![](/screenshots/62eb71e4-c8e5-4772-b3bf-71638439bac4.png)
findmybestdate.fun
Open in
urlscan Pro
185.155.184.8
Malicious Activity!
Public Scan
Effective URL: https://findmybestdate.fun/?u=mhwp605&o=f3t0mvz&t=pldat3
Submission: On February 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on February 6th 2024. Valid for: 3 months.
This is the only time findmybestdate.fun was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2606:4700:303... 2606:4700:3036::ac43:d18e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 54.230.163.9 54.230.163.9 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 188.165.20.240 188.165.20.240 | 16276 (OVH) (OVH) | |
1 2 | 79.96.146.167 79.96.146.167 | 12824 (HOMEPL-AS) (HOMEPL-AS) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:821::2016 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 88.212.201.204 88.212.201.204 | 39134 (UNITEDNET) (UNITEDNET) | |
1 15 | 185.155.184.8 185.155.184.8 | 6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 10 |
ASN13335 (CLOUDFLARENET, US)
wgrowiec.inwestowaniepogodzinach.pl | |
inwestowaniepogodzinach.pl |
ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-9.ewr53.r.cloudfront.net
ocdn.eu |
ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver088051.home.pl
www.e-anonse.net | |
e-anonse.net |
ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)
findmybestdate.fun |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
findmybestdate.fun
1 redirects
findmybestdate.fun |
592 KB |
5 |
inwestowaniepogodzinach.pl
wgrowiec.inwestowaniepogodzinach.pl inwestowaniepogodzinach.pl |
59 KB |
3 |
gstatic.com
fonts.gstatic.com |
79 KB |
2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 11938 |
2 KB |
2 |
e-anonse.net
1 redirects
www.e-anonse.net e-anonse.net |
17 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93 |
57 KB |
1 |
wiocha.pl
cdn.wiocha.pl |
39 KB |
1 |
ocdn.eu
ocdn.eu — Cisco Umbrella Rank: 33004 |
46 KB |
0 |
wijvlechtenmee.be
Failed
wijvlechtenmee.be Failed |
|
0 |
timestretch.be
Failed
timestretch.be Failed |
|
0 |
callsmart.be
Failed
callsmart.be Failed |
|
0 |
cartoonbox.be
Failed
cartoonbox.be Failed |
|
34 | 13 |
Domain | Requested by | |
---|---|---|
15 | findmybestdate.fun |
1 redirects
wgrowiec.inwestowaniepogodzinach.pl
findmybestdate.fun |
4 | wgrowiec.inwestowaniepogodzinach.pl |
wgrowiec.inwestowaniepogodzinach.pl
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | counter.yadro.ru |
1 redirects
wgrowiec.inwestowaniepogodzinach.pl
|
1 | fonts.googleapis.com |
findmybestdate.fun
|
1 | inwestowaniepogodzinach.pl |
wgrowiec.inwestowaniepogodzinach.pl
|
1 | i.ytimg.com |
wgrowiec.inwestowaniepogodzinach.pl
|
1 | e-anonse.net |
wgrowiec.inwestowaniepogodzinach.pl
|
1 | www.e-anonse.net | 1 redirects |
1 | cdn.wiocha.pl |
wgrowiec.inwestowaniepogodzinach.pl
|
1 | ocdn.eu |
wgrowiec.inwestowaniepogodzinach.pl
|
0 | wijvlechtenmee.be Failed |
wgrowiec.inwestowaniepogodzinach.pl
|
0 | timestretch.be Failed |
wgrowiec.inwestowaniepogodzinach.pl
|
0 | callsmart.be Failed |
wgrowiec.inwestowaniepogodzinach.pl
|
0 | cartoonbox.be Failed |
wgrowiec.inwestowaniepogodzinach.pl
|
34 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
inwestowaniepogodzinach.pl GTS CA 1P5 |
2024-01-08 - 2024-04-07 |
3 months | crt.sh |
*.ocdn.eu GeoTrust TLS RSA CA G1 |
2023-12-21 - 2024-12-20 |
a year | crt.sh |
wiocha.pl R3 |
2023-12-09 - 2024-03-08 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
findmybestdate.fun R3 |
2024-02-06 - 2024-05-06 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://findmybestdate.fun/?u=mhwp605&o=f3t0mvz&t=pldat3
Frame ID: FD7270D13829A1A643AD8C4EC39AA185
Requests: 35 HTTP requests in this frame
Screenshot
![](/screenshots/62eb71e4-c8e5-4772-b3bf-71638439bac4.png)
