ror.cifuejwo.com Open in urlscan Pro
99.83.191.53 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ror.cifuejwo.com/pBQd.app
Submission Tags: phishing spamreports malicious Search All
Submission: On March 18 via api (March 18th 2022, 6:49:20 am UTC) from FR — Scanned from FR

Summary HTTP 24 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 99.83.191.53, located in United States and belongs to AMAZON-02, US. The main domain is ror.cifuejwo.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 5th 2022. Valid for: 3 months.

This is the only time ror.cifuejwo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
21	99.83.191.53 99.83.191.53		16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.232 142.250.184.232		15169 (GOOGLE) (GOOGLE)
1	163.171.133.124 163.171.133.124		54994 (QUANTILNE...) (QUANTILNETWORKS)
1	142.250.185.78 142.250.185.78		15169 (GOOGLE) (GOOGLE)
24	5

21 99.83.191.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa468fa90db8f87de.awsglobalaccelerator.com

ror.cifuejwo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.133.124 (France)

ASN54994 (QUANTILNETWORKS, US)

cstaticdun.126.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cifuejwo.com ror.cifuejwo.com	538 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	348 B
1	126.net cstaticdun.126.net — Cisco Umbrella Rank: 65295	25 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	64 KB
24	4

	Domain	Requested by
21	ror.cifuejwo.com	ror.cifuejwo.com
1	www.google-analytics.com	www.googletagmanager.com
1	cstaticdun.126.net	ror.cifuejwo.com
1	www.googletagmanager.com	ror.cifuejwo.com
24	4

This site contains no links.

Subject Issuer	Validity	Valid
ror.cifuejwo.com ZeroSSL RSA Domain Secure Site CA	`2022-01-05` - `2022-04-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.126.net GeoTrust RSA CN CA G2	`2021-11-30` - `2022-12-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ror.cifuejwo.com/pBQd.app
Frame ID: D8613E8D9BC616231DF33F0F2889CCFE
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FTX

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

626 kB
Transfer

1071 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pBQd.app Show response
ror.cifuejwo.com/ 42 KB
11 KB 1041ms
297ms Document
text/html 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 625a1399be4a28b1060ec2780cc14dc166510c1af78e74ca35ed96eddd86ee77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Fri, 18 Mar 2022 06:49:12 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding Accept-Encoding
cache-control: no-cache no-cache
content-language: de-DE
server: Tengine
x-cache-status: HIT
content-encoding: gzip

GET
H2 200 vipsignPage.css
ror.cifuejwo.com/js/ 49 KB
11 KB 709ms
708ms Stylesheet
text/css 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/vipsignPage.css
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: b86cd97853d9cff05a0e8b4f672d1d59e9eee51f57fc57adbb5dc7f147125941

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: text/css
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 swiper.css
ror.cifuejwo.com/js/ 19 KB
4 KB 602ms
600ms Stylesheet
text/css 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/swiper.css
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 3aaca7a7236458dac2af6a2533fe24c2fa79a4c14d638929ce1c2f9915500453

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: text/css
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 animate.css
ror.cifuejwo.com/js/ 52 KB
5 KB 602ms
601ms Stylesheet
text/css 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/animate.css
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: text/css
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 jquery-1.7.1.min.js Show response
ror.cifuejwo.com/js/ 92 KB
37 KB 613ms
612ms Script
application/javascript 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/jquery-1.7.1.min.js
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: e6e947190f73d01ac09f1a5e178dc4f2c6580a0e543ea760ee292ec9d1f6d34d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 swiper-3.4.2.min.js Show response
ror.cifuejwo.com/js/ 94 KB
27 KB 791ms
790ms Script
application/javascript 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/swiper-3.4.2.min.js
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: a18e7f7487a56a4c19068b935937cc47aa87d928cb0f7f95b55ca1978eb95a7d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 swiper.animate.js Show response
ror.cifuejwo.com/js/ 2 KB
799 B 707ms
706ms Script
application/javascript 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/swiper.animate.js
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 26c6ad4fd0bad666b68cd30ae9390319e57a73e9ed8b6ec12e014916215159fe

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 jquery.flexslider-min.js Show response
ror.cifuejwo.com/js/ 42 KB
8 KB 607ms
605ms Script
application/javascript 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/jquery.flexslider-min.js
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: c44d74e6968fccb5562a352785a577c8c2272ee13e943f6ebe24baec31cda4eb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 installSign.js Show response
ror.cifuejwo.com/js/ 6 KB
4 KB 603ms
602ms Script
application/javascript 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/installSign.js
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: eabbf6da662436991b1272398a086943a993e589fc89fa1ceabb8dd6b080f9e8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 clipboard.min.js Show response
ror.cifuejwo.com/js/ 11 KB
4 KB 707ms
707ms Script
application/javascript 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ror.cifuejwo.com/js/clipboard.min.js
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 18 Mar 2022 18:49:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
64 KB 109ms
42ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RMD4NVNGGN

