bhfr.happyfeed.net
Open in
urlscan Pro
34.102.249.222
Public Scan
Submitted URL: http://oogle.ca/
Effective URL: https://bhfr.happyfeed.net/psh/sw.js?cb=289772203328021ball3v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1&ex=b2100
Submission: On June 01 via manual from CL
Effective URL: https://bhfr.happyfeed.net/psh/sw.js?cb=289772203328021ball3v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1&ex=b2100
Submission: On June 01 via manual from CL
Summary
This website contacted 8 IPs
in 6 countries
across 13 domains to perform 13 HTTP transactions.
The main IP is 34.102.249.222, located in
United States and
belongs to GOOGLE, US.
The main domain is bhfr.happyfeed.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 4th 2020. Valid for: 3 months.
This is the only time bhfr.happyfeed.net was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on April 4th 2020. Valid for: 3 months.
This is the only time bhfr.happyfeed.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 95.211.219.65 95.211.219.65 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
| 1 1 | 151.106.5.168 151.106.5.168 | 29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH) | |
| 1 1 | 159.89.225.89 159.89.225.89 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 3 | 107.178.249.212 107.178.249.212 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 35.201.123.4 35.201.123.4 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 34.102.249.222 34.102.249.222 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 130.211.12.92 130.211.12.92 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 173.192.101.24 173.192.101.24 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 2 | 94.31.29.131 94.31.29.131 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
| 2 2 | 104.27.150.219 104.27.150.219 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 149.6.163.10 149.6.163.10 | 174 (COGENT-174) (COGENT-174) | |
| 2 | 149.11.201.98 149.11.201.98 | 174 (COGENT-174) (COGENT-174) | |
| 13 | 8 |
3
107.178.249.212
(United States)
ASN15169 (GOOGLE, US)
PTR: 212.249.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 212.249.178.107.bc.googleusercontent.com
| rdr.rtbravo.com |
2
35.201.123.4
(Ascension Island)
ASN15169 (GOOGLE, US)
PTR: 4.123.201.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 4.123.201.35.bc.googleusercontent.com
| ok.plsnotifyme.com | |
| imp.plsnotifyme.com |
1
34.102.249.222
(United States)
ASN15169 (GOOGLE, US)
PTR: 222.249.102.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 222.249.102.34.bc.googleusercontent.com
| bhfr.happyfeed.net |
2
130.211.12.92
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 92.12.211.130.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 92.12.211.130.bc.googleusercontent.com
| get.securedcdn.com |
1
173.192.101.24
(Dallas, United States)
ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
| ngp4.intnotif.club |
2
94.31.29.131
(United Kingdom)
ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.131.IPYX-077437-ZYO.above.net
ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.131.IPYX-077437-ZYO.above.net
| www.ssaimg.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
rtbravo.com
rdr.rtbravo.com |
5 KB |
| 2 |
adx1.com
cdn.adx1.com |
67 KB |
| 2 |
routemob.com
2 redirects
r.routemob.com |
567 B |
| 2 |
ssaimg.com
www.ssaimg.com |
26 KB |
| 2 |
securedcdn.com
get.securedcdn.com |
18 KB |
| 2 |
