trumpnationaldoral.golfems2.com
Open in
urlscan Pro
54.210.55.162
Public Scan
Effective URL: https://trumpnationaldoral.golfems2.com/event/2021-fashion-weekend-trump-national-doral
Submission: On September 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 10th 2020. Valid for: a year.
This is the only time trumpnationaldoral.golfems2.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 91.90.158.185 91.90.158.185 | 41412 (MIVITEC-AS) (MIVITEC-AS) | |
11 | 54.210.55.162 54.210.55.162 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2.16.106.114 2.16.106.114 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 172.217.169.42 172.217.169.42 | 15169 (GOOGLE) (GOOGLE) | |
2 | 185.60.218.24 185.60.218.24 | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 172.217.169.3 172.217.169.3 | 15169 (GOOGLE) (GOOGLE) | |
4 | 192.229.233.25 192.229.233.25 | 15133 (EDGECAST) (EDGECAST) | |
2 | 104.244.42.136 104.244.42.136 | 13414 (TWITTER) (TWITTER) | |
4 | 185.60.218.35 185.60.218.35 | 32934 (FACEBOOK) (FACEBOOK) | |
28 | 9 |
ASN41412 (MIVITEC-AS, DE)
PTR: server47185.mivitec.net
trump.serenata-nethotel.com |
ASN14618 (AMAZON-AES, US)
PTR: gw.us.platform.sh
trumpnationaldoral.golfems2.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-106-114.deploy.static.akamaitechnologies.com
platform.linkedin.com |
ASN15169 (GOOGLE, US)
PTR: lhr48s08-in-f10.1e100.net
fonts.googleapis.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f3.1e100.net
fonts.gstatic.com |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
golfems2.com
trumpnationaldoral.golfems2.com |
120 KB |
6 |
twitter.com
platform.twitter.com syndication.twitter.com |
148 KB |
4 |
facebook.com
www.facebook.com |
149 KB |
3 |
gstatic.com
fonts.gstatic.com |
49 KB |
2 |
facebook.net
connect.facebook.net |
69 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
linkedin.com
platform.linkedin.com |
61 KB |
1 |
serenata-nethotel.com
1 redirects
trump.serenata-nethotel.com |
396 B |
28 | 8 |
Domain | Requested by | |
---|---|---|
11 | trumpnationaldoral.golfems2.com |
trumpnationaldoral.golfems2.com
|
4 | www.facebook.com |
connect.facebook.net
www.facebook.com |
4 | platform.twitter.com |
trumpnationaldoral.golfems2.com
platform.twitter.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | syndication.twitter.com |
platform.twitter.com
|
2 | connect.facebook.net |
trumpnationaldoral.golfems2.com
connect.facebook.net |
1 | fonts.googleapis.com |
trumpnationaldoral.golfems2.com
|
1 | platform.linkedin.com |
trumpnationaldoral.golfems2.com
|
1 | trump.serenata-nethotel.com | 1 redirects |
28 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.freeprivacypolicy.com |
www.golfems.com |
www.golfems2.com |
www.golfemsreg.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.golfems2.com Sectigo RSA Domain Validation Secure Server CA |
2020-10-10 - 2021-10-10 |
a year | crt.sh |
platform.linkedin.com DigiCert SHA2 Secure Server CA |
2020-07-03 - 2022-07-08 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-05 - 2021-11-09 |
a year | crt.sh |
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://trumpnationaldoral.golfems2.com/event/2021-fashion-weekend-trump-national-doral
Frame ID: 94FE026A3B7F906085C5975496742D77
Requests: 21 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Ftrumpnationaldoral.golfems2.com
Frame ID: 644BF55EF5B7CFAD1FF230A5D8E4AE4F
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/v2.4/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a9db151d17fc%26domain%3Dtrumpnationaldoral.golfems2.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftrumpnationaldoral.golfems2.com%252Ff3f82913d6b387%26relation%3Dparent.parent&container_width=134&href=https%3A%2F%2Ftrumpnationaldoral.golfems2.com%2Fevent%2F2021-fashion-weekend-at-trump-national-doral&layout=button&locale=en_US&sdk=joey
Frame ID: 26905D62A4BC62221CB19B62AD8C2C9B
Requests: 4 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: A7C815B25FB61E2307378EDAB998F845
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
2021 Doral Fashion Weekend | Trump National Doral Golf ClubPage URL History Show full URLs
-
https://trump.serenata-nethotel.com/campaignsvc/getlink.aspx?ser-cpgid=a8268601-02bd-41ed-ac82-9c71ffcc768c&ser-...
