nhsrv.cf
Open in
urlscan Pro
2606:4700:30::6818:6dcc
Public Scan
Submitted URL: http://52.77.99.53/acs.php?sid=107431&adid=26891718&os=0&gaid=&pb=5bf8d00783a8f_c5c0eb51616fd7_MF_OTAS_107261358_10...
Effective URL: https://nhsrv.cf/url/a387bbc53b4cdb10392087576bfb16d2.php?s=636841237c3cfbf5e82993d701b9c7fe&cb=EI1495c0fd2dca735...
Submission: On December 11 via manual from US
Effective URL: https://nhsrv.cf/url/a387bbc53b4cdb10392087576bfb16d2.php?s=636841237c3cfbf5e82993d701b9c7fe&cb=EI1495c0fd2dca735...
Submission: On December 11 via manual from US
Summary
This website contacted 7 IPs
in 4 countries
across 8 domains to perform 19 HTTP transactions.
The main IP is 2606:4700:30::6818:6dcc, located in
United States and
belongs to CLOUDFLARENET - Cloudflare, Inc., US.
The main domain is nhsrv.cf.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 12th 2018. Valid for: a year.
This is the only time nhsrv.cf was scanned on urlscan.io!
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 12th 2018. Valid for: a year.
This is the only time nhsrv.cf was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 52.77.99.53 52.77.99.53 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 1 | 52.34.91.15 52.34.91.15 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 1 | 54.186.24.208 54.186.24.208 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 1 | 52.21.123.124 52.21.123.124 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 1 | 52.73.61.40 52.73.61.40 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 5 | 2606:4700:30:... 2606:4700:30::6818:6dcc | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2606:4700::68... 2606:4700::6811:3c5b | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 3 | 104.109.56.111 104.109.56.111 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 69.89.74.102 69.89.74.102 | 558 (NNEXT) (NNEXT - NV Next LLC) | |
| 19 | 7 |
1
52.77.99.53
(Singapore, Singapore)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-77-99-53.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-77-99-53.ap-southeast-1.compute.amazonaws.com
| 52.77.99.53 |
1
52.34.91.15
(Boardman, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-34-91-15.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-34-91-15.us-west-2.compute.amazonaws.com
| a.nbt.ren |
1
54.186.24.208
(Boardman, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-186-24-208.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-186-24-208.us-west-2.compute.amazonaws.com
| c.snnd.co |
1
52.21.123.124
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-123-124.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-123-124.compute-1.amazonaws.com
| sax.perfonspot.com |
1
52.73.61.40
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-61-40.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-61-40.compute-1.amazonaws.com
| beci.peakonsrv.com |
1
2606:4700::6811:3c5b
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdn.engine.spotscenered.info |
3
104.109.56.111
(Amsterdam, Netherlands)
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-56-111.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-56-111.deploy.static.akamaitechnologies.com
| sb.scorecardresearch.com |