gstatic.com
www.gstatic.com |
22 KB |
| 2 |
plsnotifyme.com
1 redirects
ok.plsnotifyme.com imp.plsnotifyme.com |
2 KB |
| 1 |
4armn.com
1 redirects
rtb.4armn.com |
107 B |
| 1 |
intnotif.club
1 redirects
ngp4.intnotif.club |
183 B |
| 1 |
happyfeed.net
bhfr.happyfeed.net |
795 B |
| 1 |
torromi.com
1 redirects
clicks.torromi.com |
397 B |
| 1 |
gaooool.com
1 redirects
gaooool.com |
1 KB |
| 1 |
oogle.ca
1 redirects
oogle.ca |
344 B |
| 13 | 13 |
| Domain | Requested by | |
|---|---|---|
| 3 | rdr.rtbravo.com |
rdr.rtbravo.com
bhfr.happyfeed.net |
| 2 | cdn.adx1.com |
bhfr.happyfeed.net
|
| 2 | r.routemob.com | 2 redirects |
| 2 | www.ssaimg.com |
bhfr.happyfeed.net
|
| 2 | get.securedcdn.com |
bhfr.happyfeed.net
|
| 2 | www.gstatic.com |
bhfr.happyfeed.net
|
| 1 | rtb.4armn.com | 1 redirects |
| 1 | ngp4.intnotif.club | 1 redirects |
| 1 | imp.plsnotifyme.com |
get.securedcdn.com
|
| 1 | bhfr.happyfeed.net |
rdr.rtbravo.com
|
| 1 | ok.plsnotifyme.com | 1 redirects |
| 1 | clicks.torromi.com | 1 redirects |
| 1 | gaooool.com | 1 redirects |
| 1 | oogle.ca | 1 redirects |
| 13 | 14 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| rtbravo.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
| happyfeed.net Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
| securedcdn.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
| plsnotifyme.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
| www.ssaimg.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-12 - 2022-04-14 |
2 years | crt.sh |
| *.adx1.com Let's Encrypt Authority X3 |
2020-04-22 - 2020-07-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bhfr.happyfeed.net/psh/sw.js?cb=289772203328021ball3v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1&ex=b2100
Frame ID: 88CE3BD215B3B30ABFA0DA58B28B4017
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://oogle.ca/
HTTP 302
http://gaooool.com/ HTTP 302
http://clicks.torromi.com/feed/click/?t1=128&tid=45&uid=26&subid=gaooool.com&id=4333dc1012380e07fe9cca... HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1 Page URL
-
https://ok.plsnotifyme.com/lp?i=v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1&s=77372840eb15e8ac35ccee74ea...
HTTP 302
https://bhfr.happyfeed.net/psh/sw.js?cb=289772203328021ball3v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1&... Page URL
Detected technologies
Ubuntu
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Ubuntu/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Cloud
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /^1\.1 google$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://oogle.ca/
HTTP 302
http://gaooool.com/ HTTP 302
http://clicks.torromi.com/feed/click/?t1=128&tid=45&uid=26&subid=gaooool.com&id=4333dc1012380e07fe9cca1047feea65:75ac035941593b8f16a734220ae17b029f750625fb20674d3bd2fa7a66bdb4e29f85ae5f9062f98d5c2b64e0a71154d916dfda07ddb563cdfeb0a15d3a763f31466cca4e8369180e4c2655dc6f2640820aaa2e760345ec1964864a5c00faef1815a2eee3836e07db822ba2e4883c295f17d6cac73b5171bae5566e093dc7891a014aade07c96ba361a61a6f9f12fd01c650851a8988ecb6ee4602372c19541bcdfaf3d1d0c164dcbb91a6d0e94f2faf39d6447688698f0f0286f5ea9104341a1524597dcee27b58313dd7f5a4566174f7ca389e01a7e886eb54e99c16a68edfb673cee8b0e959754ea0b18c2d5ccf0eb0d28a25b879c4e35d1fa25c2b80e32e9a085e98f537eff0b1ba078325bdae609cc6760196b68ce4d4ab5fb53211902243155c645675915f1403b7f96c8be3d832aed642bc258fc159b6ae7c90eeacc0e3b8b70de993664f53791fc7a21910cf2 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1 Page URL
