![](/screenshots/ff7b954d-0754-4e3a-abb2-e3d59d63a701.png)
www.rubyfortunecasino.net
Open in
urlscan Pro
2606:4700:20::ac43:4988
Public Scan
Submission Tags: @phish_report
Submission: On October 26 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2023. Valid for: a year.
This is the only time www.rubyfortunecasino.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:20:... 2606:4700:20::ac43:4988 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:490e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:810::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.18.40.119 104.18.40.119 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
8 | 2606:4700:440... 2606:4700:4400::6812:264c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:440... 2606:4700:4400::6812:264e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
36 | 9 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
rubyfortunecasino.net
www.rubyfortunecasino.net |
205 KB |
8 |
rechanapi.com
nexus.rechanapi.com |
118 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111 |
200 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113 |
2 KB |
1 |
imagethumb.com
dm.imagethumb.com — Cisco Umbrella Rank: 691171 |
1 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96 |
21 KB |
1 |
gstatic.com
fonts.gstatic.com |
43 KB |
1 |
rechannelapi.com
media.rechannelapi.com |
8 KB |
1 |
cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 2127 |
12 KB |
36 | 9 |
Domain | Requested by | |
---|---|---|
18 | www.rubyfortunecasino.net |
www.rubyfortunecasino.net
|
8 | nexus.rechanapi.com |
media.rechannelapi.com
nexus.rechanapi.com www.rubyfortunecasino.net |
3 | www.googletagmanager.com |
www.rubyfortunecasino.net
www.googletagmanager.com |
2 | fonts.googleapis.com |
www.rubyfortunecasino.net
client |
1 | dm.imagethumb.com |
nexus.rechanapi.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | media.rechannelapi.com |
www.rubyfortunecasino.net
|
1 | ajax.cloudflare.com |
www.rubyfortunecasino.net
|
36 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rubyfortune.com |
auth.rubyfortune.com |
www.buffalopartners.com |
playersupportcentre.com |
www.microgaming.co.uk |
secure.ecogra.org |
www.begambleaware.org |
www.gamblingcontrol.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-04 - 2024-03-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
ajax.cloudflare.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-08-01 - 2024-08-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
rechanapi.com GTS CA 1P5 |
2023-08-31 - 2023-11-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.rubyfortunecasino.net/nz/
Frame ID: DE1C21C264E4FF0F62131477314F88AA
Requests: 36 HTTP requests in this frame
Screenshot
![](/screenshots/ff7b954d-0754-4e3a-abb2-e3d59d63a701.png)
Page Title
Ruby Fortune | A favourite New Zealand Online CasinoDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Slick (JavaScript Libraries) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
- (?:/([\d.]+))?/slick(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Promotions
Search URL Search Domain Scan URL
Title: Winners
Search URL Search Domain Scan URL
Title: Banking
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Promotion Terms
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Security and Privacy
Search URL Search Domain Scan URL
Title: Responsible Gaming
Search URL Search Domain Scan URL
Title: Affiliate Program
Search URL Search Domain Scan URL
Title: Payout Percentages
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Loyalty Club
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.rubyfortunecasino.net/nz/ |
22 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
12 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
www.rubyfortunecasino.net/rfcnet/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slicknav.css
www.rubyfortunecasino.net/rfcnet/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.css
www.rubyfortunecasino.net/rfcnet/css/ |
2 KB 916 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.css
www.rubyfortunecasino.net/rfcnet/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mirage2.min.js
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
113 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
www.rubyfortunecasino.net/rfcnet/js/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.rubyfortunecasino.net/rfcnet/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
www.rubyfortunecasino.net/rfcnet/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eprivacy-custom.js
media.rechannelapi.com/plugins/eprivacy/ |
39 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v36/ |
42 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruby_fortune_casino.jpg
www.rubyfortunecasino.net/rfcnet/images/ |
90 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_logos_sprite.png
www.rubyfortunecasino.net/rfcnet/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
218 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.rechanapi.com/betway/dos-prod/ |
520 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24h_help_logo_light.png
www.rubyfortunecasino.net/rfcnet/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_create_account.png
www.rubyfortunecasino.net/rfcnet/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_sign_in.png
