pzlqr.placetowin.net
Open in
urlscan Pro
2a05:d018:244:5200::ab
Public Scan
Effective URL: https://pzlqr.placetowin.net/c/1f0a2cb367c37dee?s1=1002&s2=114722&click_id=d1eae1zhqa7fea
Submission Tags: phishtake
Submission: On December 23 via api from JP
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 21st 2020. Valid for: 3 months.
This is the only time pzlqr.placetowin.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 108.59.12.101 108.59.12.101 | 30633 (LEASEWEB-...) (LEASEWEB-USA-WDC) | |
2 2 | 173.192.101.24 173.192.101.24 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 1 | 159.65.114.218 159.65.114.218 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a05:d018:244... 2a05:d018:244:5200::ab | 16509 (AMAZON-02) (AMAZON-02) | |
19 | 23.14.92.49 23.14.92.49 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
20 | 2 |
ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
infopicked.com | |
p185689.infopicked.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-14-92-49.deploy.static.akamaitechnologies.com
cdn-bimi.akamaized.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
akamaized.net
cdn-bimi.akamaized.net |
118 KB |
2 |
infopicked.com
2 redirects
infopicked.com p185689.infopicked.com |
2 KB |
1 |
placetowin.net
pzlqr.placetowin.net |
3 KB |
1 |
mixstory.club
1 redirects
mixstory.club |
357 B |
1 |
capitalo9ne.com
1 redirects
ww17.capitalo9ne.com |
3 KB |
20 | 5 |
Domain | Requested by | |
---|---|---|
19 | cdn-bimi.akamaized.net |
pzlqr.placetowin.net
|
1 | pzlqr.placetowin.net | |
1 | mixstory.club | 1 redirects |
1 | p185689.infopicked.com | 1 redirects |
1 | infopicked.com | 1 redirects |
1 | ww17.capitalo9ne.com | 1 redirects |
20 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.placetowin.net Let's Encrypt Authority X3 |
2020-10-21 - 2021-01-19 |
3 months | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2020-07-15 - 2021-09-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://pzlqr.placetowin.net/c/1f0a2cb367c37dee?s1=1002&s2=114722&click_id=d1eae1zhqa7fea
Frame ID: 668575D394E43126C942CEA76B0AC088
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ww17.capitalo9ne.com/index.php
HTTP 302
http://infopicked.com/aS/feedclick?s=H3f7JduMNEJ6cADb1OSHlY8uDhK_8R6jrMUtMFru4Jra9FQ696UlY4LUfaDR_... HTTP 302
http://p185689.infopicked.com/adServe/domainClick?ai=qZmIke67KMEO2QltOO8Ui0LPhgVVyPA-JWUW0kMqUn-9CZ3CxTLND... HTTP 302
https://mixstory.club/click.php?key=2f7ljtkrevwzpugeb6xt&subid=83922482512&bid=0.004&site=35492914... HTTP 302
https://pzlqr.placetowin.net/c/1f0a2cb367c37dee?s1=1002&s2=114722&click_id=d1eae1zhqa7fea Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ww17.capitalo9ne.com/index.php
HTTP 302
