rikakaappdemotesternows.arrielle.workers.dev
Open in
urlscan Pro
172.67.179.224
Malicious Activity!
Public Scan
Submission: On August 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on July 19th 2024. Valid for: 3 months.
This is the only time rikakaappdemotesternows.arrielle.workers.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Dropbox (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 172.67.179.224 172.67.179.224 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.97.9 188.114.97.9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
4 | 2606:4700::68... 2606:4700::6811:f6cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 199.36.158.100 199.36.158.100 | 54113 (FASTLY) (FASTLY) | |
4 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.186.132 142.250.186.132 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.16.99.29 104.16.99.29 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 10 |
ASN13335 (CLOUDFLARENET, US)
rikakaappdemotesternows.arrielle.workers.dev |
ASN13335 (CLOUDFLARENET, US)
wispy-dawn-ea24.porschea50.workers.dev |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
web.app
newoncendappdemo.web.app |
363 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
33 KB |
4 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314 |
102 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 10 |
962 B |
2 |
workers.dev
rikakaappdemotesternows.arrielle.workers.dev wispy-dawn-ea24.porschea50.workers.dev |
7 KB |
1 |
dropboxstatic.com
cfl.dropboxstatic.com — Cisco Umbrella Rank: 6817 |
711 B |
1 |
gstatic.com
www.gstatic.com |
210 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641 |
30 KB |
24 | 8 |
Domain | Requested by | |
---|---|---|
9 | newoncendappdemo.web.app |
rikakaappdemotesternows.arrielle.workers.dev
newoncendappdemo.web.app |
4 | cdnjs.cloudflare.com |
rikakaappdemotesternows.arrielle.workers.dev
|
4 | unpkg.com |
rikakaappdemotesternows.arrielle.workers.dev
|
2 | www.google.com |
rikakaappdemotesternows.arrielle.workers.dev
www.gstatic.com |
1 | cfl.dropboxstatic.com | |
1 | www.gstatic.com |
www.google.com
|
1 | ajax.googleapis.com |
rikakaappdemotesternows.arrielle.workers.dev
|
1 | wispy-dawn-ea24.porschea50.workers.dev |
rikakaappdemotesternows.arrielle.workers.dev
|
1 | rikakaappdemotesternows.arrielle.workers.dev | |
24 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
arrielle.workers.dev WE1 |
2024-07-19 - 2024-10-17 |
3 months | crt.sh |
porschea50.workers.dev WE1 |
2024-08-18 - 2024-11-16 |
3 months | crt.sh |
web.app WR4 |
2024-07-26 - 2024-10-24 |
3 months | crt.sh |
unpkg.com WE1 |
2024-07-28 - 2024-10-26 |
3 months | crt.sh |
cdnjs.cloudflare.com WE1 |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
cfl.dropboxstatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-02-06 - 2025-03-03 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://rikakaappdemotesternows.arrielle.workers.dev/?bbre=xzoipub-1c861328e4394134a30770372c6b7a26.r2.dev/index.html
Frame ID: 52D3D20EAE7C80211B75FBDCB3CE92DF
Requests: 23 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyEbwoAAAAAA0L8y2AkiF9_jqizDuZdrpL62la&co=aHR0cHM6Ly9yaWtha2FhcHBkZW1vdGVzdGVybm93cy5hcnJpZWxsZS53b3JrZXJzLmRldjo0NDM.&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&theme=light&size=normal&cb=3qd0vb7346kl
Frame ID: FC8AF9E1C08AA4BA415220ED2FB87E63
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Verify you are humman -!!Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
Axios (JavaScript libraries) Expand
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Lodash (JavaScript Libraries) Expand
Detected patterns
- lodash.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
rikakaappdemotesternows.arrielle.workers.dev/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6578876f598c7e6993d1d1ce-6578875e598c7e6993d1d1cd.js
wispy-dawn-ea24.porschea50.workers.dev/ |
7 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1c01d7b61626969d4a5c2c6c5ef9c01fnbr1702397806.css
