dorbluess.best
Open in
urlscan Pro
188.166.68.96
Public Scan
Submitted URL: http://www.docesregionais.com/
Effective URL: https://dorbluess.best/?p=gvtdoyrqgu5gi3bpgyydqmq&sub1=clickiler&sub2=bertindaa
Submission: On May 06 via manual from GB
Effective URL: https://dorbluess.best/?p=gvtdoyrqgu5gi3bpgyydqmq&sub1=clickiler&sub2=bertindaa
Submission: On May 06 via manual from GB
Summary
This website contacted 5 IPs
in 4 countries
across 6 domains to perform 42 HTTP transactions.
The main IP is 188.166.68.96, located in
Amsterdam, Netherlands and
belongs to DIGITALOCEAN-ASN, US.
The main domain is dorbluess.best.
TLS certificate: Issued by R3 on May 4th 2021. Valid for: 3 months.
This is the only time dorbluess.best was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 4th 2021. Valid for: 3 months.
This is the only time dorbluess.best was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 32 | 37.187.77.228 37.187.77.228 | 16276 (OVH) (OVH) | |
| 1 4 | 45.9.150.63 45.9.150.63 | 49447 (NICEIT) (NICEIT) | |
| 1 | 2a02:6ea0:c70... 2a02:6ea0:c700::1 | 60068 (CDN77 (^_^)/) (CDN77 (^_^)/) | |
| 1 | 188.166.68.96 188.166.68.96 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 42 | 5 |
4
45.9.150.63
(Switzerland)
ASN49447 (NICEIT, DM)
ASN49447 (NICEIT, DM)
| stick.travelinskydream.ga | |
| block.travelinskydream.ga | |
| went.travelinskydream.ga |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 32 |
docesregionais.com
2 redirects
www.docesregionais.com |
354 KB |
| 4 |
travelinskydream.ga
1 redirects
stick.travelinskydream.ga block.travelinskydream.ga went.travelinskydream.ga Failed |
3 KB |
| 1 |
dorbluess.best
dorbluess.best |
18 KB |
| 1 |
printfriendly.com
cdn.printfriendly.com |
10 KB |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 0 |
strongcapitalads.ga
Failed
drake.strongcapitalads.ga Failed |
|
| 42 | 6 |
| Domain | Requested by | |
|---|---|---|
| 32 | www.docesregionais.com |
2 redirects
www.docesregionais.com
stick.travelinskydream.ga |
| 2 | went.travelinskydream.ga |
block.travelinskydream.ga
|
| 1 | dorbluess.best | |
| 1 | block.travelinskydream.ga |
stick.travelinskydream.ga
|
| 1 | cdn.printfriendly.com |
www.docesregionais.com
|
| 1 | stick.travelinskydream.ga |
www.docesregionais.com
|
| 0 | https Failed |
www.docesregionais.com
|
| 0 | drake.strongcapitalads.ga Failed |
www.docesregionais.com
|
| 42 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| docesregionais.com R3 |
2021-04-01 - 2021-06-30 |
3 months | crt.sh |
| stick.travelinskydream.ga R3 |
2021-04-18 - 2021-07-17 |
3 months | crt.sh |
| 1937640834.rsc.cdn77.org R3 |
2021-04-28 - 2021-07-27 |
3 months | crt.sh |
| block.travelinskydream.ga R3 |
2021-04-18 - 2021-07-17 |
3 months | crt.sh |
| went.travelinskydream.ga R3 |
2021-04-18 - 2021-07-17 |
3 months | crt.sh |
| dorbluess.best R3 |
2021-05-04 - 2021-08-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dorbluess.best/?p=gvtdoyrqgu5gi3bpgyydqmq&sub1=clickiler&sub2=bertindaa
Frame ID: 3715B0BB6F35D03485DE2AE1775C72F4
Requests: 42 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.docesregionais.com/ Page URL
- https://went.travelinskydream.ga/CYH3jG Page URL
-
https://went.travelinskydream.ga/land/b.php
HTTP 302
https://dorbluess.best/?p=gvtdoyrqgu5gi3bpgyydqmq&sub1=clickiler&sub2=bertindaa Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
Debian
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Debian/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.docesregionais.com/ Page URL
- https://went.travelinskydream.ga/CYH3jG Page URL
-
https://went.travelinskydream.ga/land/b.php
HTTP 302
https://dorbluess.best/?p=gvtdoyrqgu5gi3bpgyydqmq&sub1=clickiler&sub2=bertindaa Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- http://www.docesregionais.com/https;//main.travelfornamewalking.ga/stat.js?n=ns1 HTTP 301
- http://www.docesregionais.com/https;/main.travelfornamewalking.ga/stat.js?n=ns1
