btloopholesystemapp.com
Open in
urlscan Pro
2606:4700:3035::681c:1b10
Malicious Activity!
Public Scan
Effective URL: https://btloopholesystemapp.com/?id=5fc67f74441fe200010f8f6d&offer_name=Bitcoin+Loophole&offer_id=119&affiliate_id=95&device_bra...
Submission: On December 01 via manual from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 25th 2020. Valid for: a year.
This is the only time btloopholesystemapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
ASN14576 (HOSTING-SOLUTIONS, US)
PTR: mail.borneanhwa.nl
redirect-page-money.com |
ASN15169 (GOOGLE, US)
fonts.gstatic.com | |
www.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
btloopholesystemapp.com
btloopholesystemapp.com |
595 KB |
4 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
172 KB |
2 |
google.com
www.google.com |
793 B |
2 |
cloudflare.com
cdnjs.cloudflare.com |
29 KB |
1 |
md4syzz.info
api.md4syzz.info |
781 B |
1 |
sdklplead.com
sdklplead.com |
680 B |
1 |
vimeo.com
player.vimeo.com |
|
1 |
md1syzz.info
api.md1syzz.info |
2 KB |
1 |
onesignal.com
cdn.onesignal.com |
3 KB |
1 |
googleapis.com
fonts.googleapis.com |
686 B |
1 |
trckaffis.com
1 redirects
go.trckaffis.com |
699 B |
1 |
redirect-page-money.com
1 redirects
redirect-page-money.com |
796 B |
31 | 12 |
Domain | Requested by | |
---|---|---|
17 | btloopholesystemapp.com |
btloopholesystemapp.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google.com |
btloopholesystemapp.com
www.gstatic.com |
2 | cdnjs.cloudflare.com |
btloopholesystemapp.com
|
1 | www.gstatic.com |
www.google.com
|
1 | api.md4syzz.info |
api.md1syzz.info
|
1 | sdklplead.com |
btloopholesystemapp.com
|
1 | player.vimeo.com |
btloopholesystemapp.com
|
1 | api.md1syzz.info |
btloopholesystemapp.com
|
1 | cdn.onesignal.com |
btloopholesystemapp.com
|
1 | fonts.googleapis.com |
btloopholesystemapp.com
|
1 | go.trckaffis.com | 1 redirects |
1 | redirect-page-money.com | 1 redirects |
31 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-11-25 - 2021-11-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-08-07 - 2021-04-24 |
9 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://btloopholesystemapp.com/?id=5fc67f74441fe200010f8f6d&offer_name=Bitcoin+Loophole&offer_id=119&affiliate_id=95&device_brand=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&device_model=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&device_os=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&ip=82.102.20.235&country_code=DK&advertiser_id=5ddd764b9c1f697ce5c7b306&source=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&t=2&lang=en
Frame ID: 68C520817781267546FE09AB264A1E63
Requests: 32 HTTP requests in this frame
Frame:
https://player.vimeo.com/video/428030921
Frame ID: 1BA3D21F934071FF1E8A272156E61D62
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQXgEVAAAAAKio_rXAHEkREqAFp4V4H0sfpBEU&co=aHR0cHM6Ly9idGxvb3Bob2xlc3lzdGVtYXBwLmNvbTo0NDM.&hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&size=invisible&cb=ljh5atox0zdt
Frame ID: 0874A4CB3DF43812BE144CD88A6A9379
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://redirect-page-money.com/
HTTP 302
https://go.trckaffis.com/click?pid=95&offer_id=119 HTTP 302
https://btloopholesystemapp.com/?id=5fc67f74441fe200010f8f6d&offer_name=Bitcoin+Loophole&offer_id=119&affili... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
- script /googleapis\.com\/.+webfont/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://redirect-page-money.com/
HTTP 302
https://go.trckaffis.com/click?pid=95&offer_id=119 HTTP 302
https://btloopholesystemapp.com/?id=5fc67f74441fe200010f8f6d&offer_name=Bitcoin+Loophole&offer_id=119&affiliate_id=95&device_brand=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&device_model=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&device_os=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&ip=82.102.20.235&country_code=DK&advertiser_id=5ddd764b9c1f697ce5c7b306&source=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&t=2&lang=en Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
btloopholesystemapp.com/ Redirect Chain
|
85 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 686 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
btloopholesystemapp.com/css/ |
38 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ |
55 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bluebird.min.js
cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/ |
75 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl-logo.png
btloopholesystemapp.com/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uk.png
btloopholesystemapp.com/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bitimg.jpg
btloopholesystemapp.com/images/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
btloopholesystemapp.com/js/ |
131 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auto-push.min.js
api.md1syzz.info/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
884 B 793 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
428030921
player.vimeo.com/video/ Frame 1BA3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background_1.jpg