HTTP 302
https://trumpnationaldoral.golfems2.com/event/2021-fashion-weekend-trump-national-doral Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Linkedin (Widgets) Expand
Detected patterns
- //platform\.linkedin\.com/in\.js
Twitter (Widgets) Expand
Detected patterns
- //platform\.twitter\.com/widgets\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: privacy policy
Search URL Search Domain Scan URL
Title: http://www.golfems.com
Search URL Search Domain Scan URL
Title: http://www.golfems2.com/privacy_policy
Search URL Search Domain Scan URL
Title: http://www.golfems.com/contact
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://trump.serenata-nethotel.com/campaignsvc/getlink.aspx?ser-cpgid=a8268601-02bd-41ed-ac82-9c71ffcc768c&ser-linkid=18958492-8ed2-4344-9233-1237c2174c20
HTTP 302
https://trumpnationaldoral.golfems2.com/event/2021-fashion-weekend-trump-national-doral Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
2021-fashion-weekend-trump-national-doral
trumpnationaldoral.golfems2.com/event/ Redirect Chain
|
41 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__BJ6Ou6QsBRtnFTmxaakamOIS8n4QswDP2XnnZ1sxtaM__NBuvkP6eInGIkb1aJvUHx5PX79XApuxBDkk_77W5tYk__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.css
trumpnationaldoral.golfems2.com/sites/default/files/advagg_css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__dMKcfmgZg7G52MwCZ3xt_K-gaMoF8UTw9O_3iG9TPyQ__4_Xas09pwIZWBMHCXrRR6tY7pY2_VyJ-fpura718iRU__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.css
trumpnationaldoral.golfems2.com/sites/default/files/advagg_css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__UWyDr3Zz7AHeyPl_c-MdUx8mo7FXop7RYox4jhKDmTc__V376c8XkM2pfrS9tDD0SEw_97jpxxyGLD0tuCiJ-7ro__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.css
trumpnationaldoral.golfems2.com/sites/default/files/advagg_css/ |
2 KB 904 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__FXxkvTuwn_eUtLoQXO6VoZSd4oY_kLL-V42woIF2t1s__pfJtVwf9WELT-SOxRXGp6IbjrF2tQHRWNUeZUF2MCcI__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.css
trumpnationaldoral.golfems2.com/sites/default/files/advagg_css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__DnTMIgbAbFyrXbpapqB1rbLN0q5Y04q4zrcW1vXLyGI__zQ0RWrHxFTDdLtm5HhgI_S5MxEO1WWRau54OA28KnEU__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.js
trumpnationaldoral.golfems2.com/sites/default/files/advagg_js/ |
131 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__7I7ss42ZQXV4bOP8qD8RIGlIEn3d1Bw0FPasu11UVMU__jjFFApoOFetYaSMrt1LmlmJ9Zcmt7MpVbZPh_d65xPc__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.js
trumpnationaldoral.golfems2.com/sites/default/files/advagg_js/ |
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__X9QTmQr2uZ_Ezjz_4bQ7zMoBXlAnxdK6ke8ayioflAo__0A7IsUe6YvSRj51-4zFdXx_MtwQWuaOrOjCl9xK-W4o__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.js
trumpnationaldoral.golfems2.com/sites/default/files/advagg_js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__QjRVNgi9lkPtImFg3m_xcHhUX0ajGBnHQ1IooFePPjg__nA4QqEfcbcdhNKFfqTdMiYp3qORkioxtFqm3iOu96gU__3j3D6e1kazsHmaYxuxr5mmiHu7aGer1d7TE7p8BqXP8.js
trumpnationaldoral.golfems2.com/sites/default/files/advagg_js/ |
2 KB 908 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TND_Logo_Charcoal.jpg
trumpnationaldoral.golfems2.com/sites/default/files/styles/large/public/logo/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in.js
