brus.wallofcoins.tk
Open in
urlscan Pro
192.99.99.186
Public Scan
Effective URL: https://brus.wallofcoins.tk/
Submission: On May 29 via manual from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 29th 2019. Valid for: 3 months.
This is the only time brus.wallofcoins.tk was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:30:... 2606:4700:30::681b:8384 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
14 | 192.99.99.186 192.99.99.186 | 16276 (OVH) (OVH) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 88.85.66.250 88.85.66.250 | 35415 (WEBZILLA) (WEBZILLA) | |
4 | 188.72.213.148 188.72.213.148 | 35415 (WEBZILLA) (WEBZILLA) | |
1 5 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 188.72.213.146 188.72.213.146 | 35415 (WEBZILLA) (WEBZILLA) | |
33 | 9 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
wallofcoins.tk |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
wallofcoins.tk
1 redirects
wallofcoins.tk brus.wallofcoins.tk |
872 KB |
6 |
pushmono.com
pushmono.com |
34 KB |
5 |
yandex.ru
1 redirects
mc.yandex.ru |
42 KB |
3 |
gstatic.com
fonts.gstatic.com |
24 KB |
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
2 |
dolohen.com
dolohen.com |
30 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
25 KB |
1 |
googleapis.com
fonts.googleapis.com |
766 B |
33 | 8 |
Domain | Requested by | |
---|---|---|
14 | brus.wallofcoins.tk |
brus.wallofcoins.tk
|
6 | pushmono.com |
brus.wallofcoins.tk
pushmono.com |
5 | mc.yandex.ru |
1 redirects
brus.wallofcoins.tk
|
3 | fonts.gstatic.com |
brus.wallofcoins.tk
|
2 | www.google-analytics.com |
www.googletagmanager.com
brus.wallofcoins.tk |
2 | dolohen.com |
brus.wallofcoins.tk
dolohen.com |
1 | www.googletagmanager.com |
brus.wallofcoins.tk
|
1 | fonts.googleapis.com |
brus.wallofcoins.tk
|
1 | wallofcoins.tk | 1 redirects |
33 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
brus.wallofcoins.tk Let's Encrypt Authority X3 |
2019-05-29 - 2019-08-27 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-05-07 - 2019-07-30 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-05-14 - 2019-08-06 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-05-07 - 2019-07-30 |
3 months | crt.sh |
dolohen.com Sectigo RSA Domain Validation Secure Server CA |
2019-02-04 - 2020-02-04 |
a year | crt.sh |
pushmono.com RapidSSL RSA CA 2018 |
2018-06-08 - 2019-06-08 |
a year | crt.sh |
bs.yandex.ru Yandex CA |
2018-10-03 - 2019-10-03 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://brus.wallofcoins.tk/
Frame ID: ED8BFC2D83E1222C11333B3637DA3B89
Requests: 32 HTTP requests in this frame
Frame:
https://dolohen.com/fac.php
Frame ID: E5440E6A9D9FB465EDC0E1BEDD60FF78
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://wallofcoins.tk/
HTTP 301
https://brus.wallofcoins.tk/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wallofcoins.tk/
HTTP 301
https://brus.wallofcoins.tk/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://mc.yandex.ru/watch/41190694?wmode=7&page-url=https%3A%2F%2Fbrus.wallofcoins.tk%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559128888241%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190529112130%3Aet%3A1559128890%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A1025080043%3Ahid%3A290187956%3Ads%3A25%2C196%2C482%2C586%2C188%2C0%2C0%2C1061%2C2%2C%2C%2C%2C1957%3Afp%3A1609%3Awn%3A12843%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559128890%3Au%3A1559128890771096264 HTTP 302
- https://mc.yandex.ru/watch/41190694/1?wmode=7&page-url=https%3A%2F%2Fbrus.wallofcoins.tk%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559128888241%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190529112130%3Aet%3A1559128890%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A1025080043%3Ahid%3A290187956%3Ads%3A25%2C196%2C482%2C586%2C188%2C0%2C0%2C1061%2C2%2C%2C%2C%2C1957%3Afp%3A1609%3Awn%3A12843%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559128890%3Au%3A1559128890771096264
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
brus.wallofcoins.tk/ Redirect Chain
|
428 KB 431 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
brus.wallofcoins.tk/wp-includes/css/dist/block-library/ |
25 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pagenavi-css.css
brus.wallofcoins.tk/wp-content/plugins/wp-pagenavi/ |
374 B 427 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
brus.wallofcoins.tk/wp-content/themes/shizzo/bootstrap/ |
134 KB 135 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
brus.wallofcoins.tk/wp-content/themes/shizzo/ |
26 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 766 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
brus.wallofcoins.tk/wp-content/themes/shizzo/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
brus.wallofcoins.tk/wp-includes/js/jquery/ |
95 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
brus.wallofcoins.tk/wp-includes/js/jquery/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
brus.wallofcoins.tk/wp-content/themes/shizzo/bootstrap/ |
