![](/screenshots/865f9a1f-7d48-4efa-9331-86bf7165d7b4.png)
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
Open in
urlscan Pro
47.90.183.65
Malicious Activity!
Public Scan
Effective URL: https://z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/driv/dirveone.html
Submission: On May 24 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on May 18th 2024. Valid for: 3 months.
This is the only time z5bddcb1gzzlh5wfhq4gzq.on.drv.tw was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 47.90.183.65 47.90.183.65 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
2 | 2a04:4e42:600... 2a04:4e42:600::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2404:6800:400... 2404:6800:4004:825::200a | 15169 (GOOGLE) (GOOGLE) | |
12 | 151.101.194.132 151.101.194.132 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:2800:247... 2606:2800:247:43e9:c35a:4025:1596:b588 | 15133 (EDGECAST) (EDGECAST) | |
2 | 13.70.37.114 13.70.37.114 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2404:6800:400... 2404:6800:4004:826::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4004:827::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4008:c13::9a | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.42.142 142.251.42.142 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::181 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.217.175.67 172.217.175.67 | 15169 (GOOGLE) (GOOGLE) | |
30 | 13 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw |
ASN15133 (EDGECAST, US)
logincdn.msftauth.net |
ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f3.1e100.net
www.google.co.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
glitch.global
cdn.glitch.global — Cisco Umbrella Rank: 218303 |
21 KB |
4 |
drv.tw
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw www.drv.tw |
45 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 |
21 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
262 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89 |
408 B |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310 |
50 KB |
1 |
google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 27010 |
63 B |
1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 154 |
269 B |
1 |
msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 3931 |
2 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380 |
31 KB |
30 | 10 |
Domain | Requested by | |
---|---|---|
12 | cdn.glitch.global |
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | www.googletagmanager.com |
www.drv.tw
www.googletagmanager.com |
2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
2 | www.drv.tw |
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
|
2 | cdn.jsdelivr.net |
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
|
2 | z5bddcb1gzzlh5wfhq4gzq.on.drv.tw | |
1 | www.google.co.jp |
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | logincdn.msftauth.net |
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
|
1 | ajax.googleapis.com |
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
|
30 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
tinyurl.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
drv.tw R3 |
2024-05-18 - 2024-08-16 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
cdn.glitch.global R3 |
2024-03-31 - 2024-06-29 |
3 months | crt.sh |
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03 |
2023-11-02 - 2024-10-27 |
a year | crt.sh |
www.drv.tw GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2024-05-05 - 2024-11-05 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.google.co.jp GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/driv/dirveone.html
Frame ID: EEF3C216D7E9954845D0D8D886E4F08A
Requests: 33 HTTP requests in this frame
Screenshot
![](/screenshots/865f9a1f-7d48-4efa-9331-86bf7165d7b4.png)
Page Title
Page URL History Show full URLs
-
http://z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/driv/dirveone.html
HTTP 307
https://z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/driv/dirveone.html Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Create One!
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/driv/dirveone.html
HTTP 307
https://z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/driv/dirveone.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
dirveone.html
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/driv/ Redirect Chain
|
82 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ |
160 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.4/ |
88 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
402 B 876 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
479 B 928 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
356 B 604 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
405 B 834 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
442 B 716 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
425 B 673 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aa.png
cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/ |
687 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
27 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0.svg
logincdn.msftauth.net/shared/5/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wd.js
www.drv.tw/inc/ |
690 B 851 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wd.js
www.drv.tw/inc/ |
690 B 477 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
193 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
246 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
316 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 221 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 360 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 269 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 48 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.co.jp/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/ |
2 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| uidEvent object| bootstrap function| $ function| jQuery function| setEmailFromRecipient function| showPasswordForm function| showEmailForm function| _0x3214 function| _0x1209 function| showNetworkErrorAlertMsg function| submitForm function| verifyUser function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw/ | Name: uid Value: rBIYDmZQR8F+zgKAJT2LAg== |
|
.drv.tw/ | Name: _gid Value: GA1.2.1672275008.1716537283 |
|
.drv.tw/ | Name: _gat_gtag_UA_85417367_1 Value: 1 |
|
.drv.tw/ | Name: _ga Value: GA1.1.1784514146.1716537283 |
|
.drv.tw/ | Name: _ga_LHL0SH0Z7S Value: GS1.1.1716537283.1.0.1716537283.60.0.0 |
|
.drv.tw/ | Name: _ga_NBGQJBJMEG Value: GS1.1.1716537282.1.0.1716537283.0.0.0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
analytics.google.com
cdn.glitch.global
cdn.jsdelivr.net
logincdn.msftauth.net
stats.g.doubleclick.net
www.drv.tw
www.google-analytics.com
www.google.co.jp
www.googletagmanager.com
z5bddcb1gzzlh5wfhq4gzq.on.drv.tw
13.70.37.114
142.251.42.142
151.101.194.132
172.217.175.67
2001:4860:4802:34::181
2404:6800:4004:825::200a
2404:6800:4004:826::2008
2404:6800:4004:827::200e
2404:6800:4008:c13::9a
2606:2800:247:43e9:c35a:4025:1596:b588
2a04:4e42:600::485
47.90.183.65
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0be6112a7b37c6218662d17efc0a2e6eec913be12a94b31ad9c5157553a9e397
0d4e7cd9d1685237de79dd33894917b0f18de986025a3d438bd89e22d90d2958
119191f22ea22ff461d6f4f4a13a451072aa736d31db3b11f99379305e014d1b
148f106fc77f420a9002cdf65bd26ce8812ef97bcaf994db31fdeb212013cdb5
25789914c4415f6ea3f4c2054969b1cd2eaea02f051c44dd9c0cf02d637dbdfd
471de9ba69e84c8094d8dd6b289dfc6cf855157fe93077d598ee5e5094b19f1c
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
60c7f3831c367f0ed3e6da7dc78d606856b798287ac19aaed1d6375b3aaa13ee
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
65f7095ea500b45df83d69f5d938608b27b520d6beb81b9719197289aa519d59
6b7695fc59ef2d66cf1bdfd3d475f6254650f8825cdc29af80260eda0f64237b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8974110d1ea1b91179d80b89c7e8ce8ea46ef6941890f5d21ccdd33401591949
9eeb371fbff81af820deb5db9a1c8c9e5ac9700fb594ed07c717afb7ab992315
9f6c8359440e7933b4fe0dbe5c6365ef2840d6e5903fad5d34f1b2c003e26b47
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a5699544c0922f1d41f3b41e98bebb052f37058bfb1bb452edb3279a87ab3f70
ab04ea00add135d1972e76d4ca04beb8e497bf72554c2ab074ec4470cf81d319
ac43a240d01b1c830270768b5c7d8e7f1b41b6980808535f50aee95eebdef736
bd7669f0252b81ad07f80dad480ee5ef0592537d82b3169b3686456db5e5ea83
d509a86793135d9691726e796b0263f49df5187d7061755cb237e1ebb0b443a3
d93c914abf6d259ee28d7677e7a975cb7a0b0cea0b8a896f387aec1adea6f8ce
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f61dd53b762e700f864a3823e55ff65d791214b2908d2ac1d78c8945fabe6d65