grandcentralatkennedy.com
Open in
urlscan Pro
160.153.74.100
Malicious Activity!
Public Scan
Submission: On June 15 via manual from US
Summary
This is the only time grandcentralatkennedy.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Delta (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 160.153.74.100 160.153.74.100 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
17 | 104.111.216.67 104.111.216.67 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
3 | 18.196.132.206 18.196.132.206 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 3 | 34.241.198.89 34.241.198.89 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 66.117.29.227 66.117.29.227 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 1 | 66.117.28.86 66.117.28.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
34 | 7 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-74-100.ip.secureserver.net
grandcentralatkennedy.com | |
www.grandcentralatkennedy.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-216-67.deploy.static.akamaitechnologies.com
www.delta.com | |
content.delta.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-198-89.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
delta.com
www.delta.com content.delta.com metrics.delta.com |
727 KB |
6 |
grandcentralatkennedy.com
2 redirects
grandcentralatkennedy.com www.grandcentralatkennedy.com |
11 KB |
3 |
demdex.net
1 redirects
dpm.demdex.net fast.delta.demdex.net Failed |
2 KB |
3 |
ensighten.com
nexus.ensighten.com |
96 KB |
1 |
googleapis.com
fonts.googleapis.com |
626 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
526 B |
34 | 6 |
Domain | Requested by | |
---|---|---|
15 | content.delta.com |
grandcentralatkennedy.com
|
4 | grandcentralatkennedy.com |
2 redirects
www.delta.com
grandcentralatkennedy.com |
3 | dpm.demdex.net |
1 redirects
nexus.ensighten.com
grandcentralatkennedy.com |
3 | nexus.ensighten.com |
grandcentralatkennedy.com
nexus.ensighten.com |
2 | www.grandcentralatkennedy.com |
grandcentralatkennedy.com
www.delta.com |
2 | www.delta.com |
grandcentralatkennedy.com
|
1 | fonts.googleapis.com |
grandcentralatkennedy.com
|
1 | cm.everesttech.net | 1 redirects |
1 | metrics.delta.com |
nexus.ensighten.com
|
0 | fast.delta.demdex.net Failed |
nexus.ensighten.com
|
34 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.delta.com DigiCert SHA2 Secure Server CA |
2019-04-11 - 2020-05-17 |
a year | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
*.googleapis.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://grandcentralatkennedy.com/zdelt/27a91/index1.php
Frame ID: B2F8CA08CC8BDEEE5637110973B82103
Requests: 33 HTTP requests in this frame
Frame:
http://fast.delta.demdex.net/dest5.html?d_nsid=0
Frame ID: B6AC19FAB89CAD43FA2C898563787F9A
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Angular (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+ ng-version="([\d.]+)"/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Ensighten (Tag Managers) Expand
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Ruxit (Analytics) Expand
Detected patterns
- script /ruxitagentjs/i
TrackJs (Analytics) Expand
Detected patterns
- script /tracker\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css HTTP 301
- http://www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
- http://grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode HTTP 301
- http://www.grandcentralatkennedy.com/pref/geoLocationService/getClosestDeltaAirportCode
- http://cm.everesttech.net/cm/dd?d_uuid=82476163950712772802902635533058410934 HTTP 302
- http://dpm.demdex.net/ibs:dpid=411&dpuuid=XQVtQQAAE6mOjRKk HTTP 302
- http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XQVtQQAAE6mOjRKk
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index1.php
grandcentralatkennedy.com/zdelt/27a91/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_2SVfhjqr_10119170522100716.js
www.delta.com/ |
32 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.js
www.delta.com/user-login/js/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/delta/mtprod/ |
318 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inline.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
142 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
2 MB 462 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
202 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
delta.utils.logger.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
delta.datalayer.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
34 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracker.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
26 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picturefill-background.js
content.delta.com/content/dam/delta-applications/user-login/0.2.24/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fresh-air.css
content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/css/ |
601 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fresh-air-fonts.css
www.grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Delta%20Logo.svg
content.delta.com/content/www/us/en.damAssetRender.20180509T1731290530400.html/content/dam/delta_homepage_redesign/Logo/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Sky%20Team.svg
content.delta.com/content/www/us/en.damAssetRender.20180509T1731290540400.html/content/dam/delta_homepage_redesign/Logo/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
supergraphic-delta.png
content.delta.com/content/dam/delta-www/responsive/apps/login/ |
1000 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
364 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getClosestDeltaAirportCode
