mac.bulksfinance.com
Open in
urlscan Pro
2606:4700:30::681c:8ab
Public Scan
Effective URL: https://mac.bulksfinance.com/lp/de-cosmo/index.html?bemobdata=c=1dbd6b0a-19c0-43f7-9834-4238fe2df6bc..a=0..b=2..z=0.00112..e=...
Submission: On November 23 via api from CA
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 9th 2019. Valid for: a year.
This is the only time mac.bulksfinance.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 216.157.88.27 216.157.88.27 | 13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1) | |
1 6 | 199.59.242.153 199.59.242.153 | 395082 (BODIS-NJ) (BODIS-NJ - Bodis) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 54.209.22.226 54.209.22.226 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 35.156.54.233 35.156.54.233 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
11 | 2606:4700:30:... 2606:4700:30::681c:8ab | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 99.198.108.197 99.198.108.197 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC) | |
1 | 66.212.229.188 66.212.229.188 | 14537 (CL-1379-1...) (CL-1379-14537 - Continent 8 LLC) | |
26 | 9 |
ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
PTR: back.databasese.com
gmai.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-22-226.compute-1.amazonaws.com
usd.lupus-bra.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-54-233.eu-central-1.compute.amazonaws.com
bemob.freeprize.online | |
b9a39.bemobpath.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
mac.bulksfinance.com |
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
mon.wingiftcard.site |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
bulksfinance.com
mac.bulksfinance.com |
572 KB |
7 |
gmai.com
2 redirects
gmai.com ww1.gmai.com |
14 KB |
2 |
lupus-bra.com
usd.lupus-bra.com |
3 KB |
2 |
gstatic.com
fonts.gstatic.com |
18 KB |
1 |
zxcdn.com
api.zxcdn.com |
1 KB |
1 |
wingiftcard.site
mon.wingiftcard.site |
1 KB |
1 |
bemobpath.com
b9a39.bemobpath.com |
862 B |
1 |
freeprize.online
bemob.freeprize.online |
2 KB |
1 |
googleapis.com
fonts.googleapis.com |
686 B |
1 |
google.com
www.google.com |
55 KB |
26 | 10 |
Domain | Requested by | |
---|---|---|
11 | mac.bulksfinance.com |
mac.bulksfinance.com
|
6 | ww1.gmai.com |
1 redirects
ww1.gmai.com
|
2 | usd.lupus-bra.com |
ww1.gmai.com
usd.lupus-bra.com |
2 | fonts.gstatic.com | |
1 | api.zxcdn.com |
mac.bulksfinance.com
|
1 | mon.wingiftcard.site |
mac.bulksfinance.com
|
1 | b9a39.bemobpath.com | |
1 | bemob.freeprize.online |
usd.lupus-bra.com
|
1 | fonts.googleapis.com |
ww1.gmai.com
|
1 | www.google.com |
ww1.gmai.com
|
1 | gmai.com | 1 redirects |
26 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googleapis.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
bemob.freeprize.online Let's Encrypt Authority X3 |
2019-11-06 - 2020-02-04 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-10-09 - 2020-10-08 |
a year | crt.sh |
mon.wingiftcard.site Let's Encrypt Authority X3 |
2019-11-18 - 2020-02-16 |
3 months | crt.sh |
*.zxcdn.com GoGetSSL RSA DV CA |
2019-08-30 - 2021-09-05 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://mac.bulksfinance.com/lp/de-cosmo/index.html?bemobdata=c=1dbd6b0a-19c0-43f7-9834-4238fe2df6bc..a=0..b=2..z=0.00112..e=zr97c209880d8c11ea8d3512921896bf3553607efe1d394c0085424fc6f384acd6042889ad5ed10d1ac6..c1=victor-yes-eS9alZc2..c2=argent-wasp..c3=gmai%2Cgmai%2Cgmai.com..c4=DOMAIN..c6=NON-ADULT..c8=1298228..c9=de-redirect..c10=MacOS..r=http%3A%2F%2Fusd.lupus-bra.com%2Fzcredirect%3Fvisitid%3D97c20988-0d8c-11ea-8d35-12921896bf35%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&$subID4=LSWpXpaYp3NdADMd7TQFxx
Frame ID: B104E8EBE9AF8CA10D1D5CAF8B5F9361
Requests: 26 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://gmai.com/
HTTP 302
http://ww1.gmai.com/ Page URL
-
http://ww1.gmai.com/rz?u=http%3A%2F%2Fusd.lupus-bra.com%2Fzcvisitor%2F97c20988-0d8c-11ea-8d35-12...