Page Title
LovemePage URL History Show full URLs
- https://wgrowiec.inwestowaniepogodzinach.pl/ Page URL
-
http://findmybestdate.fun/?u=mhwp605&o=f3t0mvz&t=pldat3
HTTP 301
https://findmybestdate.fun/?u=mhwp605&o=f3t0mvz&t=pldat3 Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://wgrowiec.inwestowaniepogodzinach.pl/ Page URL
-
http://findmybestdate.fun/?u=mhwp605&o=f3t0mvz&t=pldat3
HTTP 301
https://findmybestdate.fun/?u=mhwp605&o=f3t0mvz&t=pldat3 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://www.e-anonse.net/_upload/announcements/2017/10/29/1509279946_28221_al.jpg HTTP 301
- https://e-anonse.net/_upload/announcements/2017/10/29/1509279946_28221_al.jpg
- https://counter.yadro.ru/hit;pldat3?t57.6;r;s1600*1200*24;uhttps%3A//wgrowiec.inwestowaniepogodzinach.pl/;hSex%20anonse%20lebork%20pierdol%20si%u0119%20%u0107woku;0.5361939055263547 HTTP 302
- https://counter.yadro.ru/hit;pldat3?q;t57.6;r;s1600*1200*24;uhttps%3A//wgrowiec.inwestowaniepogodzinach.pl/;hSex%20anonse%20lebork%20pierdol%20si%u0119%20%u0107woku;0.5361939055263547
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
wgrowiec.inwestowaniepogodzinach.pl/ |
321 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdxwfkw.js
wgrowiec.inwestowaniepogodzinach.pl/ |
1020 B 893 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1737352580_was-it-just-a-hookup.jpg
cartoonbox.be/jpg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2031994942_speed-dating-quincy-ma.jpg
callsmart.be/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1115313280_speed-dating-simpl.jpg
timestretch.be/jpg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4077160394_dating-of-mahabharata-war.jpg
wijvlechtenmee.be/photo/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
P_4ktkpTURBXy84OWFmZjUzODJkZDg2NTc5YWE3YTU1NDIwYzY2NWM1OS5qcGeSlQPNAf_NAqHNCR7NBSGTBc0DFM0BvA
ocdn.eu/pulscms-transforms/1/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
491892c89a41cda321646b161b6ddfca.jpg
cdn.wiocha.pl/images/4/9/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1509279946_28221_al.jpg
e-anonse.net/_upload/announcements/2017/10/29/ Redirect Chain
|
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3862751804_top-dating-apps-thailand.jpg
wijvlechtenmee.be/photo/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
i.ytimg.com/vi/gQsjXchxl8Y/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1572995758_dating-lorient.jpg
wijvlechtenmee.be/photo/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit;pldat3
counter.yadro.ru/ Redirect Chain
|
911 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invester1.jpg
inwestowaniepogodzinach.pl/wp-content/themes/finance-system/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lufmymg.gif
wgrowiec.inwestowaniepogodzinach.pl/ |
209 B 209 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dscqkzf.js
wgrowiec.inwestowaniepogodzinach.pl/ |
519 B 812 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
findmybestdate.fun/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
findmybestdate.fun/media/dating/dirtysinder/css/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag-icon.css
findmybestdate.fun/util/flag-icon/css/ |
40 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.cookie.js
findmybestdate.fun/cookie/ |
4 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils.js
findmybestdate.fun/util/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-loveme_black1.svg
findmybestdate.fun/media/dating/dirtysinder/images/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js
findmybestdate.fun/media/dating/dirtysinder/js/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
findmybestdate.fun/media/dating/dirtysinder/js/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bb.js
