www.flirtmydrm.com
Open in
urlscan Pro
54.228.153.41
Public Scan
Effective URL: https://www.flirtmydrm.com/c/a15d262bcf8e48a9?tid=kmxij6170855d00028058&s1=139934&s2=135421&s3=&s4=&s5=dconv
Submission: On October 20 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 6th 2021. Valid for: 3 months.
This is the only time www.flirtmydrm.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 89.40.33.83 89.40.33.83 | 203053 (CLAUSWEB) (CLAUSWEB) | |
2 | 142.250.181.234 142.250.181.234 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.16.89.20 104.16.89.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 142.250.186.99 142.250.186.99 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 104.21.18.122 104.21.18.122 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.189.84 172.67.189.84 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 137.74.247.32 137.74.247.32 | 16276 (OVH) (OVH) | |
1 4 | 54.228.153.41 54.228.153.41 | 16509 (AMAZON-02) (AMAZON-02) | |
1 17 | 2.19.98.56 2.19.98.56 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 142.250.185.131 142.250.185.131 | 15169 (GOOGLE) (GOOGLE) | |
32 | 8 |
ASN203053 (CLAUSWEB, RO)
PTR: cw89-d0-cc83.romania-webhosting.com
www.confirma.infoturism.net |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-153-41.eu-west-1.compute.amazonaws.com
kgjxvb.imitrack1.com | |
www.flirtmydrm.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-98-56.deploy.static.akamaitechnologies.com
cdn-adef.akamaized.net |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
akamaized.net
1 redirects
cdn-adef.akamaized.net |
716 KB |
7 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
101 KB |
3 |
flirtmydrm.com
www.flirtmydrm.com |
11 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
2 |
infoturism.net
www.confirma.infoturism.net |
24 KB |
1 |
imitrack1.com
1 redirects
kgjxvb.imitrack1.com |
549 B |
1 |
deltraff.com
s.deltraff.com |
576 B |
1 |
110005.xyz
1 redirects
110005.xyz |
597 B |
1 |
110007.xyz
1 redirects
chat.110007.xyz |
627 B |
1 |
jsdelivr.net
cdn.jsdelivr.net |
23 KB |
32 | 10 |
Domain | Requested by | |
---|---|---|
17 | cdn-adef.akamaized.net |
1 redirects
www.flirtmydrm.com
cdn-adef.akamaized.net |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.flirtmydrm.com |
s.deltraff.com
cdn-adef.akamaized.net www.flirtmydrm.com |
2 | www.gstatic.com |
www.flirtmydrm.com
|
2 | fonts.googleapis.com |
www.confirma.infoturism.net
cdn-adef.akamaized.net |
2 | www.confirma.infoturism.net |
www.confirma.infoturism.net
|
1 | kgjxvb.imitrack1.com | 1 redirects |
1 | s.deltraff.com |
www.confirma.infoturism.net
|
1 | 110005.xyz | 1 redirects |
1 | chat.110007.xyz | 1 redirects |
1 | cdn.jsdelivr.net |
www.confirma.infoturism.net
|
32 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
confirma.infoturism.net cPanel, Inc. Certification Authority |
2021-10-20 - 2022-01-18 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
s.deltraff.com R3 |
2021-09-19 - 2021-12-18 |
3 months | crt.sh |
*.flirtmydrm.com R3 |
2021-08-06 - 2021-11-04 |
3 months | crt.sh |
a248.e.akamai.net DigiCert SHA2 Secure Server CA |
2021-07-15 - 2022-07-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.flirtmydrm.com/c/a15d262bcf8e48a9?tid=kmxij6170855d00028058&s1=139934&s2=135421&s3=&s4=&s5=dconv
Frame ID: 52850C1544FCD245502A1C5AB535423A
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
FlirtMyDreamPage URL History Show full URLs
- https://www.confirma.infoturism.net/ Page URL
-
https://chat.110007.xyz/?offer=911&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b
HTTP 302
https://110005.xyz/?offer=585&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
https://s.deltraff.com/?k=5eb6c8dd4487e Page URL
-
https://kgjxvb.imitrack1.com/c/c51db368d3eacdb6?s1=139934&s2=135421&click_id=2131001434
