bjihca.offrsmart.com
Open in
urlscan Pro
5.104.107.248
Malicious Activity!
Public Scan
Submitted URL: http://uwnewark.org/
Effective URL: https://bjihca.offrsmart.com/s/abc81313153b7
Submission: On November 18 via manual from US — Scanned from DE
Effective URL: https://bjihca.offrsmart.com/s/abc81313153b7
Submission: On November 18 via manual from US — Scanned from DE
Summary
This website contacted 4 IPs
in 1 countries
across 5 domains to perform 44 HTTP transactions.
The main IP is 5.104.107.248, located in
and
belongs to .
The main domain is bjihca.offrsmart.com.
TLS certificate: Issued by R10 on November 7th 2024. Valid for: 3 months.
This is the only time bjihca.offrsmart.com was scanned on urlscan.io!
TLS certificate: Issued by R10 on November 7th 2024. Valid for: 3 months.
This is the only time bjihca.offrsmart.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 4 | 35.212.105.36 35.212.105.36 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2600:9000:205... 2600:9000:2057:6400:5:acf3:db40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 2a06:98c1:312... 2a06:98c1:3121::3 | () () | |
| 29 | 5.104.107.248 5.104.107.248 | () () | |
| 44 | 4 |
4
35.212.105.36
(Washington, United States)
ASN15169 (GOOGLE, US)
PTR: 36.105.212.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 36.105.212.35.bc.googleusercontent.com
| uwnewark.org |
2
2600:9000:2057:6400:5:acf3:db40:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d1rozh26tys225.cloudfront.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 29 |
offrsmart.com
bjihca.offrsmart.com |
214 KB |
| 4 |
uwnewark.org
1 redirects
uwnewark.org |
6 KB |
| 2 |
cloudfront.net
d1rozh26tys225.cloudfront.net |
4 KB |
| 1 |
infosystemsllc.com
1 redirects
infosystemsllc.com |
653 B |
| 0 |
tdsjsext1.com
Failed
tdsjsext1.com Failed |
|
| 44 | 5 |
| Domain | Requested by | |
|---|---|---|
| 29 | bjihca.offrsmart.com |
uwnewark.org
bjihca.offrsmart.com |
| 4 | uwnewark.org |
1 redirects
uwnewark.org
|
| 2 | d1rozh26tys225.cloudfront.net |
uwnewark.org
|
| 1 | infosystemsllc.com | 1 redirects |
| 0 | tdsjsext1.com Failed |
bjihca.offrsmart.com
|
| 44 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| uwnewark.org R10 |
2024-09-25 - 2024-12-24 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
| offrsmart.com R10 |
2024-11-07 - 2025-02-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bjihca.offrsmart.com/s/abc81313153b7
Frame ID: 4A4A805B2D525264217E1F7E947BD442
Requests: 36 HTTP requests in this frame
Screenshot
Page Title
Robot Challenge ScreenPage URL History Show full URLs
-
http://uwnewark.org/
HTTP 307
https://uwnewark.org/ Page URL
- https://uwnewark.org/.well-known/sgcaptcha/?r=%2F&y=ipr:45.141.152.74:1731933435.915 Page URL
- https://uwnewark.org/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTczMTkzMzQzNjozMDAzNTUyYjozNjA5ZTkyMDV... Page URL
-
https://uwnewark.org/
HTTP 302
https://infosystemsllc.com/?cstja0l109qc73d6dnhg HTTP 302
https://bjihca.offrsmart.com/s/abc81313153b7 Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://uwnewark.org/
HTTP 307
https://uwnewark.org/ Page URL
- https://uwnewark.org/.well-known/sgcaptcha/?r=%2F&y=ipr:45.141.152.74:1731933435.915 Page URL
- https://uwnewark.org/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTczMTkzMzQzNjozMDAzNTUyYjozNjA5ZTkyMDViYmY4YTI0M2ZiODNlMGI1YzJiMmQzZjM4MzUwNmI2NTc4NGFlNjM0NDFiZjdmMTY2OTY0NTY0OnzxtQ%3D%3D&s=5390:1305755 Page URL
-
https://uwnewark.org/
HTTP 302
https://infosystemsllc.com/?cstja0l109qc73d6dnhg HTTP 302
https://bjihca.offrsmart.com/s/abc81313153b7 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://uwnewark.org/ HTTP 307
- https://uwnewark.org/
44 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
uwnewark.org/ Redirect Chain
|
168 B 431 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
uwnewark.org/.well-known/sgcaptcha/ |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
robot-suspicion.svg
d1rozh26tys225.cloudfront.net/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.svg
d1rozh26tys225.cloudfront.net/ |
846 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
988d5083-f21b-486b-b6ea-11be6dfb3cd8
https://uwnewark.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
uwnewark.org/.well-known/sgcaptcha/ |
300 B 698 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
abc81313153b7
bjihca.offrsmart.com/s/ Redirect Chain
|
52 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
bjihca.offrsmart.com/bundle/110/assets/css/ |
98 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.css
bjihca.offrsmart.com/bundle/110/assets/css/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
