Compromised GCP SHell

Compromised. What does this mean?
avatar
unknown
json
a day ago
18 kB
28
No Index
curl -H "Metadata-Flavor: Google" \
  http://metadata.google.internal/computeMetadata/v1/?recursive=true
{"instance":{"attributes":{"block-project-ssh-keys":"true","cos-update-strategy":"update_disabled","enable-guest-attributes":"TRUE","environments-devops-cloud-google-com_environment-receiver-port":"934","environments-devops-cloud-google-com_inverting-proxy-ca-cert":"-----BEGIN CERTIFICATE-----\nMIIBpDCCAUugAwIBAgIRAKGoZHDV/bd80/sbs1PRlPEwCgYIKoZIzj0EAwIwMjEw\nMC4GA1UEAxMnaW52ZXJ0aW5nLXByb3h5LmVudmlyb25tZW50cy1zeXN0ZW0uc3Zj\nMB4XDTIyMDgyNDE2MjgwNloXDTMyMDgyMTE2MjgwNlowMjEwMC4GA1UEAxMnaW52\nZXJ0aW5nLXByb3h5LmVudmlyb25tZW50cy1zeXN0ZW0uc3ZjMFkwEwYHKoZIzj0C\nAQYIKoZIzj0DAQcDQgAESb0r0nu/vFd5nfJ9pCJ8e+nr8cQJQ5JFFexswYHA7aja\n0BmnALRrmPtITGtMgIe4iNr/PcC/SguYnrao7MxBBaNCMEAwDgYDVR0PAQH/BAQD\nAgKkMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFPtGDU+slsSRhUhzUsW8TReF\nAT8kMAoGCCqGSM49BAMCA0cAMEQCIClZehQggxJ2s/WZ2mzkOBbLgCMmJ9d3Tr5X\nyjZ4SxjsAiBIpxUBKqgCCSTufBBNtZusjZLixU6IML6/sLpltYfigQ==\n-----END CERTIFICATE-----\n","environments-devops-cloud-google-com_secret":"NCesFUxWkw3t2+zg+nfRThTRSRh0DS5d6Zt1o3BfxxA=","google-monitoring-enabled":"true","shutdown-script":"#!/bin/bash\n\nfunction killGateway () {\n  echo 'Killing gateway process'\n\n  gateway=$(ps aux | grep gateway | awk '{print $2}' | head -1)\n  kill -9 \"$gateway\"\n\n  echo 'Gateway process terminated'\n}\n\nkillGateway |& tee /dev/ttyS2\n","startup-script":"#!/bin/bash\n\nfunction await-crictl() {\n  until /usr/bin/crictl ps &>/dev/null; do\n    echo 'Waiting for crictl...'\n    sleep 1\n  done\n}\nfunction delete-default-docker-network() {\n  until docker ps &>/dev/null; do\n    sleep 2\n  done\n  systemctl stop docker.service\n  ip link delete docker0\n}\nfunction enable-default-fluent-bit-logging() {\n  echo 'Enabling default logging agent'\n  mkdir -p /var/log/containers\n  sed -i '1i # Adapted from: https://cos.googlesource.com/cos/overlays/board-overlays/+/refs/heads/master/project-lakitu/app-admin/fluent-bit/files/fluent-bit.conf' /etc/fluent-bit/fluent-bit.conf\n  sed -i 's|    flush        1|    flush     10\\n    Metric    Off\\n    Log_File  /var/log/fluent-bit.log|' /etc/fluent-bit/fluent-bit.conf\n  # clean up unnecessary default configuration for fluent-bit\n  sed -i '/# Collects docker.service logs./,$d' /etc/fluent-bit/fluent-bit.conf\n  cat >> /etc/fluent-bit/fluent-bit.conf << EOF\n\n[INPUT]\n    Name tail\n    Tag cos_containers\n    Path /var/log/containers/*.log\n    Parser_1 time1\n    Parser_2 time2\n    DB /var/log/google-fluentbit/containers.log.db\n    Path_Key file_name\n    Read_from_Head True\n    Mem_Buf_Limit 5MB\n    Skip_Long_Lines On\n\n# match fluent-bit jsonPayload structure\n[FILTER]\n    Name parser\n    Match cos_containers\n    Parser time2\n    Parser no_parser\n    Key_Name log\n    Reserve_Data On\n\n# Add container_id field in container logs.