www.grandcentralatkennedy.com/pref/geoLocationService/ Redirect Chain
|
0 -1 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
getClosestDeltaAirportCode
www.grandcentralatkennedy.com/pref/geoLocationService/ |
29 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.gif
nexus.ensighten.com/error/ |
0 193 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/delta/mtprod/ |
692 B 929 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
metrics.delta.com/ |
49 B 667 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 769 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 626 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fresh-air-fonts.css
grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
backgroundImage.jpg
content.delta.com/content/dam/delta-www/responsive/apps/login/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dest5.html
fast.delta.demdex.net/ Frame B6AC |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
00e22612eb73e5bdc2f4c1bbc7809813.js
nexus.ensighten.com/delta/mtprod/code/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
462f7cfd29740477acc5137e0c331c8d.js
nexus.ensighten.com/delta/mtprod/code/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
762bd80644e487518a7acf26aad48e38.js
nexus.ensighten.com/delta/mtprod/code/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
96bd36c6228c5d59865924056cd551cf.js
nexus.ensighten.com/delta/mtprod/code/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
supergraphic-delta-mark_1600.svg
content.delta.com/content/dam/delta-applications/fresh-air-core/5.0.21/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spriteImage.svg
content.delta.com/content/dam/delta-www/responsive/apps/login/ |
13 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- grandcentralatkennedy.com
- URL
- http://grandcentralatkennedy.com/content/dam/delta-applications/fresh-air-core/5.0.21/fonts/fresh-air-fonts.css
- Domain
- fast.delta.demdex.net
- URL
- http://fast.delta.demdex.net/dest5.html?d_nsid=0
- Domain
- nexus.ensighten.com
- URL
- http://nexus.ensighten.com/delta/mtprod/code/00e22612eb73e5bdc2f4c1bbc7809813.js?conditionId0=421954
- Domain
- nexus.ensighten.com
- URL
- http://nexus.ensighten.com/delta/mtprod/code/462f7cfd29740477acc5137e0c331c8d.js?conditionId0=2120615
- Domain
- nexus.ensighten.com
- URL
- http://nexus.ensighten.com/delta/mtprod/code/762bd80644e487518a7acf26aad48e38.js?conditionId0=2167172&conditionId1=723027
- Domain
- nexus.ensighten.com
- URL
- http://nexus.ensighten.com/delta/mtprod/code/96bd36c6228c5d59865924056cd551cf.js?conditionId0=2633592
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Delta (Transportation)73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| ensBootstraps object| Bootstrapper object| val string| ensPrivacy object| ensClientConfig object| ensLogger boolean| ensBrowserSupported object| cookieManager function| setVisitorIDService function| Visitor object| s_c_il number| s_c_in object| visitor function| $data number| _delay object| targetGlobalSettings object| targetDataElement function| targetPageParamsAll object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| k function| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse function| setImmediate function| clearImmediate object| delta boolean| isHomePage object| CookieUtils object| PATH_VALIDATION_REGEX function| jsocrud undefined| trackJs function| escapeRegExp object| picturefillBackgroundOptions function| picturefillBackground function| initPictureFillBackground object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| __zone_symbol__DOMContentLoadedfalse object| ng function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm.everesttech.net
content.delta.com
dpm.demdex.net
fast.delta.demdex.net
fonts.googleapis.com
grandcentralatkennedy.com
metrics.delta.com
nexus.ensighten.com
www.delta.com
www.grandcentralatkennedy.com
fast.delta.demdex.net
grandcentralatkennedy.com
nexus.ensighten.com
104.111.216.67
160.153.74.100
18.196.132.206
2a00:1450:4001:819::200a
34.241.198.89
66.117.28.86
66.117.29.227
01fb8b48a8abf9d05ee712174977a8a3ea3a2919f44c2344f087b043624e9368
09f7231f3ecac50877da366c88a300768b51c1b920fff111d8636d1d92887ce5
0b38de92be9fe29c1f428e75636b54f081ce5d9fa84edaebdc760afe3673cd4f
0edc14b5cbfe2e1d53faf0f87773dc11210dfb355372e6219e79f123286a8d0c
0fc24a88d16eb8765ec35e8959fb79b7b82e8ea2c9bc0fb483d6729c2de62702
108d480af9bdea5d733d6ce8da8852b0dbee7fb40d9eb4cce29cd229b8589de5
20715e0f860741b4dcf0a44d1019a5e168f0edb73a6b181976e63c33a467b875
49530465d817008bc283a6520ba88c8a0e778011ea5354ac226aab4f51f2b0f9
4e22b453910cb92d913453ae802d0a86718bfbee4e7cb3319fcb5fb40e95893e
546a34d9f648cf7b8a651fa2ce06d8447b3a1fbd5df40bf787b922f42a1f3718
67b9c4ed5ee7ab8cfe6abe01be8dd0fff0aa805b0d53145c112317c49f339e8c
6d859459bfe08d68bdc07812da6f6b277181619a5c3fb6fafbcafc00b9308da5
87b221bad9643deab2bade65400088d25f35ebab138eab6fa65681c279b33208
9b76fc83225c96f71c2345fc59ed51f8c64ea91d89e7cef4026ba9e85f7da35e
add4d2c6c18ee83b2ce97243ce89f555e06b0bc5b883dc36a5b70d6ee6d79e52
bb90cced43c1f548a2d771c42a21caf852ccc44d28985638f49cfde914aed874
bf499aab017e9d9b880e289732cccea6fb24a25e1bb85787451b9d7da07d9d37
c5cf23f3074399c8e0e9d1f641b6d89b6e1c386e68d5bf3e8c9aaa451c85f136
d12fd3a52924d892de2e26993e63ce44f6b4c62bfd968706753d420399dabcb0
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d46aa813273a1d5e3c1c911bc96930eb7a891b3a4d5fb542cf0d69516ff327a8
d6f2c0725828fddd1b1186f06374a6bcab05872b0d8d0a281158f3e8702a2999
ddc99dc52691ca0a5da1bd3d1af290ceacb789f62783ada5b6a27d83bb0b60aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa679d895d9636553843810a2399b47dc5ab48e92a43a3c461823dcde362b15d