- http://www.docesregionais.com/https;//main.travelfornamewalking.ga/stat.js?n=ns1 HTTP 301
- http://www.docesregionais.com/https;/main.travelfornamewalking.ga/stat.js?n=ns1
42 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
www.docesregionais.com/ |
75 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
reset.css
www.docesregionais.com/wp-content/themes/Sania/lib/css/ |
1 KB 955 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
defaults.css
www.docesregionais.com/wp-content/themes/Sania/lib/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.docesregionais.com/wp-content/themes/Sania/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
www.docesregionais.com/wp-includes/css/dist/block-library/ |
50 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-law-info-public.css
www.docesregionais.com/wp-content/plugins/cookie-law-info/public/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-law-info-gdpr.css
www.docesregionais.com/wp-content/plugins/cookie-law-info/public/css/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css3_black.css
www.docesregionais.com/wp-content/plugins/wp-pagenavi-style/css/ |
1 KB 731 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
www.docesregionais.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
www.docesregionais.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-law-info-public.js
www.docesregionais.com/wp-content/plugins/cookie-law-info/public/js/ |
34 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
superfish.js
www.docesregionais.com/wp-content/themes/Sania/lib/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.mobilemenu.js
www.docesregionais.com/wp-content/themes/Sania/lib/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.cycle.all.js
www.docesregionais.com/wp-content/themes/Sania/includes/featuredposts/scripts/ |
50 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
m.js
drake.strongcapitalads.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
js.php
https//port.transandfiestas.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stat.js
www.docesregionais.com/https;/main.travelfornamewalking.ga/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
stat.js
https//for.dontkinhooot.tw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
stat.js
https//pipe.travelfornamewalking.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
script.js
https//snow.talkingaboutfirms.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
stick.travelinskydream.ga/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
printfriendly.js
cdn.printfriendly.com/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hoverIntent.min.js
www.docesregionais.com/wp-includes/js/ |
1 KB 841 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-embed.min.js
www.docesregionais.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
www.docesregionais.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
background.jpg
www.docesregionais.com/wp-content/themes/Sania/images/ |
177 KB 178 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu-primary-bg.png
www.docesregionais.com/wp-content/themes/Sania/images/ |
213 B 496 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu-secondary-bg.png
www.docesregionais.com/wp-content/themes/Sania/images/ |
230 B 513 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu-secondary-separator.png
www.docesregionais.com/wp-content/themes/Sania/images/ |
135 B 418 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
featured-next.png
www.docesregionais.com/wp-content/themes/Sania/images/ |
513 B 797 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
featured-prev.png
www.docesregionais.com/wp-content/themes/Sania/images/ |
503 B 787 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
meta-separator.png
www.docesregionais.com/wp-content/themes/Sania/images/ |