btloopholesystemapp.com/images/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
World-Map-poster-00001.jpg
btloopholesystemapp.com/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
businessinsider-logo.jpg
btloopholesystemapp.com/images/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto-castle-san-francisco-1750.jpg
btloopholesystemapp.com/images/ |
166 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jJ5VQBTm.jpg
btloopholesystemapp.com/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
725_Ly9jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZHMvdmlldy9hYTZiMDNjYTViOWU0Zjk5MjEyNzBhOTU5MDA4ZjY2ZS5qcGc.jpg
btloopholesystemapp.com/images/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forvs.png
btloopholesystemapp.com/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
960x0.jpg
btloopholesystemapp.com/images/ |
46 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
960x0-1-1.jpg
btloopholesystemapp.com/images/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shutterstock_176573198.jpg
btloopholesystemapp.com/images/ |
57 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
save_click.php
sdklplead.com/server/ |
16 B 680 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c0876cbf-b846-41f4-9670-847227b70844
api.md4syzz.info/rest/v1/p-apps/get-id/ |
129 B 781 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/ |
335 KB 131 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
btloopholesystemapp.com/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
anchor
www.google.com/recaptcha/api2/ Frame 0874 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| P function| $ function| jQuery function| tram object| Webflow string| baseURL string| defaultCountry string| countryFromQS string| numVerifyAccessKey number| step object| itis object| queryStringData function| initPage function| getParams function| fillParams function| serverAction function| submitStepOne function| submitStepTwo function| onFormSubmit function| setCountry function| todaysDate function| randomTimes function| initIti function| initPassword function| startTimer function| addPixel object| intlTelInputGlobals function| intlTelInput object| OneSignal object| _at function| InitializePush function| CheckImageAndReplace function| httpGetAsync function| getUrlVars function| getUrlParam object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_3952683 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.vimeo.com/ | Name: vuid Value: pl890112515.2066295314 |
|
btloopholesystemapp.com/ | Name: time Value: 1606844277 |
|
.btloopholesystemapp.com/ | Name: __cfduid Value: d60055de3f51c05a856b06f3e5dc296571606844276 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.md1syzz.info
api.md4syzz.info
btloopholesystemapp.com
cdn.onesignal.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
go.trckaffis.com
player.vimeo.com
redirect-page-money.com
sdklplead.com
www.google.com
www.gstatic.com
151.101.112.217
185.180.196.12
212.32.254.77
2606:4700:3030::681b:8fa2
2606:4700:3035::681b:b295
2606:4700:3035::681c:1b10
2606:4700:3036::ac43:c62e
2606:4700::6810:125e
2606:4700::6812:e134
2a00:1450:4001:802::2004
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:81a::2004
034086b426c1140b368add8c841730690e0b2f46ec20e1153ffd3d4128f26f09
1014a2c2e698f48bd59c6d0aba065247487c057bf2ac41ebe34e57f02e8e3fbd
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
14a2806a256579773a3680e21459dea7827d002104c6336856e0bef9a39be0c9
1f8a69382564232819db43f234fc5473bae3364067f39fa34f7ef31632bc895c
204c45e319121ef0a0fcde639f10aa40ce940c903ff8d745121c46e96e67f657
22af93193286598d711708ffb85884c99d745ea7979b684a73625b7c5b9ef421
23211a96d1174fc87a9f5f7647e7bf3052d7d270ff1f9dd28efdd4bd6a84766c
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
352533542c4c6d978d68ce377955399743aa01d08833865c206b313fd0dfff8e
3b5bd7d52e56260beaf7823e0ec5b5359648bf3b794960834be4870c8c9e6f2a
3ce6e9da70ba045642437044b401d86aa1de887deafde0bc95f3292b2bc75cc9
4830c5262cbe58b90037ca7766590f9898af49de0ec9804498d6242927443963
4a8df52b71e0fc738da41e818f6b0e5e9d8fc116b65b56d017a237245b4383fa
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
59fe74d3b3fbeea346db34ffedd1d3d600fd266df98018fce06ee3260eac98b9
5a63c08e3bcf886adb23d22f7e19b30b7b4b9ff512208a40f2a6ae787e897b5a
5fae05b7da53ce7affeef01de10305eaa136fa1a559fa01f263145296208ac3e
8347bc4db7742841076003e804cb78fb9ca91336930c8c9aac643db721c41627
864df870d04d1af1b11f6956d8ed185de01853fcf52f3d9004915bbc8d151563
89726095c1d6532723b3df518c059641e547425c7499def08964b4cf719b0292
8cd8159aabfd5c8862cd8fe4bb9e0e71a96f697da704e2470a884ebe17b67712
b06f7d0490cab0748132202a04418a8ff03b3c58435aa22f22ac241504ef0722
c1489c432bddf66a6908137bb677f3054d0462eba010fe9ebb18502d780eacbe
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d791be9edf734e28e6ae40b82d5f158977b5997b89f12575477f40dc27887a89
daa1bbf511a24987bd79c568c5bfde7b75fe4f026f673ac6b69061138b595a81
e0cc57b22061025ffff66f44c6e1910beb869a13c209974cbdf29fb37a9ed337
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9dd5dd1caba5e547c1909265c6d6fce64145d9f9978c198daf4d554fff2ae5d
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051