1
69.89.74.102
(El Segundo, United States)
ASN558 (NNEXT - NV Next LLC, US)
ASN558 (NNEXT - NV Next LLC, US)
| engine.spotscenered.info |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
nhsrv.cf
nhsrv.cf |
62 KB |
| 3 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com |
2 KB |
| 2 |
spotscenered.info
cdn.engine.spotscenered.info engine.spotscenered.info |
69 KB |
| 1 |
googleapis.com
ajax.googleapis.com |
32 KB |
| 1 |
peakonsrv.com
1 redirects
beci.peakonsrv.com |
958 B |
| 1 |
perfonspot.com
1 redirects
sax.perfonspot.com |
425 B |
| 1 |
snnd.co
1 redirects
c.snnd.co |
281 B |
| 1 |
nbt.ren
1 redirects
a.nbt.ren |
831 B |
| 19 | 8 |
| Domain | Requested by | |
|---|---|---|
| 5 | nhsrv.cf |
nhsrv.cf
|
| 3 | sb.scorecardresearch.com |
1 redirects
cdn.engine.spotscenered.info
nhsrv.cf |
| 1 | engine.spotscenered.info |
cdn.engine.spotscenered.info
|
| 1 | cdn.engine.spotscenered.info |
nhsrv.cf
|
| 1 | ajax.googleapis.com |
nhsrv.cf
|
| 1 | beci.peakonsrv.com | 1 redirects |
| 1 | sax.perfonspot.com | 1 redirects |
| 1 | c.snnd.co | 1 redirects |
| 1 | a.nbt.ren | 1 redirects |
| 19 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| tr4ck.brucelead.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2018-11-12 - 2019-11-12 |
a year | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
| spotscenered.info CloudFlare Inc ECC CA-2 |
2018-06-27 - 2019-06-27 |
a year | crt.sh |
| *.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA |
2018-11-28 - 2019-12-26 |
a year | crt.sh |
| engine.spotscenered.info Go Daddy Secure Certificate Authority - G2 |
2017-07-27 - 2019-07-27 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://nhsrv.cf/url/a387bbc53b4cdb10392087576bfb16d2.php?s=636841237c3cfbf5e82993d701b9c7fe&cb=EI1495c0fd2dca735171480776&url=http%3A%2F%2Ftr4ck.brucelead.com%2Fck.php%3Fline_item_id%3D6626%26subid1%3DEI1495c0fd2dca735171480776%26subid_spx%3DJHC7083_p14331320
Frame ID: 992F0DF9DC92917D7A2A6E542C92FE32
Requests: 8 HTTP requests in this frame
Frame:
https://nhsrv.cf/srv/serve.php?key=a387bbc53b4cdb10392087576bfb16d2|||636841237c3cfbf5e82993d701b9c7fe
Frame ID: 57B69A6C58F0AB5E8206AF59AAB723F2
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://52.77.99.53/acs.php?sid=107431&adid=26891718&os=0&gaid=&pb=5bf8d00783a8f_c5c0eb51616fd7_... Page URL
-
http://a.nbt.ren/sm/v1/click?rule_id=17&publisher_slot=&pub_aid=&pub_idfa=&sub_1=&package_nam...
HTTP 302
http://c.snnd.co/api/v4/click?_castle_=fqIM48kxUZ469votdDxEdvdA-JgXRQq-Jefv1RJMWC8KhKJSl7Ha5c... HTTP 302
http://sax.perfonspot.com/pops/dlink.php?pid=7083&format=POPUP&subid=p14331320&cid=e439a1bb-500c-46c9-... HTTP 302
https://beci.peakonsrv.com/?&id=15445408923240124248899519&tid=7083&sr=ep HTTP 302
https://nhsrv.cf/url/a387bbc53b4cdb10392087576bfb16d2.php?s=636841237c3cfbf5e82993d701b9c7fe&... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
comScore
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
- script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
- env /^_?COMSCORE$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://tr4ck.brucelead.com/ck.php?line_item_id=6626&subid1=EI1495c0fd2dca735171480776&subid_spx=JHC7083_p14331320
Title: Proceed
