qrcodes.pro
Open in
urlscan Pro
13.226.145.9
Public Scan
Effective URL: https://qrcodes.pro/0Fgx7a
Submission: On March 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon on September 7th 2021. Valid for: a year.
This is the only time qrcodes.pro was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 13.226.145.9 13.226.145.9 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2008 | 15169 (GOOGLE) (GOOGLE) | |
20 | 2600:9000:218... 2600:9000:2182:5000:6:7e72:cb80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2600:9000:218... 2600:9000:2182:2400:13:e71e:5b80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 142.250.74.194 142.250.74.194 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
33 | 12 |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-9.dus51.r.cloudfront.net
qrcodes.pro |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
d3nvy39jvu7woe.cloudfront.net |
ASN16509 (AMAZON-02, US)
d1bqobzsowu5wu.cloudfront.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
cloudfront.net
d3nvy39jvu7woe.cloudfront.net d1bqobzsowu5wu.cloudfront.net |
3 MB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6433 |
548 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
548 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
13 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101 |
15 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124 |
27 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54 |
40 KB |
1 |
qrcodes.pro
qrcodes.pro — Cisco Umbrella Rank: 509727 |
11 KB |
33 | 10 |
Domain | Requested by | |
---|---|---|
20 | d3nvy39jvu7woe.cloudfront.net |
qrcodes.pro
d3nvy39jvu7woe.cloudfront.net |
3 | d1bqobzsowu5wu.cloudfront.net |
qrcodes.pro
d3nvy39jvu7woe.cloudfront.net |
1 | www.google.de |
qrcodes.pro
|
1 | www.google.com |
qrcodes.pro
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | connect.facebook.net |
qrcodes.pro
|
1 | fonts.googleapis.com |
qrcodes.pro
|
1 | www.googletagmanager.com |
qrcodes.pro
|
1 | qrcodes.pro | |
33 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
qr.tapnscan.me Amazon |
2021-09-07 - 2022-10-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-12-13 - 2022-03-13 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://qrcodes.pro/0Fgx7a
Frame ID: E9BA55CE1BD44AEB613E0DFA09B98474
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
abc CocinaDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
0Fgx7a
qrcodes.pro/ |
57 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
99 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewer.css
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/web/ |
58 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bs_generic.css
d3nvy39jvu7woe.cloudfront.net/static/css/markdown_template_css/ |
881 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pdf.js
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/build/ |
360 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewer.js
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/web/ |
335 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
478826117cdb442c96ede23bdd03041e
d1bqobzsowu5wu.cloudfront.net/21279/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
breakfast.png
d3nvy39jvu7woe.cloudfront.net/static/images//restaurantmenu/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
time.png
d3nvy39jvu7woe.cloudfront.net/static/images/restaurantmenu/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wine.png
d3nvy39jvu7woe.cloudfront.net/static/images/restaurantmenu/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dinner.png
d3nvy39jvu7woe.cloudfront.net/static/images//restaurantmenu/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wine_glass.png
d3nvy39jvu7woe.cloudfront.net/static/images/restaurantmenu/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
juice.png
d3nvy39jvu7woe.cloudfront.net/static/images/restaurantmenu/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lunch.png
d3nvy39jvu7woe.cloudfront.net/static/images/restaurantmenu/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icecream_cone.png
d3nvy39jvu7woe.cloudfront.net/static/images/restaurantmenu/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back.svg
d3nvy39jvu7woe.cloudfront.net/static/images/restaurantmenu/ |
1 KB 979 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beaconstac_logo_w.png
d3nvy39jvu7woe.cloudfront.net/static/images/footer/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
texture.png
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/web/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7946e78347074dd997a44df7c3de373b
d1bqobzsowu5wu.cloudfront.net/21279/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locale.properties
