wzsm.rqa-b.my.id
Open in
urlscan Pro
2606:4700:3031::6815:2c47
Malicious Activity!
Public Scan
Effective URL: https://wzsm.rqa-b.my.id/
Submission: On February 11 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on January 27th 2024. Valid for: 3 months.
This is the only time wzsm.rqa-b.my.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 2606:4700:303... 2606:4700:3031::6815:2c47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:440... 2606:4700:4400::6812:2844 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:7daf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:303... 2606:4700:3032::ac43:84dc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 149.154.164.13 149.154.164.13 | 62041 (TELEGRAM) (TELEGRAM) | |
2 | 2a02:6ea0:c70... 2a02:6ea0:c700::11 | 60068 (CDN77 _) (CDN77 _) | |
1 | 2a03:2880:f27... 2a03:2880:f276:1cf:face:b00c:0:1cc9 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a04:4e42:400... 2a04:4e42:400::347 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 13 |
ASN13335 (CLOUDFLARENET, US)
site-assets.fontawesome.com |
ASN32934 (FACEBOOK, US)
z-p3-static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
telegra.ph
telegra.ph — Cisco Umbrella Rank: 83041 |
783 KB |
4 |
fontawesome.com
site-assets.fontawesome.com — Cisco Umbrella Rank: 56771 |
1 MB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
23 KB |
2 |
icons8.com
img.icons8.com — Cisco Umbrella Rank: 29184 |
2 KB |
2 |
rqa-b.my.id
1 redirects
wzsm.rqa-b.my.id |
7 KB |
1 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
statically.io
cdn.statically.io — Cisco Umbrella Rank: 7432 |
|
1 |
fbcdn.net
z-p3-static.xx.fbcdn.net — Cisco Umbrella Rank: 82626 |
2 KB |
1 |
cloudbootstrapcdn.com
cloudbootstrapcdn.com |
668 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 761 |
83 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2920 |
7 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 773 |
11 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
34 | 13 |
Domain | Requested by | |
---|---|---|
16 | telegra.ph |
wzsm.rqa-b.my.id
|
4 | site-assets.fontawesome.com |
wzsm.rqa-b.my.id
site-assets.fontawesome.com |
3 | cdnjs.cloudflare.com |
wzsm.rqa-b.my.id
|
2 | img.icons8.com |
wzsm.rqa-b.my.id
|
2 | wzsm.rqa-b.my.id | 1 redirects |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.statically.io |
wzsm.rqa-b.my.id
|
1 | z-p3-static.xx.fbcdn.net |
wzsm.rqa-b.my.id
|
1 | cloudbootstrapcdn.com |
wzsm.rqa-b.my.id
|
1 | code.jquery.com |
wzsm.rqa-b.my.id
|
1 | stackpath.bootstrapcdn.com |
wzsm.rqa-b.my.id
|
1 | unpkg.com |
wzsm.rqa-b.my.id
|
1 | fonts.googleapis.com |
wzsm.rqa-b.my.id
|
34 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
rqa-b.my.id GTS CA 1P5 |
2024-01-27 - 2024-04-26 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-01-28 - 2024-04-27 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
cloudbootstrapcdn.com E1 |
2023-12-25 - 2024-03-24 |
3 months | crt.sh |
*.telegra.ph Go Daddy Secure Certificate Authority - G2 |
2023-09-05 - 2024-10-06 |
a year | crt.sh |
1004834818.rsc.cdn77.org R3 |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-11-20 - 2024-02-18 |
3 months | crt.sh |
statically.io GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-08-26 - 2024-09-26 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wzsm.rqa-b.my.id/
Frame ID: B63D5568262F47C29C62A43D51B1DCFA
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
Undangan Grup WhatsAppPage URL History Show full URLs
-
http://wzsm.rqa-b.my.id/
HTTP 301
https://wzsm.rqa-b.my.id/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wzsm.rqa-b.my.id/
HTTP 301
https://wzsm.rqa-b.my.id/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wzsm.rqa-b.my.id/ Redirect Chain
|
31 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
site-assets.fontawesome.com/releases/v6.1.1/css/ |
486 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
21 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boxicons.min.css
unpkg.com/boxicons@2.0.9/css/ |
62 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ |
69 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.js
code.jquery.com/ |
282 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide-spin.js
cloudbootstrapcdn.com/9.1.2/ |
228 B 668 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d4af2f167349937ed96a4.jpg
telegra.ph/file/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
audio-wave.png
img.icons8.com/fluency-systems-filled/48/undefined/ |
