www.rubyfortunecasino.org
Open in
urlscan Pro
2606:4700:20::ac43:46fc
Public Scan
Submission Tags: @phish_report
Submission: On October 26 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2023. Valid for: a year.
This is the only time www.rubyfortunecasino.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:20:... 2606:4700:20::ac43:46fc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:480e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:800::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.64.147.137 172.64.147.137 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
8 | 2606:4700:440... 2606:4700:4400::6812:264c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:440... 2606:4700:4400::ac40:95b2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200e | 15169 (GOOGLE) (GOOGLE) | |
37 | 9 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
rubyfortunecasino.org
www.rubyfortunecasino.org |
205 KB |
8 |
rechanapi.com
nexus.rechanapi.com |
118 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111 |
200 KB |
2 |
imagethumb.com
dm.imagethumb.com — Cisco Umbrella Rank: 691171 |
169 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113 |
2 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96 |
21 KB |
1 |
gstatic.com
fonts.gstatic.com |
43 KB |
1 |
rechannelapi.com
media.rechannelapi.com |
8 KB |
1 |
cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 2127 |
12 KB |
37 | 9 |
Domain | Requested by | |
---|---|---|
18 | www.rubyfortunecasino.org |
www.rubyfortunecasino.org
|
8 | nexus.rechanapi.com |
media.rechannelapi.com
nexus.rechanapi.com www.rubyfortunecasino.org |
3 | www.googletagmanager.com |
www.rubyfortunecasino.org
www.googletagmanager.com |
2 | dm.imagethumb.com |
www.rubyfortunecasino.org
nexus.rechanapi.com |
2 | fonts.googleapis.com |
www.rubyfortunecasino.org
client |
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | media.rechannelapi.com |
www.rubyfortunecasino.org
|
1 | ajax.cloudflare.com |
www.rubyfortunecasino.org
|
37 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rubyfortune.com |
auth.rubyfortune.com |
www.buffalopartners.com |
playersupportcentre.com |
www.microgaming.co.uk |
secure.ecogra.org |
www.begambleaware.org |
www.gamblingcontrol.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-04 - 2024-03-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
ajax.cloudflare.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-08-01 - 2024-08-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
rechanapi.com GTS CA 1P5 |
2023-08-31 - 2023-11-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.rubyfortunecasino.org/
Frame ID: 4332414F1012518FB2616D050C3ABC96
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
Ruby Fortune Casino | $750 Welcome Bonus | Online CasinoDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Slick (JavaScript Libraries) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
- (?:/([\d.]+))?/slick(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Promotions
Search URL Search Domain Scan URL
Title: Winners
Search URL Search Domain Scan URL
Title: Banking
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Promotion Terms
Search URL Search Domain Scan URL
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Security and Privacy
Search URL Search Domain Scan URL
Title: Responsible Gaming
Search URL Search Domain Scan URL
Title: Affiliate Program
Search URL Search Domain Scan URL
Title: Payout Percentages
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Loyalty Club
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.rubyfortunecasino.org/ |
24 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
12 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
www.rubyfortunecasino.org/rfcorg/css/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slicknav.css
www.rubyfortunecasino.org/rfcorg/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.css
www.rubyfortunecasino.org/rfcorg/css/ |
2 KB 885 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.css
www.rubyfortunecasino.org/rfcorg/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mirage2.min.js
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
113 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
www.rubyfortunecasino.org/rfcorg/js/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.rubyfortunecasino.org/rfcorg/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
www.rubyfortunecasino.org/rfcorg/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eprivacy-custom.js
media.rechannelapi.com/plugins/eprivacy/ |
39 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v36/ |
42 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruby_fortune_casino.jpg
www.rubyfortunecasino.org/rfcorg/images/ |
90 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_logos_sprite.png
www.rubyfortunecasino.org/rfcorg/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 750 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.rechanapi.com/betway/dos-prod/ |
520 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24h_help_logo_light.png
www.rubyfortunecasino.org/rfcorg/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_create_account.png
www.rubyfortunecasino.org/rfcorg/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_sign_in.png
www.rubyfortunecasino.org/rfcorg/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CS-8525_Mobile_Casino_Games.jpg
dm.imagethumb.com/images/RFC/ |