\n[FILTER]\n    Name parser\n    Match cos_containers\n    Key_Name file_name\n    Parser container_filename_to_id\n    Reserve_Data On\n\n[FILTER]\n    Name modify\n    Match cos_containers\n    Rename container_id cos.googleapis.com/container_id\n    # 3) Rename field 'stream' to avoid collisions from container logs where\n    # users may be also using 'stream' as a key\n    Rename stream cos.googleapis.com/stream\n    # 4) Rename field 'log' to a more generic field 'message'. This way Logs\n    # Explorer UI will display the log message as summary of the log entry.\n    Rename log message\n\n# match fluent-bit jsonPayload structure\n[FILTER]\n    Name nest\n    Match cos_containers\n    Operation lift\n    Nested_under message\n\n[OUTPUT]\n    Name        stackdriver\n    Match       *\n    Resource    gce_instance\n    severity_key severity\n    Workers     4\n    Retry_limit 14\nEOF\n\n  echo 'Updating parser.conf.'\n  container_id_regex=\"    Regex  ^\\/var\\/log\\/containers\\/(?<container_id>[^\\/]+)\\.log$\"\n  sed -i \"\\$c\\\\$container_id_regex\" /etc/fluent-bit/parsers.conf\n  cat >> /etc/fluent-bit/parsers.conf << EOF\n\n[PARSER]\n    Name   time1\n    Format json\n    Time_Key time\n    Time_Format %Y-%m-%dT%H:%M:%S.%NZ\n\n[PARSER]\n    Name   time2\n    Format regex\n    Regex  ^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$\n    Time_Key time\n    Time_Format %Y-%m-%dT%H:%M:%S.%N%:z\n    Decode_Field_As   json  log\n\n[PARSER]\n    Name   no_parser\n    Format regex\n    Regex  ^(?<message>.*)$\nEOF\n  echo 'Restarting fluent-bit'\n  systemctl restart fluent-bit\n  if [[ \"false\" == \"true\" ]]; then\n    journalctl -u fluent-bit -f|tee /dev/ttyS3>/dev/null&\n  fi\n}\n\nfunction set-inotify-watches-for-editor() {\n  echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && \\\n    sudo sysctl -p\n}\nfunction configure-containerd() {\n  # TODO(b/295421330): Move these binaries to more appropriate path.\n  # LINT.IfChange\n  wget --no-verbose  https://storage.googleapis.com/\"us-west1\"-cloud-workstations-binaries/binaries/gcfsd/v0.214.0/gcfsd -O /var/lib/google/gcfsd\n  chmod +x /var/lib/google/gcfsd\n  wget --no-verbose  https://storage.googleapis.com/\"us-west1\"-cloud-workstations-binaries/binaries/gcfs-snapshotter/v1.31-0/containerd-gcfs-grpc -O /var/lib/google/containerd-gcfs-grpc\n  chmod +x /var/lib/google/containerd-gcfs-grpc\n\n  cat << EOF > /etc/systemd/system/gcfsd.service\n# Systemd configuration for Google Container File System service\n[Unit]\nDescription=Google Container File System service\nAfter=network.target\n\n[Service]\nType=simple\n\n# More aggressive Go garbage collection setting (go/fast/19).