http://infopicked.com/aS/feedclick?s=H3f7JduMNEJ6cADb1OSHlY8uDhK_8R6jrMUtMFru4Jra9FQ696UlY4LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwiN5ECptO-en_k9jsMCbZfFG9MseIEULUUcw5wDg_8fmHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy-6luBrDjZ12ZRWhG-fbfqpt3W6YClKUTHZN2qgD5q_4u0OaSklxJl5U3w4sTYSnELNioCwaxuVNYmb-ADn0o2IytAKZbY7N4AO-71GT8fC61hj6AAxey-IQCl9jo9OFgpkBEhfhOVlbY7Ullbw04NliH2JnRPd4iaARhb9Qoq3fAklirn478D7XWbpHWtRQTnl7fmuv25IcZWlw9I1fMIgYkVwXySDujSKajyhM8aPUMGNFL3jRgca-0WKqgkUNIKnHUIVN31Fmfv_G_1gEkQA-S4VmKYcF5BxyskyMea7NNEMXsc_alr2EWQB8He-qVFgiBryhGZwqZK4s8uawwkfyL8ymEABuYFUq36eqynEU5zu_N4dk_s9U0wHuvg8Ps_suINkJnmWkvpYQt3Gc9UlUk1OsGKm0llBkAJk-ZKvunxji0HCeBzHy9JELy85cfI3kbkzDXEVBNfwxhoRJV71d0lxY8wXt4RoeV2VJd6LwDZsNfqFnml8gCNwJmqZMBYhInyr2yk9NHKpOivXYif7y_6j4jAQfGSFjK3TQVI-ZN0y6OxedLl-L_STJERs4tc2cTbEAMp3h-zgzzqDhe1rjFKX42aU9LqOgFgO_5QMdpKIml-gz_GZcNHDjPodStSj0cO1QO2Lgi2rjQHoYtG2NuhTLeKFLGi8i2EUOoQbMkxjuAUxbFNivHttWKpuyg__3ontt3BL2HRU10zj699nwecv0FyF6Qgbuvq1iQ7E-7HhLtXJZYXy1kOlP7Qc5xiS9m4Lc_nbRM81vGrR6JTEOdGJO0JsbSRmgcNPQkkqMjdleM_Vt_nNmDGK88iFRN1BCfQbFLAsG4FXeqQFRScwj4LmHbVUHrd3N94CPg2AZifwO72UxdjlkIJyy6aKx1mXQIBzY7lOXC4vx_2z91qG6xlJPze1Ap0EeKUfWCxy-3h3iskKczvPniAHDWVdqTpAmkRA25woNuat6xiAzSR8qOsHTw3JvQ82r2Xr1yzd8g04SqhpkX1acMupYt-XtGqNycZzPSV_h5eO8GDbj1JZJqPl5XFClqywjChZCt2g7GUVqvZQ_a6xvWiE9xdhEQWkHFlBjtypILTbkN9Wnd_K7df6NED60YDlRovdzxe4Poj8c5J68mqPfG-sQbUEver_wGsypR5J2xk3pt9Sy97B5Q5mlE3RIdox3fJjjI3zChvFHCArpWoS_E51M_PZ316-TU0oV9tdDtk3aqAPmr_i6WXQt_9mJg0lQ9GptrtCaZLTmcwR6qtfQO8xFnFDYkEVxNu1VDehJYvYNsRaFXserZpEeIi-O-DkQU4gKXAatQCQdrKBbNnkSoIde0r-ITXBqzkUyUNlQeSzGMtuS3wmWxdCYWkecPC2ELdRjx4I46iGtD7_lzTqxNG3EMXU8S1kizVpfRJ8AjJxHxr1wRLBWX4lo39am8EC4CyJWWzy17ThBUXodRSBwwPFhcD9-7EUfTIsTmgbFOU_v4SLy6pF6rR4KwuKEaphAtucSB4lkuov7Gz7lIODPTBlG542ajXGgfTW_erDLEze5f4v_Pfz4i72KHnbHYz8vye-Wi3hi5MEQ1IxiNxRPKF7ZQHbGadhS0H6yEAzRAIMUCzY0dc3fqHkXofVeoamQTRh4jGGxFo_fPDiI16pvUsYY3A6amN7TCrBSnTtaCxsZS2YK3LEKmWSnSiyw2Tn6TAxtCc1QKIEjlbpdIWdtILZR-7TrSLfEdwRfivJPnjlm22gdE453plMmTV-x4h52jM6-Hyv0qWx6t6hyPOeLiE4ScfKiAjNtDi2nfvaqIXtoBvh6spcs_M2lcXGYs0YfBTNQ6JZJngwRGpz7EccXE0LUT3bse2TfvWuqx1XHDxZvwreS4L14HLDCOMyx8e5EnmFeXWX54iytOnS3H1cxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434rosu7wF9qgHg65tLdwO-i7_hhRgl11k0YQUeZBwbSQFOkLPhgVVyPA-zbUJtlH_RgVZNQ377XUMWZyDO6aD91cTicu5psCIA8e1L5dUlbzYzl0GOTgCvdIyRXf67VBDDY0fnWBQFzcZNgP5G2oPQOEnwz51e5TUQQB_Vvpg-Dg3aGr6zd-ApTShF65QfN-K6LK-7oITq26E7bhLxeX4fPKiBGCv30vMim7GCiSxpqcj-JO_tJJlmD1nlA6KFkTPVv0qSs1dNfhroXH9jPfQyWPpG-kViJwUPRXUC0FpcRyQ73UG1qTvbkUQrSBujqfymVmQ60tGtV4mrSfkMyGywBEjG7lislwSMvv3SgEG5OwfzDy8L4gRuWoz-sSJzCwrrThiPiNjojsaeAmpM74LwbNmwT5P1UA1_pQJGdlr0obXWI-b3wIfLhYmM_9IL0djsLNrzZCAux-4QVmvXDPSWimtCI60uqW_USbUpXZO-yLtct3NkfmAfkhaX2pj3gC0OVCeuGphWWkxX4Sb9vckj2xRveLL2J6xcEjYMfIdwOG4C2qpXtZXQIejiGXtLnGAWgQ8vHKzbs_utKJWkFFJwO7cyqOz6Dt5r11sJ2WRkXKaVYUcJlyziaq6AM4XmfMByuWY1NmtpqyVKKPcEHZvMVg8CWqo1m8aMVluADNnVT-lQi9WS2754fLKo3xC3sibR2k-Q2RjTvG7VHYJv_8gqzrJ864UIqLOET4CysKmW6ft9y3jTiarUNxtxqkLx_VJc48TQzuGOZN__QRweSNrs1ceyo_Zw3qlCMb1z3V2eFBhhtzoDNjdTz7cyf9J2KiU8EQ9Q6TKRA9Cw4I4WTk4YFRmszeYDnFqcgcTdja6v0hZcEpZlk8h8c3BeVfPhvVX8I1JO-GkNRlWOjmMGAWkUvA6HtBTvCiW_rHtxR-iWdBi0f66KCF7TUzoJTu6AXYz7K6-8uK3Jm3Hpu_7oOpWL2RL2bW6Ul0hLHMWBGu3Yx722DH3jgz1AwyqVLuBchkOjPcmDW_olsHQNA HTTP 302
