pokemongoreward.live
Open in
urlscan Pro
66.29.153.33
Malicious Activity!
Public Scan
Effective URL: https://pokemongoreward.live/
Submission: On May 23 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 5th 2022. Valid for: a year.
This is the only time pokemongoreward.live was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 66.29.153.33 66.29.153.33 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2600:9000:205... 2600:9000:2057:7c00:2:ddad:2880:21 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2600:9000:214... 2600:9000:214f:9000:1c:b3e3:eb40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:205... 2600:9000:2057:1400:11:ff71:2680:21 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2600:9000:206... 2600:9000:206f:8a00:13:652b:c180:21 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2a06:98c1:312... 2a06:98c1:3121::a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
39 | 7 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium138-4.web-hosting.com
pokemongoreward.live |
ASN16509 (AMAZON-02, US)
d12u7tum9sda5e.cloudfront.net |
ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net |
ASN16509 (AMAZON-02, US)
d3t3bxixsojwre.cloudfront.net |
ASN16509 (AMAZON-02, US)
dgu9g3a2kzqx2.cloudfront.net |
ASN13335 (CLOUDFLARENET, US)
www.visitorlocation.info | |
allfile.club |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
pokemongoreward.live
1 redirects
pokemongoreward.live |
469 KB |
13 |
cloudfront.net
d12u7tum9sda5e.cloudfront.net d13pxqgp3ixdbh.cloudfront.net d3t3bxixsojwre.cloudfront.net dgu9g3a2kzqx2.cloudfront.net |
385 KB |
5 |
allfile.club
allfile.club — Cisco Umbrella Rank: 780536 |
94 KB |
1 |
visitorlocation.info
www.visitorlocation.info |
921 B |
1 |
gstatic.com
fonts.gstatic.com |
9 KB |
39 | 5 |
Domain | Requested by | |
---|---|---|
20 | pokemongoreward.live |
1 redirects
pokemongoreward.live
|
5 | allfile.club |
pokemongoreward.live
|
5 | dgu9g3a2kzqx2.cloudfront.net |
pokemongoreward.live
|
5 | d13pxqgp3ixdbh.cloudfront.net |
pokemongoreward.live
|
2 | d3t3bxixsojwre.cloudfront.net |
d12u7tum9sda5e.cloudfront.net
|
1 | www.visitorlocation.info |
pokemongoreward.live
|
1 | fonts.gstatic.com |
pokemongoreward.live
|
1 | d12u7tum9sda5e.cloudfront.net |
pokemongoreward.live
|
39 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pokemongoreward.live Sectigo RSA Domain Validation Secure Server CA |
2022-05-05 - 2023-05-05 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-12-10 - 2022-12-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://pokemongoreward.live/
Frame ID: 7DC6D330E99CADEE7B9E6AFCF61BC5EA
Requests: 38 HTTP requests in this frame
Frame:
https://pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/saved_resource.html
Frame ID: 6F1FA73E310D6FADD835939EFCE14015
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Pokemon Go pokeCoin GeneratorPokemon Go pokeCoin GeneratorPage URL History Show full URLs
-
http://pokemongoreward.live/
HTTP 301
https://pokemongoreward.live/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pokemongoreward.live/
HTTP 301
https://pokemongoreward.live/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
pokemongoreward.live/ Redirect Chain
|
34 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.1950695.48e08.0.js.download
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
10 KB 10 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
1010 B 511 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
0 123 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
81 B 237 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
13 B 211 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
356 B 490 B |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css(1)
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
2 KB 2 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1632118566019b2f34a88cedc116e29f9b10790b81.png
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1619265496817b7e296dd02b6b911048ec12b2c9fe.png
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
99 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1631511082d12c19e7d3d0b269dc13901b06665228.png
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1632118567c900d28fb12fcba39f6de924b9e6288d.png
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
73 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
161909761701afebe6db914cae0df0e58526ed8013.png
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16190976186526b111b8742cc1c8da390a443f23d3.png
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js.download
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
13 B 172 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
84 KB 84 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d55dd3b.js
d12u7tum9sda5e.cloudfront.net/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8fc23cc.js.download
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ |
