www.snapbang.com
Open in
urlscan Pro
199.88.62.37
Malicious Activity!
Public Scan
Effective URL: https://www.snapbang.com/tour-web/zsnapbangradarquizcovid/?prg=1&niche=wl-homepage-pg&id=bonomi&tour=zsnapbangradarquizco...
Submission: On April 23 via manual from US
Summary
TLS certificate: Issued by R3 on February 24th 2021. Valid for: 3 months.
This is the only time www.snapbang.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 212.48.253.67 212.48.253.67 | 6830 (LIBERTYGL...) (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding) | |
2 5 | 199.88.62.37 199.88.62.37 | 40539 (PROHCI) (PROHCI) | |
28 | 66.254.122.100 66.254.122.100 | 29789 (REFLECTED) (REFLECTED) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 64.210.151.40 64.210.151.40 | 29789 (REFLECTED) (REFLECTED) | |
1 | 64.210.149.57 64.210.149.57 | 29789 (REFLECTED) (REFLECTED) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
37 | 8 |
ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), NL)
PTR: catv-212-48-253-67.catv.broadband.hu
hessagarti.cyou |
ASN29789 (REFLECTED, US)
cachewp.cdnhost2000xl.com | |
cachemd.cdnhost2000xl.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
cdnhost2000xl.com
cachewp.cdnhost2000xl.com cachemd.cdnhost2000xl.com |
506 KB |
5 |
snapbang.com
2 redirects
www.snapbang.com |
188 KB |
1 |
gstatic.com
www.gstatic.com |
334 KB |
1 |
google-analytics.com
ssl.google-analytics.com |
17 KB |
1 |
trafficjunky.net
ctrack.trafficjunky.net |
822 B |
1 |
hugetraffic.com
webmasters.hugetraffic.com |
301 B |
1 |
google.com
www.google.com |
649 B |
1 |
hessagarti.cyou
hessagarti.cyou |
584 B |
37 | 8 |
Domain | Requested by | |
---|---|---|
17 | cachemd.cdnhost2000xl.com |
cachewp.cdnhost2000xl.com
|
11 | cachewp.cdnhost2000xl.com |
www.snapbang.com
cachewp.cdnhost2000xl.com |
5 | www.snapbang.com |
2 redirects
hessagarti.cyou
www.snapbang.com cachewp.cdnhost2000xl.com |
1 | www.gstatic.com |
www.google.com
|
1 | ssl.google-analytics.com |
www.snapbang.com
|
1 | ctrack.trafficjunky.net |
www.snapbang.com
|
1 | webmasters.hugetraffic.com |
www.snapbang.com
|
1 | www.google.com |
www.snapbang.com
|
1 | hessagarti.cyou | |
37 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.snapbang.com R3 |
2021-02-24 - 2021-05-25 |
3 months | crt.sh |
*.cdnhost2000xl.com Sectigo ECC Domain Validation Secure Server CA |
2021-01-27 - 2022-02-11 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.hugetraffic.com Sectigo RSA Domain Validation Secure Server CA |
2021-01-27 - 2022-01-27 |
a year | crt.sh |
*.trafficjunky.net DigiCert SHA2 High Assurance Server CA |
2020-01-28 - 2022-02-01 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.snapbang.com/tour-web/zsnapbangradarquizcovid/?prg=1&niche=wl-homepage-pg&id=bonomi&tour=zsnapbangradarquizcovid&ot=best&cmp=lovegirl&utm_source=bonomi&utm_medium=lovegirl&utm_content=_noadid&utm_campaign=zsnapbangradarquizcovid
Frame ID: FFE34A88B9A1192A61DEE6785E1D8F71
Requests: 37 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://hessagarti.cyou/lovegirl/1vX3tBl Page URL
-
http://www.snapbang.com/enter.php?prg=1&t=best&id=bonomi&cmp=lovegirl
HTTP 301
https://www.snapbang.com/enter.php?prg=1&t=best&id=bonomi&cmp=lovegirl HTTP 302
https://www.snapbang.com/tour-web/zsnapbangradarquizcovid/?prg=1&niche=wl-homepage-pg&id=bonomi&tour=... Page URL
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://hessagarti.cyou/lovegirl/1vX3tBl Page URL
-
http://www.snapbang.com/enter.php?prg=1&t=best&id=bonomi&cmp=lovegirl
HTTP 301
https://www.snapbang.com/enter.php?prg=1&t=best&id=bonomi&cmp=lovegirl HTTP 302
https://www.snapbang.com/tour-web/zsnapbangradarquizcovid/?prg=1&niche=wl-homepage-pg&id=bonomi&tour=zsnapbangradarquizcovid&ot=best&cmp=lovegirl&utm_source=bonomi&utm_medium=lovegirl&utm_content=_noadid&utm_campaign=zsnapbangradarquizcovid Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
1vX3tBl
hessagarti.cyou/lovegirl/ |
348 B 584 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.snapbang.com/tour-web/zsnapbangradarquizcovid/ Redirect Chain
|
49 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
cachewp.cdnhost2000xl.com/tour-web/zsnapbangradarquiz/1583331869/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
cachewp.cdnhost2000xl.com/tour-web/css/1583331843/ |
108 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue.css
cachewp.cdnhost2000xl.com/tour-mobile/css/square/1583331821/ |
2 KB 732 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cachewp.cdnhost2000xl.com/js/1583331821/ |
91 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cachewp.cdnhost2000xl.com/tour-web/js/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icheck.js
cachewp.cdnhost2000xl.com/tour-web/js/1583331843/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-slider.min.css
cachewp.cdnhost2000xl.com/tour-web/zsnapbangradarquiz/1583331869/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-slider.min.js
cachewp.cdnhost2000xl.com/tour-web/zsnapbangradarquiz/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
radar.gif
www.snapbang.com/tour-web/zsnapbangradarquiz/ |
172 KB 172 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp.css
cachewp.cdnhost2000xl.com/css/fp/1583331817/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp.js