bjihca.offrsmart.com/bundle/110/assets/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr-2.6.2-respond-1.1.0.min.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
18 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui.min.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
223 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en-en.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
returnDate.en.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
686 B 770 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_f01.png
bjihca.offrsmart.com/bundle/110/assets/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo1.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo2.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
amazon_fall1000.png
bjihca.offrsmart.com/bundle/110/assets/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img1.jpg
bjihca.offrsmart.com/bundle/110/assets/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img2.jpg
bjihca.offrsmart.com/bundle/110/assets/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3temv7e.jpg
bjihca.offrsmart.com/bundle/110/assets/img/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9PH2QqX.jpg
bjihca.offrsmart.com/bundle/110/assets/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
EKZrmbS.jpg
bjihca.offrsmart.com/bundle/110/assets/img/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KqX499j.png
bjihca.offrsmart.com/bundle/110/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DsrKpkj.jpg
bjihca.offrsmart.com/bundle/110/assets/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
plR22yu.jpg
bjihca.offrsmart.com/bundle/110/assets/img/ |
1017 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
comment.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
1 KB 755 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js.cookie6_pure.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bbms.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
751 B 764 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
exit_ms.js
bjihca.offrsmart.com/bundle/110/assets/js/ |
2 KB 833 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
getextparams
tdsjsext1.com/ExtService.svc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
chrome58x58.png
bjihca.offrsmart.com/bundle/110/assets/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
logo_f01.png
bjihca.offrsmart.com/bundle/110/assets/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
bjihca.offrsmart.com/ |
0 107 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- uwnewark.org
- URL
- blob:https://uwnewark.org/988d5083-f21b-486b-b6ea-11be6dfb3cd8
- Domain
- tdsjsext1.com
- URL
- https://tdsjsext1.com/ExtService.svc/getextparams
- Domain
- bjihca.offrsmart.com
- URL
- https://bjihca.offrsmart.com/bundle/110/assets/img/logo_f01.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bjihca.offrsmart.com
d1rozh26tys225.cloudfront.net
infosystemsllc.com
tdsjsext1.com
uwnewark.org
bjihca.offrsmart.com
tdsjsext1.com
uwnewark.org
2600:9000:2057:6400:5:acf3:db40:21
2a06:98c1:3121::3
35.212.105.36
5.104.107.248
08a6d6a3e70f635f60fcb78ba4f00d0581386ac639f8f9fa5ef7d6d191b2225a
0ba871a68bb8af1a54a62bb7e4279733ae983b4a1234f7ee26c534b66c15dbbe
1cfc8b8dfb6c180d006c444ed3b0d29a99e4660494da56be9794898ae95f0300
24b74053b691cba6b4e4ab6d224b86c157e03802e9e244a8e5f3a3587a95ba64
28de598585b70acf48072e2a416dec327e7d58863496aefe6adf150e5f2d4f15
2aaebdb3df88188a845ca802234281e26f123585a4d13da192f2e12b38f806f0
2daeb17e9e68f8b31df1869688ad00d26e7a957c9934fca5686721b32833cb1e
2dea5123cd52257c0b829d41c56d4963228b45b1ec355737d60bb6645c94f50e
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624
53371adaf52c1e4600ecb7baaa6c62d1b6fd8b753ef4a7486feb3a41077a9110
60dc662df463ede4ecd32c9f99f6adc59713ffc9dc5bb7cf35733557825bf32d
6da641945a2082cb722aa74f8d349c44f6295d3a49e2d41ae1b98244dba4501e
818a6e33bd874a08fd9333963f5bbc2af0077f03ab193c4af35eec564394f768
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
91e5c1968eee9298437a097fd47978a077d667e086593ab0fd7988ef60d2ddf4
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9d3497a2d77fdd3eeeca1fa511771f641dd2cf62380a65513c1c9c81ffa0c856
9fe20858880a76368783eeb95987ef0b7f9ccaf409e47b81eb80afc0b8bcf812
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
c08cb49c6b1502c73f3cb0029a206f3dd639a95030f86525ac748974d410b69a
cf56b871c20ea4d47525ca763466aa03a8dfabd5a1900e685fa59a11f32cd697
daed5f030b7d78e92c71aa05601d7bc94a8c59f4037363666f02e5611fc5de42
ddb4a8fe630cda4853312bf576429166ca074167ec93d38b24fc80d166f52a34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
e8b1cb34c2062ec092667aacdc006c21cdc09446b83cdeebef5564d93eeb082c
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
fe8b847f9788e1204c6b3266aa44a84aa997e158c6cc23dfb40d37228a57c1ac