ferrocummins.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://ferrocummins.com/?4208983e5ee5572b08a1e383b2fd037a
Submission: On July 21 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by E1 on July 12th 2022. Valid for: 3 months.
This is the only time ferrocummins.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.189.32.4 185.189.32.4 | 44486 (SYNLINQ s...) (SYNLINQ synlinq.de) | |
1 | 94.237.47.138 94.237.47.138 | 202053 (UPCLOUD) (UPCLOUD) | |
1 1 | 2606:4700:303... 2606:4700:3030::6815:27ec | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a03:2880:f03... 2a03:2880:f03f:1c:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 143.204.207.250 143.204.207.250 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 104.19.133.78 104.19.133.78 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
5 | 35.190.43.134 35.190.43.134 | 15169 (GOOGLE) (GOOGLE) | |
32 | 8 |
ASN202053 (UPCLOUD, FI)
PTR: 64b2-adff-feb0-63a2.v6.nl-ams1.upcloud.h
corelatingus.com |
ASN13335 (CLOUDFLARENET, US)
ferrocummins.com | |
event.trk-praesentium.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
ferrocummins.com
ferrocummins.com |
588 KB |
5 |
snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 921 |
1 KB |
5 |
trk-praesentium.com
trk-praesentium.com — Cisco Umbrella Rank: 185763 event.trk-praesentium.com — Cisco Umbrella Rank: 278694 |
3 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
715 B |
2 |
mgid.com
a.mgid.com — Cisco Umbrella Rank: 18188 |
6 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
110 KB |
1 |
sc-static.net
sc-static.net — Cisco Umbrella Rank: 960 |
8 KB |
1 |
decadeshine.com
1 redirects
decadeshine.com |
760 B |
1 |
corelatingus.com
corelatingus.com — Cisco Umbrella Rank: 923577 |
442 B |
1 |
aimfaith.org.uk
1 redirects
aimfaith.org.uk |
278 B |
32 | 10 |
Domain | Requested by | |
---|---|---|
13 | ferrocummins.com |
corelatingus.com
ferrocummins.com |
5 | tr.snapchat.com |
sc-static.net
|
4 | event.trk-praesentium.com |
trk-praesentium.com
|
3 | www.facebook.com |
ferrocummins.com
|
2 | a.mgid.com |
ferrocummins.com
|
2 | connect.facebook.net |
ferrocummins.com
connect.facebook.net |
1 | sc-static.net |
ferrocummins.com
|
1 | trk-praesentium.com |
ferrocummins.com
|
1 | decadeshine.com | 1 redirects |
1 | corelatingus.com | |
1 | aimfaith.org.uk | 1 redirects |
32 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
corelatingus.com R3 |
2022-07-13 - 2022-10-11 |
3 months | crt.sh |
*.ferrocummins.com E1 |
2022-07-12 - 2022-10-10 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-02-08 - 2023-02-07 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-04-29 - 2022-07-28 |
3 months | crt.sh |
sc-static.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-27 - 2023-01-27 |
a year | crt.sh |
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://ferrocummins.com/?4208983e5ee5572b08a1e383b2fd037a
Frame ID: 7CFA03A14824958770210CEEA65F890A
Requests: 27 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&_scsid=276af386-08cc-4dbc-a9c6-dfd977f0108a&_sclid=1e4143bd-4079-44ce-a360-19da4dea6f41
Frame ID: 6CD036D71D18D6A8587BA07539BABDEA
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: 22CEB0AFC403BE4F21B49D45B513551F
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: 571C7087AC9A32779B1B66B3A0EDF288
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
(1) NotificationPage URL History Show full URLs
-
http://aimfaith.org.uk/NZGT24apahrIYa.f3jrc79?ivixbn/yqbj/fz.cbbbb5cHhm.c.ccwmb.cbdxz.cc.cbT.cf.cbz...