Requested by

Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

25f6a3a65b71159ddabc399b6d6b8bc6a2415ea7421268cf08a2e7e56b31a3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64567
x-xss-protection: 0
expires: Fri, 18 Mar 2022 06:49:13 GMT

GET
H/1.1 200
OK load.min.js Show response
cstaticdun.126.net/ 66 KB
25 KB 129ms
19ms Script
application/javascript 163.171.133.124
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cstaticdun.126.net/load.min.js?t=201903281201
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.133.124 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 61a6fca163ebc7dcc8c240217421e88a10379a58fe7ff0e5d49306f33b303612

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 06:49:13 GMT
Content-Encoding: gzip
Age: 1
Transfer-Encoding: chunked
X-Via: 1.1 PSzjnbsxsr217:9 (Cdn Cache Server V2.0), 1.1 PSelsmskMOW3cd100:14 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2cm80:1 (Cdn Cache Server V2.0)
Connection: keep-alive
Last-Modified: Thu, 17 Mar 2022 09:32:20 GMT
Server: nginx
X-Ws-Request-Id: 62342b69_PSfgblPAR2rt76_44933-46883
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=300
Timing-Allow-Origin: *
Expires: Fri, 18 Mar 2022 02:29:15 GMT

GET
H2 200 1642130010720.png
ror.cifuejwo.com/oss/190187961450497/ios/ 21 KB
21 KB 595ms
595ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/oss/190187961450497/ios/1642130010720.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 6b5226bcecad1511ef244ac29f709c04bf484d009d6f4d3387b191798c26901f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-oss-object-type: Normal
date: Fri, 18 Mar 2022 06:49:14 GMT
x-oss-request-id: 6233FEA0BC153D3BB0C3EB86
last-modified: Sun, 06 Feb 2022 06:08:07 GMT
server: Tengine
content-md5: YYdvuZAl8tB7tr4BfnV9uw==
etag: "61876FB99025F2D07BB6BE017E757DBB"
x-cache-status: MISS
x-oss-storage-class: Standard
content-type: image/png
content-disposition: attachment
accept-ranges: bytes
x-oss-hash-crc64ecma: 15538701009617449552
content-length: 21348
x-oss-server-time: 47

GET
H2 200 xxing.png
ror.cifuejwo.com/img/ 289 B
567 B 601ms
599ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/xxing.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 5143e39c9d68588f715d79bf20ddd1f2bfd96bdea53d388b141247c0a2d4143d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 289
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 xing2.png
ror.cifuejwo.com/img/ 1 KB
1 KB 607ms
605ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/xing2.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 936485c62e99e024891c2399c403073acd3d8c6d8ec6369770178d57358aea64

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 1166
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 xing.png
ror.cifuejwo.com/img/ 300 B
578 B 708ms
706ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/xing.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 408175d164272070756b79c994dc4f0bbc8597df950b757420e94c563d5067c8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 300
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 install-profile-tips_0.png
ror.cifuejwo.com/img/ 32 KB
32 KB 698ms
696ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/install-profile-tips_0.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 78b7f86979800e0d4e02212ef7458633c9e8948ae26e181321a06802643e96e1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 32316
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 install-profile-tips_1.png
ror.cifuejwo.com/img/ 31 KB
31 KB 607ms
605ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/install-profile-tips_1.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 05e50bdf940ce7294d7319efb26a9e1008e04955f144a980b21ffe9681fd0ded

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 31572
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 install-profile-tips_2.png
ror.cifuejwo.com/img/ 17 KB
17 KB 601ms
599ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/install-profile-tips_2.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: f44760c85330e84dcb845630a9ec158d8a0a87ce4e9facf76ce17986d00a6ae2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 16983
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 install-profile-tips_3.png
ror.cifuejwo.com/img/ 27 KB
27 KB 709ms
707ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/install-profile-tips_3.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: dedb12e5543fd2eb5ffb02b617f82e7184ccb85971b5510f0ae607b5436b4c9c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 27227
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 safair_banner_new.png
ror.cifuejwo.com/img/ 254 KB
254 KB 707ms
705ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/safair_banner_new.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 32cf1cf9503836f1ee31e05ee340393c41bf92441917343720a8b6810bd3e81a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 259820
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 safari-tip_banner_en.png
ror.cifuejwo.com/img/ 33 KB
33 KB 604ms
603ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/safari-tip_banner_en.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 12fb093b56985ea8a254ade324b363d217259c97af0ebd3eae28ac7bb911a713

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 33471
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
H2 200 andriod_banner_new.png
ror.cifuejwo.com/img/ 10 KB
10 KB 712ms
711ms Image
image/png 99.83.191.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ror.cifuejwo.com/img/andriod_banner_new.png
Requested by: Host: ror.cifuejwo.com
URL: https://ror.cifuejwo.com/pBQd.app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.191.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa468fa90db8f87de.awsglobalaccelerator.com
Software: Tengine /
Resource Hash: 13ee197411f9aea4cb91cb0e50e390bcac7ea7a8e4a03391018b56b41b6fb996