-
https://ok.plsnotifyme.com/lp?i=v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1&s=77372840eb15e8ac35ccee74eac515ca0d97e38603bec191d093c3eeac44c06bce25ee8a0e224fec0d4c06&ex=b2100&d=-
HTTP 302
https://bhfr.happyfeed.net/psh/sw.js?cb=289772203328021ball3v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1&ex=b2100 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://oogle.ca/ HTTP 302
- http://gaooool.com/ HTTP 302
- http://clicks.torromi.com/feed/click/?t1=128&tid=45&uid=26&subid=gaooool.com&id=4333dc1012380e07fe9cca1047feea65:75ac035941593b8f16a734220ae17b029f750625fb20674d3bd2fa7a66bdb4e29f85ae5f9062f98d5c2b64e0a71154d916dfda07ddb563cdfeb0a15d3a763f31466cca4e8369180e4c2655dc6f2640820aaa2e760345ec1964864a5c00faef1815a2eee3836e07db822ba2e4883c295f17d6cac73b5171bae5566e093dc7891a014aade07c96ba361a61a6f9f12fd01c650851a8988ecb6ee4602372c19541bcdfaf3d1d0c164dcbb91a6d0e94f2faf39d6447688698f0f0286f5ea9104341a1524597dcee27b58313dd7f5a4566174f7ca389e01a7e886eb54e99c16a68edfb673cee8b0e959754ea0b18c2d5ccf0eb0d28a25b879c4e35d1fa25c2b80e32e9a085e98f537eff0b1ba078325bdae609cc6760196b68ce4d4ab5fb53211902243155c645675915f1403b7f96c8be3d832aed642bc258fc159b6ae7c90eeacc0e3b8b70de993664f53791fc7a21910cf2 HTTP 302
- https://rdr.rtbravo.com/brdr/p?i=v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1
- https://ngp4.intnotif.club/adServe/wpnFeed/getImage?ai=Kk8P_bEZeii5M5R6UdHX9Vt248FJq917Hy1WQF77YQpRzGsvFJY4ACsG-0QWMzx8OSyFxh7JZYD6NR20cvM6B1XV82hH0pMZvpbB1AYSvIhR2Jwpmm5epwZrH5-o5_wyZ7hxM3QAcBB7EetW1Eoc51AK5WAEfm3hFE7CJWycfDKWALRedlgRGTHu0s1buYCD1QXPTn46XspQRBH-cS7QlG14cNIC2_RNxN0N07iGLNBLw0KPhCwp4O-oB7nxY-J_9C4Iuhn3UDIubCrkqvdgH6A142L3M2bs_00SXMy2QRmwt-2983MgB577nE8O3LTnF7IaB3-umUE35Z0yMYQta2SwF7vZlya1YH2MnJN7fneookvNMAiPx4R7df6brEBe74iacnLZzhsTEaHG6E4JkRBK6203UswDy_fATf2gOS3SIncIzMkTlDM5CbZSuUcBfpzs82Cg_rAD36bM7Wrgh0JMfXbNyJhS6gMRT38oej4 HTTP 302
- https://www.ssaimg.com/~w73yJ3ho4sg/f57912c5fa37a77bf27ab90f82020a07a249b8c5b973fdae998fb70122a6002e.jpeg
- https://r.routemob.com/ix/ic/EJ0toDoRtm6dlLVMwPuBiQc-SpMsfsdRVymrmML8jsWvplJ33fzR6lgtBcyZPIesPgDiQP4aT6eK89JSwJ_eiOn3pVh7VfNm631x89AG5AWGSM0288-le8pkQLDFn4tUTo8-wCqO9fu8QLfvjlg31YbTYRvIST5ogdD7AuuuNjcvsidfwEitrbX1fVCE4kZ5bmS1_Ccp1iMJygn30KtEP7WGpbw873qduicklC7LrCqt_WytTM53Q1ptMSyPpBiQ9TlvnbgPgld27V0AHxE6HR2oCvPmuekBcdFL4R-1zkaA2iMb6otxY8hxSyK2wp_5SHtN_HDHMKi-SSlhrIev07jGXTAtAkHlJIqvBFNzc95RGaltlER2xI4_GZzQc-h4b6U2VmzRz_I2_JUNmsH3HRg1yzeiYwKY2hwjyXyeLVT6ZdtNEsBaQ75zy8M5U-CJUEtUwUBkYEn6k218rvoqPWxZTQ5_9NWPkCJ5n93pt0S45A HTTP 302
- https://rtb.4armn.com/metrics/save.img?event=impressions&bid_id=3773-3773-7-bfe69c0f-03b5-4909-cb46-1254668cf6a8&img=https%3A%2F%2Fcdn.adx1.com%2Ff599b0c8640f21a0f38d576ba8be7691.png HTTP 302
- https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png
- https://r.routemob.com/ix/im/EJfbM5y97kBGMDNlHpnmVDeKpQjTzNmzT5Pa5RkYdiM_pChHjzNILyIIU64qUZo43xvJgy-sdB-BDGJnqBJwwgbdYuZ5B9qBEKvn9sVaBZrC-blw3WmasYXbX00j3YvL--5GtXeQC-ta8PnoQ1t9b8-IOCqd6D6X0StEDKb0m6nu-mj_QdaQqX10QDPdXC0mgVq8WMwqu1hKG5xnXXmRo8pe-an0McVGBTjkj7GEuZRVrUsMgACmCoXCPcQbjuMZIrJwjgUNAcbMLK_K0HlJbXAOP63nvmVSvCvHJ3Gn-KgmUAmQFO94oeqAZ2E0B3UP4jHqDw HTTP 302
- https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
p
rdr.rtbravo.com/brdr/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
515 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oij23rewlnkads