findmybestdate.fun/media/ |
639 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exit1.js
findmybestdate.fun/media/exit-new/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
findmybestdate.fun/media/dating/dirtysinder/images/ |
142 KB 142 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
findmybestdate.fun/media/dating/dirtysinder/images/ |
121 KB 122 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
findmybestdate.fun/media/dating/dirtysinder/images/ |
146 KB 147 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.svg
findmybestdate.fun/util/flag-icon/flags/4x3/ |
6 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cartoonbox.be
- URL
- https://cartoonbox.be/jpg/1737352580_was-it-just-a-hookup.jpg
- Domain
- callsmart.be
- URL
- https://callsmart.be/image/2031994942_speed-dating-quincy-ma.jpg
- Domain
- timestretch.be
- URL
- https://timestretch.be/jpg/1115313280_speed-dating-simpl.jpg
- Domain
- wijvlechtenmee.be
- URL
- https://wijvlechtenmee.be/photo/4077160394_dating-of-mahabharata-war.jpg
- Domain
- wijvlechtenmee.be
- URL
- https://wijvlechtenmee.be/photo/3862751804_top-dating-apps-thailand.jpg
- Domain
- wijvlechtenmee.be
- URL
- https://wijvlechtenmee.be/photo/1572995758_dating-lorient.jpg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| requestLink object| geoData string| ip number| exDays boolean| validNavigation function| wireUpEvents function| Cookies function| docReady function| getParameterByName function| hideUnsub function| languageDetection function| writeLocation object| geoRefData function| showLocation function| appendPixels function| getCookie function| getBackendParamsByName function| addSessionId undefined| randomNumber function| $ function| jQuery function| cycleImages boolean| PreventBb function| getUrlParameter function| getUrlWithParam boolean| PreventExitSplash string| exitsplashpage function| DisplayExitSplash function| addLoadEvent function| addClickEvent function| disablelinksfunc function| disableformsfunc3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yadro.ru/ | Name: FTID Value: 1bnDBr3_UVuk1bnDBr002E26 |
|
.yadro.ru/ | Name: VID Value: 1cW0hI2ycz8k1bnDBr002E43 |
|
findmybestdate.fun/ | Name: sid Value: t8~qua2dfrz2uogkfek1mcbtfhf |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
callsmart.be
cartoonbox.be
cdn.wiocha.pl
counter.yadro.ru
e-anonse.net
findmybestdate.fun
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
inwestowaniepogodzinach.pl
ocdn.eu
timestretch.be
wgrowiec.inwestowaniepogodzinach.pl
wijvlechtenmee.be
www.e-anonse.net
callsmart.be
cartoonbox.be
timestretch.be
wijvlechtenmee.be
185.155.184.8
188.165.20.240
2606:4700:3036::ac43:d18e
2607:f8b0:4006:809::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:821::2016
54.230.163.9
79.96.146.167
88.212.201.204
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740
2c03acf3d158e2105bd0881aab875eadf0cca1167beb22d930888b28f34ae5a5
37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d
3fd4d4a7fe6c0d2743ef52f04eddd31432c86c95fd79f39fe8bdffb7d8fba0b3
46c26f2c9acfeaa52b64fe6c79faa2de251049b6fb653c33e6f45d1b77f4df58
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
6d3802a38601b2e4f545e6cb3af0b716321db4604b0881c2f90d036f604761db
7ac3a36fa7b8de895053fe52c9d61b202c720b9ed4b7e6bd4cf6cd417d299191
7db44305e217e7a44845b47fe090b5f077a1cecf820899c7a6977b26549cdc08
848f351a10e0272615a2b0950deed931e364d8f792d88c18ee216fd381480ec6
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c0fba4352f346a81523df1f943addecb49b9f082cd6fee3962b1681a7fbd5f5
a07a64ccbc2417de2a4271299dc9c143127d4ed91278f1dc0b1feb19819fff19
c6bf13530b5151f439201d81f8b15868b1c9a9a732769bc00ece14942ccd3c34
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef