earntxr.xyz
Open in
urlscan Pro
198.20.111.120
Public Scan
Effective URL: https://earntxr.xyz/
Submission: On April 21 via api from DE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 18th 2020. Valid for: 3 months.
This is the only time earntxr.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN32475 (SINGLEHOP-LLC, US)
PTR: single-europe20.banahosting.com
earntxr.xyz |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.139.13.251.148.clients.your-server.de
ad.a-ads.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
earntxr.xyz
1 redirects
earntxr.xyz |
464 KB |
4 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
164 KB |
3 |
google.com
www.google.com |
591 B |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
a-ads.com
ad.a-ads.com |
|
2 |
moonicorn.network
viewm.moonicorn.network |
|
2 |
ionicframework.com
code.ionicframework.com |
110 KB |
2 |
moonads.net
moonads.net |
11 KB |
2 |
googleapis.com
fonts.googleapis.com |
1 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
33 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
29 KB |
1 |
coincycles.com
coincycles.com |
14 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
7 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
33 | 14 |
Domain | Requested by | |
---|---|---|
9 | earntxr.xyz |
1 redirects
earntxr.xyz
|
3 | fonts.gstatic.com |
earntxr.xyz
|
3 | www.google.com |
earntxr.xyz
www.gstatic.com |
2 | www.google-analytics.com |
www.googletagmanager.com
earntxr.xyz |
2 | ad.a-ads.com |
earntxr.xyz
|
2 | viewm.moonicorn.network |
earntxr.xyz
|
2 | code.ionicframework.com |
earntxr.xyz
|
2 | moonads.net |
earntxr.xyz
moonads.net |
2 | fonts.googleapis.com |
earntxr.xyz
|
2 | maxcdn.bootstrapcdn.com |
earntxr.xyz
|
1 | www.gstatic.com |
www.google.com
|
1 | www.googletagmanager.com |
earntxr.xyz
|
1 | coincycles.com |
earntxr.xyz
|
1 | cdnjs.cloudflare.com |
earntxr.xyz
|
1 | code.jquery.com |
earntxr.xyz
|
33 | 15 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
earntxr.xyz Let's Encrypt Authority X3 |
2020-04-18 - 2020-07-17 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-08 - 2020-10-09 |
9 months | crt.sh |
coincycles.com Let's Encrypt Authority X3 |
2020-04-01 - 2020-06-30 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
ionicframework.com CloudFlare Inc ECC CA-2 |
2019-12-04 - 2020-10-09 |
10 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.a-ads.com COMODO RSA Domain Validation Secure Server CA |
2018-11-14 - 2020-12-09 |
2 years | crt.sh |
This page contains 8 frames:
Primary Page:
https://earntxr.xyz/
Frame ID: 0D1EFBE36AE3456866BA6ECCAEF51101
Requests: 26 HTTP requests in this frame
Frame:
https://viewm.moonicorn.network/
Frame ID: AAE04BF817A8BE58D65A1C0DA8744FA7
Requests: 1 HTTP requests in this frame
Frame:
https://viewm.moonicorn.network/
Frame ID: DD9EE421AE7B10060A53C4294B2ADE3A
Requests: 1 HTTP requests in this frame
Frame:
https://ad.a-ads.com/1368710?size=300x250
Frame ID: 65F33A07C0F5AC66DABDEA351375D5DA
Requests: 1 HTTP requests in this frame
Frame:
https://ad.a-ads.com/1368706?size=160x600
Frame ID: CE3C99C0FEB528FFD859343540352C28
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_djsUAAAAAJ0ISzocXsaY52INYXJ8erGho1Io&co=aHR0cHM6Ly9lYXJudHhyLnh5ejo0NDM.&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=3mwjs9kavr9q
Frame ID: 5F84C3A02288F050DE596795CE0155B0
Requests: 1 HTTP requests in this frame
Frame:
https://moonads.net/display/index.php?page=query/items/&aduid=6415&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=c931eb1112f871bfbe57f86f9c18cd07&time=1587445406&deliver=earntxr.xyz&search_keywords=&page_referrer=aHR0cHM6Ly9lYXJudHhyLnh5ei8=&page_title=Home%20-%20TRON-%20Faucet&meta_description=
Frame ID: 58889C32AE676E58F318D85665C227C3
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6Lc_djsUAAAAAJ0ISzocXsaY52INYXJ8erGho1Io&cb=t20wxnx73obq
Frame ID: D43E5D23657614996DEEB0462118FB47
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://earntxr.xyz/
HTTP 301
https://earntxr.xyz/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: REGISTER HERE
Search URL Search Domain Scan URL
Title: REGISTER HERE
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://earntxr.xyz/
HTTP 301
https://earntxr.xyz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
earntxr.xyz/ Redirect Chain
|
34 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ |
141 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 480 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
