rootraw.com
Open in
urlscan Pro
2606:4700:30::6818:7d2c
Public Scan
Submission: On October 30 via manual from IN
Summary
This is the only time rootraw.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2606:4700:30:... 2606:4700:30::6818:7d2c | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
5 | 206.54.165.141 206.54.165.141 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2001 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 151.139.242.29 151.139.242.29 | 33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group) | |
5 | 88.85.82.156 88.85.82.156 | 35415 (WEBZILLA) (WEBZILLA) | |
2 | 2a00:1450:400... 2a00:1450:4001:81b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 88.85.66.201 88.85.66.201 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 2a04:4e42:3::621 2a04:4e42:3::621 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 2 | 147.75.102.200 147.75.102.200 | 54825 (PACKET) (PACKET - Packet Host) | |
1 | 195.181.170.19 195.181.170.19 | 60068 (CDN77) (CDN77) | |
1 | 188.42.160.46 188.42.160.46 | 35415 (WEBZILLA) (WEBZILLA) | |
31 | 13 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rootraw.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
1.bp.blogspot.com |
ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
images.dmca.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN60068 (CDN77, GB)
PTR: frankfurt-15.cdn77.com
load77.exelator.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
pushsar.com
pushsar.com |
41 KB |
5 |
propellerclick.com
native.propellerclick.com |
107 KB |
5 |
rootraw.com
rootraw.com |
144 KB |
4 |
gstatic.com
fonts.gstatic.com |
57 KB |
3 |
exelator.com
2 redirects
loadus.exelator.com load77.exelator.com |
2 KB |
3 |
deloplen.com
deloplen.com |
26 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
dmca.com
images.dmca.com |
3 KB |
1 |
rtmark.net
my.rtmark.net |
745 B |
1 |
jsdelivr.net
cdn.jsdelivr.net |
11 KB |
1 |
blogspot.com
1.bp.blogspot.com |
9 KB |
1 |
googleapis.com
fonts.googleapis.com |
998 B |
31 | 12 |
Domain | Requested by | |
---|---|---|
5 | pushsar.com |
rootraw.com
pushsar.com |
5 | native.propellerclick.com |
rootraw.com
native.propellerclick.com |
5 | rootraw.com |
rootraw.com
|
4 | fonts.gstatic.com |
rootraw.com
|
3 | deloplen.com |
rootraw.com
deloplen.com |
2 | loadus.exelator.com | 2 redirects |
2 | www.google-analytics.com |
rootraw.com
|
2 | images.dmca.com |
rootraw.com
|
1 | my.rtmark.net |
pushsar.com
|
1 | load77.exelator.com |
rootraw.com
|
1 | cdn.jsdelivr.net |
rootraw.com
|
1 | 1.bp.blogspot.com |
rootraw.com
|
1 | fonts.googleapis.com |
rootraw.com
|
31 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
propellerads.com |
www.dmca.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googleapis.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
images.dmca.com Go Daddy Secure Certificate Authority - G2 |
2018-02-01 - 2020-04-04 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
pushsar.com Sectigo RSA Domain Validation Secure Server CA |
2019-07-26 - 2020-08-10 |
a year | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-05-29 - 2020-04-23 |
a year | crt.sh |
my.rtmark.net Let's Encrypt Authority X3 |
2019-09-24 - 2019-12-23 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://rootraw.com/
Frame ID: 596C95A92A7D39C2AC7F59F51A010665
Requests: 30 HTTP requests in this frame
Frame:
http://deloplen.com/fac.php
Frame ID: D8870FF2FDA068AE4E2D1E2989669A5B
Requests: 1 HTTP requests in this frame
Frame:
data://truncated
Frame ID: FB5EF15978BFB7C97204F09839E76B9E
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: PropellerAds
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- http://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js HTTP 307
- https://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js
- http://loadus.exelator.com/load/?p=204&g=100&j=0&buid=14443d5f3a3142a0b6ec81ba746dde3e HTTP 302
- http://loadus.exelator.com/load/?p=204&g=100&j=0&buid=14443d5f3a3142a0b6ec81ba746dde3e&xl8blockcheck=1 HTTP 302
- http://load77.exelator.com/pixel.gif
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
rootraw.com/ |
217 KB 77 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
autoptimize_dd18dba2b7cd50e3d5c5b31e8c139319.css
rootraw.com/wp-content/cache/autoptimize/css/ |
115 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 998 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
rootraw.com/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
native.propellerclick.com/ |
7 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smart-wifi-logo.png
1.bp.blogspot.com/-IxwfWhiY1_g/XbkUc6PgufI/AAAAAAABQ30/pTMfk1Q9zhgtgdQvSKb_Fu0gzBoqUszVQCLcBGAsYHQ/s1600/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
native.propellerclick.com/ |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dmca-badge-w100-5x1-08.png
images.dmca.com/Badges/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DMCABadgeHelper.min.js
images.dmca.com/Badges/ |
465 B 610 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ntfc.php
pushsar.com/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
autoptimize_d453f4eb46660b88bc36ebf3ea08a61a.js
rootraw.com/wp-content/cache/autoptimize/js/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
rootraw.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v4/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizAREVItHgc8qDIbSTKq4XkRi24_SI0q1vjitOh.woff2
