![](/screenshots/e6e875f9-d99a-455a-ba6f-c931bab26651.png)
dirty.games
Open in
urlscan Pro
54.85.213.235
Public Scan
Submission: On October 13 via manual from FI — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 2nd 2021. Valid for: a year.
This is the only time dirty.games was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 54.85.213.235 54.85.213.235 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 216.58.212.138 216.58.212.138 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 44.229.144.58 44.229.144.58 | 16509 (AMAZON-02) (AMAZON-02) | |
1 11 | 163.171.128.172 163.171.128.172 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
1 | 89.187.169.47 89.187.169.47 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
2 | 104.16.18.94 104.16.18.94 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 216.58.212.170 216.58.212.170 | 15169 (GOOGLE) (GOOGLE) | |
2 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
1 | 69.16.175.10 69.16.175.10 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
5 | 104.18.22.52 104.18.22.52 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.217.16.136 172.217.16.136 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.185.142 142.250.185.142 | 15169 (GOOGLE) (GOOGLE) | |
33 | 11 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-213-235.compute-1.amazonaws.com
dirty.games |
ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net
ajax.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-144-58.us-west-2.compute.amazonaws.com
bitlnd.com |
ASN54994 (QUANTILNETWORKS, US)
enlistopenly.com | |
enter-shield.com | |
geoip.openlyenter.com |
ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
dg-videos.b-cdn.net |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
enter-shield.com
enter-shield.com |
62 KB |
6 |
dirty.games
dirty.games |
54 KB |
5 |
fontawesome.com
kit.fontawesome.com ka-p.fontawesome.com |
119 KB |
3 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
33 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
69 KB |
2 |
aspnetcdn.com
ajax.aspnetcdn.com |
129 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
83 KB |
1 |
google-analytics.com
www.google-analytics.com |
20 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
openlyenter.com
geoip.openlyenter.com |
703 B |
1 |
b-cdn.net
dg-videos.b-cdn.net |
2 MB |
1 |
enlistopenly.com
1 redirects
enlistopenly.com |
686 B |
1 |
bitlnd.com
1 redirects
bitlnd.com |
651 B |
33 | 13 |
Domain | Requested by | |
---|---|---|
9 | enter-shield.com |
dirty.games
enter-shield.com |
6 | dirty.games |
dirty.games
|
4 | ka-p.fontawesome.com |
kit.fontawesome.com
|
2 | www.googletagmanager.com |
enter-shield.com
|
2 | ajax.aspnetcdn.com |
enter-shield.com
|
2 | fonts.googleapis.com |
enter-shield.com
|
2 | cdnjs.cloudflare.com |
enter-shield.com
cdnjs.cloudflare.com |
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | kit.fontawesome.com |
enter-shield.com
|
1 | code.jquery.com |
enter-shield.com
|
1 | geoip.openlyenter.com |
enter-shield.com
|
1 | dg-videos.b-cdn.net |
dirty.games
|
1 | enlistopenly.com | 1 redirects |
1 | bitlnd.com | 1 redirects |
1 | ajax.googleapis.com |
dirty.games
|
33 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dirty.games Sectigo RSA Domain Validation Secure Server CA |
2021-06-02 - 2022-07-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
www.enter-shield.com AlphaSSL CA - SHA256 - G2 |
2020-07-30 - 2022-07-31 |
2 years | crt.sh |
*.b-cdn.net Sectigo ECC Domain Validation Secure Server CA |
2020-11-11 - 2021-11-11 |
a year | crt.sh |
*.openlyenter.com AlphaSSL CA - SHA256 - G2 |
2021-01-04 - 2022-02-05 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2020-11-16 - 2021-11-10 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland®ion=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Frame ID: F9B51A5BBA1C13358ED1CFA379CD342B
Requests: 8 HTTP requests in this frame
Frame:
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Frame ID: 0B72FC4672353B1599BCEE8211C2C762
Requests: 25 HTTP requests in this frame
Screenshot
![](/screenshots/e6e875f9-d99a-455a-ba6f-c931bab26651.png)
Page Title
Dirty GamesDetected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
- googletagmanager\.com/gtm\.js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
- jquery[.-]([\d.]*\d)[^/]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://bitlnd.com/ep.php/prmagms:72632/68089:tf.d98dtgfur9s7mr5bi95ai612 HTTP 302
- https://enlistopenly.com/signup/?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1 HTTP 302
- https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
acc2.php
dirty.games/eg/ |
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
