my-post.site
Open in
urlscan Pro
2606:4700:3037::6815:4b3a
Malicious Activity!
Public Scan
Effective URL: https://my-post.site/Singpass/login
Submission: On October 13 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by E1 on October 7th 2022. Valid for: 3 months.
This is the only time my-post.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Singpass (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 15 | 2606:4700:303... 2606:4700:3037::6815:4b3a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:dd1d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 198.145.13.12 198.145.13.12 | 2044 (DF-PTL01) (DF-PTL01) | |
2 | 2a02:26f0:710... 2a02:26f0:7100:592::236c | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:710... 2a02:26f0:7100:587::236c | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
40 | 7 |
ASN2044 (DF-PTL01, US)
PTR: getclicky.com
in.getclicky.com |
ASN20940 (AKAMAI-ASN1, NL)
saml.singpass.gov.sg |
ASN20940 (AKAMAI-ASN1, NL)
www.singpass.gov.sg |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
my-post.site
3 redirects
my-post.site |
74 KB |
4 |
getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 12058 in.getclicky.com — Cisco Umbrella Rank: 9719 |
12 KB |
3 |
singpass.gov.sg
saml.singpass.gov.sg — Cisco Umbrella Rank: 176365 www.singpass.gov.sg |
7 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216 |
56 KB |
0 |
ip.sb
Failed
api.ip.sb Failed |
|
40 | 5 |
Domain | Requested by | |
---|---|---|
15 | my-post.site |
3 redirects
cdnjs.cloudflare.com
my-post.site |
2 | saml.singpass.gov.sg |
my-post.site
saml.singpass.gov.sg |
2 | in.getclicky.com |
static.getclicky.com
|
2 | static.getclicky.com |
my-post.site
|
2 | cdnjs.cloudflare.com |
my-post.site
|
1 | www.singpass.gov.sg |
my-post.site
|
0 | api.ip.sb Failed |
cdnjs.cloudflare.com
|
40 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.gov.sg |
www.singpass.gov.sg |
go.gov.sg |
www.tech.gov.sg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.my-post.site E1 |
2022-10-07 - 2023-01-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-01 - 2023-09-01 |
a year | crt.sh |
singpass.gov.sg DigiCert SHA2 Extended Validation Server CA |
2022-07-01 - 2023-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://my-post.site/Singpass/login
Frame ID: 08BA9860121165FCD2C651AB22EBF5E2
Requests: 43 HTTP requests in this frame
Screenshot
Page Title
Singpass loginPage URL History Show full URLs
-
http://my-post.site/s
HTTP 301
https://my-post.site/s HTTP 302
https://my-post.site/token?page=singpass Page URL
-
https://my-post.site/token
HTTP 302
https://my-post.site/Singpass/login Page URL
Detected technologies
Laravel (Web Frameworks) ExpandDetected patterns
Clicky (Analytics) Expand
Detected patterns
- static\.getclicky\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: A Singapore Government Agency Website
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Share feedback
Search URL Search Domain Scan URL
Title: Read FAQs
Search URL Search Domain Scan URL
Title: Report vulnerability
Search URL Search Domain Scan URL
Title: Privacy statement
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Rate this website
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://my-post.site/s
HTTP 301
https://my-post.site/s HTTP 302
https://my-post.site/token?page=singpass Page URL
-
https://my-post.site/token
HTTP 302
https://my-post.site/Singpass/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://my-post.site/s HTTP 301
- https://my-post.site/s HTTP 302
- https://my-post.site/token?page=singpass
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
token
my-post.site/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
101374574.js
static.getclicky.com/ |
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PUT H3 |
token
my-post.site/ |
12 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.php
in.getclicky.com/ |
133 B 357 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
login
my-post.site/Singpass/ Redirect Chain
|
91 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font.css
saml.singpass.gov.sg/spservice/assets/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.cbe4ed89.chunk.css
saml.singpass.gov.sg/spservice/static/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
layer.js
my-post.site/layer/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
singpass-logo.bdceeae1.svg
my-post.site/Singpass/Singpass%20login_files/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
text-increase.145081dd.svg
my-post.site/Singpass/Singpass%20login_files/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
text-original.6c7f0710.svg
my-post.site/Singpass/Singpass%20login_files/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
text-decrease.6ce30b7f.svg
my-post.site/Singpass/Singpass%20login_files/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
print-icon.448368d9.svg
my-post.site/Singpass/Singpass%20login_files/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
search-icon.7144d50d.svg
my-post.site/Singpass/Singpass%20login_files/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
singpass-logo-white.b764b1833f822061230ff766e9f4198f.svg
www.singpass.gov.sg/home/ui/static/media/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
101374574.js
static.getclicky.com/ |
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
572 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
139 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