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/web/locale/ |
4 KB 4 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewer.properties
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/web/locale/en-US/ |
11 KB 11 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/None/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/None/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/None/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
aacaddd9-0928-4887-a173-8a9089f29971
https://qrcodes.pro/ |
92 B 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
73da8db0967e42c097d540fcf6d2f9d4
d1bqobzsowu5wu.cloudfront.net/21279/ |
27 KB 27 KB |
Fetch
application/pdf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shadow.png
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/web/images/ |
290 B 695 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading-icon.gif
d3nvy39jvu7woe.cloudfront.net/static/pdfviewer/web/images/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
texture.png
d3nvy39jvu7woe.cloudfront.net/pdfviewer/web/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored string| my_event_type function| fbq function| _fbq function| gtag object| dataLayer object| PDFViewerApplication string| staticAssetsUrl object| google_tag_manager object| google_tag_data object| pdfjsLib object| pdfjs-dist/build/pdf function| redirectToReportAbuse function| handleReportContent function| openReportContent function| closeReportContent function| bodyClickEvent function| handleAddContactButton function| openPDF function| hideCategoryBasedOnTime function| getCookie function| showAgeDialog function| toggleBrandingContainer function| showCategories function| openByCategory function| enablePinchZoom function| enableDoubleTapZoom function| setInitialScale function| PDFViewerApplicationOptions function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
qrcodes.pro/ | Name: visitor-id Value: 1646499135HRzhrd |
|
qrcodes.pro/ | Name: mappable_id Value: 1646499135HRzhrd_1646499135 |
|
qrcodes.pro/ | Name: access_token Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtYXBwYWJsZUlEIjoiMTY0NjQ5OTEzNUhSemhyZF8xNjQ2NDk5MTM1IiwidGltZXN0YW1wIjoxNjQ2NDk5MTM1NDUyLCJpYXQiOjE2NDY0OTkxMDUsImV4cCI6MTY0NjQ5OTQzNX0.XGeiVAoae0a9e4YdxfsoPX3vSMXy2p1Z-uvqHlwUFAM |
|
.qrcodes.pro/ | Name: _gcl_au Value: 1.1.1194969897.1646499136 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
d1bqobzsowu5wu.cloudfront.net
d3nvy39jvu7woe.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
qrcodes.pro
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.226.145.9
142.250.74.194
2600:9000:2182:2400:13:e71e:5b80:21
2600:9000:2182:5000:6:7e72:cb80:21
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a03:2880:f02d:12:face:b00c:0:3
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
1029b4e1540b3c6ee512b538c79506bd69c4ef012c2c3a01d9d40c1a3e6f423e
161fb247ede7ecb867d864863b8e3de3a93daae6286fce1ab7c3700f55112c9e
23fc3e9b525f7baed93240d9e2f7eff2a844e96c14e11a446ee904d6b413d249
241c72e9c4b47ffd33fc8fe2bc0383ddef79054cff429e70c1ad367f96a678ed
3d9f6b7eee54cc927162e221081b77012399d661801e84b327579b21f1ef6b9d
435b54172a7c61582d5a36e0fe7e1acefbee898b471ed1fbd640a66551c47b74
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
5a332693269b0a1f03c50d4f3710471797f9dfbc6ea5a861e59d0a34b916f074
77f4397dc9c1c6870f6b1cae9eddbc8b31a478ca93bfdbfeae2cdd07316f2e1d
8592f1d6f9fa498d8740b6df270f8fa5b092a190eb725cb8373c8696ef39e2e2
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
8eaacac31c08c65f1acc625fc1d2f3b4904ca0ac7de43223635c4cdfe7f3bd88
8f2da2d4f5964d347a07fda23fa772862175e29e3b42b88e789ef44b69f08b71
905268fda0845024fa57ed619b170ca8b84e13e8b8df3db09c1585129f509f66
9ac3c8c476a33fe98e49b2938a22fda322eea1cef17b83ed1623bcb38c7e9caf
9b42b4be381206a3c8c2f512a063e1e7598543ca84a853c70db279880e8854a9
9f5838bfd8809e6d3ac3f2911e114d0e72ce3069a96ee40de07fada0ac1ccca1
a4b5fb6d7c28b03aed164c4039514cb1abb5619ac64e6b4f1a91eb0610edd759
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
a689e85656b848bae9a9ca5c72bf2ea5176d3ea0affe7c8ca54d6b154bc1c261
a871ed58790cef33d5389c4fff4601b4f0ac389b618cd0e27cde74a098412e89
a8e89d15c4da1e68613bd452b39ae109e34740f850ae4c051cae1ed80915161f
a9c6fb05ccd9fea5e3aaea84933b182ceca88fc66142544fd0476b387a39f722
c5fec31e5261cff6e11764c80482c565fc7301a36f765a5a08501918caa9b8d4
d35e334667735c774be82355ec33f5e1b8ee6acb49fd9b9576acaf69ebfbfb9f
d8e5f8f6214f4ee4da8e8b2eb3936ff2e0ab088f589a7b4d0ef47f8f2591381e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77f210375c06847acf77a6777b7a380d0a6d4a29b13eb10b6939ab730f7d49f
e8475ebadedf9b6ee5023fcb47bf2d477f69759100959f7590e1eb33c0cba908
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3