cachewp.cdnhost2000xl.com/js/1591373362/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
852 B 649 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imgcount.php
webmasters.hugetraffic.com/ct/ |
42 B 301 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ctrack
ctrack.trafficjunky.net/ |
35 B 822 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zsnapsextradarquizbg.jpg
cachewp.cdnhost2000xl.com/tour-web/zsnapsextradarquiz/ |
272 KB 273 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
male.png
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
female.png
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
couple.png
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bigtits.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slim.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
curvy.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bbw.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
athletic.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bigass.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
athletic-m.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
husky.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slim-m.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
muscular.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dadbod.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heavy.jpg
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yes.png
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no.png
cachemd.cdnhost2000xl.com/mobile/quiz3/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.php
www.snapbang.com/ |
23 B 731 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ |
334 KB 334 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery18204768817805448686 function| Slider object| _gaq object| js_lang object| language boolean| grecaptcha_rendered function| render_grecaptcha function| empty_recaptcha_container object| flypaper function| show_country_options function| toggle_email function| show_password_ph function| hide_password_ph function| toggle_password_ph function| login_display undefined| seeking undefined| willing object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _gat object| recaptcha4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.snapbang.com/ | Name: ps7_crumb Value: W1sid2ViLXpzbmFwYmFuZ3JhZGFycXVpemNvdmlkIiwiYm9ub21pIiwiMjAyMS0wNC0yMyIsbnVsbCwibG92ZWdpcmwiXV0%3D |
|
www.snapbang.com/ | Name: RNLBSERVERID Value: ded4066 |
|
.snapbang.com/ | Name: _ot Value: best |
|
.snapbang.com/ | Name: fl_ref_url Value: http%3A%2F%2Fhessagarti.cyou%2F |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cachemd.cdnhost2000xl.com
cachewp.cdnhost2000xl.com
ctrack.trafficjunky.net
hessagarti.cyou
ssl.google-analytics.com
webmasters.hugetraffic.com
www.google.com
www.gstatic.com
www.snapbang.com
199.88.62.37
212.48.253.67
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:810::2008
64.210.149.57
64.210.151.40
66.254.122.100
04c4d7a10a7b5de2dcff5c8d6ce3ee46c0c10579e439a07ecf335534e4959f03
0cf33e8c84f5a771f7dbf3d555a1bf3d45f3fc8bf91290a7b40981a1eacb432f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e07f48cafd82bf245621ae30fc0f5cf29642da4ed95caa6247a064b86b7910f
2af949aa3fb001cd92895b343362e27669292fa22035cb5b81f1d30b4a2042f0
2b96da72758ba5863ad52ea77fef8273c80c0925918af1f3a883d63de6ae1b2a
342f63bb919634d7c0c8e296b5c5aae6dbb531fc81fee0043a9ad13119794cc4
3634bee9f2eb414f13f3bfc657347402e9f50af7bee9a2c78ad8dfe01ec3695a
42cca671b6f43af85e4c2b04016af47028c9a1d99fafb9a6c8b2fe8520b03bcf
44093514dff069b27db8ec060d212377055be7eacc0e2243bbf5ad7fedc9d2f6
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b77f4ae2f291293515987ddf450c3d2900fba63925ef7b55d942ac8df3ce2f1
4d5572afc66b2bb22049dce0a47c237d9aa2db5f1c4846d45cabc684a7f3b3e9
4dad8c8f86fa6b12eee4d81356d98b0098767f8dd8ecdae019369f332168885f
4ffd5f0ddd77e5f13f1d3e58fe6d8c4547e9888729c849c70f2ee4abac6f9e70
5be561f0e954734dfd473c692b5b0382ffac35062cb3c666d6e8dbaf68db63d5
5d12e69936362d189e12b83754b90f53726c84f80265187e26f5348c841f39dd
6e9e0b789626a6164a3d8604309a8f7dd93a5126d59a02100beb4c4447fbf075
7270abe2b719e98ba8c811b5af283a7e8d740886b0e8e1af2de37ccdaa84fa23
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8836cd85ca76603588e2c1c1b9f15c29174e9ec337869896c94239bd7f89a429
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef
926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6
9becee2f21cd7f739e4bb1395dd24d9e17f19e77b6dc9c7c59978a11778f7850
a27ecbe0f63af48cceb0dc93fb842d3161462ca44d16bae13ea4a85488a7a8ce
aabef6fdf6754720952bba161391163f9b54dcd8302f64c85746a92c5aa8bae7
aca602562ff4e3f90ff2d83f85c87298ba98e107fa1d108137dd502783098aad
aeaed3bdf9f33e78c740c4a1796854d25cf1dfacbe8ac2e977d136dd454a2ec8
b45fcd29e51966d69fd7b82c7c312ed647d53417b18f6c264d128b800cb4c3eb
bc797ebe82ef7604ae1a815938f072428e903541b3a527f8b74cbc155d7c44e4
cf815bc5b19a2e0f346793a2389eb5614cbc91627467555f02f965a3f9028300
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
e83150781770dd7dcd420385f475bbadef6ae5e2bc5c28d63c59af9a1f722dda
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5696ac954dc67c7ecd22cfd7cdbb4e1ede2d1decac762c124ee6c4e5df6a996
f5ce5067a45d30f26714b3bbcc840c9f56a4456edafe7bb37c11acf366100466
f7c124f7f2306e18c4b8f68c95becc8cac03f2eeee3a83c0bac5941b1bba42b2