![](/screenshots/2d319c1c-1ee9-4973-8743-d9f6880af3f5.png)
allianz-market.site
Open in
urlscan Pro
2606:4700:3032::6815:57d3
Public Scan
Effective URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Submission: On May 18 via manual from PL
Summary
This is the only time allianz-market.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: sp2.f7-networks.com
gazeta24.wroclaw.pl |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-165-42.eu-central-1.compute.amazonaws.com
i0f.short.gy |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
twisterassetsfilestorage.blob.core.windows.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
twisterfilestorage.blob.core.windows.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
windows.net
twisterassetsfilestorage.blob.core.windows.net twisterfilestorage.blob.core.windows.net |
9 MB |
4 |
facebook.com
www.facebook.com |
691 B |
3 |
facebook.net
connect.facebook.net |
169 KB |
3 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
gstatic.com
fonts.gstatic.com |
37 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
69 KB |
1 |
google.de
www.google.de |
107 B |
1 |
google.com
www.google.com |
107 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
90 B |
1 |
allianz-market.site
allianz-market.site |
5 KB |
1 |
ssl-clients.com
1 redirects
ssl-clients.com |
842 B |
1 |
short.gy
1 redirects
i0f.short.gy |
301 B |
1 |
gazeta24.wroclaw.pl
1 redirects
gazeta24.wroclaw.pl |
263 B |
35 | 13 |
Domain | Requested by | |
---|---|---|
16 | twisterassetsfilestorage.blob.core.windows.net |
allianz-market.site
twisterassetsfilestorage.blob.core.windows.net |
4 | www.facebook.com |
allianz-market.site
|
3 | connect.facebook.net |
allianz-market.site
connect.facebook.net |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.gstatic.com |
twisterassetsfilestorage.blob.core.windows.net
|
2 | www.googletagmanager.com |
allianz-market.site
|
1 | www.google.de |
allianz-market.site
|
1 | www.google.com |
allianz-market.site
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | twisterfilestorage.blob.core.windows.net |
allianz-market.site
|
1 | allianz-market.site | |
1 | ssl-clients.com | 1 redirects |
1 | i0f.short.gy | 1 redirects |
1 | gazeta24.wroclaw.pl | 1 redirects |
35 | 14 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 02 |
2021-03-06 - 2022-03-06 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Frame ID: 623CE906D6BC71FDA393E2CEDE6B4DA7
Requests: 35 HTTP requests in this frame
Screenshot
![](/screenshots/2d319c1c-1ee9-4973-8743-d9f6880af3f5.png)
Page URL History Show full URLs
-
http://gazeta24.wroclaw.pl/
HTTP 302
https://i0f.short.gy/EOBbYz HTTP 302
https://ssl-clients.com/?a=40202&c=52&s1= HTTP 302
http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202 Page URL
Detected technologies
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gazeta24.wroclaw.pl/
HTTP 302
https://i0f.short.gy/EOBbYz HTTP 302
https://ssl-clients.com/?a=40202&c=52&s1= HTTP 302
http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() allianz-market.site/flying-dollars_st_am_pl_oa/ Redirect Chain
|
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/ |
35 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.css
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trustpilot.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bitcoin-planet.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
68 KB 69 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
register.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
practice.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deposit.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visa.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mastercard.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bitcoin.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ethereum.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.svg
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
561 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scriptFormAm.min.js
twisterfilestorage.blob.core.windows.net/twister/ |
216 KB 217 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
91 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
videohive.mp4
