offer.trumplighters.com
Open in
urlscan Pro
172.67.131.253
Public Scan
Effective URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&...
Submission: On July 16 via manual from SG — Scanned from GB
Summary
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.
This is the only time offer.trumplighters.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 18.171.154.30 18.171.154.30 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 35.190.39.198 35.190.39.198 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 72.167.211.14 72.167.211.14 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
26 | 172.67.131.253 172.67.131.253 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.32.110.52 13.32.110.52 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 108.156.2.48 108.156.2.48 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.171.240.112 54.171.240.112 | 16509 (AMAZON-02) (AMAZON-02) | |
33 | 7 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-154-30.eu-west-2.compute.amazonaws.com
18.171.154.30 |
ASN15169 (GOOGLE, US)
PTR: 198.39.190.35.bc.googleusercontent.com
www.y6hjvtrk.com |
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 14.211.167.72.host.secureserver.net
www.toastyheat.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-52.vie50.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-48.mxp63.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-240-112.eu-west-1.compute.amazonaws.com
content.hotjar.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
trumplighters.com
offer.trumplighters.com |
1 MB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017 |
60 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
173 KB |
2 |
y6hjvtrk.com
1 redirects
www.y6hjvtrk.com |
10 KB |
1 |
hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904 |
171 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123 |
|
1 |
toastyheat.com
1 redirects
www.toastyheat.com |
290 B |
33 | 7 |
Domain | Requested by | |
---|---|---|
26 | offer.trumplighters.com |
offer.trumplighters.com
|
2 | www.googletagmanager.com |
offer.trumplighters.com
www.googletagmanager.com |
2 | www.y6hjvtrk.com |
1 redirects
www.googletagmanager.com
|
1 | content.hotjar.io |
script.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.toastyheat.com | 1 redirects |
33 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
electriclighters.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
trumplighters.com GTS CA 1P5 |
2024-06-03 - 2024-09-01 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.hotjar.com Amazon RSA 2048 M03 |
2024-05-22 - 2025-06-20 |
a year | crt.sh |
y6hjvtrk.com Starfield Secure Certificate Authority - G2 |
2024-04-26 - 2025-05-28 |
a year | crt.sh |
*.hotjar.io Amazon ECDSA 256 M02 |
2024-01-31 - 2025-03-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Frame ID: 63CBC78BF2CA734B4B2619CF38E29A73
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
Trump LighterPage URL History Show full URLs
-
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs
HTTP 307
https://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 307
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 302
https://www.y6hjvtrk.com/4XKLCJ/363TCP/?sub1=Lighsfdfsgreen HTTP 302
https://www.toastyheat.com/trump.php?sub1=Lighsfdfsgreen&clickid=21a752e8e3bf4ef6b1b2168aee1bc79f&aff=8... HTTP 302
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs
HTTP 307
https://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 307
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 302
https://www.y6hjvtrk.com/4XKLCJ/363TCP/?sub1=Lighsfdfsgreen HTTP 302
https://www.toastyheat.com/trump.php?sub1=Lighsfdfsgreen&clickid=21a752e8e3bf4ef6b1b2168aee1bc79f&aff=87&utm_source=87-Lighsfdfsgreen&utm_content=44&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f HTTP 302
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
pre5
offer.trumplighters.com/trump/en/us/ Redirect Chain
|
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style-pre1.css
offer.trumplighters.com/trump/en/us/css/pre/ |
37 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
offer.trumplighters.com/trump/en/us/img/pre/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
author-img.png
offer.trumplighters.com/trump/en/us/img/pre/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Rectangle%2036.jpg
offer.trumplighters.com/trump/en/us/img/pre/ |
38 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Rectangle%2054.jpg
offer.trumplighters.com/trump/en/us/img/pre/ |
91 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Group%20248.png
offer.trumplighters.com/trump/en/us/img/pre/ |
152 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
right-img3.jpg
offer.trumplighters.com/trump/en/us/img/pre/ |
129 KB 130 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cut-icn.png
offer.trumplighters.com/trump/en/us/img/pre/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
yello-bdr-tick.png
offer.trumplighters.com/trump/en/us/img/pre/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Group%20253.png
offer.trumplighters.com/trump/en/us/img/pre/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s7-card-1.png
offer.trumplighters.com/trump/en/us/img/pre/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Group%20250.png
offer.trumplighters.com/trump/en/us/img/pre/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
