www.wealthmaster.us
Open in
urlscan Pro
95.179.163.113
Malicious Activity!
Public Scan
Effective URL: https://www.wealthmaster.us/cl-mayor-saavendra/?user=82.102.20.235&camp=825&device=Desktop&brand=Immediate%20Edge&ts=3&lpkey...
Submission Tags: falconsandbox
Submission: On November 20 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 5th 2020. Valid for: 3 months.
This is the only time www.wealthmaster.us was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 47.254.134.165 47.254.134.165 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
29 | 95.179.163.113 95.179.163.113 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
4 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:214... 2600:9000:214f:b200:19:208b:34c0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
38 | 5 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
securedoffer.live |
ASN20473 (AS-CHOOPA, US)
PTR: 95.179.163.113.vultr.com
www.wealthmaster.us |
ASN16509 (AMAZON-02, US)
d3u58m9nr6yaqb.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
wealthmaster.us
www.wealthmaster.us |
780 KB |
4 |
gstatic.com
fonts.gstatic.com |
37 KB |
2 |
cloudfront.net
d3u58m9nr6yaqb.cloudfront.net |
15 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
securedoffer.live
1 redirects
securedoffer.live |
469 B |
38 | 6 |
Domain | Requested by | |
---|---|---|
29 | www.wealthmaster.us |
www.wealthmaster.us
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | d3u58m9nr6yaqb.cloudfront.net |
www.wealthmaster.us
|
2 | fonts.googleapis.com |
www.wealthmaster.us
|
1 | code.jquery.com |
www.wealthmaster.us
|
1 | securedoffer.live | 1 redirects |
38 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
securedoffer.live |
divididodiariamenteuno.com |
secureoffers.xyz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.wealthmaster.us Let's Encrypt Authority X3 |
2020-11-05 - 2021-02-03 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.wealthmaster.us/cl-mayor-saavendra/?user=82.102.20.235&camp=825&device=Desktop&brand=Immediate%20Edge&ts=3&lpkey=167a05df910141e567&uclick=9lhqxoa5&uclickhash=9lhqxoa5-9lhqxoa5-3v8n-0-xo6j-8rrnwj-fne2bl-c07ea1
Frame ID: E54F0F8665AABD46FDAC7000FAAED46C
Requests: 38 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://securedoffer.live/click.php?key=9ekqe428qroa7ay9cm2u&bingclickid&adid=75728999392245&campaign=...
HTTP 302
https://www.wealthmaster.us/cl-mayor-saavendra/?user=82.102.20.235&camp=825&device=Desktop&brand=Immedia... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Maior
Search URL Search Domain Scan URL
Title: Principais
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://securedoffer.live/click.php?key=9ekqe428qroa7ay9cm2u&bingclickid&adid=75728999392245&campaign=cl&device=c&matchtype=p&kwd=the&term=the%20soapy%20mint%20enjuague%20herbal&ref=https%3A%2F%2Fwww.bing.com%2F
HTTP 302
https://www.wealthmaster.us/cl-mayor-saavendra/?user=82.102.20.235&camp=825&device=Desktop&brand=Immediate%20Edge&ts=3&lpkey=167a05df910141e567&uclick=9lhqxoa5&uclickhash=9lhqxoa5-9lhqxoa5-3v8n-0-xo6j-8rrnwj-fne2bl-c07ea1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.wealthmaster.us/cl-mayor-saavendra/ Redirect Chain
|
101 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tidyx-v2.css
www.wealthmaster.us/cl-mayor-saavendra/ |
43 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 909 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eyh8lt6pvgjkk8tm8hwc.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
99 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f4aeunymwsp91qzldptq.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
66 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l0gfe5smi1fgy8pzi5w2.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vilarolln8fichedsvnh.png
www.wealthmaster.us/cl-mayor-saavendra/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
weha5vrfnmtyxn4kqhfp.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slimu6ggfon8e4w5szu2.png
www.wealthmaster.us/cl-mayor-saavendra/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
423978_10210643158807484_4625467277978165616_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
880513_10153182441573635_6391766102196689121_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8119267_10155363709609924_958378663814436125_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
265090_10158355004655716_6815458511175803011_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6406523_1345882538809440_8201065904356080273_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