landing-bg-img.82ae0b28.jpg
my-post.site/Singpass/static/media/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-latin-400-normal.5b8f3ba8.woff2
saml.singpass.gov.sg/spservice/static/media/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-500.woff2
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-300.woff2
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-600.woff2
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-700.woff2
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-all-400-normal.d9177076.woff
saml.singpass.gov.sg/spservice/static/media/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-500.woff
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-600.woff
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-300.woff
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-700.woff
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-500.ttf
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-600.ttf
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-300.ttf
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-regular.woff2
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-700.ttf
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-regular.woff
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
poppins-v15-latin-regular.ttf
saml.singpass.gov.sg/spservice/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.php
in.getclicky.com/ |
133 B 356 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
layer.css
my-post.site/layer/theme/default/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
geoip
api.ip.sb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
command
my-post.site/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/static/media/poppins-latin-400-normal.5b8f3ba8.woff2
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff2
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff2
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff2
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff2
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/static/media/poppins-all-400-normal.d9177076.woff
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.woff
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.woff
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.woff
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.woff
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-500.ttf
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-600.ttf
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-300.ttf
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff2
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-700.ttf
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.woff
- Domain
- saml.singpass.gov.sg
- URL
- https://saml.singpass.gov.sg/spservice/assets/poppins-v15-latin-regular.ttf
- Domain
- api.ip.sb
- URL
- https://api.ip.sb/geoip?callback=jQuery35109582235852457881_1665666056096&_=1665666056097
- Domain
- my-post.site
- URL
- https://my-post.site/command?asn=null
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Singpass (Government)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery number| timmer object| clicky_obj object| clicky object| clicky_custom undefined| test object| clicky_site_ids object| _cgen object| _cgen_custom object| layer3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.my-post.site/ | Name: _jsuid Value: 2453094311 |
|
my-post.site/ | Name: XSRF-TOKEN Value: eyJpdiI6Imt0UzJiY1ZaaENrRk12cFZjWDFyekE9PSIsInZhbHVlIjoiODdaRCttdTlaSTZhbFNHeGlJdlFRMmIrOFd6WC9WOU1ieXJnV1RFODRHemN6VnNNZGtsWWFuRlRjZ3NZS3Zma1lROXhaSDVxSXdFV1ZzRGtVUE01MENSUE5FVnlRenpxb1ZHdWVQWGovOUpwQWJsYm5oQm4wcGdxR0hMUFRJRkoiLCJtYWMiOiI4NmJkN2RjN2ZiNWY3ODJiZjA5MGE0ZTY2YjNmN2MwMmMwM2EzMzNhZTliMTczNmQ0ZDNkNzk2MjJlMWM0MGUyIiwidGFnIjoiIn0%3D |
|
my-post.site/ | Name: laravel_session Value: eyJpdiI6IkdDWW9LV1ljMkFMZnY1RVFHVEhZUmc9PSIsInZhbHVlIjoib204MVJzcWNqZ1FvS2ovb3d6VXFocCt2WTl0WGRWUG10eEpSbjZvSWpsRE1GWkJXbzV2eGJDVGhHNFpFWm9lZVh2eFNFQmN5NGF2VWVtdUFnVmNuL0hCcGQ3SDZvZUZrV296dVVwandZU1RPZnM2SktOMVlYRFJPdEVUYUo4NGkiLCJtYWMiOiJlZGE4OWQ5ODc3ZWY4MGQxNDc5ZDg4NTMyZTE4Yjg4MTNhMWNmOGIyYjQzOGRiZjJkMDMzMjQ5YmNkNDI2MmM0IiwidGFnIjoiIn0%3D |
41 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ip.sb
cdnjs.cloudflare.com
in.getclicky.com
my-post.site
saml.singpass.gov.sg
static.getclicky.com
www.singpass.gov.sg
api.ip.sb
my-post.site
saml.singpass.gov.sg
198.145.13.12
2606:4700:3037::6815:4b3a
2606:4700::6810:dd1d
2606:4700::6811:190e
2a02:26f0:7100:587::236c
2a02:26f0:7100:592::236c
00c1d31b9366166dda4d45f1b3747cba11f585de596c0e077830b509c039fa0b
0eff3b2c44de643b10f16757c48f8445d16d93d527981e9625027aa33c28db67
27ca3c00c616112fad5bc83bbdc7cc77a0ff31b6781fbd091257a5f346a9ebea
3cd0d7b8b6c66ea3ee946c659c3c2405078bec0f0f352d694c3ea86043ca2cd5
4498529864a6f667b5fb2324496b180eaf01e1744e61ed01a370a9edaab31c78
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
70c70d5702072f5c797ec57ff38d94e6fbb6b5793336788f06bba4b6a0d111ab
8bad1be46835277792f66753503cd45666687b6f5f7efa2ef386788e5e4e0047
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968
8f4e072e82bb96411b4610c45c3b6311e3590d640c53e049e3bfee5430f19d71
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
b0ba0dbb5319276b718f3da1de064df4687d8c7705b813592d2bb2bd74de2d93
b868889c448fefd94d622cf3b6854ea3823dc77091d468fc17dbb71f9a5a6d7f
c7b1cdb1a28a795534763c895dbcecb97cae6a66f9320a89cc9e80112e9cd747
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d