanager.com |
www.apk4now.com
www.googletagmanager.com |
1 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | lh6.ggpht.com |
www.apk4now.com
|
1 | lh4.ggpht.com |
www.apk4now.com
|
34 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.specialtours.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
apk4now.com WE1 |
2024-07-15 - 2024-10-13 |
3 months | crt.sh |
edgestatic.com WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
*.googleusercontent.com WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
*.google.com WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.apk4now.com/apk/133584/conquistas/download
Frame ID: 24EFA9F31AABE7BA7086A65F00CE801A
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Download Conquistas 1.2 Apk (33.52Mb), For Android - APK4NowPage URL History Show full URLs
-
http://apk4now.com/apk/133584/conquistas/download
HTTP 307
https://apk4now.com/apk/133584/conquistas/download Page URL
-
https://apk4now.com/cdn-cgi/phish-bypass?atok=RRoeLijqeqIRy3B_I4BzmlLTL9u9j5R20MfvkitKULo-172235...
HTTP 301
https://apk4now.com/apk/133584/conquistas/download HTTP 301
https://www.apk4now.com/apk/133584/conquistas/download Page URL
Detected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Website
Search URL Search Domain Scan URL
Title: APK4Now
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://apk4now.com/apk/133584/conquistas/download
HTTP 307
https://apk4now.com/apk/133584/conquistas/download Page URL
-
https://apk4now.com/cdn-cgi/phish-bypass?atok=RRoeLijqeqIRy3B_I4BzmlLTL9u9j5R20MfvkitKULo-1722350417-0.0.1.1-%2Fapk%2F133584%2Fconquistas%2Fdownload
HTTP 301
https://apk4now.com/apk/133584/conquistas/download HTTP 301
https://www.apk4now.com/apk/133584/conquistas/download Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://apk4now.com/apk/133584/conquistas/download HTTP 307
- https://apk4now.com/apk/133584/conquistas/download
- https://apk4now.com/favicon.ico HTTP 301
- https://www.apk4now.com/favicon.ico
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
download
apk4now.com/apk/133584/conquistas/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
apk4now.com/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
apk4now.com/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.apk4now.com/ Redirect Chain
|
7 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
download
www.apk4now.com/apk/133584/conquistas/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styl.css
www.apk4now.com/css/ |
32 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
post.min.js
www.apk4now.com/js/ |
100 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_32.png
www.apk4now.com/img/ |
571 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s_20.png
www.apk4now.com/img/ |
535 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
new_24.png
www.apk4now.com/img/ |
621 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
also_24.png
www.apk4now.com/img/ |
654 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb_24.png
www.apk4now.com/img/ |
529 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5oQ28qnItmk1tJ_RFNdmtPga-ssq-xskCPY5pRC2svgSWGe3TvEneiE6xqQ-CG9lV9Dk=w120
play-lh.googleusercontent.com/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k54yPim_rI2UKdK6N7BkSaZG8aAdnfSZrLhfeMjoZjHK7d2i1P0Y8t1C6IqlVX5H0w=w60
lh3.googleusercontent.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q1TZjTl1wz8en18YsYpdooLdq3r6p-CvtyQn-x9iTl9BgOkcG6zkkFhRxbcKnD39zw=w60
play-lh.googleusercontent.com/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QjWe607gq1v0n9T0_m2fvPzmSt1IWABFsj9HEdnNzbnEleC1XdbF6DOXX-CciYdTcQ=w60
lh3.googleusercontent.com/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-bhi_ljcXMvf3lKXcma-Ho1D9Ck9Fu2Cf1KXC5mwW4gJFG8SAFt1KCD8ctodcnlpi00=w60
play-lh.googleusercontent.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
J_lgADzUfkVmDfguyLfVhRYZ8dzpCOwm15eCxwUXehOYv1QdR8uo1FHBkhq34oxjvmM=w60
play-lh.googleusercontent.com/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9e6ov6XX1y-tWA0YAfQcZD49uTI6T7CfJZ0Z-yxKWecUk1Hbwq2EUmvYFd1BbNQhZQ=w60
lh4.ggpht.com/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
P7s5RMZiIdAiwgu1rmZzsDLA65BghrOeos7QvvqupPlpvI9Ci81T3gnfmK6ZMGXh6A=w60
lh6.ggpht.com/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GNT7Gqf3aQpLq6NbSiCI4g07uzeZtbr5saRB4fECcNL1tXYYzDFEgsEtZW7HDtHkMRJm=w60