334 B 869 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
audio-wave--v1.png
img.icons8.com/material/48/undefined/ |
207 B 736 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ce103401841ff113f7299.jpg
telegra.ph/file/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
85ed5278ed581b4bbb362.jpg
telegra.ph/file/ |
120 KB 119 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b5992499684c132c5309e.jpg
telegra.ph/file/ |
103 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6832d381219056652fcc7.jpg
telegra.ph/file/ |
29 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
692b9784e3bcea95eadc8.jpg
telegra.ph/file/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f9bbfd784e21339de7dc.jpg
telegra.ph/file/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
87f519a39ec35502b0af6.jpg
telegra.ph/file/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
177f6f6dbed91c1fad5b6.jpg
telegra.ph/file/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4935def1b8f37ee6696c6.jpg
telegra.ph/file/ |
44 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4cf82d94f51fab6076f71.jpg
telegra.ph/file/ |
35 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18a5ad1a0853d3025654d.jpg
telegra.ph/file/ |
45 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
78a2ef4fa2e63996d5224.jpg
telegra.ph/file/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a6a7391770db21edad801.jpg
telegra.ph/file/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a34c89f71565d12df4936.jpg
telegra.ph/file/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20ea5bb474ee1ec6edc14.png
telegra.ph/file/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lOol7j-zq4u.svg
z-p3-static.xx.fbcdn.net/rsrc.php/yz/r/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wbga.png
cdn.statically.io/gh/AlexHostX/another/main/walxa/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-light-300.woff2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/ |
415 KB 415 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/ |
321 KB 322 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/ |
380 KB 380 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| setSlider function| salxhw function| login0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.statically.io
cdnjs.cloudflare.com
cloudbootstrapcdn.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
img.icons8.com
site-assets.fontawesome.com
stackpath.bootstrapcdn.com
telegra.ph
unpkg.com
wzsm.rqa-b.my.id
z-p3-static.xx.fbcdn.net
149.154.164.13
2606:4700:3031::6815:2c47
2606:4700:3032::ac43:84dc
2606:4700:4400::6812:2844
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:830::2003
2a02:6ea0:c700::11
2a03:2880:f276:1cf:face:b00c:0:1cc9
2a04:4e42:200::649
2a04:4e42:400::347
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
15575a102afb357d880fdd1fd622917dab5ac301f044487d24558f84786a4998
1c00aab1c43a85ef79884c91700ad825faa87c964f74484bd771b6823421ef2c
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
322f0f749f90f0faf92019350d617987aab0ed3c186d16d06b79638d1d0f550f
345b72d2b4dacefe34b2aa7be25a4fff7108d1ad037eb636a8e069ce3375bd4c
38c9de038e485012e1f1d94a3840f8b1ac30a33e08865c6ec73f988e542e67e3
3a5f8a5c36d325a047e333597bc73010ff977bbf9bc7248dc63b8f9a756f0b03
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7
515954fe1dc163277d36b51f79fe56265f6b6cf79f99e307bbf6e52b477b9c87
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
5507fdf87498115b6f938019e00037b1a2871096f25cf10681f827bb0465ae6e
60e91c1f5914a526b8dc83f6d1b293372cfa3f4bd84915f584d297e9a89f0c85
65a3c30f79af1aa7fbf5744f60d717167636e445e1eb16418671c420150c216f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
af3bb7d040edba646a488918016bdda1268efdc0e728c5692af8af95d1305f12
c176c8e6cc7f16c47378a189dbbc242235ec5f35be1d41aa155d36b07bffa431
cf6650294092e10a757b93b1725d1a6374d19600cd5e8fad352e0ad848a1e934
d0382ec747b787d3ab1d161754f07238ab26ab1f822ab39e30d2e3c4a15fff06
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d43ab0e60da131d556471aa3a2dac68b8f9f4a292e32a4552496e03e75da211f
d4b0586795b487a79ffc5edd5e41834e47650b0c4220102f3c17485fed01d470
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4380d0da1a20c9e8adf95a1dee06fae433d399c32a71d4357cd62b6875b5a99
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f8515d099fdb831988b4e2a1f9fabeab63a04985f6891b244451f8b67f744322
fa0f612c2e8f934540aaf3cd9221c62c3caf32afef6436386823cbfc67f03100
fc0f03d69764509844c499e44a78980b03073d9d08d7c19a0eac3aa92eb2627c