HTTP 302
http://usd.lupus-bra.com/zcvisitor/97c20988-0d8c-11ea-8d35-12921896bf35?campaignid=b6db13a0-fa4c-11e9... Page URL
- http://usd.lupus-bra.com/zcredirect?visitid=97c20988-0d8c-11ea-8d35-12921896bf35&type=js&browserWidth... Page URL
- https://bemob.freeprize.online/go/1dbd6b0a-19c0-43f7-9834-4238fe2df6bc?visit_cost=0.001120&cid=zr97c209880d... Page URL
- http://b9a39.bemobpath.com/?redirectUrl=https%3A%2F%2Fmac.bulksfinance.com%2Flp%2Fde-cosmo%2Findex.html... Page URL
- https://mac.bulksfinance.com/lp/de-cosmo/index.html?bemobdata=c=1dbd6b0a-19c0-43f7-9834-4238fe2df6bc..a=0... Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gmai.com/
HTTP 302
http://ww1.gmai.com/ Page URL
-
http://ww1.gmai.com/rz?u=http%3A%2F%2Fusd.lupus-bra.com%2Fzcvisitor%2F97c20988-0d8c-11ea-8d35-12921896bf35%3Fcampaignid%3Db6db13a0-fa4c-11e9-899b-12077332b422¬adsafe
HTTP 302
http://usd.lupus-bra.com/zcvisitor/97c20988-0d8c-11ea-8d35-12921896bf35?campaignid=b6db13a0-fa4c-11e9-899b-12077332b422 Page URL
- http://usd.lupus-bra.com/zcredirect?visitid=97c20988-0d8c-11ea-8d35-12921896bf35&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
- https://bemob.freeprize.online/go/1dbd6b0a-19c0-43f7-9834-4238fe2df6bc?visit_cost=0.001120&cid=zr97c209880d8c11ea8d3512921896bf3553607efe1d394c0085424fc6f384acd6042889ad5ed10d1ac6&target=victor-yes-eS9alZc2&source=argent-wasp&keyword=gmai%2Cgmai%2Cgmai.com&traffic_type=DOMAIN&match=&visitor_type=NON-ADULT&target_url=&campaign_id=1298228&campaign_name=de-redirect&os=MacOS Page URL
- http://b9a39.bemobpath.com/?redirectUrl=https%3A%2F%2Fmac.bulksfinance.com%2Flp%2Fde-cosmo%2Findex.html%3Fbemobdata%3Dc%253D1dbd6b0a-19c0-43f7-9834-4238fe2df6bc..a%253D0..b%253D2..z%253D0.00112..e%253Dzr97c209880d8c11ea8d3512921896bf3553607efe1d394c0085424fc6f384acd6042889ad5ed10d1ac6..c1%253Dvictor-yes-eS9alZc2..c2%253Dargent-wasp..c3%253Dgmai%25252Cgmai%25252Cgmai.com..c4%253DDOMAIN..c6%253DNON-ADULT..c8%253D1298228..c9%253Dde-redirect..c10%253DMacOS..r%253Dhttp%25253A%25252F%25252Fusd.lupus-bra.com%25252Fzcredirect%25253Fvisitid%25253D97c20988-0d8c-11ea-8d35-12921896bf35%252526type%25253Djs%252526browserWidth%25253D1600%252526browserHeight%25253D1200%252526iframeDetected%25253Dfalse%26%24subID4%3DLSWpXpaYp3NdADMd7TQFxx Page URL
- https://mac.bulksfinance.com/lp/de-cosmo/index.html?bemobdata=c=1dbd6b0a-19c0-43f7-9834-4238fe2df6bc..a=0..b=2..z=0.00112..e=zr97c209880d8c11ea8d3512921896bf3553607efe1d394c0085424fc6f384acd6042889ad5ed10d1ac6..c1=victor-yes-eS9alZc2..c2=argent-wasp..c3=gmai%2Cgmai%2Cgmai.com..c4=DOMAIN..c6=NON-ADULT..c8=1298228..c9=de-redirect..c10=MacOS..r=http%3A%2F%2Fusd.lupus-bra.com%2Fzcredirect%3Fvisitid%3D97c20988-0d8c-11ea-8d35-12921896bf35%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&$subID4=LSWpXpaYp3NdADMd7TQFxx Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://gmai.com/ HTTP 302
- http://ww1.gmai.com/
- http://ww1.gmai.com/rz?u=http%3A%2F%2Fusd.lupus-bra.com%2Fzcvisitor%2F97c20988-0d8c-11ea-8d35-12921896bf35%3Fcampaignid%3Db6db13a0-fa4c-11e9-899b-12077332b422¬adsafe HTTP 302
- http://usd.lupus-bra.com/zcvisitor/97c20988-0d8c-11ea-8d35-12921896bf35?campaignid=b6db13a0-fa4c-11e9-899b-12077332b422
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ww1.gmai.com/ Redirect Chain
|
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caf.js
www.google.com/adsense/domains/ |
155 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww1.gmai.com/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww1.gmai.com/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glp
ww1.gmai.com/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 686 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
gzb
ww1.gmai.com/ |
197 B 514 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
97c20988-0d8c-11ea-8d35-12921896bf35
usd.lupus-bra.com/zcvisitor/ Redirect Chain
|
1004 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