dirty.games/eg/acc1_files/ |
26 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
dirty.games/eg/acc1_files/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redirect3_1step.js
dirty.games/files/ |
633 B 954 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.js
dirty.games/eg/acc1_files/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
join.php
enter-shield.com/join/ Frame 0B72 Redirect Chain
|
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.svg
dirty.games/eg/acc1_files/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
736x426_acc_bg2.mp4
dg-videos.b-cdn.net/bg/ |
2 MB 2 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
geoip.openlyenter.com/ Frame 0B72 |
401 B 703 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 0B72 |
37 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ Frame 0B72 |
569 B 441 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/ Frame 0B72 |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clickpag2.css
enter-shield.com/common_tpls/compactML/css/ Frame 0B72 |
44 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ Frame 0B72 |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/ Frame 0B72 |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b314bdf1b3.js
kit.fontawesome.com/ Frame 0B72 |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form_support.js
enter-shield.com/common_tpls/js/ Frame 0B72 |
977 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validate_form_v2.js
enter-shield.com/common_tpls/js/ Frame 0B72 |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame 0B72 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
password.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fname.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
address.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframeResizer.contentWindow.min.js
enter-shield.com/common_tpls/js/ Frame 0B72 |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 0B72 |
95 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 |
315 KB 53 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 |
315 KB 53 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame 0B72 |
77 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 0B72 |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame 0B72 |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery string| SID string| SID2 string| SID3 string| SID4 string| page_name string| url function| refreshSession3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bitlnd.com/ | Name: AWSALBCORS Value: xAp+RLV6kBoPJEws6zIpr5xXko54yIOZ7rWlstNTDaErNQU2fzBP5WS1W8ao3urhzCNpKDr+pR8WCKQrH4EsHmWO3EbddWfj7T4Qi2CpwRMbilCGXnwJknSZ07C8 |
|
enlistopenly.com/ | Name: PHPSESSID Value: 1ab058d5252e2217d80f157824c48fd4 |
|
enter-shield.com/ | Name: PHPSESSID Value: 5f8bf277fc01423d2ce73e625f549ced |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
ajax.googleapis.com
bitlnd.com
cdnjs.cloudflare.com
code.jquery.com
dg-videos.b-cdn.net
dirty.games
enlistopenly.com
enter-shield.com
fonts.googleapis.com
geoip.openlyenter.com
ka-p.fontawesome.com
kit.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
104.16.18.94
104.18.22.52
142.250.185.142
152.199.19.160
163.171.128.172
172.217.16.136
216.58.212.138
216.58.212.170
44.229.144.58
54.85.213.235
69.16.175.10
89.187.169.47
03647396344ca444ec1eef5e68ee88f6ff4b59384fec2830fa013ebf7ca914f7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1c1198a941e94fd1927c45f97030f7da28a7dbf0b0f0a0da3c50c12733a87250
2cd14766b89f74025ca3c64c833dbdad8066543dfae0575f629008367168bedd
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3ad4c20eea0c8f0c808f13ec135f6247f4a40f4bd5029d047e1638a81133a4a5
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
44f93bdff09df1d94263a0a434cd5de9d39e02375cd71d59bece14b84ba84bbc
4aca85d95784d80f98e3de60f5c7367e5df977033c835dfa4a89e247048a2f5f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
aed604182c192f5ee87b3c1f8bcbcd5310960a2848d2dfad9d8a2c0bab06e249
bf5872793f1b495141784e520b11dcc25225995d5de302e8704b1184a15cc9e4
c8405193be6e367fbf1331feacd7af0dafff2d78d064a29ac469aedfc39b29c7
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
ce37db8136546197bf5b555d0baede4d5944955799fdf64a7ebabca3599164e3
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da5c86fc2b80d27aca5a12a45ca54bd8fb11f9b3ed91f0b72d2a1ada8bd9e207
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00
f496ae2bc3389bd4ed4d40f55ebdebb3cd4d7953c55178d2e3bc3aee0dbcd307
f6986e7e9308ac9bbfe5c29ce21d11c89e03221b937c094e56b8a8bb81b20843
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe5b4861e4a86e9e65f84608f8ed4027e9eaa06234cb1a358c5d06ece62dfb72