23 KB 23 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1632118567f6d48208cff3ef39043837b0fe2c250f.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
345 KB 346 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1631511083f39867fd92dd6caca83aa5112e8906ba.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RrQfboBx-C5_XxrBbg.woff2
fonts.gstatic.com/s/acme/v11/ |
8 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1631511082af4cbd30bb8e228fb659cbd3814499de.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16315110834d3bce670163ff1a6091c1f3c6701681.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16315110871513cf445e8490299c539a2221079730.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.2553144.37402.0.js
d3t3bxixsojwre.cloudfront.net/public/external/v2/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.2553144.37402.0.js
dgu9g3a2kzqx2.cloudfront.net/public/external/v2/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
data.php
www.visitorlocation.info/ |
56 B 921 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource.html
pokemongoreward.live/Pokemon%20Go%20pokeCoin%20Generator_files/ Frame 6F1F |
149 B 294 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click.mp3
allfile.club/robuxv2/ |
3 KB 3 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
laststep.mp3
allfile.club/robuxv2/ |
42 KB 43 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
poinrunning.mp3
allfile.club/robuxv2/ |
9 KB 9 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
selected.mp3
allfile.club/robuxv2/ |
2 KB 2 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
success.mp3
allfile.club/robuxv2/ |
37 KB 37 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d3t3bxixsojwre.cloudfront.net/public/ |
0 283 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
dgu9g3a2kzqx2.cloudfront.net/public/ |
0 286 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/ |
78 B 373 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/ |
78 B 372 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| audioclick object| audiolaststep object| audiopoinrunning object| audioselected object| audiosuccess number| plateformIndex function| selectPlatform number| cardclicked number| cardvalue function| selectedcard function| cardOver function| cardOut string| ow string| k string| st string| strcountry number| offset string| num object| data string| country string| code string| d function| proceed function| proceed2 undefined| s1 undefined| s21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pokemongoreward.live/ | Name: _cpguid Value: fmdc7q27u |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
allfile.club
d12u7tum9sda5e.cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
d3t3bxixsojwre.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
fonts.gstatic.com
pokemongoreward.live
www.visitorlocation.info
2600:9000:2057:1400:11:ff71:2680:21
2600:9000:2057:7c00:2:ddad:2880:21
2600:9000:206f:8a00:13:652b:c180:21
2600:9000:214f:9000:1c:b3e3:eb40:21
2a00:1450:4001:82b::2003
2a06:98c1:3121::a
66.29.153.33
01ee03394200dd8e3ce3cb0ebd6c7deed37091fcbd1b37bafd9e6e2798d5de30
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
080c528a4e9ee967b6be0e9e6426adc44d8e6a833f471becf7ae4a024f6e7769
0ade27a73fee2c59448d167864eda3aa8a6dd381e80dd6445fd8e851d8a1cd2e
0db8da9601b01317d011fc85db51d9cd903c9b68477f2029fa386b0dc3165d19
145fdf1b2bcad9cb0cfb7cfe15f4d3a925b54c4839ff5266fd24cd7453f833db
2a678ba18f051b9f2d95f4ada877249287492ff4e92121a894cb71d8bc0bdc17
59538cf5b94be64276276219e9692e85868d42a97ec61282f246aa0b3088e720
5d74ca00d513117f0b9209f6ede57a5966958c385a0ab820ea1b1792e959f19d
63e751eae24bf07e1db0b978fac8ef3b31d885076abea281e4b6554cd4322a9a
650ce463622d0a8ace64851159c3e6210b072a833aea3941cfa87bc548d315d9
6ac42a3b7f88179758713fb772b528d3531c8a12fea60185625f229bf9fdb129
77fb74c793e3bfa921d1cbfa6f781ac9a024c2b8aec71efd5495977f68bf5a9a
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7b043d0fd6475773f95c0b8b907bc5c5fc3d35c9c5bbd356c8a1f4a32872c520
8dbcaa593b1d8871e34a605b1a7563d873198b8c4ebfb7b15571eae7af190919
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
998b6341dbb1de236aec5ed3de251d5a31c7452f51666308de2e2ad919590f95
9cc4bdae2abea74974074d4b43d7d1c84dd7935060bdae0a984e6741987b5517
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
cd9f9fed5542c7133fd4afa181164c14ba98b8ac17df9fd23a64a096e4f2c084
d19cb75105c0617e2390b7c8bcd273d064febb1b52bf1f9e083274b8a23415cb
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268
dc19825ae505120593bd43ae70248a8fbf2aa3d0befd0e5c06dbcb99c307936e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fe3a3aa60e0d42d071ad8d00a843a79470221a9e6309214805ac389574fc2b
e8bd50ea50a072046a12eda5bafff5597404ea69df473523fb0f5e9cd06578b3
f7216b173b56d4075545af70e9b936f53ed8e8fb4825a72efadde7b36d382268
f84d90f9f0692ea2eb13bb5aec00ce2b57beae9b21891405e488672850f64df7
f8b43370d3ef25f77596ca6e0a5829c97cf475f9b9e32dcc5f9850a621fb28c8
fe4a5f15eee6bc994d0e98898077efb47663a0ca8b7c8f8a619477e5fa711f06