carousell-sg.offer2200.com
Open in
urlscan Pro
2606:4700:3031::ac43:83cb
Malicious Activity!
Public Scan
Submission: On March 18 via automatic, source phishtank — Scanned from SG
Summary
TLS certificate: Issued by GTS CA 1P5 on March 14th 2024. Valid for: 3 months.
This is the only time carousell-sg.offer2200.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DBS Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
25 | 2606:4700:303... 2606:4700:3031::ac43:83cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:4003:c06::5f | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
2 4 | 2606:4700::68... 2606:4700::6810:7caf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700:10:... 2606:4700:10::ac43:2910 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:4003:c03::5f | 15169 (GOOGLE) (GOOGLE) | |
38 | 9 |
ASN13335 (CLOUDFLARENET, US)
carousell-sg.offer2200.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
offer2200.com
carousell-sg.offer2200.com |
1 MB |
4 |
unpkg.com
2 redirects
unpkg.com — Cisco Umbrella Rank: 757 |
28 KB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346 |
61 KB |
2 |
tailwindcss.com
1 redirects
cdn.tailwindcss.com — Cisco Umbrella Rank: 44029 |
109 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 390 fonts.googleapis.com — Cisco Umbrella Rank: 38 |
31 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 746 |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 253 |
7 KB |
38 | 7 |
Domain | Requested by | |
---|---|---|
25 | carousell-sg.offer2200.com |
carousell-sg.offer2200.com
code.jquery.com unpkg.com |
4 | unpkg.com |
2 redirects
carousell-sg.offer2200.com
|
4 | cdn.jsdelivr.net |
carousell-sg.offer2200.com
|
2 | cdn.tailwindcss.com |
1 redirects
carousell-sg.offer2200.com
|
1 | fonts.googleapis.com |
carousell-sg.offer2200.com
|
1 | code.jquery.com |
carousell-sg.offer2200.com
|
1 | cdnjs.cloudflare.com |
carousell-sg.offer2200.com
|
1 | ajax.googleapis.com |
carousell-sg.offer2200.com
|
38 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dbs.com.sg |
internet-banking.dbs.com.sg |
www.dbs.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
offer2200.com GTS CA 1P5 |
2024-03-14 - 2024-06-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://carousell-sg.offer2200.com/bank/dbs/1710656445009.996
Frame ID: A464F357EAEAB00D93BB7AB9F26542F2
Requests: 24 HTTP requests in this frame
Frame:
https://carousell-sg.offer2200.com/supportChatFrame/216631815
Frame ID: 6B695FE061B4269185DB2F13BB8C50B3
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
DBS iBankingDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Axios (JavaScript libraries) Expand
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
SweetAlert (JavaScript Libraries) Expand
Detected patterns
- sweet(?:-)?alert(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Find Us
Search URL Search Domain Scan URL
Title: Help & Support
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: User ID
Search URL Search Domain Scan URL
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Title: Maintenance Schedule
Search URL Search Domain Scan URL
Title: Security & You
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Fair Dealing Commitment
Search URL Search Domain Scan URL
Title: Compliance with Tax Requirements
Search URL Search Domain Scan URL
Title: Vulnerability Disclosure Policy
Search URL Search Domain Scan URL
Title: ©2023 DBS Bank Ltd. Co. Reg. No. 196800306E
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
- https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
- https://cdn.tailwindcss.com/ HTTP 302
- https://cdn.tailwindcss.com/3.4.1
- https://unpkg.com/axios/dist/axios.min.js HTTP 302
- https://unpkg.com/axios@1.6.8/dist/axios.min.js
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
1710656445009.996
carousell-sg.offer2200.com/bank/dbs/ |
117 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themes_login.css
carousell-sg.offer2200.com/banks/dbs/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language_login.css
carousell-sg.offer2200.com/banks/dbs/ |
1 KB 861 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enhanced.css
carousell-sg.offer2200.com/banks/dbs/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
carousell-sg.offer2200.com/banks/dbs/ |
22 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktoplogo.webp
carousell-sg.offer2200.com/banks/dbs/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-swal.min.js
cdn.jsdelivr.net/npm/vue-swal@1.0.0/dist/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
58 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert.min.js
unpkg.com/sweetalert@2.1.2/dist/ Redirect Chain
|
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lkk.js
carousell-sg.offer2200.com/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support_parent.css
carousell-sg.offer2200.com/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Daytime.jpg
carousell-sg.offer2200.com/banks/dbs/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dbsicons.woff
carousell-sg.offer2200.com/banks/dbs/font/ |
2 KB 2 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
frutigernextlt-light-webfont.woff
carousell-sg.offer2200.com/banks/dbs/font/ |
22 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