HTTP 302
https://www.flirtmydrm.com/c/a15d262bcf8e48a9?tid=kmxij6170855d00028058&s1=139934&s2=135421&s3=&s4=&s5=... Page URL
Detected technologies
Firebase (Databases) ExpandDetected patterns
- /firebasejs/([\d.]+)/firebase
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.confirma.infoturism.net/ Page URL
-
https://chat.110007.xyz/?offer=911&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b
HTTP 302
https://110005.xyz/?offer=585&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
https://s.deltraff.com/?k=5eb6c8dd4487e Page URL
-
https://kgjxvb.imitrack1.com/c/c51db368d3eacdb6?s1=139934&s2=135421&click_id=2131001434
HTTP 302
https://www.flirtmydrm.com/c/a15d262bcf8e48a9?tid=kmxij6170855d00028058&s1=139934&s2=135421&s3=&s4=&s5=dconv Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://chat.110007.xyz/?offer=911&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
- https://110005.xyz/?offer=585&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
- https://s.deltraff.com/?k=5eb6c8dd4487e
- https://cdn-adef.akamaized.net/undefined/js/pushjs/1.0.0/subscriber.js HTTP 302
- https://cdn-adef.akamaized.net/404
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.confirma.infoturism.net/ |
1 KB 887 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
www.confirma.infoturism.net/css/ |
198 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ |
77 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
s.deltraff.com/ Redirect Chain
|
315 B 576 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
a15d262bcf8e48a9
www.flirtmydrm.com/c/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.min.css
cdn-adef.akamaized.net/landings/214212/1630653140/css/ |
773 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
cdn-adef.akamaized.net/landings/214212/1630653140/css/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cdn-adef.akamaized.net/landings/214212/1630653140/js/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
cdn-adef.akamaized.net/landings/214212/1630653140/js/ |
24 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
cdn-adef.akamaized.net/landings/214212/1630653140/js/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j5_tmp.js
cdn-adef.akamaized.net/landings/214212/1630653140/js/ |
862 B 989 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
voapi.js
cdn-adef.akamaized.net/landings/214212/1630653140/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
logo.svg
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
8 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pic-girl.png
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
568 KB 568 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
result-person1.jpg
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
result-person2.jpg
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css2
fonts.googleapis.com/ |
8 KB 711 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
404
cdn-adef.akamaized.net/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subscriber.js
www.flirtmydrm.com/js/pushjs/1.0.0/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pic-circle-1.png
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pic-circle-2.png
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pic-circle-3.png
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
heart-icon-lg.png
cdn-adef.akamaized.net/landings/214212/1630653140/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/5.0.2/ |
25 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/5.0.2/ |
35 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
