4848449.v2nd.shop
Open in
urlscan Pro
132.148.72.6
Public Scan
Effective URL: https://4848449.v2nd.shop/
Submission Tags: phishingrod
Submission: On July 02 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 1st 2023. Valid for: 3 months.
This is the only time 4848449.v2nd.shop was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 34 | 132.148.72.6 132.148.72.6 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
4 | 2606:4700:20:... 2606:4700:20::ac43:457b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3038::6815:eaad | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 15.165.38.75 15.165.38.75 | 16509 (AMAZON-02) (AMAZON-02) | |
43 | 6 |
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 6.72.148.132.host.secureserver.net
4949449.fcs2.top | |
ww.4949449a.xyz | |
4848449.v2nd.shop |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-165-38-75.ap-northeast-2.compute.amazonaws.com
zhibo.2020kj.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
fcs2.top
4949449.fcs2.top |
335 KB |
15 |
v2nd.shop
1 redirects
4848449.v2nd.shop |
135 KB |
4 |
tutu.finance
tk.tutu.finance |
709 KB |
2 |
11828.cc
amtk.11828.cc |
259 KB |
2 |
4949449a.xyz
1 redirects
ww.4949449a.xyz |
291 B |
1 |
2020kj.com
zhibo.2020kj.com — Cisco Umbrella Rank: 820939 |
17 KB |
1 |
1188.store
2.1188.store |
321 KB |
0 |
bdimg.com
Failed
apps.bdimg.com Failed |
|
0 |
51.la
Failed
js.users.51.la Failed |
|
0 |
Failed
function sub() { [native code] }. Failed |
|
43 | 10 |
Domain | Requested by | |
---|---|---|
17 | 4949449.fcs2.top |
4949449.fcs2.top
|
15 | 4848449.v2nd.shop |
1 redirects
4949449.fcs2.top
4848449.v2nd.shop |
4 | tk.tutu.finance |
4848449.v2nd.shop
|
2 | amtk.11828.cc |
4848449.v2nd.shop
|
2 | ww.4949449a.xyz |
1 redirects
4949449.fcs2.top
|
1 | zhibo.2020kj.com |
4848449.v2nd.shop
|
1 | 2.1188.store |
4848449.v2nd.shop
|
0 | apps.bdimg.com Failed |
zhibo.2020kj.com
|
0 | js.users.51.la Failed |
4848449.v2nd.shop
|
0 | add_favorite Failed |
4949449.fcs2.top
|
43 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.988083.live |
ww.320331f.live |
ww.qw1r.shop |
jinshangtianhualt.5551818b.com |
ww.1388803c.life |
0k.994598.shop |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.4949449k.ltd R3 |
2023-07-02 - 2023-09-30 |
3 months | crt.sh |
d.4949449.shop R3 |
2023-06-10 - 2023-09-08 |
3 months | crt.sh |
bff.4949449.xyz R3 |
2023-07-01 - 2023-09-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-06 - 2024-04-05 |
a year | crt.sh |
*.sjkj.com ZeroSSL RSA Domain Secure Site CA |
2023-06-07 - 2023-09-05 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://4848449.v2nd.shop/
Frame ID: 00056A04AF0813B1482D91498D8EAABD
Requests: 35 HTTP requests in this frame
Frame:
ext://add_favorite
Frame ID: C7D803F0F45CB3CC81C1B990E7249EA9
Requests: 6 HTTP requests in this frame
Frame:
https://zhibo.2020kj.com:777/2020kj.html
Frame ID: 0F9FB74A73C5F14F0FFEE4F0C9ED9F4E
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
藏宝阁论坛4949449.com -Page URL History Show full URLs
- https://4949449.fcs2.top/ Page URL
-
https://ww.4949449a.xyz/
HTTP 302
http://4848449.v2nd.shop/ HTTP 301
https://4848449.v2nd.shop/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: 183期:【澳门传真★一码铲庄★】✓
Search URL Search Domain Scan URL
Title: 183期:【打击骗子★一肖一码★】✓
Search URL Search Domain Scan URL
Title: 183期:【一心为民★六码复式★】✓
Search URL Search Domain Scan URL
Title: 183期:【内幕一码★一码中特★】✓
Search URL Search Domain Scan URL
Title: 183期:【广东集团★二肖四码★】✓
Search URL Search Domain Scan URL
Title: 075期:【香港内幕★①码③中③】✓
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://4949449.fcs2.top/ Page URL
-
https://ww.4949449a.xyz/
HTTP 302
http://4848449.v2nd.shop/ HTTP 301
https://4848449.v2nd.shop/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
4949449.fcs2.top/ |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