http://p185689.infopicked.com/adServe/domainClick?ai=qZmIke67KMEO2QltOO8Ui0LPhgVVyPA-JWUW0kMqUn-9CZ3CxTLNDkCrKr5icLdphGnVagOp2oahRm_P1wYkKVviUyeUDYeKCItyBGWj_cI5TWXOtK2iIyDk3rVQh3mpFSeD1QM6VcySPYzYHVBHPSzFV5SBXBcV_uncs7BaJVc43dw-wLVoXslVuZumlU80sLlIfSKgizWA-KYlhJmFN-HVJ11jnOFvo_n_VMWxhu9_hAhxtN2X4FiW9WfLgHnEAXOg0apCwib1-Vo6cC6LLvCAO_9Q2JwxS2ZY2jSAjLgUr-9vGZvlEYwH0hEv_S7cdbaN55cNZpfd3NOy5VHKcLF85Xsa7qeoLXrM-hGZbKHkmRGt7DR-tm8oTnp6U-F1FqGImX5y0FqFtDPUR9LwqyWe_UwTGwva08Dj-CTZF5HW6QJxrQMo3j2I9VZzUt0hLsEYJ7LBEjBqxm5wPI0PyA_k_aJp7ZOFsAWy5eZsETRWofdl7a1kMjzikM-GgKFa32D2TZSgLS3LsI2LmRjgT0cXDB_RU2rZIfxjCTbTA__jszeFRMY83o60CjJr-2ddsLt-7JJCDNYNS2N7BHuUBbDELJSG4Ce3bwStZi2q8tngXV0cGlbyPcLCGYScPK0Wf98g0x9iUNGwVhbqcs5qGurT_VnronqB7YxrY4I7ay3EorO4P0P0ZHICikl7_QHWCkWQv0ZkN74RzkeXsvyN9_ljx2OYVmBaqzDYYbbnAArB2Pv88XmaVZk5zTLEv9ugHWZUZ1uzpGUUze9-WIropRpvyl4ha3x0-sMhBq-lY09kwL5CbXWQ88EiPe5kc-meP0RWgXMK-vqdSxlVmFZU8_7b0smYQd2ZntvpDL1rWYejc-iF9ZFlJOFwXu30Qzz4AUgheKjLQ6KwCMoixrppYkLPhgVVyPA-IFxfh7XM-Xk4e8biHuvyorYCiIxc660HErUIU37NZunCF7WIMxlUWr7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8W2rksP5_-nv8yCEg1dnZ03H7_a5KV3xE&ui=H3f7JduMNEJ6cADb1OSHlfbWwvziNp_1xLgNeF8Zj-hdVKU-ZD2icsbBCVTa3AtgSWnkx4ReuvozG4lcsPlduXSv3gqF-Tm8dLCPD_sW6aMcIejs8TTCig&si=1&oref=a9fea1bf20cc5f8a0fa4f27abb129c59&rb=XIT5ZMipadk&rr=1&isco=t HTTP 302
https://mixstory.club/click.php?key=2f7ljtkrevwzpugeb6xt&subid=83922482512&bid=0.004&site=354929149&os=MacOS+X+10.14.5&source=354929149&clickid=83922482512&browser=Chrome+83&geo=PL&campaign_name=PL-DESK-ZERO&device=Desktop HTTP 302
https://pzlqr.placetowin.net/c/1f0a2cb367c37dee?s1=1002&s2=114722&click_id=d1eae1zhqa7fea Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
1f0a2cb367c37dee
pzlqr.placetowin.net/c/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
cdn-bimi.akamaized.net/landings/182724/1582301550/css/ |
98 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
cdn-bimi.akamaized.net/landings/182724/1582301550/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
cdn-bimi.akamaized.net/landings/182724/1582301550/css/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_1.css
cdn-bimi.akamaized.net/landings/182724/1582301550/css/ |
872 B 702 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
cdn-bimi.akamaized.net/landings/182724/1582301550/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cdn-bimi.akamaized.net/landings/182724/1582301550/js/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
cdn-bimi.akamaized.net/landings/182724/1582301550/js/ |
28 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
detect-browser.js
cdn-bimi.akamaized.net/landings/182724/1582301550/js/ |
2 KB 933 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
cdn-bimi.akamaized.net/landings/182724/1582301550/js/ |