\nEnvironment=GOGC=10\nExecStartPre=-/bin/umount -v /run/gcfsd/mnt\nExecStartPre=-/bin/mkdir -p /run/gcfsd/mnt\n# prod config\nExecStartPre=/bin/mkdir -p /var/lib/containerd/io.containerd.snapshotter.v1.gcfs/snapshotter/layers\nExecStartPre=/bin/mkdir -p /var/lib/containerd/io.containerd.snapshotter.v1.gcfs/gcfsd\n# start\nExecStart=/var/lib/google/gcfsd \\\n  --allow_suid=true \\\n  --mount_point=/run/gcfsd/mnt \\\n  --metrics_flavor=\"\" \\\n  --client_name=cloud_shell \\\n  --log_level=info \\\n  --max_content_cache_size_mb=721 \\\n  --max_large_files_cache_size_mb=721 \\\n  --event_reporter_type=none \\\n  --layer_cache_dir=/var/lib/containerd/io.containerd.snapshotter.v1.gcfs/snapshotter/layers \\\n  --images_in_use_db_path=/var/lib/containerd/io.containerd.snapshotter.v1.gcfs/gcfsd/images_in_use.db\n\nExecStop=/bin/umount /run/gcfsd/mnt\nRuntimeDirectory=gcfsd\nStateDirectory=gcfsd\n# Higher process scheduling priority\nNice=-20\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\n  MTU=$(cat /sys/class/net/eth0/mtu)\n  if [[ \"${MTU}\" -gt 1460 ]]; then\n    MTU=1460\n  fi\n  mkdir -p /etc/cni/net.d\n  cat << EOF > /etc/cni/net.d/10-containerd-net.conflist\n{\n  \"cniVersion\": \"1.0.0\",\n  \"name\": \"containerd-net\",\n  \"plugins\": [\n    {\n      \"type\": \"bridge\",\n      \"bridge\": \"cni0\",\n      \"isGateway\": true,\n      \"ipMasq\": true,\n      \"promiscMode\": true,\n      \"ipam\": {\n        \"type\": \"host-local\",\n        \"ranges\": [\n          [{\n            \"subnet\": \"10.88.0.0/16\"\n          }]\n        ],\n        \"routes\": [\n          { \"dst\": \"0.0.0.0/0\" }\n        ]\n      }\n    },\n    {\n      \"type\": \"firewall\",\n      \"backend\": \"iptables\",\n      \"iptablesAdminChainName\": \"CLOUD-SHELL-FORWARD\"\n    },\n    {\n      \"type\": \"portmap\",\n      \"capabilities\": {\"portMappings\": true}\n    },\n    {\n      \"type\": \"tuning\",\n      \"mtu\": ${MTU},\n      \"sysctl\": {\n          \"net.ipv6.conf.all.disable_ipv6\": \"1\",\n          \"net.ipv6.conf.default.disable_ipv6\": \"1\",\n          \"net.ipv6.conf.lo.disable_ipv6\": \"1\"\n       }\n    }\n  ]\n}\nEOF\n\n  mkdir -p /etc/containerd-gcfs-grpc\n  touch /etc/containerd-gcfs-grpc/config.toml\n  cat << EOF > /etc/systemd/system/snapshotter.service\n# Systemd configuration for Google Container File System snapshotter\n[Unit]\nDescription=GCFS snapshotter\nAfter=network.target\nBefore=containerd.service\n\n[Service]\nEnvironment=HOME=/root\nExecStart=/var/lib/google/containerd-gcfs-grpc \\\n    --log-level=info \\\n    --kubeconfig \"\" \\\n    --skip-duplicate-layers \\\n    --enable-metric-exporter=false \\\n    --enable-kubernetes-event-reporting=false \\\n    --config=/etc/containerd-gcfs-grpc/config.toml\n\nRestart=always\nRestartSec=1\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\n  mkdir -p /etc/containerd\n  cat << EOF > /etc/containerd/config.toml\nversion = 2\n[plugins.\"io.containerd.grpc.v1.cri\"]\n  sandbox_image = \"gke.gcr.io/pause:3.7\"\n  enable_unprivileged_ports = true\n[plugins.\"io.containerd.grpc.v1.cri\".containerd]\n  snapshotter = \"gcfs\"\n  disable_snapshot_annotations = false\n  discard_unpacked_layers = true\n[plugins.