twoje24fakt.pl
Open in
urlscan Pro
2606:4700:30::6812:33c9
Malicious Activity!
Public Scan
Submission: On September 20 via api from CA
Summary
This is the only time twoje24fakt.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 2606:4700:30:... 2606:4700:30::6812:33c9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
3 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3a | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:819::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:400c:c08::9c | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
37 | 8 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
twoje24fakt.pl |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
stackpath.bootstrapcdn.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
twoje24fakt.pl
twoje24fakt.pl |
1 MB |
6 |
gstatic.com
fonts.gstatic.com |
57 KB |
3 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
105 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
113 B |
1 |
googleapis.com
fonts.googleapis.com |
726 B |
1 |
googletagmanager.com
www.googletagmanager.com |
27 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
37 | 8 |
Domain | Requested by | |
---|---|---|
23 | twoje24fakt.pl |
twoje24fakt.pl
|
6 | fonts.gstatic.com |
twoje24fakt.pl
|
3 | stackpath.bootstrapcdn.com |
twoje24fakt.pl
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
1 | stats.g.doubleclick.net |
twoje24fakt.pl
|
1 | fonts.googleapis.com |
twoje24fakt.pl
|
1 | www.googletagmanager.com |
twoje24fakt.pl
|
1 | code.jquery.com |
twoje24fakt.pl
|
37 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://twoje24fakt.pl/artykul-chlopak/
Frame ID: 86970AB501A64A47E9DC119E49589AA8
Requests: 37 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 35- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2114738392&t=pageview&_s=1&dl=http%3A%2F%2Ftwoje24fakt.pl%2Fartykul-chlopak%2F&ul=en-us&de=UTF-8&dt=(!)&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=718314956&gjid=1277019697&cid=769327687.1569003438&tid=UA-104122529-6&_gid=1063534234.1569003438&_r=1>m=2ou9b0&z=233907431 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104122529-6&cid=769327687.1569003438&jid=718314956&_gid=1063534234.1569003438&gjid=1277019697&_v=j79&z=233907431
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
twoje24fakt.pl/artykul-chlopak/ |
45 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
twoje24fakt.pl/artykul-chlopak/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
69 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
174 KB 175 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
guwno.png
twoje24fakt.pl/artykul-chlopak/img/ |
98 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dd2.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
80 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1000bonus.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
139 KB 140 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
srakaostra.png
twoje24fakt.pl/artykul-chlopak/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
register.png
twoje24fakt.pl/artykul-chlopak/img/ |
241 KB 241 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kupasiarczastapoharnasiu.png
twoje24fakt.pl/artykul-chlopak/img/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
srakaostrastep.png
twoje24fakt.pl/artykul-chlopak/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no-avatar.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb1.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb2.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb3.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb6.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb7.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb8.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb4.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb5.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sidebar.jpg
twoje24fakt.pl/artykul-chlopak/img/ |
504 KB 505 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
twoje24fakt.pl/artykul-chlopak/js/ |
105 B 533 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 726 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.png
twoje24fakt.pl/artykul-chlopak/img/ |
727 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
like.png
twoje24fakt.pl/artykul-chlopak/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| gtag object| dataLayer object| dayNames object| monthNames object| now object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.twoje24fakt.pl/ | Name: _gat_gtag_UA_104122529_6 Value: 1 |
|
.twoje24fakt.pl/ | Name: _gid Value: GA1.2.1063534234.1569003438 |
|
.twoje24fakt.pl/ | Name: _ga Value: GA1.2.769327687.1569003438 |
|
.twoje24fakt.pl/ | Name: __cfduid Value: d11d8c0e3338388122028ebcd69a491dc1569003438 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
twoje24fakt.pl
www.google-analytics.com
www.googletagmanager.com
2001:4de0:ac18::1:a:1a
2001:4de0:ac19::1:b:3a
2606:4700:30::6812:33c9
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
16d8308a25eeff53528ae07025e9ddb1fc8eaea3440c50046d1c704bcc5d82d1
28f917e160571cd672e4eb1d75b08ad81c76a0e48dab30d2af2178f3d86e5ac7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c459af038b187354a6342ef343b41451f024d3791bb4456c68d998ed9027ec9
31784bfbadd2b923dee2b4d9d7a3391935ad7d38fa688eac125d4be81538b086
3627626fee1c572be22775c80540fcdc492c279785c263e9581f5408aa8f31ff
3c0702cc3245c6c46822d50ec33312b4d6c2f428cb49924fe25db780c4043da0
499402142ce8670aa05b09eb4427983ff0532f7a303acd0eee2e3a1eb6343d15
5bd6cba223c648793f154d2033e12f812335014cc21e4ee2c143229a7ba4634c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63ef4c4811ea0a47ace8d832637c34b52289cf6e193dd5a89fe2936cebb984e6
6a342d60a3dc862480eeed475e04c4404829535f7d8c939a5dafb0d58c69ca75
77174c52f5dd051be7deae8b34e83213a4701178889df4262ebbc30e28520937
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b2dcc561a7b876758550c354a3b322b4081157a10b3d4995e2ee96639dcb66f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
883539316e464c2ad002eb30023ac68f70f86fbcfd72ccc525165b1f5697a078
88f22088dc9b2a6f228a36451c76f6e9f1f19bbd858d7f39db1475cc5783f3a0
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94ae2596e2c6cd57d01268d20c9d3c69847ad4f6449f8ebffc3e070ad0e794d2
982c90477b31d4d280246da28b100cd1973f44b404c5bb304775c9d3d814b1ca
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
b6610870a95e0efa781561d2660165c79627c18699ba6179b415a2fec1462445
b92fceb2bf9c655f8c67fe4ef45b805c550196b496ee73a40f05004a992450e1
bb9e6775a807840c22e9771bf76a40e9631b9548e1ad3f1ffd9633a6cdedebab
cabb9c097acaf4b1aec6180a265127e12ced54fb246292cb8cf723fc701a2249
cb6eb33fa7ee765f27a9ec2481fdf38ee70222c480870182e3dcf6ee3e4e5d32
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de30cf893c501b2726d1870d7cd73e916b9f6bcee29d084a78f9b7590cea4273
e692aa143ce837ff6172def250acfbf79f4561a201321bee80e5f2d4f3c73b90
ed3441c8120cffbe0a6d8171308ce25fcfa517847f83d74c3244186e0f6242c8
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
fbae21397b59c7a3dc6da188d3116e51613f2363dfce552d3554b0940a3cd0c4