usd.lupus-bra.com/ |
928 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
1dbd6b0a-19c0-43f7-9834-4238fe2df6bc
bemob.freeprize.online/go/ |
874 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
b9a39.bemobpath.com/ |
677 B 862 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
mac.bulksfinance.com/lp/de-cosmo/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
mac.bulksfinance.com/lp/de-cosmo/Casino%20Survey%20_%20Answer%20and%20Get%20a%20Reward!_files/ |
3 KB 3 KB |
Stylesheet
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A.materialize.min.css.pagespeed.cf.s_tjtbZ7n3.css
mac.bulksfinance.com/lp/de-cosmo/Casino%20Survey%20_%20Answer%20and%20Get%20a%20Reward!_files/ |
137 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A.styles.css.pagespeed.cf.ao269mTx9U.css
mac.bulksfinance.com/lp/de-cosmo/Casino%20Survey%20_%20Answer%20and%20Get%20a%20Reward!_files/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub.min.js
mon.wingiftcard.site/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo1.png
mac.bulksfinance.com/lp/de-cosmo/Casino%20Survey%20_%20Answer%20and%20Get%20a%20Reward!_files/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
mac.bulksfinance.com/lp/de-cosmo/Casino%20Survey%20_%20Answer%20and%20Get%20a%20Reward!_files/ |
85 KB 85 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js.download
mac.bulksfinance.com/lp/de-cosmo/Casino%20Survey%20_%20Answer%20and%20Get%20a%20Reward!_files/ |
1 KB 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProgressiveJackpotTicker.min.js.download
mac.bulksfinance.com/lp/de-cosmo/Casino%20Survey%20_%20Answer%20and%20Get%20a%20Reward!_files/ |
1 KB 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-yukon.jpg
mac.bulksfinance.com/lp/de-cosmo/ |
407 KB 408 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jackpot_2x.fs8.png
mac.bulksfinance.com/lp/de-cosmo/images/ |
564 B 564 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CCC_Golden-ICE-jpot-spriteA.fs8.png
mac.bulksfinance.com/lp/de-cosmo/images/ |
564 B 564 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bulksfinance.com/ | Name: __cfduid Value: dc5ce8944cf67f3d2c38b1cf6d1226d4b1574470817 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.zxcdn.com
b9a39.bemobpath.com
bemob.freeprize.online
fonts.googleapis.com
fonts.gstatic.com
gmai.com
mac.bulksfinance.com
mon.wingiftcard.site
usd.lupus-bra.com
ww1.gmai.com
www.google.com
199.59.242.153
216.157.88.27
2606:4700:30::681c:8ab
2a00:1450:4001:809::2003
2a00:1450:4001:818::2004
2a00:1450:4001:825::200a
35.156.54.233
54.209.22.226
66.212.229.188
99.198.108.197
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
144bf324f68770efafa84d6cefd4740f059845f27094fa76a1f56daadb97c0ba
26f64955a147d3bbcfe3bc8f8291562e57f041d3eac589f3df3d9bca45c62307
3a2a33086deafb7d4adc8702ea9219715b68fdaae69e469e746f46bb276d7593
497825daa21bb4fa8136657ca2cd5d14d4bcb339f8b57564401e385d5a2c368a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5809ff8f143ecce24e1f02a55c5933a0da6e1fee6fbd3290605facf0f4b4cea7
59cf95d4909b3b254b4634077c364150acc3bff3918243b5e1275b291528bf9c
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
692236a6cde556681cde8ed4f39925ff019254407769b35b1783fae21a15ad6c
791bee1e874a5c8a8df47ea386ba7f9f3b6cd92f2e3ed2d79bc0d460a5488f45
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88d3aa16057f9353db2d02c0c9a430fa220a8328af830e56a60438b978db0c16
906a52cc19b7c6bb8da44b4373a2c423d0880d2d5905f553d8c5014613974f91
94cef8b535235f8a0d6cb016b34bf38ebdf87a9cfcb162b7f4a996b98ef601fb
9ae84fd0d5a1cf29baf359019e578b566fb1f7a9c9e4bbc653631ffeb9cadf94
b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d
bf79dbb6f52767bb3e556a017ec925a3088544cfe8b337b790f1f9c21e7935af
ce01463f597adf52230c024e7a939c32a2fcede3087a1285d8d640913d24e6d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c06350c30074a4627405e7791acb98362c8d276ea52094f38ac6f49cfb3df5