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/pBQd.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:49:14 GMT
last-modified: Tue, 15 Mar 2022 03:23:38 GMT
server: Tengine
x-cache-status: MISS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 9866
expires: Fri, 18 Mar 2022 18:49:14 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e78b432881584ee8438c90d48db1a9dd614107475a30d4054d819f3392d43866

Request headers

Referer
Origin: https://ror.cifuejwo.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

POST
H2 204 collect
www.google-analytics.com/g/ 0
348 B 94ms
33ms Ping
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RMD4NVNGGN&gtm=2oe3e0&_p=124292208&sr=1600x1200&ul=en-us&cid=1818143657.1647586154&_s=1&dl=https%3A%2F%2Fror.cifuejwo.com%2FpBQd.app&dt=FTX&sid=1647586153&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMD4NVNGGN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ror.cifuejwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 06:49:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ror.cifuejwo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| Swiper function| swiperAnimateCache function| swiperAnimate function| clearSwiperAnimate object| jQuery17109460528826278416 object| pload string| mUdid string| mPlistUrl string| mProductID object| mPlistInfo number| mDTime object| mCallBack string| mChannel number| mPackStatus boolean| mAutoPack number| mDefaultPro object| mProgress function| progress function| hasClass function| addClass function| removeClass function| toggleClass number| failNum number| failNumMax object| socket string| host string| udidapi string| opensysapi object| install function| ClipboardJS function| gtag object| dataLayer object| _0xd984 function| _0x44b9 function| initNECaptcha string| platform string| browser boolean| is_x_port object| fill object| tips function| queryPlatform function| onDownloadClick function| onPasswodDownloadClick function| onAuthorCodeDownloadClick function| oniOSDownloadClick function| downloadAndriod string| alias undefined| udid undefined| sessionId undefined| sig undefined| token undefined| downloadId undefined| intervalId number| step number| pgs number| speed undefined| progressIntervalId undefined| password undefined| authorization_code object| captchaIns undefined| ext boolean| clip boolean| isDownload number| downloadState undefined| mdm function| download function| downmobileConfig function| getUdid function| getPassword function| getExt function| getMdm function| getAuthorCode function| getCookie function| GetQueryString function| startProgress function| calStep function| downloadClip object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cifuejwo.com/	1970-01-20 19:10:58	Name: _ga_RMD4NVNGGN Value: GS1.1.1647586153.1.0.1647586153.0
			.cifuejwo.com/	1970-01-20 19:10:58	Name: _ga Value: GA1.1.1818143657.1647586154

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cstaticdun.126.net
ror.cifuejwo.com
www.google-analytics.com
www.googletagmanager.com
142.250.184.232
142.250.185.78
163.171.133.124
99.83.191.53
05e50bdf940ce7294d7319efb26a9e1008e04955f144a980b21ffe9681fd0ded
12fb093b56985ea8a254ade324b363d217259c97af0ebd3eae28ac7bb911a713
13ee197411f9aea4cb91cb0e50e390bcac7ea7a8e4a03391018b56b41b6fb996
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
25f6a3a65b71159ddabc399b6d6b8bc6a2415ea7421268cf08a2e7e56b31a3aa
26c6ad4fd0bad666b68cd30ae9390319e57a73e9ed8b6ec12e014916215159fe
32cf1cf9503836f1ee31e05ee340393c41bf92441917343720a8b6810bd3e81a
3aaca7a7236458dac2af6a2533fe24c2fa79a4c14d638929ce1c2f9915500453
408175d164272070756b79c994dc4f0bbc8597df950b757420e94c563d5067c8
5143e39c9d68588f715d79bf20ddd1f2bfd96bdea53d388b141247c0a2d4143d
61a6fca163ebc7dcc8c240217421e88a10379a58fe7ff0e5d49306f33b303612
625a1399be4a28b1060ec2780cc14dc166510c1af78e74ca35ed96eddd86ee77
6b5226bcecad1511ef244ac29f709c04bf484d009d6f4d3387b191798c26901f
78b7f86979800e0d4e02212ef7458633c9e8948ae26e181321a06802643e96e1
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
936485c62e99e024891c2399c403073acd3d8c6d8ec6369770178d57358aea64
a18e7f7487a56a4c19068b935937cc47aa87d928cb0f7f95b55ca1978eb95a7d
b86cd97853d9cff05a0e8b4f672d1d59e9eee51f57fc57adbb5dc7f147125941
c44d74e6968fccb5562a352785a577c8c2272ee13e943f6ebe24baec31cda4eb
dedb12e5543fd2eb5ffb02b617f82e7184ccb85971b5510f0ae607b5436b4c9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e947190f73d01ac09f1a5e178dc4f2c6580a0e543ea760ee292ec9d1f6d34d
e78b432881584ee8438c90d48db1a9dd614107475a30d4054d819f3392d43866
eabbf6da662436991b1272398a086943a993e589fc89fa1ceabb8dd6b080f9e8
f44760c85330e84dcb845630a9ec158d8a0a87ce4e9facf76ce17986d00a6ae2