rdr.rtbravo.com/brdr/ |
186 B 297 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
sw.js
bhfr.happyfeed.net/psh/ Redirect Chain
|
672 B 795 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/5.5.7/ |
34 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.7/ |
35 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
imp
get.securedcdn.com/lp/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signup
get.securedcdn.com/sub/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get
imp.plsnotifyme.com/feed/ |
2 KB 2 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f57912c5fa37a77bf27ab90f82020a07a249b8c5b973fdae998fb70122a6002e.jpeg
www.ssaimg.com/~w73yJ3ho4sg/ Redirect Chain
|
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c5672167cb0d1143fead655b07a56c9606ad0a618d5f86958a49674e8cee57a1.jpeg
www.ssaimg.com/~w73yJ3ho4sg/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f599b0c8640f21a0f38d576ba8be7691.png
cdn.adx1.com/ Redirect Chain
|
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
47f3a96a7754114f456a4843fd3691aa.jpg
cdn.adx1.com/ Redirect Chain
|
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conv
rdr.rtbravo.com/brdr/ |
0 0 |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| core object| __core-js_shared__ object| firebase object| _0x309a function| _0x22d5 string| impurl string| lpt boolean| dc string| tmpuid string| dt number| imm number| immg string| cur_hostname object| host_parts function| setc function| getc function| delc object| bimgs function| rem function| go function| _0x3ba446 string| uuid string| rr_p string| os function| bba function| cb boolean| ismobile function| isfcs function| makeid function| parseQuery object| scripts object| myScript string| queryString object| params string| aprm boolean| ex function| getCookie function| setCookie function| getParameterByName string| vidid string| cacheb object| cbparts function| inIframe object| isfcs_intvl undefined| start_nfcs function| handle_uids function| rr object| config number| tt1 string| uidl1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .happyfeed.net/ | Name: uidsv3 Value: v2q2fwwk0p2eov0z763xocjjdowowymp9kqisj7qh1^1591035742 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bhfr.happyfeed.net
cdn.adx1.com
clicks.torromi.com
gaooool.com
get.securedcdn.com
imp.plsnotifyme.com
ngp4.intnotif.club
ok.plsnotifyme.com
oogle.ca
r.routemob.com
rdr.rtbravo.com
rtb.4armn.com
www.gstatic.com
www.ssaimg.com
104.27.150.219
107.178.249.212
130.211.12.92
149.11.201.98
149.6.163.10
151.106.5.168
159.89.225.89
173.192.101.24
2a00:1450:4001:809::2003
34.102.249.222
35.201.123.4
94.31.29.131
95.211.219.65
4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
6e3966ad7b09050b2331d4785980884f11eb5cc57fc46e70d3b029dd89f810c9
8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc
9b1d21a9ae655fc7774aabb7d0e5a0b9296d7508be3127fd9c63346f2bb3e5f7
c5672167cb0d1143fead655b07a56c9606ad0a618d5f86958a49674e8cee57a1
d11ec8e770ecde723a7efebc9372ef9cfc8f3b947b727395d66503b56f00f860
d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45
e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f
e280a986dec023767e9780260764ea473ed2557d0a5e56209a1dd0a83ecb3982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4f052fbb71b9aeb789d96039039c5c7bc800fb4de85750b45f8902600ae328c
f57912c5fa37a77bf27ab90f82020a07a249b8c5b973fdae998fb70122a6002e