btn-arw.png
offer.trumplighters.com/trump/en/us/img/pre/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LogoF.png
offer.trumplighters.com/trump/en/us/img/pre/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
offer.trumplighters.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.6.0.min.js
offer.trumplighters.com/trump/en/us/js/pre/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.sticky.js
offer.trumplighters.com/trump/en/us/js/pre/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
campaign.js
offer.trumplighters.com/trump/en/us/js/pre/ |
24 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
200 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Group%20255.png
offer.trumplighters.com/trump/en/us/img/pre/ |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Group%20249.png
offer.trumplighters.com/trump/en/us/img/pre/ |
217 KB 218 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.ttf
offer.trumplighters.com/trump/en/us/css/pre/ |
303 KB 140 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Monarcha%20W01%20Regular.woff2
offer.trumplighters.com/trump/en/us/css/pre/ |
20 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Bold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ |
309 KB 151 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Semibold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ |
309 KB 150 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
307 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3644136.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
everflow.js
www.y6hjvtrk.com/scripts/sdk/ |
31 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ |
223 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
content.hotjar.io/ |
56 B 171 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.png
offer.trumplighters.com/trump/en/us/img/pre/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| getDate object| dataLayer object| year function| $ function| jQuery object| path string| campaignPath string| base object| url function| stickycall object| $elem object| $window number| docViewBottom number| elemTop number| elemBottom object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| gaGlobal object| EF object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.y6hjvtrk.com/ | Name: uniqueClick_363TCP Value: 0fd07214-44b9-4cde-a6bb-81b5f841e9ff:1721139710 |
|
www.y6hjvtrk.com/ | Name: transaction_id Value: 21a752e8e3bf4ef6b1b2168aee1bc79f |
|
www.toastyheat.com/ | Name: link Value: 1 |
|
.trumplighters.com/ | Name: _ga_05H6BTS6HK Value: GS1.1.1721139711.1.0.1721139711.0.0.0 |
|
.trumplighters.com/ | Name: _ga Value: GA1.1.1537683360.1721139712 |
|
.trumplighters.com/ | Name: _hjSessionUser_3644136 Value: eyJpZCI6Ijg5NDU5YjJkLWNkZWItNTY0Mi1hNzcwLThlNzYwZDliZWMzYSIsImNyZWF0ZWQiOjE3MjExMzk3MTIyMjMsImV4aXN0aW5nIjp0cnVlfQ== |
|
.trumplighters.com/ | Name: _hjSession_3644136 Value: eyJpZCI6ImQ4MmY4OWQwLTY1N2ItNDJlNi1iMjFkLTk1ODRiZGI4OTI5ZCIsImMiOjE3MjExMzk3MTIyMjUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
content.hotjar.io
offer.trumplighters.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
www.googletagmanager.com
www.toastyheat.com
www.y6hjvtrk.com
108.156.2.48
13.32.110.52
172.67.131.253
18.171.154.30
2001:4860:4802:34::36
2a00:1450:4001:80f::2008
35.190.39.198
54.171.240.112
72.167.211.14
141f24bf9703b1b49f957c61f2d77cf5d3dcfe32b0145a7fd1a2750576a679f6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b43226bd2cdc442af79b9185e075cdbae727bcf5ba10c02984a7ae412e102b
2cf7833ee174c4af5765d79030bd45b759e7c1d47799e4062b8ad64cf7b3d581
2f364f10c2ee55cda4e6279af70d8059f7571277c8971649c4a56b2320d508f3
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32
4ae01720dd802bf5224efe3f6f44380d324dc049fdacb2754eb403c34e492273
53a8318a4b95a737f39f6bbdacf9b47140b6acc336054bf3a9731f34e96f583f
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
627483e2cdfe6ea853aed8560860b80dcedfae93bd2e85f8c8c4d2c3cfee823c
6318f5d803ae122c3f43a480a870cc8fa6dc0b18198506b95dfb4a3b2b2351d3
76f1f6526cb7d13d927dd098ab11b373d670c5bfe824d3afcb2b9c132ec25583
7b691dd6aecaa3ece62e9afd6bdb265a918dfc12cb9e8ad2b24a1e0726ee650d
7e7025d14707d0ec3d7393c317156e9555f4060c3ac9bbc9062d496e08a041e0
80719a42369ea2110924a3ecac928482f367e73e3c66d50ef2342d452d49015b
89b0dcd07eedfa41cdb14251251d2289ba92f478ca9383975135221c6ad2964e
8ce6db5e52a303b321fa5f07a6ff4b8d3c030a815234150b8622bd820bbdc39b
a538fdf41aff5cb1c6c89d3ce52bac81d0b42e4116feea7b14d21036fa2195c5
a5fe27ff2b556e8095461b4e1fd4207a03cef3097fd20f5fe3c5ed99a563271f
af43b4c9ff0572b4fed1935a9bde8986d0adb73484dca46a5489e337b866e30d
b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65
b4d781b20d03091203589da1c2e8871f79f04f858ce95311c3977645cbd34731
beefc344e4a6c4a5e667bb68de613543765c946d454b8c5dc78997a5e47764c4
c9ea17f3b92f547393274b661ed542513d53e8a8e95da34aa92ae11e2744f5bb
cb578811acec354d0efcf56fdd812405b5ef15dbc45f6b306294947bd67e2a1c
cbf6ba2b04ebea1f8b07edb4267779c5170b0cfaba01075372d7ee2522ece9ee
cfb127f31cb64bbf68d03d747caa6e5c94c139f37c0b4c538f706ba7e0626e93
ec9c252a62d8ad0711306d5d0d2261cb1a52f7ce7454c6c46691598146a7e4e1
f14094f640c5cd971656c6e59efdbdcc7bf4468a78ae4decd012bed0bd49d777
fa12c82c086b1e0aab0944417ac77add7f2cefa828940637f686cd29ff7a899c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e