168 KB 168 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-18up-en.png
www.rubyfortunecasino.org/rfcorg/images/eighteenplus/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microgaming.png
www.rubyfortunecasino.org/rfcorg/images/trustq/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gambleaware.png
www.rubyfortunecasino.org/rfcorg/images/trustq/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alderney.png
www.rubyfortunecasino.org/rfcorg/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
218 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.rubyfortunecasino.org/rfcorg/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
253 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.rechanapi.com/betway/dos-prod/ |
474 B 551 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 132 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 133 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 134 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9233165dd4f7796ecf6c6efd6a13f0d0.js
nexus.rechanapi.com/betway/dos-prod/code/ |
42 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm-global.js
dm.imagethumb.com/gtm/shared/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/b/ |
0 132 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/b/ |
0 132 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| referrer object| dataLayer object| __mirage2 object| mirage function| $ function| jQuery object| placeholders object| theme object| linkedUrls object| ePrivacyEl object| manageCookies object| google_tag_manager object| google_tag_data string| eprivacy_language string| eprivacy_clientName string| GoogleAnalyticsObject function| ga object| gtm_global object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway object| gaplugins object| gaGlobal object| gaData string| ga_client_id function| onYouTubeIframeAPIReady string| _gtm_global_version string| gtm_trck_a string| gtm_trck_s string| gtm_trck_b string| gtm_venge_visit boolean| trck_cookie function| getCookiebyName function| extractVisitCookie function| extractFromInput function| _collectVisitData function| _domReady8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rechannelapi.com/ | Name: __cf_bm Value: FGp.jghm8x1j0M_HRHAkUhS46qd3AZqTtI42vVe5JbA-1698317555-0-AbHX5CWwqNJ6JP3coqUw2o1OfCoZnCjfTcCVXri6iXd6QXkgRYqQ7p+uZkbiqeABJ9sQfNyk5r66sfHSok/eqzdO1GpqOF7P0V816/CifhdD |
|
.rubyfortunecasino.org/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1 |
|
.rubyfortunecasino.org/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_VIEWED Value: 1 |
|
.rubyfortunecasino.org/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_MODAL_LOADED Value: 1 |
|
.rubyfortunecasino.org/ | Name: _ga Value: GA1.2.1600698853.1698317557 |
|
.rubyfortunecasino.org/ | Name: _gid Value: GA1.2.286957476.1698317557 |
|
.rubyfortunecasino.org/ | Name: _gat_UA-46028713-14 Value: 1 |
|
www.rubyfortunecasino.org/ | Name: 62640 Value: |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
dm.imagethumb.com
fonts.googleapis.com
fonts.gstatic.com
media.rechannelapi.com
nexus.rechanapi.com
www.google-analytics.com
www.googletagmanager.com
www.rubyfortunecasino.org
172.64.147.137
2606:4700:20::ac43:46fc
2606:4700:4400::6812:264c
2606:4700:4400::ac40:95b2
2606:4700::6811:480e
2a00:1450:4001:800::2008
2a00:1450:4001:810::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
0837c68e99cab507e97b8f0353996a600cb192ba1e3bf57877aaac93ffd2576f
0bdce7d80eff5bb84b8d76549631e4e582f9b6ea000f81f2b11eb499b1f42596
0ce15b3d427930e192c7e6c59a7ef5e677b7b9df44e105f55c975c80c70d142d
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10
11af87e59562e34cf6a416ef674c76766d2670d2d5d426b0fe04cd1fbdd02b14
1246713bf9ce97d4b74569c38b5e037f511b80412bab4ef1dbfcfdde94bc0b32
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
165c38abbd38b571be3a623edb21ca21552da2472555f9a78827e43a4abb74f3
245fbaf4307fddefd8cd1a30e6f6748fc6c9c83aa4541c14eb28761d778cb1a8
3dbb2c6b8c1ad996e2a751e919a3c896c577a7baf3b75983a5759b224d612c3f
4020bf7e3300f5374fdcf9746e6b39762e0a90f8771f4c79c3884148cc9a9cd6
4735db8c09f500b91629912f300ccf138cf397d40e70e5138dbb4955b3067fba
4da80cec8f9a2a7ff2efcc7a7e79b251f9c9bb855651abe7aaff008ca4de0c05
5963b4bace68289b3edb26bb457826701319237cfc22069a3ecbbd7c62649bf7
655391a0db9939f9896db79e7cbd49a2f391c4dfb527f9ab0efdcb6cbe6e52bb
66b5c22988581391a004ca7f230c7801bfde7098b109c1c9ca7477655671d92b
67a690cab8010da344daa0a86297374766569b1aeb4bdca4242a1667864d5dd8
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
8380228c834110f62e6ec1fb6d8118c5380084b938f9fad1c26809a05a20b803
9e39ec7b42b5f6e62f36e4f1ee181796d0663bc05e2fdf12422d6fc8e2765001
a68d106bae6666ff611e0f1597b2f62f7973dfa70c5394809b6a7b49a8442601
a7588ba1e1c37b3f21a7329a198b80f4208ecdce24746c02eb20fc9631b6e4e1
bc4aa17d68efbc030b8cf95b246e83b119b4df205d66e9759451ed90f0dbeb6f
c6bac76317d34d835f8c088be50da3ea2a918922d70de240ecfcb8b02fd73864
c914dd176d6eab3e53fad3f6aaff641436c559f44c13705fdb925499ad69d205
d404b0f013feeaf7ea9e1f7dedfd2bcefc7336a47198d7f92cb60de0d6c8d472
d956499e3f4774886fff68b06f23178cd9fbcd31191827dcb460f327842d59c4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbc82d614fefd7308ce69390001bab0b53349be1dc7f8cd08ca62e3ec08c480
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9335c84e04d98d3fa67fe43908d5291f15633c8a9d445390f0f19717f1a225
f21f92c797fb55505324dda45826125a9f143825e2502a0251d9968a3aa49735
fd3657c4af1f753e5ad5f170ee383817001242297a391ce02bc70b884a243af9