Title: Proceed
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://52.77.99.53/acs.php?sid=107431&adid=26891718&os=0&gaid=&pb=5bf8d00783a8f_c5c0eb51616fd7_MF_OTAS_107261358_10a04115-1b96-428d-896f-80b40936f476-1544467732674_5423_ms_T00T_eyJpcDJsb25nIjozMjIyNzM4NjIzLCJjdXJyZW50X3ByaWNlIjoiMC41MTAwIiwic3ViX2lkIjoiMTMxM19UXzE2M19UXzU0MjNfNTk2MDg1NjgyIiwiZnVsbF9zdWJfaWQiOiIxMzEzX1RfMTYzX1RfNTQyM181OTYwODU2ODIiLCJjX3QiOiI1NDQyMSJ9&idfa={idfa} Page URL
-
http://a.nbt.ren/sm/v1/click?rule_id=17&publisher_slot=&pub_aid=&pub_idfa=&sub_1=&package_name=1379007494&pub_gaid=
HTTP 302
http://c.snnd.co/api/v4/click?_castle_=fqIM48kxUZ469votdDxEdvdA-JgXRQq-Jefv1RJMWC8KhKJSl7Ha5cZn9I2duuY_emy3H9G6QWJHDPnYuHWLIfPhIGo6jSO6YmxCsQq5P8lNc09UkxbhoMYiKS0BGzMS2OcmlS3pM-QoXxUPRbsEqLqp8O0iSDBr29Upmzxbv5IcTVGF0JPcjcMOJboMHwyxf4urQbCLLNfqd4a_nCe2TZ0XzA5w7REGHFlHm_AGQCKv1EfK-Md0hOUgcqEv4CuJsu54gcMd74f9MzMTkvEQf5kgFirIg079kX0ypMlt15z98Y-eEjxld_2swlou3s4-Mi0J1rNgimXZDaQwxxDJ31CyIPvUk8EF6-SP4QMW1fKTZN5cliKlqyc0RiQ16ghZkrZbl1x9aI21Cosej4qK545PSGloBDVI680zDiG3Iz2whIlkApAhUWbjKxna1J6XZDqUtYV9-2k-3_EmWnOWcvz79HTem480U7e6Abl3EpxXm_93EDIYEaPefeX37Fq9GpQuJEOI3uuNUFc_TDQnOAzV0DVQL5gfbSkeEqPdb_F1-NvwRlwA1P8XfEl5FMqDUdP9TNi5nXbjpucg1qIyixYuJpo_aJqqP4apaxgMUGoGJ9eibSrZYg%3D%3D HTTP 302
http://sax.perfonspot.com/pops/dlink.php?pid=7083&format=POPUP&subid=p14331320&cid=e439a1bb-500c-46c9-a5a8-11e4f6d41ba9__pspm HTTP 302
https://beci.peakonsrv.com/?&id=15445408923240124248899519&tid=7083&sr=ep HTTP 302
https://nhsrv.cf/url/a387bbc53b4cdb10392087576bfb16d2.php?s=636841237c3cfbf5e82993d701b9c7fe&cb=EI1495c0fd2dca735171480776&url=http%3A%2F%2Ftr4ck.brucelead.com%2Fck.php%3Fline_item_id%3D6626%26subid1%3DEI1495c0fd2dca735171480776%26subid_spx%3DJHC7083_p14331320 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://sb.scorecardresearch.com/b?c1=8&c2=18203330&rn=0.27340018696457524&c7=https%3A%2F%2Fnhsrv.cf%2Furl%2Fa387bbc53b4cdb10392087576bfb16d2.php%3Fs%3D636841237c3cfbf5e82993d701b9c7fe%26cb%3DEI1495c0fd2dca735171480776%26url%3Dhttp%253A%252F%252Ftr4ck.brucelead.com%252Fck.php%253Fline_item_id%253D6626%2526subid1%253DEI1495c0fd2dca735171480776%2526subid_spx%253DJHC7083_p14331320&c3=1&c4=&c5=&c6=&c10=&c15=&c16=&c8=Please%20wait...&c9=&cv=1.8 HTTP 302
- https://sb.scorecardresearch.com/b2?c1=8&c2=18203330&rn=0.27340018696457524&c7=https%3A%2F%2Fnhsrv.cf%2Furl%2Fa387bbc53b4cdb10392087576bfb16d2.php%3Fs%3D636841237c3cfbf5e82993d701b9c7fe%26cb%3DEI1495c0fd2dca735171480776%26url%3Dhttp%253A%252F%252Ftr4ck.brucelead.com%252Fck.php%253Fline_item_id%253D6626%2526subid1%253DEI1495c0fd2dca735171480776%2526subid_spx%253DJHC7083_p14331320&c3=1&c4=&c5=&c6=&c10=&c15=&c16=&c8=Please%20wait...&c9=&cv=1.8
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
acs.php
52.77.99.53/ |
411 B 710 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
a387bbc53b4cdb10392087576bfb16d2.php
nhsrv.cf/url/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
nhsrv.cf/srv/ |
2 KB 842 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
infinity.js.aspx
cdn.engine.spotscenered.info/Scripts/ |
162 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serve.php
nhsrv.cf/srv/ Frame 57B6 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nhm.min.js
