ne6r1geeucv.anaclaraarajo.art
Open in
urlscan Pro
188.114.96.3
Public Scan
Effective URL: https://ne6r1geeucv.anaclaraarajo.art/573485972389472/donwload/SCV39582937
Submission: On October 19 via manual from BR — Scanned from PT
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 5th 2023. Valid for: a year.
This is the only time ne6r1geeucv.anaclaraarajo.art was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 4.228.206.224 4.228.206.224 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 18.66.112.3 18.66.112.3 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 142.250.186.104 142.250.186.104 | 15169 (GOOGLE) (GOOGLE) | |
10 | 195.181.175.15 195.181.175.15 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 177.126.179.11 177.126.179.11 | 15830 (EQUINIX) (EQUINIX) | |
1 | 142.250.184.206 142.250.184.206 | 15169 (GOOGLE) (GOOGLE) | |
1 | 66.102.1.156 66.102.1.156 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.186.99 142.250.186.99 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.34.36.143 52.34.36.143 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 13.69.106.212 13.69.106.212 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.85.20 104.16.85.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
36 | 13 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
unimed.me | |
api.unimed.me |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net
usrwy.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com |
ASN60068 (CDN77 ^_^, GB)
PTR: 809075600.fra.cdn77.com
cdn.userway.org |
ASN15830 (EQUINIX, NL)
PTR: 11.179.126.177.static.sp2.alog.com.br
www.unimed.coop.br |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
analytics.google.com |
ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.co.in |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-36-143.us-west-2.compute.amazonaws.com
api.userway.org |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
userway.org
cdn.userway.org — Cisco Umbrella Rank: 4730 api.userway.org — Cisco Umbrella Rank: 4698 |
101 KB |
10 |
unimed.me
unimed.me api.unimed.me |
376 KB |
3 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 902 |
280 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
149 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373 |
31 KB |
1 |
anaclaraarajo.art
ne6r1geeucv.anaclaraarajo.art |
13 KB |
1 |
google.co.in
www.google.co.in — Cisco Umbrella Rank: 15411 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98 |
250 B |
1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 178 |
250 B |
1 |
unimed.coop.br
www.unimed.coop.br |
2 KB |
1 |
usrwy.com
usrwy.com — Cisco Umbrella Rank: 108998 |
2 KB |
36 | 11 |
Domain | Requested by | |
---|---|---|
10 | cdn.userway.org |
usrwy.com
unimed.me cdn.userway.org |
9 | unimed.me |
unimed.me
|
3 | dc.services.visualstudio.com |
unimed.me
|
2 | www.googletagmanager.com |
unimed.me
www.googletagmanager.com |
1 | cdn.jsdelivr.net |
ne6r1geeucv.anaclaraarajo.art
|
1 | ne6r1geeucv.anaclaraarajo.art |
unimed.me
|
1 | api.unimed.me |
unimed.me
|
1 | api.userway.org |
cdn.userway.org
|
1 | www.google.co.in |
unimed.me
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | www.unimed.coop.br |
www.googletagmanager.com
|
1 | usrwy.com |
unimed.me
|
36 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.unimed.me Sectigo RSA Organization Validation Secure Server CA |
2023-07-14 - 2024-07-14 |
a year | crt.sh |
usrwy.com Amazon RSA 2048 M02 |
2023-02-28 - 2024-01-04 |
10 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
1667503734.rsc.cdn77.org R3 |
2023-10-10 - 2024-01-08 |
3 months | crt.sh |
*.unimed.coop.br Sectigo RSA Organization Validation Secure Server CA |
2023-08-10 - 2024-08-27 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
*.google.co.in GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
api.userway.org Amazon RSA 2048 M03 |
2023-09-02 - 2024-09-30 |
a year | crt.sh |
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-02 - 2024-08-27 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ne6r1geeucv.anaclaraarajo.art/573485972389472/donwload/SCV39582937
Frame ID: CE5D5FEE697A607E723925ECE286E674
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://unimed.me/u9sq2a??8KiZowxGsBE Page URL
- https://ne6r1geeucv.anaclaraarajo.art/573485972389472/donwload/SCV39582937 Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- /_nuxt/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
UserWay (Accessibility) Expand
Detected patterns
- cdn\.userway\.org/widget.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://unimed.me/u9sq2a??8KiZowxGsBE Page URL
- https://ne6r1geeucv.anaclaraarajo.art/573485972389472/donwload/SCV39582937 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
u9sq2a
unimed.me/ |
49 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
usrwy.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7fc0d28.js
unimed.me/_nuxt/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
67a34f4.js
unimed.me/_nuxt/ |
236 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
007f01d.js
unimed.me/_nuxt/ |
280 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d7a6812.js
unimed.me/_nuxt/ |
113 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ab8b6db.js
unimed.me/_nuxt/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
171 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unimedsans-regular-webfont.14c4094.ttf
unimed.me/_nuxt/fonts/ |
