ch-nachrichten.com
Open in
urlscan Pro
31.220.40.15
Malicious Activity!
Public Scan
Effective URL: https://ch-nachrichten.com/2/newsspy.html?uclick=ho2txrbl
Submission: On February 01 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 1st 2019. Valid for: 3 months.
This is the only time ch-nachrichten.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 37.48.65.150 37.48.65.150 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 | 54.172.94.62 54.172.94.62 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 52.7.246.181 52.7.246.181 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 138.68.103.129 138.68.103.129 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
36 | 31.220.40.15 31.220.40.15 | 206264 (AMARUTU-T...) (AMARUTU-TECHNOLOGY) | |
4 | 2a00:1450:400... 2a00:1450:4001:81a::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
42 | 4 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-94-62.compute-1.amazonaws.com
usd.photios-raj.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-7-246-181.compute-1.amazonaws.com
usd.dauid-iep.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
ch-nachrichten.com
ch-nachrichten.com |
1 MB |
4 |
gstatic.com
fonts.gstatic.com |
65 KB |
1 |
bgtrk.com
1 redirects
bgtrk.com |
212 B |
1 |
dauid-iep.com
usd.dauid-iep.com |
2 KB |
1 |
photios-raj.com
usd.photios-raj.com |
2 KB |
1 |
oreileyauto.com
1 redirects
oreileyauto.com |
394 B |
42 | 6 |
Domain | Requested by | |
---|---|---|
36 | ch-nachrichten.com |
usd.dauid-iep.com
ch-nachrichten.com |
4 | fonts.gstatic.com |
ch-nachrichten.com
|
1 | bgtrk.com | 1 redirects |
1 | usd.dauid-iep.com |
usd.photios-raj.com
|
1 | usd.photios-raj.com | |
1 | oreileyauto.com | 1 redirects |
42 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ch-nachrichten.com cPanel, Inc. Certification Authority |
2019-02-01 - 2019-05-02 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-01-15 - 2019-04-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ch-nachrichten.com/2/newsspy.html?uclick=ho2txrbl
Frame ID: 0AEFC98551803D7AA1F801C7507E67D0
Requests: 42 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://oreileyauto.com/
HTTP 302
http://usd.photios-raj.com/zcvisitor/907c5a4a-263d-11e9-86c8-128460cc3e64?campaignid=11acdb90-2624-11e9... Page URL
- http://usd.dauid-iep.com/zcredirect?visitid=907c5a4a-263d-11e9-86c8-128460cc3e64&type=js&browserWidth... Page URL
-
https://bgtrk.com/click.php?key=b0e1a9ozwpnjrgwaer50&cid=zr907c5a4a263d11e986c8128460cc3e64b35...
HTTP 302
https://ch-nachrichten.com/2/newsspy.html?uclick=ho2txrbl Page URL
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://oreileyauto.com/
HTTP 302
http://usd.photios-raj.com/zcvisitor/907c5a4a-263d-11e9-86c8-128460cc3e64?campaignid=11acdb90-2624-11e9-b288-12077332b422 Page URL
- http://usd.dauid-iep.com/zcredirect?visitid=907c5a4a-263d-11e9-86c8-128460cc3e64&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
-
https://bgtrk.com/click.php?key=b0e1a9ozwpnjrgwaer50&cid=zr907c5a4a263d11e986c8128460cc3e64b35ce0c95af342729471869def239c5d03582483637d6e4b59&target=zulu-gad-JNhB4Ovy&campaign_id=1146267&geo=DE&keyword=oreillyauto%2Cauto+parts%2Cauto+repair+manual%2Cheating+and+cooling+systems%2Coreileyauto%2Coreileyauto.com&source=badious-buzzard&match=auto&campaign_name=newsspy+test&carrier=unknown&traffic_type=DOMAIN&visitor_type=NON-ADULT
HTTP 302
https://ch-nachrichten.com/2/newsspy.html?uclick=ho2txrbl Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://oreileyauto.com/ HTTP 302
- http://usd.photios-raj.com/zcvisitor/907c5a4a-263d-11e9-86c8-128460cc3e64?campaignid=11acdb90-2624-11e9-b288-12077332b422
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
907c5a4a-263d-11e9-86c8-128460cc3e64
usd.photios-raj.com/zcvisitor/ Redirect Chain
|
1004 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
usd.dauid-iep.com/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
newsspy.html
ch-nachrichten.com/2/ Redirect Chain
|
29 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
ch-nachrichten.com/2/ |
134 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
ch-nachrichten.com/2/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
ch-nachrichten.com/2/ |
8 KB 1 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yPYA5s6.png
ch-nachrichten.com/2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2g9BbJW.png
ch-nachrichten.com/2/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2XJVccD.jpg
ch-nachrichten.com/2/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sMrqQs0.png
ch-nachrichten.com/2/ |
138 KB 139 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zFErQiM.jpg
ch-nachrichten.com/2/ |
110 KB 111 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hKROvCX.jpg
ch-nachrichten.com/2/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CdNpFmb.png
ch-nachrichten.com/2/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
axfSouK.jpg
ch-nachrichten.com/2/ |
64 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eo0X580.jpg
ch-nachrichten.com/2/ |