earntxr.xyz/themes/Flatly/ |
180 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
earntxr.xyz/theme/Flatly/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootswatch.css
earntxr.xyz/themes/Flatly/ |
4 KB 904 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
items.php
moonads.net/display/ |
65 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TRX.png
coincycles.com/trx/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
731 B 591 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha.php
earntxr.xyz/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ |
50 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
79 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.js
earntxr.xyz/fonts/ |
1 MB 408 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
earntxr.xyz/fonts/ |
57 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 560 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
earntxr.xyz/theme/Flatly/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
viewm.moonicorn.network/ Frame AAE0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
viewm.moonicorn.network/ Frame DD9E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1368710
ad.a-ads.com/ Frame 65F3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1368706
ad.a-ads.com/ Frame CE3C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ |
184 KB 102 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/ |
299 KB 121 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 5F84 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
moonads.net/display/ Frame 5888 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame D43E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Popper object| bootstrap string| xcJQCflAmpis string| KkUCuxqIgh number| VABjXzYzJp number| WSpSwDLzQd number| nsJjjBITZC number| neMuFFBFgq function| rMwHazIJjv object| BGWRSzJxTu number| c2 number| c1 object| NKHeiiGk6P0j function| cfVDoTdmsN function| RcaptchaLoad function| gtag object| dataLayer object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_233567 number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive number| block_id object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit object| cpc_impression object| cpm_impression object| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| ret string| iframe_src string| urlorigin5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.moonads.net/ | Name: __cf_bm Value: ca2b53bd053500f3205c43954c01789fefbd184b-1587445411-1800-ATt2IbkSP99ggtwNtc3b5kncJaV42oyS/rShTr7q6LYCr4TPupykY6jIdZr7qyGFZsdY8jdsQp8wL1RJMdxC/0w= |
|
.earntxr.xyz/ | Name: _gid Value: GA1.2.1644173440.1587445410 |
|
.earntxr.xyz/ | Name: _ga Value: GA1.2.1439830364.1587445410 |
|
.earntxr.xyz/ | Name: _gat_gtag_UA_131115007_4 Value: 1 |
|
earntxr.xyz/ | Name: PHPSESSID Value: afe634f087ba53259f381fef450f5d7a |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.a-ads.com
cdnjs.cloudflare.com
code.ionicframework.com
code.jquery.com
coincycles.com
earntxr.xyz
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
moonads.net
viewm.moonicorn.network
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
148.251.13.139
185.125.78.217
198.20.111.120
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
2606:4700:20::681a:6ad
2606:4700:3032::6818:72fc
2606:4700::6810:85e5
2606:4700::6813:e85e
2a00:1450:4001:806::200a
2a00:1450:4001:816::2003
2a00:1450:4001:817::200e
2a00:1450:4001:818::2008
2a00:1450:4001:81b::2004
2a00:1450:4001:821::2003
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
1346670ba5156923c573898ba27cba674c019144514077f2fd915f09971f6ce6
2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
989c94dc8866b6e303ebf2b836e2cfbfeafeb52f5c7db782dd6ef9dc6889c725
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
d33f0c9d9b0fd03702720d74d97f4a6411e6d831c0189e4acfbacaba102930a8
d6abe9222f7d7d947d88c81df373955bcd6b2c0131e1c5d16ba5b7073d5190d5
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
dc59d768b4866a0b524dcddb9e6bb66addfd7e669a93312a834e2e648493f57b
e2d071c6f9b908e5f7953bd2aec8f7e5501aec6e3b5f2db9e8700f58451b8f4b
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ece8bc3195e86cf40f6f3d35b87141693bcd7ea1576f9963555c5b917137215e
ed9958a06f005d8c7801123bd99837d5847babe2b673a67a6e4e7884808b2d8a
f76f4fcea11aae7e76388ed92c50064ee1d2f1fa9a953ee2e884c2b7a82dda63
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382