![](/screenshots/7d10c501-1d4b-4e9c-a81d-fa911c0ebc79.png)
www.rubyfortunecasino.net
Open in
urlscan Pro
2606:4700:20::681a:d0b
Public Scan
Submission Tags: @phish_report
Submission: On October 26 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2023. Valid for: a year.
This is the only time www.rubyfortunecasino.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:20:... 2606:4700:20::681a:d0b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:490e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:802::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.64.147.137 172.64.147.137 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
8 | 2606:4700:440... 2606:4700:4400::6812:264c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:440... 2606:4700:4400::ac40:95b2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
37 | 9 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
rubyfortunecasino.net
www.rubyfortunecasino.net |
147 KB |
8 |
rechanapi.com
nexus.rechanapi.com |
118 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111 |
200 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96 |
21 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113 |
2 KB |
1 |
imagethumb.com
dm.imagethumb.com — Cisco Umbrella Rank: 691171 |
1 KB |
1 |
gstatic.com
fonts.gstatic.com |
43 KB |
1 |
rechannelapi.com
media.rechannelapi.com |
10 KB |
1 |
cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 2127 |
12 KB |
37 | 9 |
Domain | Requested by | |
---|---|---|
18 | www.rubyfortunecasino.net |
www.rubyfortunecasino.net
|
8 | nexus.rechanapi.com |
media.rechannelapi.com
www.rubyfortunecasino.net nexus.rechanapi.com |
3 | www.googletagmanager.com |
www.rubyfortunecasino.net
www.googletagmanager.com |
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | fonts.googleapis.com |
www.rubyfortunecasino.net
client |
1 | dm.imagethumb.com |
nexus.rechanapi.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | media.rechannelapi.com |
www.rubyfortunecasino.net
|
1 | ajax.cloudflare.com |
www.rubyfortunecasino.net
|
37 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rubyfortune.com |
auth.rubyfortune.com |
www.buffalopartners.com |
playersupportcentre.com |
www.microgaming.co.uk |
secure.ecogra.org |
www.begambleaware.org |
www.gamblingcontrol.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-04 - 2024-03-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
ajax.cloudflare.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-08-01 - 2024-08-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
rechanapi.com GTS CA 1P5 |
2023-08-31 - 2023-11-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.rubyfortunecasino.net/nz/
Frame ID: 353DBA9E78C9D8782600D34825F30735
Requests: 37 HTTP requests in this frame
Screenshot
![](/screenshots/7d10c501-1d4b-4e9c-a81d-fa911c0ebc79.png)
Page Title
Ruby Fortune | A favourite New Zealand Online CasinoDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Slick (JavaScript Libraries) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
- (?:/([\d.]+))?/slick(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Promotions
Search URL Search Domain Scan URL
Title: Winners
Search URL Search Domain Scan URL
Title: Banking
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Promotion Terms
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Security and Privacy
Search URL Search Domain Scan URL
Title: Responsible Gaming
Search URL Search Domain Scan URL
Title: Affiliate Program
Search URL Search Domain Scan URL
Title: Payout Percentages
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Loyalty Club
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.rubyfortunecasino.net/nz/ |
22 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
12 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
www.rubyfortunecasino.net/rfcnet/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slicknav.css
www.rubyfortunecasino.net/rfcnet/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.css
www.rubyfortunecasino.net/rfcnet/css/ |
1 KB 823 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.css
www.rubyfortunecasino.net/rfcnet/css/ |
2 KB 1019 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mirage2.min.js
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
113 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
www.rubyfortunecasino.net/rfcnet/js/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.rubyfortunecasino.net/rfcnet/js/ |
2 KB 914 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
www.rubyfortunecasino.net/rfcnet/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eprivacy-custom.js
media.rechannelapi.com/plugins/eprivacy/ |
39 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v36/ |
42 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruby_fortune_casino.jpg
www.rubyfortunecasino.net/rfcnet/images/ |
62 KB 62 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_logos_sprite.png
www.rubyfortunecasino.net/rfcnet/images/ |
10 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.rechanapi.com/betway/dos-prod/ |
520 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24h_help_logo_light.png
www.rubyfortunecasino.net/rfcnet/images/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_create_account.png
www.rubyfortunecasino.net/rfcnet/images/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_sign_in.png
www.rubyfortunecasino.net/rfcnet/images/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-18up-en.png