96 KB 96 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iLdqIVV.jpg
ch-nachrichten.com/2/ |
70 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Z55YlEs.jpg
ch-nachrichten.com/2/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NYX3ID3.jpg
ch-nachrichten.com/2/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vNAMHFU.png
ch-nachrichten.com/2/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ihwty20.png
ch-nachrichten.com/2/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GvJOxkX.png
ch-nachrichten.com/2/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
raKjujl.png
ch-nachrichten.com/2/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ob9sWs2.png
ch-nachrichten.com/2/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tnMFcmu.png
ch-nachrichten.com/2/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FtLiNWw.png
ch-nachrichten.com/2/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
YCkp487.png
ch-nachrichten.com/2/ |
341 B 655 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uuYsexU.png
ch-nachrichten.com/2/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xzjO3Yy.png
ch-nachrichten.com/2/ |
43 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XyiWbEi.png
ch-nachrichten.com/2/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
T6Gdbnc.png
ch-nachrichten.com/2/ |
197 KB 197 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CpzkRFZ.png
ch-nachrichten.com/2/ |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OqAOOc1.png
ch-nachrichten.com/2/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skEe8cE.jpg
ch-nachrichten.com/2/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1rP5aSe.png
ch-nachrichten.com/2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dqgKOE7.jpg
ch-nachrichten.com/2/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qP7aLqG.png
ch-nachrichten.com/2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MMcZOC5.png
ch-nachrichten.com/2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DoonMLF.png
ch-nachrichten.com/2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| speak function| getURLParameter function| checkZero function| time function| today0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' |
X-Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bgtrk.com
ch-nachrichten.com
fonts.gstatic.com
oreileyauto.com
usd.dauid-iep.com
usd.photios-raj.com
138.68.103.129
2a00:1450:4001:81a::2003
31.220.40.15
37.48.65.150
52.7.246.181
54.172.94.62
154f9f00ace64087471b8c8dae62b8438ddab2dc614963ffca46ef93e8df7c38
1578fe78e280dd26e20fd8de23ecb801f7294c4089db320ffa8910624f208f60
1c89211b359f9257bde79ab1d278c871eb39da4606b2a60794c52644b350406a
20bc226e55620854aaad6884ab69c267b1d7d4848cc2f79d2786df6cfe9415e3
2579090c4784dd7f2f8aab43845e6d572281d0ae378a761aaeb467d2a241ac90
29879e78b9e202d89ec9f9f444da30b0c36d156b524b7f9063a676a67851ae64
308293f0cbd876e7e1d3ccf5f6e884d4faff35561fe17690dfdde22f2f434fb5
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3cbc39309a8dd7eb0ea73df69cde8348d9c1040297bf2acd1072e2461c13664c
478a8becc5fda13c9d9fb6babb35530436c7197105fab62aa6e31e4ee08ec5e9
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4db969f1265eb2922cadd90a686740b05eb8d9c54766eff1716ba25193eb9aea
55443cdac503f996ef24f65f1992d3fcc84d311bb1019b3c19d43f2f97746016
58ebb36b9ecddb27dfe5eaea4f1a9002263aa42f8861f8eba840c0e4202ef844
670eadb1f3d9790d821a8388d0f05dead06aac99c147eda5ec668b61fda94dd7
6933694c84537172515f9ca009256ba11cdea48682244f19ecaa7a9b9d557f1b
69dff2fac35d9ef7051a5773b2b837f62eb19fa221480af96e4f5b082e73e66f
73aa831e99cef5d5a26449d12035eb33c6f276901b0dc0611997d33368c41cb0
757575bcb824882794122efb34523b99223ff9fe19b79baed85d62104fa2e707
7fa4affa22bad99427dc43679fe15eebbed9969e6c4ea41cded4c8fea741bd6b
86810ef1e26c0d50902c0615fb2678238348b98b0e2a65d258120586806a5522
88acf9f9e61ddae161acbcaa9803808b1a011a632d9b24b7c9f2ad1de658931d
9d14d3246730df2c5856f526199847f9ad58f97d93823c6cca2fa90149a26399
a181c385a530d0f95d498f619857c1aa5d95f9654536df1934a4274a63030ff0
a24dff64733590d00b3bc1e0d5e5bef53f1a8c4248eeaea748207947fc268a80
a60a31e4e77b8fb6360b986653ac24762db5249892d8907099b7109d2194110c
acf6fa414fd43519b3e5ab31c3119f3746ea92ba03ea75581ffc67a2fc7e40e1
ba230b74a71dcd80ebeb5b53476b182de8ae1c25f20a925fe9a9c86f156dd814
bc596ea90d1b977bee54f65f5334bcc9935f59d0a0f18787bd7ca01afc882020
beddbd1578c7ee83b26bdfe216de90f3616e971b9e0953c68f00f85398d8ae2c
c80850230c2d339a8a3dbec22416c728d2510563d52456ffe95a4447c5d4bc6d
d623bcbfa3514674b8de5fe9b50ecb243c6b26a02b221ccbb1780f98eb9d4509
e125474db5224acf5063cbff4f5b1c15e118bea645cd872bd838640f9c6b824f
e59fcdced01c32cc6a70332afe07d33b31d4bc0361a02ab9bd5e94b3e43e770d
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
eb799c0a98db4841c4bc52f76dac2576c7211d47f87e164a2ff875f7f0e0c30b
ed5f829cc976fd1cb4af95217662112a3b481c808ed7a4b2150d91952529e9c4
f051375c30672f1cbfeea077446738ad376210deecc1d266103ebcf7a48fa088
fad92bbbe4398be9b0814fbb839048e5ad162df10d657b5315097c65f832407b
fda0ab1234b22e03ce02f05a1a9c3a29abe5b036abb5cea0eb2a3a706448c7ac