HTTP 302
https://corelatingus.com/0/0/0/36443124792ad41338251ba7e359e085/1_162823_6364/46_187044_56176_3/19034... Page URL
-
https://decadeshine.com/index2.php?id=209&s1=351077&s2=762392238&s3=4196&p=uk5trktrs7f
HTTP 302
https://ferrocummins.com/?4208983e5ee5572b08a1e383b2fd037a Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://aimfaith.org.uk/NZGT24apahrIYa.f3jrc79?ivixbn/yqbj/fz.cbbbb5cHhm.c.ccwmb.cbdxz.cc.cbT.cf.cbzMv.dlpp.cbbbbg
HTTP 302
https://corelatingus.com/0/0/0/36443124792ad41338251ba7e359e085/1_162823_6364/46_187044_56176_3/190340237_1ocyt7r Page URL
-
https://decadeshine.com/index2.php?id=209&s1=351077&s2=762392238&s3=4196&p=uk5trktrs7f
HTTP 302
https://ferrocummins.com/?4208983e5ee5572b08a1e383b2fd037a Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://aimfaith.org.uk/NZGT24apahrIYa.f3jrc79?ivixbn/yqbj/fz.cbbbb5cHhm.c.ccwmb.cbdxz.cc.cbT.cf.cbzMv.dlpp.cbbbbg HTTP 302
- https://corelatingus.com/0/0/0/36443124792ad41338251ba7e359e085/1_162823_6364/46_187044_56176_3/190340237_1ocyt7r
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
190340237_1ocyt7r
corelatingus.com/0/0/0/36443124792ad41338251ba7e359e085/1_162823_6364/46_187044_56176_3/ Redirect Chain
|
149 B 442 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
ferrocummins.com/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-02.css
ferrocummins.com/master/us117/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
ferrocummins.com/master/us117/ |
57 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
msg.js
ferrocummins.com/inc/ |
945 B 767 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbcode1.js
ferrocummins.com/inc/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
expresso.png
ferrocummins.com/master/us117/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
package.png
ferrocummins.com/master/us117/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.gif
ferrocummins.com/master/us117/ |
496 KB 497 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
check.png
ferrocummins.com/master/us117/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
11a.png
ferrocummins.com/master/us117/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
11b.png
ferrocummins.com/master/us117/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
223d.png
ferrocummins.com/master/us117/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
ferrocummins.com/master/us117/ |
13 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v9e118mez8
trk-praesentium.com/scripts/push/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mgsensor.js
a.mgid.com/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
399694290689525
connect.facebook.net/signals/config/ |
292 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1x1.gif
a.mgid.com/ |
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
tr.snapchat.com/ |
126 B 479 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
is_enabled
tr.snapchat.com/collector/ |
77 B 160 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 6CD0 |
0 294 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame 22CE |
68 B 275 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame 571C |
68 B 317 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
v9e118mez8
event.trk-praesentium.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v9e118mez8
event.trk-praesentium.com/register/event_log/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
v9e118mez8
event.trk-praesentium.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v9e118mez8
event.trk-praesentium.com/register/event_log/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| fbq function| _fbq function| snaptr object| r object| MgSensorData object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e |
|
corelatingus.com/ | Name: uid4196 Value: 762392238-20220721024358-d4edfcc17e8c864973640ecfc627e5e8-0 |
|
decadeshine.com/ | Name: PHPSESSID Value: 331af0820169d545b0d909d868150a31 |
|
ferrocummins.com/ | Name: PHPSESSID Value: 9d0baffce4f8bdfe7e52978506af740b |
|
.mgid.com/ | Name: __cf_bm Value: je2ZpomSAEc82ExkAL80Jfip10YOeGTfwd9djTRUkpg-1658385841-0-ATv2UHB0VO2zMcuHJQZ9xTdzKIFcIuelTGqBi9IQ9LyqmGnTBNRLWJUuQX4eY8Rb3FEmwJFofhKBifO7HdVznXY= |
|
ferrocummins.com/ | Name: MgidSensorNVis Value: 1 |
|
ferrocummins.com/ | Name: MgidSensorHref Value: https://ferrocummins.com/?4208983e5ee5572b08a1e383b2fd037a |
|
.ferrocummins.com/ | Name: _fbp Value: fb.1.1658385841430.431371597 |
|
.facebook.com/ | Name: fr Value: 07plDsstGs8H4lTuU..Bi2PWx...1.0.Bi2PWx. |
|
.ferrocummins.com/ | Name: _scid Value: 9568087b-bbdb-4a82-becd-84ff9fc21ed7 |
|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAAXBhxEAIAgEsIm4ozzFcVTcguFN+vaC9KXiNgIvp4NMCmWJDT1mb0bCy8oLOvwBNkb1eDIAAAA= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.mgid.com
aimfaith.org.uk
connect.facebook.net
corelatingus.com
decadeshine.com
event.trk-praesentium.com
ferrocummins.com
sc-static.net
tr.snapchat.com
trk-praesentium.com
www.facebook.com
104.19.133.78
143.204.207.250
185.189.32.4
2606:4700:3030::6815:27ec
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
35.190.43.134
94.237.47.138
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19c3c2427c66e7455b6259577c0c580f348ee6c9009eb97ca7e854de607f3ae4
2bd9c32c309cdbd21a9d9ee1436e5b6e92cccc57e59918d88c1fe4cab59137c1
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
48f6b5c94e915dde3c34c02c57efa618fb27906d229393f8dd8a6f6a1b500d8f
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf
50a8aac277d17a473a106839e7d6d4d752287fac2bdcd5f546351fb585369ff3
5d80cc56ae97ef4d7ffdfef84e1a01f0460e5524196b6c5c54c672969535e4a5
61fb35acee02253526f14228009a0cf1d5c976b925611826b0b6b8ecfa17a6a4
6b83282d850d687d049f53f4fd97aec0aa73981c65e77ea38487ae5500c05767
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
9333aab854db43fb49e5c17d5777e592ac9a032fa23e65be9388215b3d6240b4
9ac9157b94158202ec51cf19281617687567fc28a5fa373728514d03187f527e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad6bf80750fc4ee71ba501c39d788520fc96006c4c81325c8cee75e06f92b297
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
ddc9f495fa5ffd2acaa85dcfc467f54155a759fc7b86b920e6cce7551ceee14d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9e95072e5169d07617d53acc432af11116672ad69a701b2ea69ef8462e579f
f39afcc60543070d1735bea0269c7617e301eac65e740dde0034d64460c7d7fb
fc85702baca03c9e5cea9b68ee081a4fcb99d8ab9c028772dc69e908208128f7