www.rubyfortunecasino.net/rfcnet/images/eighteenplus/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microgaming.png
www.rubyfortunecasino.net/rfcnet/images/trustq/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gambleaware.png
www.rubyfortunecasino.net/rfcnet/images/trustq/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alderney.png
www.rubyfortunecasino.net/rfcnet/images/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
218 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.rubyfortunecasino.net/rfcnet/images/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
253 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 134 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 188 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 132 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.rechanapi.com/betway/dos-prod/ |
474 B 496 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm-global.js
dm.imagethumb.com/gtm/shared/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9233165dd4f7796ecf6c6efd6a13f0d0.js
nexus.rechanapi.com/betway/dos-prod/code/ |
42 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/b/ |
0 85 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/b/ |
0 131 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| referrer object| dataLayer object| __mirage2 object| mirage function| $ function| jQuery object| placeholders object| theme object| linkedUrls object| ePrivacyEl object| manageCookies object| google_tag_manager object| google_tag_data string| eprivacy_language string| eprivacy_clientName string| GoogleAnalyticsObject function| ga object| gtm_global object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway object| gaplugins object| gaGlobal object| gaData string| ga_client_id function| onYouTubeIframeAPIReady string| _gtm_global_version string| gtm_trck_a string| gtm_trck_s string| gtm_trck_b string| gtm_venge_visit boolean| trck_cookie function| getCookiebyName function| extractVisitCookie function| extractFromInput function| _collectVisitData function| _domReady undefined| elementClickedCls function| setAutoLinker object| _gtm_iframe_log8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rechannelapi.com/ | Name: __cf_bm Value: DPx3XuIKWQvYXjEGJS7WPXQyGEOuTscMLU8YGLUxYd0-1698330638-0-AWi19rTHai1FaobKG1kh3zyFThGkDlsbyGePW4a7Xyg9UhkKJRYBfdrHwW9VV0UmcrQxP2nA40rmgJbAdvsdwgURg6AltSoesLp9RGuVYQ4q |
|
.rubyfortunecasino.net/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1 |
|
.rubyfortunecasino.net/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_VIEWED Value: 1 |
|
.rubyfortunecasino.net/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_MODAL_LOADED Value: 1 |
|
.rubyfortunecasino.net/ | Name: _ga Value: GA1.2.1532324097.1698330639 |
|
.rubyfortunecasino.net/ | Name: _gid Value: GA1.2.760712070.1698330639 |
|
.rubyfortunecasino.net/ | Name: _gat_UA-46028713-14 Value: 1 |
|
www.rubyfortunecasino.net/ | Name: 62640 Value: |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
dm.imagethumb.com
fonts.googleapis.com
fonts.gstatic.com
media.rechannelapi.com
nexus.rechanapi.com
www.google-analytics.com
www.googletagmanager.com
www.rubyfortunecasino.net
172.64.147.137
2606:4700:20::681a:d0b
2606:4700:4400::6812:264c
2606:4700:4400::ac40:95b2
2606:4700::6811:490e
2a00:1450:4001:802::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a00:1450:4001:831::200e
072a549c6a4acdbb230fe6f0efc305e9c31bc808f05aa8ecb1603f49fbd05a77
0862bc217c09e4b8de30cf6e9ea1a5e0178208e3296b374e9c9ca440f65c5255
0b8b8bc284a20f0d8347d95a1341dd6e4584e1266c204adc85c2ec9c9641726e
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
165c38abbd38b571be3a623edb21ca21552da2472555f9a78827e43a4abb74f3
374d57945d80e81026773fe42e5f8e1cf6f7db2b82238a47572551ee8c9ad0d7
4735db8c09f500b91629912f300ccf138cf397d40e70e5138dbb4955b3067fba
4a3ad0b51b4ce1dd9b7f8828d04efd7e22c32eaca2e9fd4a51d0276635a00947
5839dafdc4a0fbe75787d5873f875a96aea7213a4fda51593870ff1e8f98d314
5963b4bace68289b3edb26bb457826701319237cfc22069a3ecbbd7c62649bf7
5c716fab429f24e187e95ea8c861669a9e6f59f4b0448a1a3f60754c3c7a3a87
643d79f752dbd6e5f5a802167f13a41ece69374a8a591f842e68fbcd6453925a
655391a0db9939f9896db79e7cbd49a2f391c4dfb527f9ab0efdcb6cbe6e52bb
66b5c22988581391a004ca7f230c7801bfde7098b109c1c9ca7477655671d92b
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
7cadf18f026075f929343d9e74aad2fd26ab97bfd3682a99b52365df4c7a1eda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8575f46ebda2fecac2815c4f5c1037d267a76535e51bf9c1c96391fffb417d10
86c5af76123e1d57272ea7b836db256ef1d33c2f728b543f6088613530d5c140
8a9d05996b8fb9629cfd0f6d6d46011a3c8c824556c819189517a711ebdbb393
8e0bfbd827c455b78cbb795e35dc12e158550a2d252b3c9887f8824da329c7eb
9553ae8869ed46bb127b677eef952dd33e3b9c04ed08fa0c4313ea925e67ae46
9e39ec7b42b5f6e62f36e4f1ee181796d0663bc05e2fdf12422d6fc8e2765001
a356654c42f1911d0f15f3bf79a6d14e30a1fd05c5c2656ba1fe34377b9649ca
b06c37ec696e10d80772fc2442de7aa2617601aa2106c679acefda926d326b53
b27ffbdeadc2489953149853ed19b28750ab277e4e97780fc515c89bb6de529b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e29cb281ac02395ac1aa042fca51a4f93ae73d699f1f52fe2230cab9880f855f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f21f92c797fb55505324dda45826125a9f143825e2502a0251d9968a3aa49735
f6c2d05e50c22cf82b757eafb1202bf9e96eeaa2764b4db2cbefaeff66123b21
fc1966b74966da00f5d302387bf709a9dbdffc825b0cbdc220560cef6242814f