lh3.googleusercontent.com/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BUmPXEz3ATAGDuSbM0JRu1mVOq7kM_ZlSJjPT6j37-fiI49_lrzfQG8oYXrfENwtrObp=w60
lh3.googleusercontent.com/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t9KKZJ9OewfXJidG5mQV5AuQoVcrBUn5yaciWzkDO-6eUcBfdcGTx3cb7pMZj2VRog=w60
play-lh.googleusercontent.com/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-ZZJMbPbJjOpJAKf-0gPiWhGqBId_eqGKxbKML4zSq3Ld3RqoFXjSTCYmUYa6l2Kkg=w60
play-lh.googleusercontent.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
stars.png
www.apk4now.com/img/icons/ |
1018 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fav.png
www.apk4now.com/ |
583 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
208 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
160 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
248 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/ |
425 KB 143 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 207 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-9601248563741077
fundingchoicesmessages.google.com/i/ |
9 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery object| baguetteBox number| post_id function| lazyScript boolean| lazyLoad function| lazy_load object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal object| gaplugins object| gaData function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.apk4now.com/ | Name: __cf_mw_byp Value: RRoeLijqeqIRy3B_I4BzmlLTL9u9j5R20MfvkitKULo-1722350417-0.0.1.1-/apk/133584/conquistas/download |
|
www.apk4now.com/ | Name: PHPSESSID Value: ps1oj9b8n10eo1u707o7j1rqsn |
|
.apk4now.com/ | Name: _ga_E9K60K0NQ8 Value: GS1.1.1722350426.1.0.1722350426.0.0.0 |
|
.apk4now.com/ | Name: _ga Value: GA1.2.1866748090.1722350427 |
|
.apk4now.com/ | Name: _gid Value: GA1.2.1833249019.1722350427 |
|
.apk4now.com/ | Name: _gat_gtag_UA_65604217_1 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apk4now.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
lh4.ggpht.com
lh6.ggpht.com
pagead2.googlesyndication.com
play-lh.googleusercontent.com
region1.google-analytics.com
www.apk4now.com
www.google-analytics.com
www.googletagmanager.com
142.250.185.130
188.114.97.3
2001:4860:4802:32::36
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2016
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2008
0e9048bcff95c64f04db339bf64c668ac6dee6a10d0221dcd4f16fbb80ebfa70
1c089425abdbaac5d6e7a09cc7d6d29525342445d479d471f83ff1198c11158f
27fc75326b9dc9580ec0bfb74050378590bbbf65dc716722927347d9dea2a6f1
2aae9d72073b1763c83e04772f14619d7d24d643a4bcdf2a1f853d601ef283a9
2ee51c78c379efda294981526e553ad2d494f2ac967fc49b9acf4404df414790
312c24d948646b2d704bcc56ce2fdbf829a093eb4f8b97c2ec8ccd8262026f5e
33a1753e18ab99e04c8f255237c182468a83c02bd074952de4fda470806fc611
3da763610b6e70bced7460fd5f5a5ea9860681a6892b9d2df112c25209f26edd
4b5083221a5746a6f58e1f1d104afe601043191d5415ce8ae07a652376fa420f
519c52fe8ec703e385e51c3032b4932e3bde1056e7003f69ab67296c47c4ee31
582a3074d5e9de1a0c9eff8ac3bac3ec906fb8b8f1b5bdf94c5b1dc444917853
5b910f8369fc6cf04503c24748de67ce38b01d95acca02c730e47abca4226e76
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76df9c611fa6719814171d5b191b70f585cd99b534cc2390d7c873b2ad42097f
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8d3982e968a25742566e1b1e3b11864b59f6f59227d2e4f859581176e62eda20
98539363c4e0a462ed006007362058bfa6d37e37a6e1b466d5116e4d861ca02e
996fccb0a77d7096a2a37723814909af3d6533773ec1eb3c0d174f8aba8373d2
99f887c95448957035c31e4a50e46f68f1d92f5e91ba2da50740c920c3a04005
b6627c26320eba510cce9eae7b4049a59925a93d11a3fe65acb0c33e2f23892a
b863691cd50d6a49cc0f49baf197bb159975493551628b684b60c67f13197e1e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be1ba6172ec30c6f3433b1e652d0325a80bfe87e8f59191bef0a4339ae9e63b6
c0bef62e4b6914fa84295ea3eb30de13e3dde2400a1a95727c2d58627ffef595
d429d242f537afbf1bf91a3a5d96d753c9b3d46f553d0129e7eac3a86f340b27
d54430f307c94cbd4b7ad737df6c08b8d127ac5a506df948118cbdad345b4519
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e058ef1db88ca83a57464e68780891ee50376a1b0f9d3111962f03128ff30417
e2b3520a498580e1e2e0e60e9cc1a0c99ceff7909f7a43c0ab167bb360f73e39
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f8c39738a002b2ba5d8ce9c4840af2491ae5bc671dcfeb3cf61206f83621b192
f9a8428afe3cbf59cac73b3704dd6648c8ce998834eacf29f5d7cc6e329df9a5