nhsrv.cf/srv/ Frame 57B6 |
151 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sendbeacon.js
nhsrv.cf/srv/ Frame 57B6 |
1 KB 660 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
beacon.js
sb.scorecardresearch.com/ |
1 KB 989 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Tag.engine
engine.spotscenered.info/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
92e93c2c-4e36-4945-bdcd-51e21a717b3d
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
70a8284c-dceb-449a-8db7-bc59030d56f7
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
a6c0ed16-8aaa-4f94-b88e-095df860cd05
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
2aff404f-9e16-4835-a6a2-6ba568f65ecc
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
2136d106-e2a2-494e-abf9-132cd8f1152c
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
b673f341-3dfd-4018-8134-7e05ce0e2c6e
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ab28b8e9-6f45-4aae-ad84-71d24b17f2d0
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
2bf45802-98af-4585-800f-de2f2d892d21
https://nhsrv.cf/ Frame 57B6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/92e93c2c-4e36-4945-bdcd-51e21a717b3d
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/70a8284c-dceb-449a-8db7-bc59030d56f7
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/a6c0ed16-8aaa-4f94-b88e-095df860cd05
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/2aff404f-9e16-4835-a6a2-6ba568f65ecc
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/2136d106-e2a2-494e-abf9-132cd8f1152c
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/b673f341-3dfd-4018-8134-7e05ce0e2c6e
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/ab28b8e9-6f45-4aae-ad84-71d24b17f2d0
- Domain
- nhsrv.cf
- URL
- blob:https://nhsrv.cf/2bf45802-98af-4585-800f-de2f2d892d21
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery number| tmr number| dots number| terv object| jQuery19109260603043069455 string| NHkey function| _0x53cdfb function| _0x527148 object| nhfr string| nhexist object| g367CB268B1094004A3689751E7AC568F function| UAParser object| COMSCORE object| _comscore2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| nhsrv.cf/srv | Name: nhthrottle Value: 10 |
|
| .nhsrv.cf/ | Name: __cfduid Value: d45154fbbdafbf739652f3be388c352341544540892 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.nbt.ren
ajax.googleapis.com
beci.peakonsrv.com
c.snnd.co
cdn.engine.spotscenered.info
engine.spotscenered.info
nhsrv.cf
sax.perfonspot.com
sb.scorecardresearch.com
nhsrv.cf
104.109.56.111
2606:4700:30::6818:6dcc
2606:4700::6811:3c5b
2a00:1450:4001:816::200a
52.21.123.124
52.34.91.15
52.73.61.40
52.77.99.53
54.186.24.208
69.89.74.102
150ab4326fad8cd26df2c023e92fd3f28e3f84dc5ee577d77b9a4cd548423346
4a64ed8d221ff116a4f722114a06966d940ecdde18dc25d008492e8da6dff83e
5e72adb0e2343c341ca583e48fbb3d87006eeed1a298492fa9dad412dc972eb8
7982fabb5b9b1ddcf5b6108ee1b7076eefac3b31f4e650fd072340d9c2af1f00
a83755a58feee523d40f1f24369d3540498e5d4b97334bc0b441299e1a8e54e7
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c6f5b8a9a8b2b5f59d0ac34f7e9025e95a3a4015848a730d601b0816e3cd10
f22320501f74c0109a7a36061b237f0f0dc3f5d61c3aa99e6e9846f29b52a845