66 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff
brus.wallofcoins.tk/wp-content/themes/shizzo/fonts/ |
64 KB 64 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
64 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SmoothScroll.min.js
brus.wallofcoins.tk/wp-content/plugins/mousewheel-smooth-scroll/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wpmss.min.js
brus.wallofcoins.tk/wp-content/plugins/mousewheel-smooth-scroll/js/ |
216 B 245 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bj-lazy-load.min.js
brus.wallofcoins.tk/wp-content/plugins/bj-lazy-load/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
brus.wallofcoins.tk/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apu.php
dolohen.com/ |
82 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ntfc.php
pushmono.com/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v16/ |
5 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ |
132 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ntfc.php
pushmono.com/ |
91 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fac.php
dolohen.com/ Frame E544 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/41190694/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 103 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/41190694/ |
152 B 707 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
custom
pushmono.com/ |
0 467 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
event
pushmono.com/ |
0 467 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
pushmono.com/ |
94 B 549 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
custom
pushmono.com/ |
39 B 494 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask undefined| $ function| jQuery object| jQuery112403556684228942504 function| gtag object| dataLayer function| SmoothScroll object| BJLL_options object| BJLL object| wp object| zfgformats function| setImmediate function| clearImmediate function| _jdalrka function| _nsrbkd object| google_tag_manager string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt function| onClickTrigger boolean| zfgloadedpopup string| GoogleAnalyticsObject function| ga object| Ya object| yaCounter41190694 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _0x299b function| _0x6140 object| ntfcSDK boolean| installOnFly12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dolohen.com/ | Name: oaidts Value: 1559128889 |
|
.wallofcoins.tk/ | Name: _ym_isad Value: 2 |
|
.wallofcoins.tk/ | Name: _ym_visorc_41190694 Value: w |
|
.wallofcoins.tk/ | Name: _gat_gtag_UA_110303032_2 Value: 1 |
|
.wallofcoins.tk/ | Name: _ga Value: GA1.2.2135271580.1559128890 |
|
.wallofcoins.tk/ | Name: _gid Value: GA1.2.250398824.1559128890 |
|
.brus.wallofcoins.tk/ | Name: __PPU_BACKCLCK_1462387 Value: true |
|
brus.wallofcoins.tk/ | Name: Value: __test |
|
dolohen.com/ | Name: OAID Value: d3e0bad4238a4a669151e354cf9c63c1 |
|
.wallofcoins.tk/ | Name: _ym_d Value: 1559128890 |
|
.wallofcoins.tk/ | Name: _ym_uid Value: 1559128890771096264 |
|
.wallofcoins.tk/ | Name: __cfduid Value: d7f6707ff6b039a58180cc4cb6859b4701559128888 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
brus.wallofcoins.tk
dolohen.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
pushmono.com
wallofcoins.tk
www.google-analytics.com
www.googletagmanager.com
188.72.213.146
188.72.213.148
192.99.99.186
2606:4700:30::681b:8384
2a00:1450:4001:815::200e
2a00:1450:4001:818::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2003
2a02:6b8::1:119
88.85.66.250
149161f9145bac45dec809d6c784614244944bc1528d865e9ad371c98ecdbb21
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b9e12b5e9679cf59584d4dc66e07b78ece43f3f1c7a3c7981e946bcd8375497
1bf23eca6ee9c5944c0493946a803052da8c621b7c095819bf780cac1605f499
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4cb9f1d889f92113dbb3129f45523b0db93a4efd42090ff8eb122bc70b600732
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
555de041135163310a288ffe40af78c420425318387c1c680dd196bfed432dc6
5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265
5c2d84096e36e34eadb0b7893c51e7a723f6a9b409f504cd45eda4764aec7395
6452f08c76b852654bd6f348a7f0e39a4173580449db08ea09e680cbacc50530
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a60a31e4e77b8fb6360b986653ac24762db5249892d8907099b7109d2194110c
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
be73bce49509b09b743fd7289f40016eb7ff66e03675d1981eac440dad7fcaba
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c68fd9f7f7c8165a37c795ebfa68f958fc5e03cdefc2a586ad682199065c3330
c7bdbbdc5796065794e3ffcfdd995fd7a43c618e3a56707e133f72f5ca57cd1b
cd5fbc0f0a5847aa46fef841d42d43c796bc86e75dbce0fc3e293de6bc8f08ca
cdab8358dda6da05b8ff2a03ce99cfed56f4378bf0b45fb2b2ec119c9868e2dd
e1143777e7ba15470e9b04183d432867c8bee70a277a879d003e575099a097f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf253a338d1ed6016fc6c4de91d50a1a7b08abd39931235901bb4b20e25ab50
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881