www.flirtmydrm.com/js/pushjs/1.0.0/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| _push function| sclk function| imosbn function| rtbCall object| _rup function| $ function| jQuery string| offerUrl string| hv string| s1 boolean| callbackUrl string| apiUrl function| getFormData function| getApiUrl function| goto function| apiCall function| getUrlParam object| _pcq string| s2 string| k boolean| showDebug string| partyId string| uiServerUrl string| apiServerUrl string| swScope string| customWorkerJS object| pushConfig object| messaging object| indexedDBConfig object| indexedDBFCMConfig object| pushLoopDomains object| messageBody function| logger function| loadScriptAsync object| scriptLoaded function| defaultIfEmpty function| notBlank object| core object| __core-js_shared__ object| firebase function| resolveCid function| parseURL function| getSubdomain function| setCookie function| getCookie function| replaceUrl function| generateUUID function| getUrlParams function| getBrowserInfo function| getLanguage function| getResolution function| getDeviceType function| getSystemInfo function| sendConversion function| isWrongBrowser function| closePopup10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
s.deltraff.com/ | Name: TA3986 Value: 1 |
|
s.deltraff.com/ | Name: TAcku Value: 1 |
|
kgjxvb.imitrack1.com/ | Name: unique_639769 Value: unique_639769 |
|
kgjxvb.imitrack1.com/ | Name: unique_id Value: 6170855d00011c64 |
|
kgjxvb.imitrack1.com/ | Name: unique_id2 Value: 6170855d0001248c |
|
kgjxvb.imitrack1.com/ | Name: tid Value: kmxij6170855d00028058 |
|
www.flirtmydrm.com/ | Name: unique_639766 Value: unique_639766 |
|
www.flirtmydrm.com/ | Name: unique_id Value: 6170855d000cedd7 |
|
www.flirtmydrm.com/ | Name: unique_id2 Value: 6170855d000f64d0 |
|
www.flirtmydrm.com/ | Name: 6170855d000f64d0_sl Value: [214212] |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
110005.xyz
cdn-adef.akamaized.net
cdn.jsdelivr.net
chat.110007.xyz
fonts.googleapis.com
fonts.gstatic.com
kgjxvb.imitrack1.com
s.deltraff.com
www.confirma.infoturism.net
www.flirtmydrm.com
www.gstatic.com
104.16.89.20
104.21.18.122
137.74.247.32
142.250.181.234
142.250.185.131
142.250.186.99
172.67.189.84
2.19.98.56
54.228.153.41
89.40.33.83
009a9d8c5c1dcefbf80c23213e3479f2efce9227c20f2cf4c64a4dcc721654b8
158a8e135e975d2fe01d8a26c4d5bba92eaea3e52e92deebc5cd2b026c780e89
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f7a0936b6088ba92724552532f25bc5265a9683af16678aecfe3a7f67423004
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2687886ca805aee509c40e57448d1a2245f36a590213b3d0d3ebc27df6e5c964
392f196c197758bafbfb4a917625b5a20a84cd7977433a134140f9c6f745058f
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
4f709a3025c2d9604c6c2f83915dbe545ef71f1201005b3643393bad10509ac6
522396a07cb1734f98998989ed47548ec77e183a7bef0e6d6ee5be100054fb3e
53288fff60bf6cca806caa5abae9e9c425cf4707e85391b1c3130867e33ace97
67affce0e8b6ce2a99549474f30ec6b527f79a5b142ca2f67320546ec83aacc5
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
774271e98a58f87874ea5ff11cec73ae8bc9f964f1a1324c1e191a1467020cbd
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8deaf908c1e6425f8681a3d7f1569cb4c1fb97898c8f54f72ca1a5f47fd7620b
935a5d597d4798d93483a89122e391cfe188f8d943c25c977d414e7da8009efc
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac3ca0188f87d00c7969c0d6a05ae73bb8ccdcd21d1faad521c3e5d9e6fe89a7
bcf5b69515c3d09b8ea2f68e7f432f69f591facdcbeb40a8d537fafc75564c69
bf15a49a082ada9306a5e2c135b2981e8959453367932d8bb4364a8b70fe73ec
d11abf7d6f4725555bfd3493838bae4afe645ac11b8a4a62ef92daf760b03b56
d307c72b3a0fe595fab8538cea1586d053506477ad8d116dd0e4155056664b89
d71b9512853ded3b8c0db5fe1da8b42496c874c23d5da8f85b9da40eace967a4
dae6c2ec7b0310d6ca1b5be5f37c45cd7857c7bcd2fac300ff3f0e002c2a2db8
f8a9f8d764e513d2d76dc48c07611f7a6cf16c11b95a6e2727b91e6630030db3
fcad21727b66ed1843447956c76e642e45559c8f30ebd997713b495236b29245