1 KB 771 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pulse-favicon.js
cdn-bimi.akamaized.net/landings/182724/1582301550/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
returnDate.en.js
cdn-bimi.akamaized.net/landings/182724/1582301550/js/ |
540 B 926 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translate.js
cdn-bimi.akamaized.net/landings/182724/1582301550/js/ |
77 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
present.png
cdn-bimi.akamaized.net/landings/182724/1582301550/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gift.png
cdn-bimi.akamaized.net/landings/182724/1582301550/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9PH2QqX.jpg
cdn-bimi.akamaized.net/landings/182724/1582301550/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EKZrmbS.jpg
cdn-bimi.akamaized.net/landings/182724/1582301550/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KqX499j.png
cdn-bimi.akamaized.net/landings/182724/1582301550/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DsrKpkj.jpg
cdn-bimi.akamaized.net/landings/182724/1582301550/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plR22yu.jpg
cdn-bimi.akamaized.net/landings/182724/1582301550/images/ |
1017 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| returnDate object| langs2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pzlqr.placetowin.net/ | Name: unique_id Value: 5fb66637000e56ac |
|
pzlqr.placetowin.net/ | Name: unique_330097 Value: unique_330097 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-bimi.akamaized.net
infopicked.com
mixstory.club
p185689.infopicked.com
pzlqr.placetowin.net
ww17.capitalo9ne.com
108.59.12.101
159.65.114.218
173.192.101.24
23.14.92.49
2a05:d018:244:5200::ab
031a4a1129f464c38e0efb33b3552cf176cc90742ee973de328a2e63d6d3e4ab
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
185a0fedda00e262595363ad59023aaac62cbb5e0c075a2d9897e6f8de1b1bb9
31469b825bd96036e012e7c12b0a84219b99d28604d9e7bca9abe33a5b52df17
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
39e057e0d1806ab333f783371d6d3a7ddc6a50058a408ff47ab96eef2c1b570d
46ff60a6d71aa0c19a1f3a1681ca2de9e6b482d42fe6b9fe2bc350ca0bec1ff8
73fc6510e4bdd6f7a05ded183215842158a4bed13489b7d7b3b78875a0c91a8f
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
947b6a10d7033a6fbb3e782b02dc690b8464ac06333319db61653417d271d91b
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
97a5d434cd3cb829acf3ee1e7955da55b8d2e07284f511fef85cf6871650d96b
b8415abaabb26fe68590eb086a43ff6abb3ef683fb24e0a2e6fb86b3ec93fc91
ba5e0004e28942071691617bfc548b05af582d29925fbebcdb92fba0f3597dc2
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
c8d69b24242b35b9502007d775b6871fd447bcd3f4e1c3f75211441802e721e4
d153471197f9d5a6e084a493e39ee35285e5560baf8cdf4b07b3a1e499216697
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
e40cfe56c314f67155e1862227f7493b67cf9ba061a983e305d2b123b2592e95
eee146f3954e624b69e833055cd9ba7c1dd256c4c548fbcf30df27b9de82ccc7