807461_10211764664812826_5680036435541740063_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3631522_1146706165402703_3256702316997043506_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4222287_1065953200155875_6514575430883754204_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2088299_1047136358664501_9121132063381418917_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
540562_430147157013818_32273000_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2651359_1104018629642643_1802809274505192979_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c11.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
1004 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
222397_10156169859605550_2186676355225458227_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
26254_100854763287133_3441493_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
174412_10211484033439027_3968979027246986980_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
669670_10207353042137627_8224718532595991020_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c9.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
13417709_10156999054495156_89965319140675792_n.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lduk9ctp7reew09irzzq.png
www.wealthmaster.us/cl-mayor-saavendra/ |
157 KB 158 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.jpg
www.wealthmaster.us/cl-mayor-saavendra/ |
97 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylefb.css
www.wealthmaster.us/cl-mayor-saavendra/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
d3u58m9nr6yaqb.cloudfront.net/crypto-claudior/index_files/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.png
d3u58m9nr6yaqb.cloudfront.net/crypto-claudior/index_files/ |
498 B 815 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dayNames object| monthNames object| now number| dayOfTheWeek function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
d3u58m9nr6yaqb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
securedoffer.live
www.wealthmaster.us
2001:4de0:ac19::1:b:1b
2600:9000:214f:b200:19:208b:34c0:21
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
47.254.134.165
95.179.163.113
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
181319351f77d64e5f4a2e12664885402ea8392d14b3a8c053857a097de0bebf
1f41f70e7cea4bc58244681fe6700e35267ec01a610689868f3cd457ae369708
215a359468aaeeb03a0b02ee8344f1439a802d6f3dce29093775dab328663549
2180b0807d7b26b0d93198d2c82df131b5419bc218be05f7dcaba4a0cd973bfa
2e8493a09397971119c5512a573022e48925acf934bd7bc4c976244b2c75888b
3d9df39c95cf741a459e988036573a48cbb1c1d48ee6cfedc5a9db2b95e16d15
4c8309fd3817b1d1372b1abcd36591f30d405e3e66105ca19073b0993e4eca57
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b6576b78c0f0b91757010ce29892e6d6fbba3958ec17f7cb58abe850ff18888
60059758bb25ad27e37cabf48a360dcda6d3330bce1ed4572b57e2853b4fd48e
66814a54134eb3041eebfc2a4f06aaffad885be34bcc6dc2ec98f66d0a0bf80f
70910dd5fb0607c1f2f41da49ea5a1022e6f0cf04f5543a159180f7000234b1d
735b4b98829a1b4b120b6d457def62d92cbb1325394a54ff528172d4b4912e5a
798e9d2a172c1eec2026d63d6aca821b7646d6145c3496b58fcf629e19c5fd49
7bd8f59f2267db534237dc801c434e6d3e33b889fc55223535134d5116a1e39c
82a7bd2899f7b37fd17a184a8b7eb47d4496ceca3729724390e1dc1a25fcaf9c
870383064b6c65c7d29d8eb50d2dd3a711a6765dddff709665f1a829b82e9aa4
956632bfad102f9358f3c4e436b50d52903edc607ddcbeb224095522c0b4747c
973373859d28d6c3abc165ba2f901db2408c4f418064e73d04c998ad7ce504dc
9c62a8b9137c68962f313092351bf1fdc19d36104ef688d23f9b9be74ebb91d7
a08098a6b2e5541d18e264815dfef3b73661b4d8c8f9e23c05565cd058266a9c
a3a0925456a8597408751da7374d0cae96715ad412060885e06a843d884c8223
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a57e97c05658e7a59e616482a800234845b0a9da9405c9022855b567a7ae12e7
a7705f96b0e9524ec0460465c872d99d613042022843cb4fade3b15529df321b
affc91ada583cb71946662b31e53356dadd831a0abc903f0e6a83947748de8a5
b4bcb9f8951ee9fb026abdcc1a3a9b7b3fa53d7b2b965bc559aac75d5cbdd295
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c6e4c6e79b7f4984cd76d3580170ad7ffdc716b6f1b5d7c1a99964729b19d710
ca306c3a5cba60d62d2ad6169f1cb83299fbe07db008b533438952d500eb0ef9
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
dbe45ee114d8d35ffe978af646ef381d959d1b2f664e6482d0a4ce77e82aab52
dcff1e05cc10b4565ab4263b99022f01bd66fdd0e62f39d00234518d30c71819
e35836f41fd7af4b44d7fa681dc2409b654926c5cb99689c00d4c4e010e7823c
fd4f300fbc68b70576ea96efb05e027e7290c378bc3857f6da97dbbbaa473aa8
ffe6563f87f717c86a3e386dfabfe013f3c99f4f3f47a7576f121187daea445a