4949449.fcs2.top/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
4949449.fcs2.top/ |
56 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
4949449.fcs2.top/ |
34 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
4949449.fcs2.top/ |
95 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
4949449.fcs2.top/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.SuperSlide.2.1.js
4949449.fcs2.top/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zy.js
4949449.fcs2.top/zy/ |
1 KB 954 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1649596270.gif
4949449.fcs2.top/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1751355540.jpg
4949449.fcs2.top/ |
113 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
varniq.html
4949449.fcs2.top/zy/ Frame C7D8 |
19 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_1.jpg
4949449.fcs2.top/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_2.jpg
4949449.fcs2.top/ |
302 B 508 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_2.jpg
4949449.fcs2.top/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.2.min.js
4949449.fcs2.top/zy/ Frame C7D8 |
94 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btbanner.gif
4949449.fcs2.top/zy/ Frame C7D8 |
61 KB 62 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bgt.png
4949449.fcs2.top/zy/ Frame C7D8 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
add_favorite
/ Frame C7D8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
varattest.php
ww.4949449a.xyz/ Frame C7D8 |
20 B 184 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
4848449.v2nd.shop/ Redirect Chain
|
85 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
txcss.css
4848449.v2nd.shop/style/ |
23 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wind-reset.css
4848449.v2nd.shop/images/wind/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
media.css
4848449.v2nd.shop/style/ |
3 KB 949 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pw_ajax.js
4848449.v2nd.shop/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo1.gif
4848449.v2nd.shop/ |
61 KB 62 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ml.gif
4848449.v2nd.shop/ |
42 KB 42 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ly002.css
4848449.v2nd.shop/style/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.gif
4848449.v2nd.shop/images/wind/ |
446 B 651 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
post.gif
4848449.v2nd.shop/images/wind/ |
707 B 912 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dl.png
4848449.v2nd.shop/images/admin/ |
1014 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zc.png
4848449.v2nd.shop/images/admin/ |
930 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Deploy.js
4848449.v2nd.shop/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ampgt.jpg
tk.tutu.finance/aomen/2023/col/183/ |
428 KB 429 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amsbx.jpg
tk.tutu.finance/aomen/2023/col/183/ |
119 KB 119 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ammh.jpg
tk.tutu.finance/aomen/2023/col/183/ |
29 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ggz.jpg
tk.tutu.finance/aomen/2023/col/183/ |
131 KB 131 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yjzy.jpg
amtk.11828.cc/aomen/2023/col/183/ |
113 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1358.jpg
2.1188.store/UploadFiles/pic/2/ |
320 KB 321 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lsxjb.jpg
amtk.11828.cc/aomen/2023/col/183/ |
145 KB 146 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
21552975.js
js.users.51.la/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.js
4848449.v2nd.shop/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2020kj.html
zhibo.2020kj.com/ Frame 0F9F |
37 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
apps.bdimg.com/libs/jquery/1.10.2/ Frame 0F9F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- add_favorite