121 B 404 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Bolo-de-Figos-Secos-Torres-Novas-300x225.jpg
www.docesregionais.com/wp-content/uploads/2014/10/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stat.js
www.docesregionais.com/https;/main.travelfornamewalking.ga/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
user-new.php
www.docesregionais.com/wp-admin/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
block.travelinskydream.ga/ |
1 KB 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
readmore-bg.png
www.docesregionais.com/wp-content/themes/Sania/images/ |
208 B 491 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Tarte-de-Ameixas-e-Damascos-300x190.jpg
www.docesregionais.com/wp-content/uploads/2014/10/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
m.js
drake.strongcapitalads.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
CYH3jG
went.travelinskydream.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CYH3jG
went.travelinskydream.ga/ |
209 B 749 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
dorbluess.best/ Redirect Chain
|
18 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/m.js?s=q
- Domain
- https
- URL
- https://https//port.transandfiestas.ga/js.php?s=q
- Domain
- https
- URL
- https://https//for.dontkinhooot.tw/stat.js?s=newrq
- Domain
- https
- URL
- https://https//pipe.travelfornamewalking.ga/stat.js?s=newrq
- Domain
- https
- URL
- https://https//snow.talkingaboutfirms.ga/script.js?s=newrq
- Domain
- drake.strongcapitalads.ga
- URL
- https://drake.strongcapitalads.ga/m.js?s=q
- Domain
- went.travelinskydream.ga
- URL
- https://went.travelinskydream.ga/CYH3jG
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .dorbluess.best/ | Name: uuid Value: d9f48c71-df6e-44c1-b1f8-8625699b6e63 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
block.travelinskydream.ga
cdn.printfriendly.com
dorbluess.best
drake.strongcapitalads.ga
https
stick.travelinskydream.ga
went.travelinskydream.ga
www.docesregionais.com
drake.strongcapitalads.ga
https
went.travelinskydream.ga
188.166.68.96
2a02:6ea0:c700::1
37.187.77.228
45.9.150.63
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08e5105f5de325824508795d8b452f7cfcf6cecfcbabb6b3ec4be9862c3bd351
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
1a23e41d915f4ca4b0a276f008eb1c658b15c8f35efca3e0990efa453e4b2170
213e63893ec0225742fadfa45cc6a9e8531761a145cd94c989f71082f7d55938
301e0711384cedf5cac832e848745b8644825e3108bef85eef322014a7bc0dce
30fd07c7faf1e9e5c401e2d47a10b39b330b8921ee975ae79bcae79f906c1b74
3a7f33f2403886c22e2c9c1e5663c6aee735bb22d4e65ce192105fc6dd508e8a
3dd77a20704782bfad469f8d13490543977566bedaad66e58cba12a1d81e9f96
3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
55afe583242aa68a90e3c30c47cf5e9140732e7ec56eaabcc9a09316717e1a1c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c50853cb894312211a69c41c6743465f61d7bc4b20b39c2792a4b27144b9368
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
68fed1738b72d53ddc8ce4ff7c7bd8c01d106012487e699a937dd85d98b0e464
92d5fff9adf1bf1d24d8a38f2d8a8c7af9e96dcc9f926e7116dcaca61efccd3d
95dc36ec57fcc9a1afe06510fc176f721f38634f94da6506c9c2dde899368c22
9789e29b9a71fb3ccd4b4456e0601f979c8b613d3a2b34453bdf34ccaf7f0632
9b69494cf9279ee3c8b4d0f943a3238b203a4fac01a46cb56356c848c943b2a1
a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
bc04ef0d4953e1ec32c6fafc95cac3806382940cd313d74d2afd90d598a53ec5
c3f44687334e8f85835eb59b99e58f46202210dff2b27524303f5a06b7945534
c96a4e8e5c17e860ba23499da982857936823deba867697fd327f97d95025cfc
cd477c0b5495037406763a87cf9c10da896ae33f4e2b256f81b9f47dfa229272
ddda4663c15525f1a1a81e9df765e8dffdbfda766cc15de80d8e6376c3f64666
ddf60513b3960fad05f3d90a8fcf938947d7a5eb6d86f14a569b78c8b0422f27
f56e00fb627e19fb1be4d7cb356dea6e91fe6988d2f1c4ed0f7d6cc57c43c666
f93a8b0ff055c32ccfd55183d499f4b54945df2c19d28bb58519a9813b808673
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40