platform.linkedin.com/ |
201 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trumpnationaldorallogoadvert.png
trumpnationaldoral.golfems2.com/sites/default/files/styles/large/public/ads/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 644B |
319 KB 103 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
227 KB 67 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame 644B |
232 B 432 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share_button.php
www.facebook.com/v2.4/plugins/ Frame 2690 |
43 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame A7C8 |
32 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame A7C8 |
822 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jot
syndication.twitter.com/i/ |
43 B 375 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 2690 |
388 B 439 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
__AFAl7zPyC.js
www.facebook.com/rsrc.php/v3iEpO4/y9/l/en_US/ Frame 2690 |
513 KB 134 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cavalry_endpoint.php
www.facebook.com/common/ Frame 2690 |
67 B 98 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| Drupal undefined| $ function| jQuery object| jQuery17206779088295067877 function| fbAsyncInit object| __core-js_shared__ object| Sslac object| IN object| __twttrll object| twttr object| __twttr object| FB3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
trump.serenata-nethotel.com/ | Name: ASP.NET_SessionId Value: 3myc0bht42bpmhvgbr32dbah |
|
.trumpnationaldoral.golfems2.com/ | Name: SSESS16cc57bbb56f073b969d8bfe746e7ea0 Value: FES3zOouco5AnDJROU1OsaCPEkv6TipxN_J0UVcVuY8 |
|
trumpnationaldoral.golfems2.com/ | Name: has_js Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
platform.linkedin.com
platform.twitter.com
syndication.twitter.com
trump.serenata-nethotel.com
trumpnationaldoral.golfems2.com
www.facebook.com
104.244.42.136
172.217.169.3
172.217.169.42
185.60.218.24
185.60.218.35
192.229.233.25
2.16.106.114
54.210.55.162
91.90.158.185
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639
07c15f926bf8fd5009123323bbbb9417669f5cc8744d43e75ac034721dd5e8ea
0a836bb50b39d7c2a925c22826ae9452624909ad0cc260776b52e90f08e0d9a5
1ade44855aea3dae78b47f39d5442fd06d245d7b5e2b8e64315075eaf8d1a569
2ae26db9169e33508f655119e0807b688f82c5d07dee9706c99de272ed71e833
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
4782d4c207c93894c62fcfc61ffd3344443ec95adcb7f00006b98ca113c213c0
5151fc8453cdd0bbfa185d8a6fd67999f2fb02f7cfbcab976882c6dacd9332b5
580178702cea08fcdd0dc3174969532d4bfe04488eb8e062ac197121e9cf6ef5
6357f1167557f8f858d4efd7b5af931694dc8163d8bb8d5280a097792fade701
6865059d04435a062033608cc3c8314137fa72945df9af15ff932f707aeefae6
6da6ac5fe40e1ba8bc1ba7733df97854f9143dfcfe04a8c42942da1bbe31915b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7ea53831ccb5e89e73635668a1f66b1a8d20eb721b4873073c7377030f6220a0
8a82a079eb181dc775244ec432a328c418d8c207e4d359450d028e9f93c13659
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7192363e7a1fb56ff833e579d8579a8d160d63297251d05ef97045f4c2f6e38
cc3e8a62a3d7d4c8d25006fe4400f3a4a6a4bfa5e5753bbf9ecdcaadbe0e0146
cda5af55e341e328acab52936cfea9cf0a03a56e6773617f3aafb1a8395e9c24
dd45b574b5e8ea914beb1e43d154cad4f63e14b1e902e164d3a57ee3b072b7be
e27eef60fabcc61a150e8d530a247f7fb2a282a9e8523f158769014532488f00
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c