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/css/ |
482 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7b033003278e208c2bc27fc829001d33nbr1702397806.css
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/css/ |
95 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
unpkg.com/axios@0.16.1/dist/ |
34 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1c01d7b61626969d4a5c2c6c5ef9c01fnbr1702397806.js
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/ |
74 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
unpkg.com/vue@2.6.11/dist/ |
91 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-router.min.js
unpkg.com/vue-router@2.7.0/dist/ |
23 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vuex.min.js
cdnjs.cloudflare.com/ajax/libs/vuex/2.3.1/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vee-validate.min.js
cdnjs.cloudflare.com/ajax/libs/vee-validate/2.0.0-rc.3/ |
42 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vue-i18n.min.js
cdnjs.cloudflare.com/ajax/libs/vue-i18n/7.0.3/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lodash.min.js
unpkg.com/lodash@4.17.4/ |
71 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile-detect.min.js
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5403b1efb8afc1478d2191c026d29db4.js
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/ |
419 KB 156 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a3107e4d4ae0ea783cd1177c52f1e6301702397792.js
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/js/ |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
backdrop.jpeg
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/imgs/ |
16 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero-poster.png
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/imgs/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 962 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dropbox_logo_glyph_2015-vfl4ZOqXa.svg
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/imgs/ |
1 KB 755 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dropbox_logo_text_2015-vfld7_dJ8.svg
newoncendappdemo.web.app/njkyrthdfvdxzx/themes/imgs/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ |
531 KB 210 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame FC8A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-vflUeLeeY.ico
cfl.dropboxstatic.com/static/images/ |
387 B 711 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Dropbox (Consumer)331 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| _0x529f function| _0x19be object| script34ssd object| _0x3072 function| _0x4bfe function| loadScript object| dml function| axios function| isnbrstoAvailable function| ES6Promise function| Vue function| VueRouter object| Vuex function| $ function| jQuery object| VeeValidate function| VueI18n function| _ function| MobileDetect object| _0x1da7 function| _0x33e3 object| YAHOO object| CryptoJS string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP function| pkcs1unpad2 function| oaep_mgf1_str function| oaep_unpad function| RSASetPrivate function| RSASetPrivateEx function| RSAGenerate function| RSADoPrivate function| RSADecrypt function| RSADecryptOAEP function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveFpDecodePointHex function| jsonParse object| ASN1HEX object| KJUR function| Base64x function| stoBA function| BAtos function| BAtohex function| stohex function| stob64 function| stob64u function| b64utos function| b64tob64u function| b64utob64 function| hextob64u function| b64utohex function| utf8tob64u function| b64utoutf8 function| utf8tob64 function| b64toutf8 function| utf8tohex function| hextoutf8 function| hextorstr function| rstrtohex function| hextob64 function| hextob64nl function| b64nltohex function| hextopem function| pemtohex function| hextoArrayBuffer function| ArrayBuffertohex function| zulutomsec function| zulutosec