49 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget_app_base_1697707965064.js
cdn.userway.org/widgetapp/2023-10-19-09-32-45/ |
135 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookieLgpd.js
www.unimed.coop.br/site/o/sites-theme/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
257 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.co.in/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aUdWlgoSZh
api.userway.org/api/tunings/ |
821 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u9sq2a
api.unimed.me/v1/shortener/url/ |
118 B 643 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pt-BR.json
cdn.userway.org/widgetapp/2023-10-19-09-32-45/locales/ |
553 B 958 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
remediation-tool-free.js
cdn.userway.org/remediation/free/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
udf.css
cdn.userway.org/widgetapp/bundles/udf/ |
728 B 867 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget_app_lazy_1697707965064.js
cdn.userway.org/widgetapp/2023-10-19-09-32-45/ |
123 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mini-widget.js
cdn.userway.org/mini-widget/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cdn.userway.org/mini-widget/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cdn.userway.org/mini-widget/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
SCV39582937
ne6r1geeucv.anaclaraarajo.art/573485972389472/donwload/ |
18 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 280 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.0e69ead.png
unimed.me/_nuxt/img/ |
102 KB 103 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unimedslab-bold-webfont.c34e25f.ttf
unimed.me/_nuxt/fonts/ |
62 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
alts.json
cdn.userway.org/api/img-dscr/v2/aUdWlgoSZh/3321849/QJEJN5dH9tLyprdR/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alts.json
cdn.userway.org/api/img-dscr/v2/aUdWlgoSZh/3321849/QJEJN5dH9tLyprdR/ |
228 B 837 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
analytics.google.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
analytics.google.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
track
dc.services.visualstudio.com/v2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.7.1/dist/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- analytics.google.com
- URL
- https://analytics.google.com/g/collect?v=2&tid=G-HPSTHYCSCL>m=45je3ai0&_p=263875317&cid=671732555.1697715004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1697715003&sct=1&seg=0&dl=https%3A%2F%2Funimed.me%2Fu9sq2a%3F%3F8KiZowxGsBE&dt=Unimed.Me&_s=2
- Domain
- analytics.google.com
- URL
- https://analytics.google.com/g/collect?v=2&tid=G-HPSTHYCSCL>m=45je3ai0&_p=263875317&cid=671732555.1697715004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1697715003&sct=1&seg=1&dl=https%3A%2F%2Funimed.me%2Fu9sq2a%3F8KiZowxGsBE&dr=https%3A%2F%2Funimed.me%2Fu9sq2a%3F%3F8KiZowxGsBE&dt=Unimed.Me&en=user_engagement&_et=1260
- Domain
- dc.services.visualstudio.com
- URL
- https://dc.services.visualstudio.com/v2/track
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.unimed.me/ | Name: _ga Value: GA1.1.671732555.1697715004 |
|
unimed.me/ | Name: ai_user Value: d7bMIz1xjjyiD7A4EKeffp|2023-10-19T11:30:04.539Z |
|
unimed.me/ | Name: ai_session Value: h96e1/hHtyjHxA+eA1ITLK|1697715004546|1697715004546 |
|
ne6r1geeucv.anaclaraarajo.art/ | Name: PHPSESSID Value: hqu34cnf1solrdk6jrb0i33qgr |
|
.unimed.me/ | Name: _ga_HPSTHYCSCL Value: GS1.1.1697715003.1.1.1697715006.57.0.0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
api.unimed.me
api.userway.org
cdn.jsdelivr.net
cdn.userway.org
dc.services.visualstudio.com
ne6r1geeucv.anaclaraarajo.art
stats.g.doubleclick.net
unimed.me
usrwy.com
www.google.co.in
www.googletagmanager.com
www.unimed.coop.br
analytics.google.com
dc.services.visualstudio.com
104.16.85.20
13.69.106.212
142.250.184.206
142.250.186.104
142.250.186.99
177.126.179.11
18.66.112.3
188.114.96.3
195.181.175.15
4.228.206.224
52.34.36.143
66.102.1.156
03a0b336467615e95a74a4b560ae9bb90b9d354e0adf5c2079aeb544c35dd115
0b572ebe1eb462c921e3024675d3cb5c739cd1f0ed9886e62e253388fd635ff7
13e8acaa35bfa67428a5c48522e7e30a2471cb854d13ead39d32e9f50cb1d06a
208b9142859d7fbfd16db3dd1084a6a6061de703510f4ff429a33399e4abdd22
28c600afb54efc6d7b1d2bcfe185f994ff01abbe9cd5357d14689b66c6d9362d
2b69ec94d6645bc12a52d0a4d6885afabaf7f40ff99283681d8d25d900e29b14
4915f753dfa55e0cb856ed220b0934a9c68345bbeabf1e69f55e99826fec49cd
5c5c8f5dbe5e20a38d097e3b45b8ada0376f38b19da97c8b620622b6cbf3a892
752f5eadc701244ea79924208e843f8ab269abbe33b88969298424c07089bdb3
7fb166f9a5ca42716618143ef988db95c3cadbbc43761db523e288aae8d87de0
8a21caadf3a1129c2e713b6a92e8a1d32aaa74e4d3f91a2045f555add3725425
98a30965b5f117e241814b5a9622b0eedea0314854479b508a222aa8ecee9040
9ba82d9792adb15e52e30368689c3c234587c09191b1ea849e905eeae78f1e6d
9f408b2178acb72df4b593d0c5abcb2b6ccec8939bb146a6adffc0c00249fae8
a9217de397e8a07026c1d7ffc6d7b71e353c8bcb03689046b67ef7e163994f14
d45503205044258636a684fe0d5dd96b9cb70f4b4f932aa604beaa673ca884d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3078104bc5a332b6c5424b496adb0dbdfeb3859b99918eabbd2af23fc664fa6
f4520d1f367f22afcdbb823a2c017ba08305364a921b4cf6f9b625cadfd849f0
f934c797029f58ef4f8757aa026ab74a4ef5b7dfc305b0a2b34acc6b2ee81cb7
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fedd98648be5e92f4820495b040f0825fb80ee368a94d609257f940226e555e1