![](/screenshots/afbefe97-85af-4488-a59f-07838bd1a09f.png)
k8player.com
Open in
urlscan Pro
2606:4700:4400::6812:2a31
Public Scan
Effective URL: https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account
Submission Tags: phishingrod
Submission: On June 18 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 24th 2024. Valid for: 10 months.
This is the only time k8player.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3031::6815:11c9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0d::9b | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:440... 2606:4700:4400::6812:2a31 | () () | |
40 | 11 |
ASN13335 (CLOUDFLARENET, US)
getsteamgifts.com | |
www.getsteamgifts.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
region1.analytics.google.com | |
region1.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
getsteamgifts.com
1 redirects
getsteamgifts.com www.getsteamgifts.com |
293 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79 |
373 KB |
2 |
k8player.com
k8player.com |
6 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347 |
108 B |
2 |
y8.hk
y8.hk |
4 KB |
1 |
google.nl
www.google.nl — Cisco Umbrella Rank: 10667 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132 |
247 B |
1 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3078 |
247 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265 |
4 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 457 |
31 KB |
0 |
3ae.jp
Failed
3ae.jp Failed |
|
40 | 11 |
Domain | Requested by | |
---|---|---|
17 | www.getsteamgifts.com |
www.getsteamgifts.com
|
4 | www.googletagmanager.com |
y8.hk
www.googletagmanager.com |
2 | k8player.com |
k8player.com
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | y8.hk |
www.getsteamgifts.com
|
1 | www.google.nl |
y8.hk
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | cdnjs.cloudflare.com |
www.getsteamgifts.com
|
1 | ajax.googleapis.com |
www.getsteamgifts.com
|
1 | getsteamgifts.com | 1 redirects |
0 | 3ae.jp Failed |
www.getsteamgifts.com
|
40 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
getsteamgifts.com WE1 |
2024-06-17 - 2024-09-15 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
y8.hk GTS CA 1P5 |
2024-05-24 - 2024-08-22 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
*.google.nl WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
k8player.com Cloudflare Inc ECC CA-3 |
2024-02-24 - 2024-12-31 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account
Frame ID: 9482D4FA2AECB5363CB3F4A757291B55
Requests: 40 HTTP requests in this frame
Screenshot
![](/screenshots/afbefe97-85af-4488-a59f-07838bd1a09f.png)
Page URL History Show full URLs
-
https://getsteamgifts.com/
HTTP 301
https://www.getsteamgifts.com/ Page URL
- https://y8.hk/to/PachinkoClubVIP98 Page URL
- https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://getsteamgifts.com/
HTTP 301
https://www.getsteamgifts.com/ Page URL
- https://y8.hk/to/PachinkoClubVIP98 Page URL
- https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://getsteamgifts.com/ HTTP 301
- https://www.getsteamgifts.com/
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.getsteamgifts.com/ Redirect Chain
|
325 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.woff
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ |
16 KB 17 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
www.getsteamgifts.com/wp-includes/css/dist/block-library/ |
111 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lasso-lite.css
www.getsteamgifts.com/wp-content/plugins/simple-urls/admin/assets/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/ |
230 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
keyframes.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/ |
292 B 600 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/icomoon/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
www.getsteamgifts.com/wp-content/themes/cocoon-child-master/ |
845 B 846 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
keyframes.css
www.getsteamgifts.com/wp-content/themes/cocoon-child-master/ |
130 B 656 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ |
88 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
amp.js
www.getsteamgifts.com/wp-includes/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
20190417210330-320x180.jpg
www.getsteamgifts.com/wp-content/uploads/2024/04/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
57ee4f78-a3ac-469b-8c2c-5703ac1f02cb-320x180.jpg
www.getsteamgifts.com/wp-content/uploads/2024/04/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
R.523a4219185d7d25681aceb06798b3dbrikVuUm1s6e1wbzHQampriuhttp3a2f2fmachine.p-world.co_.jp2fimage2f89612f65-320x180.jpg
www.getsteamgifts.com/wp-content/uploads/2024/04/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PC_Pachinko.gif
www.getsteamgifts.com/wp-content/uploads/yahoo/ |
30 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