FrutigerNextPro-Medium.woff2
carousell-sg.offer2200.com/banks/dbs/font/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
216631815
carousell-sg.offer2200.com/supportChatFrame/ Frame 6B69 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pluxurydarklord.svg
carousell-sg.offer2200.com/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
checkStatus
carousell-sg.offer2200.com/api/ |
15 B 496 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chat.css
carousell-sg.offer2200.com/assets/css/ Frame 6B69 |
243 B 694 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.4.1
cdn.tailwindcss.com/ Frame 6B69 Redirect Chain
|
359 KB 109 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bookmark.svg
carousell-sg.offer2200.com/assets/icons/ Frame 6B69 |
247 B 691 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chevron-down.svg
carousell-sg.offer2200.com/assets/icons/ Frame 6B69 |
231 B 673 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
close.svg
carousell-sg.offer2200.com/assets/icons/ Frame 6B69 |
230 B 667 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
person-circle.svg
carousell-sg.offer2200.com/assets/icons/ Frame 6B69 |
563 B 856 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
document.svg
carousell-sg.offer2200.com/assets/icons/ Frame 6B69 |
339 B 742 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
send.svg
carousell-sg.offer2200.com/assets/icons/ Frame 6B69 |
402 B 772 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
unpkg.com/axios@1.6.8/dist/ Frame 6B69 Redirect Chain
|
41 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chat.js
carousell-sg.offer2200.com/assets/js/ Frame 6B69 |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame 6B69 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getMessages
carousell-sg.offer2200.com/api/support/ Frame 6B69 |
27 B 506 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
checkStatus
carousell-sg.offer2200.com/api/ |
15 B 497 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
getMessages
carousell-sg.offer2200.com/api/support/ Frame 6B69 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
checkStatus
carousell-sg.offer2200.com/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- carousell-sg.offer2200.com
- URL
- https://carousell-sg.offer2200.com/api/support/getMessages
- Domain
- carousell-sg.offer2200.com
- URL
- https://carousell-sg.offer2200.com/api/checkStatus
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DBS Bank (Banking)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert object| VueSwal function| axios number| uidEvent object| bootstrap object| Popper function| init1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
carousell-sg.offer2200.com/ | Name: connect.sid Value: s%3AjSfXeAoOSh5iq7uDRrMUKzOwshT9UlA_.FtBrJHBOMD%2FTG2%2B3dxU4UdVCBuOHSZxbdPWvZJuyZiE |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
carousell-sg.offer2200.com
cdn.jsdelivr.net
cdn.tailwindcss.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
unpkg.com
carousell-sg.offer2200.com
2404:6800:4003:c03::5f
2404:6800:4003:c06::5f
2606:4700:10::ac43:2910
2606:4700:3031::ac43:83cb
2606:4700::6810:7caf
2606:4700::6811:180e
2a04:4e42:400::485
2a04:4e42::649
052677c71e9626b42accce0a8c40dfecf94784271e67547f30a4664c11750473
12f4bb3900ae3d0d83b7f00ec74d8bdbdd6877c78ec8ef7873de567e940dbd50
151c30a9c3810c4a00decc7ac92110d0660b64b6e25973116935faa14d232a81
1d3af5838269f41ffd019f04eefcf2b494953d28fb1401acfbfa4ec55c57d515
1f5244c71b03253ff5e2a4da21f13a016b0456825d5399ba583768bd12692c95
20f5cc0ebb84eb9bdeb82a9b908e9f922ab10ea415857c8b00b8302e00c61a5c
24ac91354b1008448f70e4f329ea1675d3dfe80a795e88a1bf9a4b87749c6f21
29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
467892055be1596fa5b024f7d23e2bec683c55b46b62fc06dc17da28fb7778f3
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
72f3561eb14a6fdfcfc636e17aa14821c14b908e228b1dad152cc50142c7ffd2
846a64b15537fd60cbebc9dbdca9a2df72aa05a6e564210f78acfd701a386ef7
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8c2ab6d989d2052ede0ad81a18748213cab5607aff4cbe5cb085bc6a78fc0984
8fde3b7e7614c23b342d70797d7c1597b6955639d3422040d800051101c842fb
97d008f0efeb03337a4a169d85b9f8907ef5d6dcb74fb88f7e2f981250903349
9a60eed802ef3d6b6784369cf91a4be28f925fa426293244ad43b9d2868f2988
a65afa33659546f7d4a07f9ee083e9b0f8a1aefafade212ea6d868ee58dbb8cd
b4784b8b0b3e2cfefe7106fea734e0a37df601a093d8bdb1aa3ee5216716546b
b60923b5232af55ca5a0e74c9488e47b421b884e1b41c79e010c104078ca8f1d
c5e7e8f07db5f90f5b179d122a425eacb8e7b0b57e79349f6e414158d3db0f77
cfcec15e42ed9ece50481ee873549f2247a5e395a7344e3062c794e7e894db28
d1600861898a21f6d7d0a3d9268c16bf05b5bcc3ab8caaf6c5dbc9b88a3c3643
d7a5152180593b0144e6a36c21ca0e19aa9a64da790d7a1d14f0cbe49d45525a
e0a55e5c281b52f05a188f5f4f4604a82ac1ae8faa681ade87ff2aa7f17fae1e
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
e44031f38adc3378f4cfa9798385d88a1826bfcf9cc6d90d833f4f90ba633a47
f3653d135390999adb8441e0376c3b6a896fab1589052d76bd39a05df812a4a1
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7c80617b6d6d6f26a92d758c0dce67b8513c67c40cd18e3936c8b7d6c2afbbb
f921bb1eabeac2765d546669bca4bdcf484f68f9282dcf7ca42220094fb5b9be
fbb307bc48c763f9a4893ba918ca9a322f4e084dbb994504d526af90c1a4d1e9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e