\"io.containerd.grpc.v1.cri\".cni]\n  bin_dir = \"/opt/cni/bin\"\n  conf_dir = \"/etc/cni/net.d/\"\n  conf_template = \"\"\n[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"docker.io\"]\n  endpoint = [\"https://mirror.gcr.io\",\"https://registry-1.docker.io\"]\n[proxy_plugins]\n  [proxy_plugins.gcfs]\n    type = \"snapshot\"\n    address = \"/run/containerd-gcfs-grpc/containerd-gcfs-grpc.sock\"\nEOF\n\n  cat << EOF > /etc/crictl.yaml\nruntime-endpoint: unix:///run/containerd/containerd.sock\nimage-endpoint: unix:///run/containerd/containerd.sock\ntimeout: 20\nEOF\n\n  systemctl daemon-reload\n  systemctl stop gcfsd snapshotter containerd\n  systemctl enable gcfsd snapshotter containerd\n  systemctl restart gcfsd snapshotter containerd\n  if [[ \"false\" == \"true\" ]]; then\n    journalctl -u containerd -f|tee /dev/ttyS3>/dev/null&\n  fi\n  # LINT.ThenChange(//depot/google3/production/sisyphus/cloud_sshrelay/cloud-shell-cos-preloader.sh)\n}\nfunction configure-orchestrator() {\n  sudo mkdir -p /var/volumes\n  sudo mkdir -p /var/lib/google\n  touch /var/log/containers/orchestrator.log\n  SECRET=$(curl -H Metadata-Flavor:Google -f http://169.254.169.254/computeMetadata/v1/instance/attributes/environments-devops-cloud-google-com_secret)\n  RANDOM_ID=$(/usr/bin/openssl rand -hex 12)\n  cat <<EOF > /var/lib/google/orchestrator-pod.json\n{\n  \"metadata\": {\n    \"name\": \"orchestrator\",\n    \"namespace\": \"default\",\n    \"uid\": \"${RANDOM_ID}\"\n  },\n  \"log_directory\": \"/var/log/containers\",\n  \"linux\": {\n    \"security_context\": {\n      \"privileged\": true\n    }\n  },\n  \"port_mappings\":[\n    {\"container_port\": 934, \"host_port\": 934}\n  ]\n}\nEOF\n  cat <<EOF > /var/lib/google/orchestrator-container.json\n{\n  \"metadata\": {\n    \"name\": \"orchestrator\"\n  },\n  \"image\": {\n    \"image\": \"gcr.io/cloudshell-images/orchestrator:latest\"\n  },\n  \"args\": [\"--baseServerUrl=https://ssh.cloud.google.com\",\"--enableLocalhostReplacement=true\",\"--frameAncestors=https://ide.cloud.google.com,https://shell.cloud.google.com,https://ssh.cloud.google.com,https://console.cloud.google.com\",\"--gatewayImage=gcr.io/cloudshell-images/gateway:latest\",\"--oauthClientId=618104708054-m0mqlm35l2ahieavnib6emtan2k95ps9.apps.googleusercontent.com\",\"--oauthRedirectPath=/devshell/gateway/oauth\",\"--userImage=gcr.io/cloudshell-images/cloudshell:latest\",\"--waitForDiskAttach=true\",\"--whitelistedHealthCheckOrigins=\\\"https://ide\\\\\\\\.cloud\\\\\\\\.google\\\\\\\\.com,https://shell\\\\\\\\.cloud\\\\\\\\.google\\\\\\\\.com,https://ssh\\\\\\\\.cloud\\\\\\\\.google\\\\\\\\.com\\\"\",\"--whitelistedOauthClients=XXX-9r9s1c4alg36erliucho9t52n32n6dgq.apps.googleusercontent.com,618104708054-plueempusfrhq9l2dk3do2jtapm533gi.apps.googleusercontent.com\"],\n  \"envs\": [\n    {\"key\": \"SECRET\", \"value\": \"${SECRET}\"}\n  ],\n  \"mounts\":[\n    {\"host_path\": \"/dev\", \"container_path\": \"/dev\"},\n    {\"host_path\": \"/run/containerd\", \"container_path\": \"/run/containerd\", \"propagation\": 2},\n    {\"host_path\": \"/var\", \"container_path\": \"/var\", \"propagation\": 2},\n    {\"host_path\": \"/tmp\", \"container_path\": \"/tmp\", \"propagation\": 2}\n  ],\n  \"log_path\":\"orchestrator.log\",\n  \"linux\": {\n    \"security_context\": {\n      \"privileged\": true\n    }\n  },\n  \"labels\": {\n    \"containerd.io/restart.policy\": \"always\",\n    \"containerd.io/restart.status\": \"running\"\n  }\n}\nEOF\n  #TODO(b/296237219): Create a script instead to run orchestrator.