kids-teeth.ml
Open in
urlscan Pro
167.99.232.32
Malicious Activity!
Public Scan
Submission: On April 23 via automatic, source openphish
Summary
This is the only time kids-teeth.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 167.99.232.32 167.99.232.32 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
11 | 2001:558:fe21... 2001:558:fe21:2:69:252:205:24 | 7922 (COMCAST-7922) (COMCAST-7922 - Comcast Cable Communications) | |
2 | 204.13.194.239 204.13.194.239 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 3 | 173.241.240.220 173.241.240.220 | 36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES) | |
4 | 23.210.250.213 23.210.250.213 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2.19.38.84 2.19.38.84 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 213.19.162.21 213.19.162.21 | 26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project) | |
2 | 213.19.162.67 213.19.162.67 | 26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project) | |
1 | 91.228.74.250 91.228.74.250 | 27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation) | |
1 2 | 204.13.194.235 204.13.194.235 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 | 151.101.121.108 151.101.121.108 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 2 | 173.241.240.143 173.241.240.143 | 36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES) | |
29 | 12 |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
kids-teeth.ml |
ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US)
login.comcast.net |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
oasc09.247realmedia.com |
ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org
comcast-d.openx.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com | |
px.moatads.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com
ads.rubiconproject.com |
ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
optimized-by.rubiconproject.com |
ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu-ams3.rubiconproject.com |
ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
oascentral.comcast.net |
ASN54113 (FASTLY - Fastly, US)
cdn.oas-c18.adnxs.com |
ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
eu-u.openx.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
comcast.net
1 redirects
login.comcast.net oascentral.comcast.net |
36 KB |
5 |
rubiconproject.com
ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu-ams3.rubiconproject.com |
13 KB |
5 |
openx.net
2 redirects
comcast-d.openx.net eu-u.openx.net |
25 KB |
4 |
moatads.com
z.moatads.com px.moatads.com |
85 KB |
2 |
247realmedia.com
oasc09.247realmedia.com |
2 KB |
1 |
adnxs.com
cdn.oas-c18.adnxs.com |
26 KB |
1 |
quantserve.com
pixel.quantserve.com |
471 B |
1 |
kids-teeth.ml
kids-teeth.ml |
20 KB |
29 | 8 |
Domain | Requested by | |
---|---|---|
11 | login.comcast.net |
kids-teeth.ml
|
3 | px.moatads.com |
kids-teeth.ml
|
3 | comcast-d.openx.net |
1 redirects
kids-teeth.ml
|
2 | eu-u.openx.net |
1 redirects
comcast-d.openx.net
|
2 | oascentral.comcast.net |
1 redirects
kids-teeth.ml
|
2 | beacon-eu-ams3.rubiconproject.com |
kids-teeth.ml
|
2 | optimized-by.rubiconproject.com |
ads.rubiconproject.com
|
2 | oasc09.247realmedia.com |
kids-teeth.ml
oasc09.247realmedia.com |
1 | cdn.oas-c18.adnxs.com |
kids-teeth.ml
|
1 | pixel.quantserve.com |
optimized-by.rubiconproject.com
|
1 | ads.rubiconproject.com |
comcast-d.openx.net
|
1 | z.moatads.com |
oasc09.247realmedia.com
|
1 | kids-teeth.ml | |
29 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
xfinity.comcast.net |
oascentral.comcast.net |
www.comcast.net |
www.surveymonkey.com |
login.comcast.net |
customer.comcast.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.comcast.net COMODO RSA Organization Validation Secure Server CA |
2018-10-29 - 2020-10-28 |
2 years | crt.sh |
*.247realmedia.com GeoTrust RSA CA 2018 |
2018-01-25 - 2019-06-25 |
a year | crt.sh |
moatads.com DigiCert ECC Secure Server CA |
2018-11-10 - 2020-02-09 |
a year | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-02-13 - 2021-02-17 |
2 years | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2018-10-16 - 2019-10-21 |
a year | crt.sh |
oascentral.comcast.net COMODO RSA Organization Validation Secure Server CA |
2017-05-18 - 2019-05-18 |
2 years | crt.sh |
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3 |
2018-07-13 - 2019-06-07 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://kids-teeth.ml/cghjss..htm
Frame ID: B703AB0402CBC6F3AE70E837EC99EE98
Requests: 28 HTTP requests in this frame
Frame:
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195
Frame ID: 4CEADD7FA95B9DBADBEEED17F17AFFDD
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^googletag$/i
OpenX (Advertising Networks) Expand
Detected patterns
- script /https?:\/\/[^\/]*\.openx\.net/i
Rubicon Project (Advertising Networks) Expand
Detected patterns
- script /https?:\/\/[^\/]*\.rubiconproject\.com/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Xfinity
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Ad Info
Search URL Search Domain Scan URL
Title: Ad Feedback
Search URL Search Domain Scan URL
Title: username
Search URL Search Domain Scan URL
Title: password
Search URL Search Domain Scan URL
Title: Register an ID
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: TRUSTe online privacy certification
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- http://comcast-d.openx.net/w/1.0/acj?ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=623%2C90&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1&mt=1 HTTP 302
- http://comcast-d.openx.net/w/1.0/acj?cc=1&ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=623%2C90&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1&mt=1
- https://oascentral.comcast.net/RealMedia/ads/adstream_lx.ads/comcast.net/RubiconSIPassback/L29/945102675/x32/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/553245584a6c792f62787741422f6e4c?_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&qsg=D&kw=noloopback_smr HTTP 302