- URL
- ext:add_favorite
- Domain
- js.users.51.la
- URL
- https://js.users.51.la/21552975.js
- Domain
- apps.bdimg.com
- URL
- https://apps.bdimg.com/libs/jquery/1.10.2/jquery.min.js
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| AjaxObj function| XMLhttp object| ajax function| sendmsg function| getObj function| objCheck function| ietruebody function| getTop function| getLeft function| IsElement function| setCurrent function| strlen function| initCheckTextNum function| checkTextNum string| agt boolean| is_ie boolean| is_gecko string| imgpath string| verifyhash string| modeimg string| modeBase string| winduid string| windid string| groupid boolean| gIsPost undefined| base function| IndexDeploy function| SaveDeploy function| SetCookie function| FetchCookie function| Ajump2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
4848449.v2nd.shop/ | Name: 6c5e8_lastvisit Value: 0%091688262661%09%2Findex.php%3F |
|
4848449.v2nd.shop/ | Name: 6c5e8_threadlog Value: %2C2%2C |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2.1188.store
4848449.v2nd.shop
4949449.fcs2.top
add_favorite
amtk.11828.cc
apps.bdimg.com
js.users.51.la
tk.tutu.finance
ww.4949449a.xyz
zhibo.2020kj.com
add_favorite
apps.bdimg.com
js.users.51.la
132.148.72.6
15.165.38.75
2606:4700:20::ac43:457b
2606:4700:3038::6815:eaad
2a06:98c1:3120::3
127cc244495f565db3b618e117d9e04017931610f9fc510fc21c7ffdbacb224d
152f9abe08f2609081ab824320556e293586580973ca35b593d35deb3fc23550
16dc4ca986c73524f8641f1796fa618e584a7c1269a54d737dcf8524fe073a05
190c64c77cbc9008126bcc0584e8828896bfffc659c5ed958c47f593a06be667
3aeeea3f21262ea3e6e00e8e3cd709ff0d360ff5fad5e21c78e8686f197d8213
3b708b2cd215c6c0fde58bda30f1ac200d256674c9be862bf2e541ad0dccb318
439484db38f4996580550e51c7609c541d517b405dbd6874052f4b00e89f18d2
467d25058e5bc20628429fdae8b2c28807a883479425061b4b3b57c33e65ce75
48df404953c2317d6e85abddcf6633a21ca4c5ee337046e644d54e25641fc1f0
5091766084cbad713ad7d628f72f3d50d389cef8946ee03b2834c3f1c549ef44
53dc25fa14a07b88f336ea432ffdbafdcbb949e0edd564087bb3b1c42ed511ec
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352
641e0d31e91687900c38dafc264575a7fe7cabf0d24377720619f45ac2e1f1e5
6e07524223aab5dc3a8c57e5ca5b0fa252a986e38eb34f056a264fa8fe6eae22
7dbd8af597de2869b7d39490ccdddf6aa048880d86b9838c1e0d75db25f3bab9
7e4a2a5b6417c761be94f577131c0caa4efbd779b701f2a36d6393100f194068
7e53fbb87fba006fdc37e4a36942c53735dd43480cb86641344f8daf39ced955
876eea21b25861dfd99e713fea5f8d5f0bb5b8fa16456cdd22b235ae7bfabeb8
8939aca13441c95193dc0d8bf80ce9e0875245a7a4e6ce2a15d171879a0b3bb9
96de1aa5be295b00a2bf0c1ec2368f16a6283ce6bcec21d1af4bfa3f5ef52a17
9fac08e5794d2ced924af380c625a188edf4285b6a690f0d101a55b4e7cdf736
a5d5c33f526939e3d9e6c79f734d2ca83770e9e66da6c45c5e201f392bf3e498
ac9f2cc2140a58109e0ddf49676e5fdbf291cf0376ea9a30e8999e51939c67dc
b27c3df37d0df09125da769c153d69cf965d1820893aa67b195d8c1d156fcb9c
bcdde5d51e84e008dfb963776d1548ae1a80b86929467cbc95c3053e6c7b2617
be9339a4502cf24abf267cf8fa9987602bb0d57fe05e4cf160375da3983e8492
c35a8212d0a0ec5eeb49a17581ffdd769984a63f874c9224c921502ad476be55
cdc7dc7b4214049ae130790476915252424a7d9eccd8165e415b19f7a540d1df
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
db318ca1e4989d1e8ea9cbb233e469ffad29d91ae735d0dc45ba3d353843e86e
e331a54b5cf196312c2ba9be8dd4830fa35c22f1f10c5f67937c79b543d22f87
e43d1ca1d2d303c873fa21a3264553bf580ad71913d81788ba9b9324d38c4ffb
ec46b5499bd012d67bc979e9da0ccb978ac4b1b6f09582ecef1f659ead9ba530
ee5229b80ce2261117ce0267c0bf3f8f451f3ebdeafbc3be73db49daa603028c
f08a7e65ad2c5f8284573b85169bfbca6bb127db33336e108b755325a551fac0
f2fb399fa3d9e73c2796bd3ff06027111041fcef4b3635744024edd014cc3dbb
f61dba49190e004614cbd32585ebb069d915d18f2bbd9d83b30740650c604434
f80740004e128e1f12eb8896976fa77e01adb6aaac325b9d9135cd50d33a7a4b
ff43c40e9a353080820bdc3afe04444afd0865ea165c3ec46e31373eac32f223