new-casino-no-deposit-bonus.png
www.getsteamgifts.com/wp-content/uploads/yahoo/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
japan.webp
www.getsteamgifts.com/wp-content/uploads/yahoo/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8BE0y
3ae.jp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
stickyfill.min.js
www.getsteamgifts.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
javascript.js
www.getsteamgifts.com/wp-content/themes/cocoon-master/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
javascript.js
www.getsteamgifts.com/wp-content/themes/cocoon-child-master/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PachinkoClubVIP98
y8.hk/to/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
190 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
311 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
305 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
304 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 247 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 247 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.nl/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
y8.hk/ |
4 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
k8player.com/ |
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loading-logo.png
k8player.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yunwei.js
k8player.com/saconfig/secure/ |
692 B 638 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loading-animation.png
k8player.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3s_web_detect.js
k8player.com/cdn/34dtfrFM/static/saconfig/secure/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.getsteamgifts.com
- URL
- https://www.getsteamgifts.com/wp-content/uploads/yahoo/japan.webp
- Domain
- 3ae.jp
- URL
- https://3ae.jp/8BE0y
- Domain
- www.getsteamgifts.com
- URL
- https://www.getsteamgifts.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.5.4&fver=20231025105945
- Domain
- www.getsteamgifts.com
- URL
- https://www.getsteamgifts.com/wp-content/themes/cocoon-master/javascript.js?ver=6.5.4&fver=20231025105945
- Domain
- www.getsteamgifts.com
- URL
- https://www.getsteamgifts.com/wp-content/themes/cocoon-child-master/javascript.js?ver=6.5.4&fver=20240525104833
- Domain
- k8player.com
- URL
- https://k8player.com/img/loading-logo.png?v=20240404
- Domain
- k8player.com
- URL
- https://k8player.com/img/loading-animation.png?v=20220516
- Domain
- k8player.com
- URL
- https://k8player.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=e9527c&module=frontend_web&v=20240422
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.y8.hk/ | Name: _ga Value: GA1.1.2064332805.1718672170 |
|
.y8.hk/ | Name: _ga_1H15LYCZD5 Value: GS1.1.1718672170.1.0.1718672170.60.0.180996188 |
|
.y8.hk/ | Name: _ga_LNL1K9PGNV Value: GS1.1.1718672170.1.0.1718672170.0.0.0 |
|
.y8.hk/ | Name: _ga_1WCEWDV1PX Value: GS1.1.1718672170.1.0.1718672170.0.0.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3ae.jp
ajax.googleapis.com
cdnjs.cloudflare.com
getsteamgifts.com
k8player.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.getsteamgifts.com
www.google.nl
www.googletagmanager.com
y8.hk
3ae.jp
k8player.com
www.getsteamgifts.com
2001:4860:4802:32::36
2606:4700:3031::6815:11c9
2606:4700:4400::6812:2a31
2606:4700::6811:180e
2a00:1450:4001:80b::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c0d::9b
2a06:98c1:3120::3
2a06:98c1:3121::3
01f5891f5067b6f418874c2912e7cf250f06ea57a6fab0caa56c56a7a1edecfd
027581da9775f4fdd5fbcbf4103fc933c6cff0d721ad9702ffdaa3a545292d1f
0785d4078e842b52a1f98b93cfa4f34b636ee001dbfa4bef89080338e34ad83a
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
1bcd4b21679dcf808c706a9b98f004307669c83e6966c20c113b431e944d8a5a
2103ed9c32668c5b9b9c1ba42b3783bccde23718fcabf50a761d7a09e59148d7
22a42eba2a687427b13fa0eed82c0283bb3f224717e1f83908fce9106567fc8e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c6bb291fa41aa144b7cf2b9dc587c3f0269ad5a713238d0d219b25c509228d2
36f91b82b310a79be4547d314f64ea8c06f4bb4e072f9791120e58a8ea26e066
607b0828676eb8a38835dead7770d1c42e12ba7725dc29f7aa653d8a4b76b2bf
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
79f4a36bb206829fdf0da05bad824ee6c6343138bd2e637c550dc825eca4149b
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
bbbac4327dc8426292f5946b30a95548cb984e80884b99697f64a735fec5da20
bc110abdd8eab468c3a7d774d2f2e89c3565747b532802c9d1706ef27dafb23c
ccf84bb53b19b1e5310d031c599b2ac4f0311ac5cdc17bd47da8e409e72ffa49
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d219d9501b14f77c5bd2e7feca6cb9493a278bf93ef89621b0209ad12365cb31
d82590aaf8b2c1c4b803d743bc550f06e3bc47305c72a8ee4169ab283a76703d
dc3b538aa82cc8dfc7b04af0a74c755a2cddd7abac4f0c679280c2e640153353
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30e0072bf05696ec39e9a834d5addd8d8bd27018f17e714adbb860b651be4a2
f4c01e0c4cb199c2d76d1d59f6c4b9006c23583a49e4d04520158fc44a080d91