- https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/1554844434
- http://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195 HTTP 302
- http://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
cghjss..htm
kids-teeth.ml/ |
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.min.css
login.comcast.net/static/css/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nc.min.js
login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omniture.js
login.comcast.net/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1470798879@x32
oasc09.247realmedia.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xfinity-logo.png
login.comcast.net/static/images/global/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jstag
comcast-d.openx.net/w/1.0/ |
63 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
553245584a6c792f62787341426a4478
oasc09.247realmedia.com/RealMedia/ads/adstream_lx.ads/comcast.net/login_secure/L24/631197710/x32/Comcast/OpenX_201507_SIG_300_NATL/300x250_RM_OpenX_SI_K2_112917_10172018.html/ |
43 B 482 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
moatad.js
z.moatads.com/comcastapn56341864860/ |
268 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acj
comcast-d.openx.net/w/1.0/ Redirect Chain
|
2 KB 1 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11648.js
ads.rubiconproject.com/ad/ |
26 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
150582-10.js
optimized-by.rubiconproject.com/a/11648/36314/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1ce8e334-a7c3-4f46-8495-3e504cd3cf4d
beacon-eu-ams3.rubiconproject.com/beacon/d/ |
43 B 268 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
150582-15.js
optimized-by.rubiconproject.com/a/11648/36314/ |
4 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segments.json
pixel.quantserve.com/api/ |
39 B 471 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9306b8b7-aa7e-42fa-9cbd-0f39b0ecbef7
beacon-eu-ams3.rubiconproject.com/beacon/d/ |
43 B 268 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nc.min.js
login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omniture.js
login.comcast.net/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1779115895@x32
oascentral.comcast.net/RealMedia/ads/adstream_jx.ads/comcast.net/RubiconSIPassback/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1554844434
cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/ Redirect Chain
|
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nc.min.js
login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omniture.js
login.comcast.net/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
px.moatads.com/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omniture.js
login.comcast.net/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.png
login.comcast.net/static/images/sprites/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overlay-bg.png
login.comcast.net/static/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
pd
eu-u.openx.net/w/1.0/ Frame 4CEA Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
px.moatads.com/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
px.moatads.com/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| f_ADTARGET_ZIP object| OAS_RN string| OAS_RNS string| OAS_url string| OAS_sitepage string| OAS_pos string| OAS_GEO_OVERRIDE object| OX_ads function| OX object| OX_swfobject object| googletag object| OX_cmds function| originalFunc function| OX_5858520160_onAdRequestError function| OX_5858520160 undefined| rp_account undefined| rp_site undefined| rp_zonesize undefined| rp_adtype string| rp_smartfile object| rp_account_config object| RubiconAdServing object| rp_requests number| rubicon_cb string| rubicon_rurl string| rubicon_ad string| rubicon_creative string| rubicon_tag_code function| qc_results string| quantSegs string| f_AM_CID boolean| f_ENABLE_ADTARGETING object| opts string| OAS_query object| OAS_rn string| OAS_rns string| OAS_type string| OAS_listpos undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| callbacks object| Moat#PML#26#1.2 boolean| Moat#EVA undefined| ad string| x32adtag string| adtag_x32 object| time function| ncLoadPlayer function| lmLoadPlayer object| data function| placeFooter function| $ function| focusLoginForm function| observe function| getPos function| getStyle function| getWindowSize undefined| s_code number| t number| customInviewPercentThreshold0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.rubiconproject.com
beacon-eu-ams3.rubiconproject.com
cdn.oas-c18.adnxs.com
comcast-d.openx.net
eu-u.openx.net
kids-teeth.ml
login.comcast.net
oasc09.247realmedia.com
oascentral.comcast.net
optimized-by.rubiconproject.com
pixel.quantserve.com
px.moatads.com
z.moatads.com
151.101.121.108
167.99.232.32
173.241.240.143
173.241.240.220
2.19.38.84
2001:558:fe21:2:69:252:205:24
204.13.194.235
204.13.194.239
213.19.162.21
213.19.162.67
23.210.250.213
91.228.74.250
0bafddf3df713e5da77564976be89466c26a2c83c1aec1917f93986599412b0f
0ed1ac6cea795a9d493c9cff9564dd3dbef0f1eb8b5af784cb0daf82f43a9e8e
11374bba93dff0546c2e4c02fff615960b841df52063572054f4ab3a82c4bf93
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
39ac01c5fbbc8a5770b3544790734f67b936696adb543d635330802815996051
502b5c0dc2bf1deb918d28a6d161b13a155db0f5984026e86c6b00eb40363e9f
6da252ef9df7c04a62e4cc558d8998d495d073781a9c8ead34253fe64866c6fe
7fe187b239a2c1d59ebb4d28a47eac796c20af4e898581f347776a02feab62f8
847ec2bbe06b316899e011a0abdd47e14a5620dd8fa83e59f02b7edb955ae54c
92be745b56338836887abfd37ba9b558a51affd46439a78ae006afd6ad30d4aa
97d0d3078515786566af41e6d5df6aba67a33c41a143fd1080f64152711e69e9
a64ae049c263cacbe24d5797dc19855eddf1a71ac700417437bec58ab1254803
aea1b1b66ea361a8235c838811585c1c052b69faccdc879bb50540b99e0d7316
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
c805b0c7c8ec54cb56e9eaa14834dfe3bd260c001ae9e856f0715e7c8a1446a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f2cbb9c684c7244f1098767b9b4e12521777afee1fd2c93aae1e762f1a1ff85d