fonts.gstatic.com/s/librefranklin/v4/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizAREVItHgc8qDIbSTKq4XkRi20-SI0q1vjitOh.woff2
fonts.gstatic.com/s/librefranklin/v4/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2
fonts.gstatic.com/s/librefranklin/v4/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f88334caac11ec08d814919c9f643e63
native.propellerclick.com/27/ |
269 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apu.php
deloplen.com/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.min.js
deloplen.com/ |
67 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ntfc.php
pushsar.com/ |
117 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9
native.propellerclick.com/ |
0 800 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9
native.propellerclick.com/ |
0 800 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fac.php
deloplen.com/ Frame D887 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.min.js
cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/ Redirect Chain
|
29 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
load77.exelator.com/ Redirect Chain
|
43 B 396 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
custom
pushsar.com/ |
39 B 485 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gid.js
my.rtmark.net/ |
65 B 745 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
custom
pushsar.com/ |
39 B 485 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame FB5E |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
custom
pushsar.com/ |
39 B 485 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
62 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| wpp_params undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga string| k object| _y8i558oi6d9 object| zfgformats function| setImmediate function| clearImmediate function| _jgiwk function| _yqkfpwuu object| _wyaudwmbi9s function| _cxnpaxx function| _sxmmavqw boolean| zfgloadednative object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _ef60hal10r function| _zrgdn function| _lrdotuf object| _xks5i3u3wg function| _whgnj function| _vvbhgauq object| WPPImageObserver function| wpp_load_img function| wpp_observe_imgs object| twentyseventeenScreenReaderText object| stt2extatJs object| WordPressPopularPosts undefined| do_request undefined| num object| jQuery1124004865585266042083 object| wp object| data string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt object| regeneratorRuntime object| __core-js_shared__ object| core boolean| _babelPolyfill function| _retranber object| _nps object| twemoji object| _c2gaarhw9o function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| _0x84c0 function| _0x19bf object| ntfcSDK boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushcode function| Fingerprint2 object| onClickExcludes4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rootraw.com/ | Name: _gat Value: 1 |
|
.rootraw.com/ | Name: _gid Value: GA1.2.815917694.1572412738 |
|
.rootraw.com/ | Name: _ga Value: GA1.2.1594446138.1572412738 |
|
.rootraw.com/ | Name: __cfduid Value: df077617e4cec9d0cdc5d04e60f0ea4601572412736 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.bp.blogspot.com
cdn.jsdelivr.net
deloplen.com
fonts.googleapis.com
fonts.gstatic.com
images.dmca.com
load77.exelator.com
loadus.exelator.com
my.rtmark.net
native.propellerclick.com
pushsar.com
rootraw.com
www.google-analytics.com
147.75.102.200
151.139.242.29
188.42.160.46
195.181.170.19
206.54.165.141
2606:4700:30::6818:7d2c
2a00:1450:4001:815::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:820::200a
2a00:1450:4001:825::2001
2a04:4e42:3::621
88.85.66.201
88.85.82.156
0a154fd74d1c2e3998aa7eec894a1b334ae50fda2cb99d86d5acab0b1f4b32c4
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
0fc6f1195231851a34df26a402c04e900c9fb17824034f1d9a3c39f57c0e96fd
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
26d89208f3db803508bdc82c6b36076daa70d91546d8349a340221e68f5196a2
2c458ee6783c350846882c35338e874c9485fb9fd5ed808690071c69d9f01e00
2c4df927f50d37d3a0052a7f5cf88f5c7af249b81945eb198eb18d1116c5f28f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
350d344ca09c212e599dad14864eac853d59bf88f34fbf0361afe0bff3a14a02
431de32c742c7d3871c06836b29be1996337494d82560751f16ce3fc019f6ed7
46c73c564aed0dcef201abcb6f79719ea77b4cd6a8f286b22cbd451d960a5d3d
5f49547c7cbc81245958d6040f3913ff73965ae415c13756e8afa5b80b00b469
75bac41f9892f4fadbd7355e6d863f2d74262f15047caa3dfd92b9e38423dfd6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95c559e292078efb159e4c9b2eaa2bef6511671bb0f04b83da335ec676983add
b6c65ab685234e744044e9b94c2a52db31b84c54ff3a00044aa188012ad61365
c5beb68b910bda3aecbdc251f468b32115fdcbae5d957d71af7c53ada125ab8b
cbaa0aa943d37d2f44affa9f2165f1b75088ebc99e02d34d21695abc0813e19b
cf68e4a7c2749ee1ebb12fb2b2050a0acd98c1ac33e3fadea7ae96d1e33fb7c4
d3608fc8696dfcce04fae12675607ac60de1d6dd1492d43eaed26a406669bbb3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ded56bc9bd7e0bd13cbbbad86164d34c60d884199a77118920bff4d2c0c93ed7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4506f729634c5b131249694354ca28febcc904e86b1392c4f29b85a3812d534
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f707ac905bc601e7c615efef3341229528ef740fdea765fc4c98eec658670856
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881