www.rubyfortunecasino.net/rfcnet/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-18up-en.png
www.rubyfortunecasino.net/rfcnet/images/eighteenplus/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microgaming.png
www.rubyfortunecasino.net/rfcnet/images/trustq/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gambleaware.png
www.rubyfortunecasino.net/rfcnet/images/trustq/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alderney.png
www.rubyfortunecasino.net/rfcnet/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.rubyfortunecasino.net/rfcnet/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
253 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.rechanapi.com/betway/dos-prod/ |
474 B 551 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 156 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 133 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/c/ |
0 108 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9233165dd4f7796ecf6c6efd6a13f0d0.js
nexus.rechanapi.com/betway/dos-prod/code/ |
42 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm-global.js
dm.imagethumb.com/gtm/shared/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/b/ |
0 84 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.rnc
nexus.rechanapi.com/privacy/v1/b/ |
0 131 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| referrer object| dataLayer object| __mirage2 object| mirage function| $ function| jQuery object| google_tag_manager object| google_tag_data object| placeholders object| theme object| linkedUrls object| ePrivacyEl object| manageCookies string| eprivacy_language string| eprivacy_clientName string| GoogleAnalyticsObject function| ga object| gtm_global object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway object| gaplugins object| gaGlobal object| gaData string| ga_client_id function| onYouTubeIframeAPIReady string| _gtm_global_version string| gtm_trck_a string| gtm_trck_s string| gtm_trck_b string| gtm_venge_visit boolean| trck_cookie function| getCookiebyName function| extractVisitCookie function| extractFromInput function| _collectVisitData function| _domReady8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rechannelapi.com/ | Name: __cf_bm Value: hsvr2LsoDoiBrm8bn5DIjj2ZgoGTwqlea2yrTKDOx_k-1698317362-0-AexkTFxSoEkhVN9SuV+WtVxvwB/CL2wc0t1FpFgzS4SwxNBZmJKm54d+zkd36x9dkBklRzI5W5MbFQYoZGApfCux+w8OGRkO1aHtsBbJ7W19 |
|
.rubyfortunecasino.net/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1 |
|
.rubyfortunecasino.net/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_VIEWED Value: 1 |
|
.rubyfortunecasino.net/ | Name: DEFAULT_ENSIGHTEN_PRIVACY_MODAL_LOADED Value: 1 |
|
.rubyfortunecasino.net/ | Name: _ga Value: GA1.2.124008730.1698317363 |
|
.rubyfortunecasino.net/ | Name: _gid Value: GA1.2.155463523.1698317363 |
|
.rubyfortunecasino.net/ | Name: _gat_UA-46028713-14 Value: 1 |
|
www.rubyfortunecasino.net/ | Name: 62640 Value: |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
dm.imagethumb.com
fonts.googleapis.com
fonts.gstatic.com
media.rechannelapi.com
nexus.rechanapi.com
www.google-analytics.com
www.googletagmanager.com
www.rubyfortunecasino.net
104.18.40.119
2606:4700:20::ac43:4988
2606:4700:4400::6812:264c
2606:4700:4400::6812:264e
2606:4700::6811:490e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200e
02d3edf7c2c820162b0c74085c2c721cc94d25fc28ee71a31976c86d234dcf3e
0837c68e99cab507e97b8f0353996a600cb192ba1e3bf57877aaac93ffd2576f
0b87e29a9beb8818d2da9b98057efd5a0956252599a81ca31b781640708d4b43
0bdce7d80eff5bb84b8d76549631e4e582f9b6ea000f81f2b11eb499b1f42596
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10
11af87e59562e34cf6a416ef674c76766d2670d2d5d426b0fe04cd1fbdd02b14
1246713bf9ce97d4b74569c38b5e037f511b80412bab4ef1dbfcfdde94bc0b32
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
165c38abbd38b571be3a623edb21ca21552da2472555f9a78827e43a4abb74f3
3dbb2c6b8c1ad996e2a751e919a3c896c577a7baf3b75983a5759b224d612c3f
4735db8c09f500b91629912f300ccf138cf397d40e70e5138dbb4955b3067fba
5846b3100b47a28133768d7cf13591ba259da733be17a46d0d2f4d8cb0a81bca
5963b4bace68289b3edb26bb457826701319237cfc22069a3ecbbd7c62649bf7
655391a0db9939f9896db79e7cbd49a2f391c4dfb527f9ab0efdcb6cbe6e52bb
66b5c22988581391a004ca7f230c7801bfde7098b109c1c9ca7477655671d92b
67a690cab8010da344daa0a86297374766569b1aeb4bdca4242a1667864d5dd8
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
7b45562a569d233b5ef77757f1e4cda357bf2d4a586649997dd649538c9d21e5
8380228c834110f62e6ec1fb6d8118c5380084b938f9fad1c26809a05a20b803
9e39ec7b42b5f6e62f36e4f1ee181796d0663bc05e2fdf12422d6fc8e2765001
a356654c42f1911d0f15f3bf79a6d14e30a1fd05c5c2656ba1fe34377b9649ca
a68d106bae6666ff611e0f1597b2f62f7973dfa70c5394809b6a7b49a8442601
a7588ba1e1c37b3f21a7329a198b80f4208ecdce24746c02eb20fc9631b6e4e1
bc4aa17d68efbc030b8cf95b246e83b119b4df205d66e9759451ed90f0dbeb6f
c244651812b48708515d432815f699646fee380f968c7a7fa8c596998656fb53
c6bac76317d34d835f8c088be50da3ea2a918922d70de240ecfcb8b02fd73864
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbc82d614fefd7308ce69390001bab0b53349be1dc7f8cd08ca62e3ec08c480
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9335c84e04d98d3fa67fe43908d5291f15633c8a9d445390f0f19717f1a225
f21f92c797fb55505324dda45826125a9f143825e2502a0251d9968a3aa49735
f6c2d05e50c22cf82b757eafb1202bf9e96eeaa2764b4db2cbefaeff66123b21