\n  cat >> /etc/systemd/system/orchestrator.service << \"EOF\"\n    [Unit]\n    Description=orchestrator\n    After=containerd.service\n    Requires=containerd.service\n\n    [Service]\n    Restart=always\n    ExecStart=/bin/sh -c '/usr/bin/crictl runp /var/lib/google/orchestrator-pod.json;PODID=$(/usr/bin/crictl pods --name \"orchestrator\" -q);/usr/bin/crictl create $PODID /var/lib/google/orchestrator-container.json /var/lib/google/orchestrator-pod.json;CONID=$(/usr/bin/crictl ps --name orchestrator -q -a);/usr/bin/crictl start $CONID'\nEOF\n  systemctl daemon-reload\n  systemctl start orchestrator.service\n  if [[ \"false\" == \"true\" ]]; then\n    journalctl -u orchestrator -f|tee /dev/ttyS3>/dev/null&\n    tail -f /var/log/containers/orchestrator.log|tee /dev/ttyS3>/dev/null&\n  fi\n}\n\nfunction main() {\n    configure-containerd\n    await-crictl\n    enable-default-fluent-bit-logging\n    delete-default-docker-network&\n    # TODO(b/299290793): Pre-cache cloud shell container to improve startup\n    # latency.\n    set-inotify-watches-for-editor\n    mount --make-rshared /var\n    iptables -N CLOUD-SHELL-FORWARD\n    configure-orchestrator\n\n    # Allow incoming TCP connections on below ports on the host VM:\n    # 934(Environment Receiver)\n    # 980(Environment Gateway)\n    # 6000(Cloud Shell SSH).\n    iptables -w -A INPUT -p tcp -m multiport --dports 934,980,6000 -j ACCEPT\n    # Allow incoming TCP connections on below ports in the pod. Note that these\n    # are internal ports exposed by the containers:\n    # 922(Environments Gateway SSH).\n    # 934(Orchestrator)\n    # 980(Environment Gateway HTTP)\n    iptables -w -A CLOUD-SHELL-FORWARD -p tcp -m multiport --dports 922,934,980 -j ACCEPT\n\n    # Create new chain\n    iptables -N sandbox\n    # Allow 1500 packets per second.\n    iptables -A sandbox -p udp -m limit --limit 1500/s -j ACCEPT\n    # Drop all others.\n    iptables -A sandbox -p udp -j REJECT\n    # Forward traffic coming from docker through the chain.\n    iptables -I FORWARD -o eth0 -m state --state NEW -j sandbox\n\n    echo 'VM is ready!'\n}\n\nmain |& tee /dev/ttyS2\n"},"cpuPlatform":"Intel Broadwell","description":"","disks":[{"deviceName":"boot","index":0,"interface":"SCSI","mode":"READ_WRITE","type":"PERSISTENT-BALANCED"},{"deviceName":"home","index":1,"interface":"SCSI","mode":"READ_WRITE","type":"PERSISTENT"}],"gceWorkloadCertificates":{},"guestAttributes":{},"hostname":"cloudshell-b8ea4071-d5bb-4ee0-8090-1e8783cd9c2a.us-west1-b.c.z82c3d2647bd2388e-tp.internal","id":9216212651603521248,"image":"projects/cloud-devshell-dev/global/images/cos-for-cloudshell-20250323-0000-rc00","licenses":[{"id":"6880041984096540132"},{"id":"166739712233658766"},{"id":"1001010"}],"machineType":"projects/587678703902/machineTypes/e2-standard-4","maintenanceEvent":"NONE","name":"cloudshell-b8ea4071-d5bb-4ee0-8090-1e8783cd9c2a","networkInterfaces":[{"accessConfigs":[{"externalIp":"34.53.34.13","type":"ONE_TO_ONE_NAT"}],"dnsServers":["169.254.169.254"],"forwardedIps":[],"gateway":"10.0.0.1","ip":"10.0.1.175","ipAliases":[],"mac":"42:01:0a:00:01:af","mtu":1460,"network":"projects/587678703902/networks/cs-us-west1-ijlt","subnetmask":"255.255.0.0","targetInstanceIps":[]}],"partnerAttributes":{},"preempted":"FALSE","remainingCpuTime":-1,"scheduling":{"automaticRestart":"TRUE","onHostMaintenance":"MIGRATE","preemptible":"FALSE"},"serviceAccounts":{"default":{"aliases":["default"],"email":"vms-cs-us-west1-ijlt@z82c3d2647bd2388e-tp.iam.gserviceaccount.com","scopes":["https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write"]},"vms-cs-us-west1-ijlt@z82c3d2647bd2388e-tp.iam.gserviceaccount.com":{"aliases":["default"],"email":"vms-cs-us-west1-ijlt@z82c3d2647bd2388e-tp.iam.gserviceaccount.com","scopes":["https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write"]}},"shutdownDetails":{"maxDuration":"","requestTimestamp":"","stopState":"UNSPECIFIED","targetState":"UNSPECIFIED"},"tags":["environments-instance"],"virtualClock":{"driftToken":"0"},"zone":"projects/587678703902/zones/us-west1-b"},"oslogin":{"authenticate":{"sessions":{}}},"project":{"attributes":{"VmDnsSetting":"ZonalOnly","gke-cs-us-west1-ijlt-70569f02-secondary-ranges":"services:cs-us-west1-ijlt:cs-us-west1-ijlt:gke-cs-us-west1-ijlt-services-70569f02,pods:cs-us-west1-ijlt:cs-us-west1-ijlt:gke-cs-us-west1-ijlt-pods-70569f02","sshKeys":"\ngke-70569f026ff6409cb64c:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCSyu5KgJ0fBDsd0xHe59eDfMtWhSR2cGdQ2yTOTT/Fx5riuHzyLN7OQBr1fXMD723Kpi3mxTVShIwtoa3mUrlYIz4ZTtVdziBj2otFTDIe/0HslXT59x1gW4oU7xrvVYWqaFYaVxeNJQnI9IKjoDz1/esI7eikdgoak/i2ElZplGQXr0qU7+FKerKcopTE3yLXG8SsWd12mDpdfM1U+XD4mjEKXXtGShBCi7TdWk1A2qvET7LiRbZPUDZQ933XJ22C+Y7A9n8EEXQJqF/AF2zlf5HyRufU5PpWqTx53B2o2REA+6E2eIay5f0ypA1f0UyPKVQ0/liuRcsjS+RSLeRb gke-70569f026ff6409cb64c@gke-70569f026ff6409cb64c\ngke-70569f026ff6409cb64c:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClqdH4toLDBr2ZZI6l8ShUBqrBuTA5S/9jolxCCPQ1tKRZEMqHYprrjBKP2sxgOUbL3EzwpAv7K7Ldj794bpkUBNDDrhbpAAtf6p4S0Mcuxyv5xytFHAKlhceiLYGmoiMkiViMI84WolRCc8rTnZLxKoRCtF6szzI5bPHxCWA8ROjGIh8zwZGnwlv1ltiRZ5ynxxTDxtqJ+z2C8wDBRenjv9RkiS/Xy+MWj2nvvfGOFmLikMXcjFOmtlZqxQ/dauNLs39q8gzfnxX1w/PUV2jXJ5MoP+XmwdhmMIw4TcYCJq7zgMbJ28//4ziPffNnAn0PV9smSejihCku+2SuL+lD gke-70569f026ff6409cb64c@gke-70569f026ff6409cb64c\ngke-70569f026ff6409cb64c:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqZXU0t+jygWa1e5IvPgLBv/XUO1M+PPwsqfqmZqF2uge0+IL6snd+hJUalkPjOknFydp8DRbvIepoH0Jak+ilHYTUCFheBSgU3nhq3hTfn6xu3deyc/mMzd/5lOhsUEIsUdfg5MS5K5XlnIDF79RyVmIIjtUdCHN87kUsY4N+0JhI0AEZwPt+kFoHIWhsi8T63vX6NFxmKtXx1Zu42JuaMlb7VNNjIOlIoUJwnK+lyouFkU0sehe94oEex5AwvfKz4kVdmq/+Q2jHpEwOeEXhaFXvi+EEFRVGzhiMvUcnh2nDkiwAp3kffSz+Tzt9+uPuyRyKq99DQ4/P5PpDP323 gke-70569f026ff6409cb64c@gke-70569f026ff6409cb64c"},"numericProjectId":587678703902,"projectId":"z82c3d2647bd2388e-tp"}}
Editor is loading...
Leave a Comment