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/video/ |
7 MB 7 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 90 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
2329990890587462
connect.facebook.net/signals/config/ |
255 KB 73 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
fonts.gstatic.com/s/opensans/v17/ |
28 KB 19 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
innovative.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v17/ |
26 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
481866572658102
connect.facebook.net/signals/config/ |
255 KB 73 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq string| srcUtils string| loginLink object| translations function| _typeof object| _countries_ function| popup function| popupSuccess function| settingRegisterForm function| $ function| jQuery object| intlTelInputGlobals function| intlTelInput7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.allianz-market.site/ | Name: _gat_UA-123640866-1 Value: 1 |
|
.allianz-market.site/ | Name: _fbp Value: fb.1.1621350322179.1612374025 |
|
.allianz-market.site/ | Name: _gat_gtag_UA_169336388_3 Value: 1 |
|
.allianz-market.site/ | Name: _gid Value: GA1.2.479573062.1621350322 |
|
.allianz-market.site/ | Name: _ga Value: GA1.2.1677178044.1621350322 |
|
allianz-market.site/ | Name: laravel_session Value: eyJpdiI6IjI4WTdEekhQcjlIcTVNa2lTYVNOTGc9PSIsInZhbHVlIjoiS3l3ajlXNkVYcHJKdlwvSEVNa1h6blg3MGZHMnNoZHRmc29NSzIxakgxQ21ZTEI0Zmh5dkx6MDRDWkpcL0MxRnVjIiwibWFjIjoiNDNjMmY5Yzk2MDNhOGMzOThjMGM0YzlhMWNmMzgyZDc5YWZiNjFkOWEwMzhmOWFjODAxYTVjNDMyODEyZjU4MCJ9 |
|
allianz-market.site/ | Name: XSRF-TOKEN Value: eyJpdiI6IkVoZFo3a3FvQ09kR1F1RGQ3WG1nSXc9PSIsInZhbHVlIjoiSHlXc1ptb3E1Q0NsSGM2RVwvMGMzdDRXblJGZ3diVmFMelFsRXZ2dlFreitETzN2Z0thb1hybmFUMnErMFlDZWsiLCJtYWMiOiI0NDM4YWU3ZTFkNzVkZWM4YzYwMGExODc3YTlkNmViOGVlZWM1YmQ5OWExZDVjOTQ2ZWZlY2UwZDU2MWYxMGU1In0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
allianz-market.site
connect.facebook.net
fonts.gstatic.com
gazeta24.wroclaw.pl
i0f.short.gy
ssl-clients.com
stats.g.doubleclick.net
twisterassetsfilestorage.blob.core.windows.net
twisterfilestorage.blob.core.windows.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
185.244.36.172
20.38.109.68
2606:4700:3032::6815:57d3
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9a
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
52.18.219.189
52.239.243.68
52.59.165.42
0e2d046514b45db6b22815faab1e8ada103538869e08101b9d2fde325fb280af
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c1f8be20b9bdf910928a5cd144c74221962099ed0dd6e3975d5727441174bb4
1c4551cd4d2e8f7c0500f24c646de36f723c5fa8400c3a54f91fc17487abc7a7
2a86a066efb602c670b51b554989edc3e5358a0687a607045023bce1c906b446
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3752ba7239ffaeb955f88e0800047bae5cf2e8fd4eb9dcfe88c9c6716b9d16e5
542c89c5a9c88b83d3b75cffea99522232011545488454550d1a69e0a57d1905
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
5c1c077c7c6b8a2383867e810f967b1d682d2e8f9782efc9a299c30921bcba0a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c51d7892c236d33728f5083a965689f2f2777f118f02949a073a3084611443c
742e78bf47b72c38b459daa8a048ce00ffc3583927073ea3e1aa999798d8960c
7c6403a9b29780cc582165d97ecebb8c624b238e8b08dcf3ad419a8863a5f773
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dc99a774066625aadf26d47ce6137f4b14cfa9cef187ab3b99d18b99eca0ca6
962034e7c4f9a46861ebb5fc93880a427e3d5455c673e544beb69b080767f668
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aa9d1120e3eb1d4dbd44af82d0da67d5c2ca4eace6e4c7f37780597b7c9da914
bd168219e3bb761ce189779cd63d50ac8dbc6347787e0ac0b4e367148e506b8f
c3dd59fe9adb39f5908767ab9057fa2ef8c628070fe15a61fda1be0a9244b5ca
c4c4fd1f6ca964acc45dbb22a2e44f35c32e167de3ecad9d51622cca37208cb8
c90b8a797e3a204382e0afa4200e407d968891945f85c75d159fc59dd02e9265
d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
eb90f170e0fa9d29b5ca72271bf1d6e8c91561eb6db5983bace3365e096379dd
ee115bed8ef19c61389c96d2e43a590b6a238cd2b9b4372c3f49186b7cc03daa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa3a3a44ebc882b1cc58b41ee357a96280a62a1a33e16b4761c557e9b33e411f
ff284466fe7c7edd601cc0a8fcad86fc600bbc61ba024563659c763bc35b97cc