function| zulutodate function| datetozulu function| uricmptohex function| hextouricmp function| encodeURIComponentAll function| newline_toUnix function| newline_toDos function| hextoposhex function| intarystrtohex function| strdiffidx object| KEYUTIL object| _RE_HEXDECONLY function| _rsasign_getHexPaddedDigestInfoForString function| _zeroPaddingOfSignature function| pss_mgf1_str function| _rsasign_getDecryptSignatureBI function| _rsasign_getHexDigestInfoFromSig function| _rsasign_getAlgNameAndHashFromHexDisgestInfo function| X509 function| makeCRCNBR function| nbrenpnbry function| iluvutcnbr3062991 function| findPathbyName function| loadComponent function| load_recaptcha_bylang function| defaultReducer function| canWriteToLocalStorage function| _classCallCheck object| defaultStorage function| _typeofNBRPLUGIN function| creatNBRSystemStorage function| nbr_check_mobiledetect function| TouchMenuLA object| AOTS_VUE string| defaultLang object| store function| resetHeadersNBR function| changeLangtoURLNBR function| CancelToken object| nbrProcess function| instance function| instancesta function| randomId function| avoidreAU string| ch4kbat function| validrightrule function| requireAuth function| destroypageLogin function| scrollBehavior string| twnumoff string| LINKRE_RESULT string| TXT_RE string| EN_TXT_RE string| IMGE_TYPE_DR string| a_SH_GG string| a_SH_OFF string| a_SH_HM string| a_SH_YH string| a_SH_AL string| a_SH_IC string| a_SH_OT string| GrabEmailAPTS string| cus_link_off_app object| mapRoutes object| PAGE_TITLE string| validStepUlg function| closeOpenwinnbr object| router object| i18n function| i18nGobal object| configVeeValidate object| App object| LoadingBarVue function| ErrorReq object| __locale__ar function| VueTimeago object| __locale__fr object| __locale__it function| VueKeepScrollPosition function| Progressive object| __locale__ru function| Cookie object| __locale__vi object| __locale__zh_CN object| _0x31a6 function| _0x3578 object| grecaptcha object| ___grecaptcha_cfg string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_2246690 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
cfl.dropboxstatic.com
newoncendappdemo.web.app
rikakaappdemotesternows.arrielle.workers.dev
unpkg.com
wispy-dawn-ea24.porschea50.workers.dev
www.google.com
www.gstatic.com
104.16.99.29
104.17.25.14
142.250.186.132
172.67.179.224
188.114.97.9
199.36.158.100
2606:4700::6811:f6cb
2620:0:890::100
2a00:1450:4001:80b::200a
2a00:1450:4001:82a::2003
12b9249174488540058a4fd868c1fec812766f2e17af520b29dd47fa22dd6f7a
20527289ca6a43abafb1fa42079d6c68425c583d5f93960eae5b5737bf28493b
23258114961c94563c3e7df66f059d487995e01f4ce666f2e5b84f1c499e63cc
24e3fcb3ad0dff75a380313470daaeda6a38319ec723e167995c464c3df3cf04
372731567f6f01ec25f2a80086f1cc91963009bc11d65d1a5ee61bcba4e637c0
3dbd1496fb7bf0748b80d02bb1786242d77bfefc62d167c9b6c89809fd1082ca
52678b0571c467e31b678c8edb14fa6a85e6a5003930d00becf6651c5c112db2
5a01a4f435ae1e511d874f1abc960898902b1d6d4731c3cf0f3383b1ec3ffd1d
5f1597d8c4ad4932102d5f5fbb0c35b827d7ccfc58a30ff6cdfe9dd0c3e5efa7
6b2114a050aed49f4a24237d4d1f437b75ca10c6fc8623eae23c0558c53a7e21
70925c4bda48e2ae325950aab67fe70a75dc2984b9e4f5844f4858c5adf6ef2b
74116901ac0ec12dd7af88a1e9ac55a5531f2dac5da8053cfa70042d738587e3
7649e92aa760b806193241148e8b88f3bc12c4e6cffbc35622a99477db798242
78f31552544922d7131fb218dd480a324e6ea9e9fa5e3134f446850b3238b103
79bd621a88910759e37617b01a7488bd37fecfb6d718c90dae2a1b07e018c4c4
7bb2ab9c67afde5ad1cdb96d641779dee6753f612e831db89372f02718cdbae7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
91d54cc09c1f690008bf45034d657d79d92cebda329c2c6584c51f3f25586422
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
bc131d4086f52cf895923925491ae65fd94a8f7ad39bb6682e69fb93116cb00f
bd624f7ca80de7953c1b47d0ef30adab90b658a2c7c4c64f64405f0395c24ab7
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896
fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8