gg.bet
Open in
urlscan Pro
2a07:180:4a1:2cac:8e76:43ad:29a3:e828
Public Scan
Effective URL: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&a...
Submission: On August 11 via manual from US — Scanned from GB
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2023. Valid for: a year.
This is the only time gg.bet was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20773 (GODADDY, DE)
PTR: redirects.123-reg.co.uk
www.rocketleaguebetting.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
sat.ugabartint.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
sat.crwds.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
gg.bet |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
gg.bet
gg.bet — Cisco Umbrella Rank: 692109 Failed |
74 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069 |
21 KB |
4 |
coffee2play.com
1 redirects
coffee2play.com |
67 KB |
3 |
ugabartint.net
sat.ugabartint.net p.ugabartint.net |
43 KB |
2 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6372 |
10 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65 |
130 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 114 |
346 B |
1 |
exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 78774 |
962 B |
1 |
crwds.net
sat.crwds.net |
674 B |
1 |
ggbetpromo.com
1 redirects
ggbetpromo.com |
539 B |
1 |
rocketleaguebetting.com
1 redirects
www.rocketleaguebetting.com |
216 B |
0 |
ggbets1.net
Failed
ggbets1.net Failed |
|
0 |
gbett1.net
Failed
gbett1.net Failed |
|
27 | 13 |
Domain | Requested by | |
---|---|---|
6 | gg.bet |
coffee2play.com
gg.bet |
4 | coffee2play.com |
1 redirects
coffee2play.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | challenges.cloudflare.com |
gg.bet
challenges.cloudflare.com |
2 | www.googletagmanager.com |
coffee2play.com
www.google-analytics.com |
2 | sat.ugabartint.net |
coffee2play.com
sat.ugabartint.net |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | a.exoclick.com |
www.googletagmanager.com
|
1 | sat.crwds.net |
coffee2play.com
|
1 | p.ugabartint.net |
coffee2play.com
|
1 | ggbetpromo.com | 1 redirects |
1 | www.rocketleaguebetting.com | 1 redirects |
0 | ggbets1.net Failed |
coffee2play.com
|
0 | gbett1.net Failed |
coffee2play.com
|
27 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cloudflare.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
coffee2play.com GTS CA 1P5 |
2023-07-16 - 2023-10-14 |
3 months | crt.sh |
sat.ugabartint.net Cloudflare Inc ECC CA-3 |
2022-10-23 - 2023-10-23 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
p.rokeente.net R3 |
2023-07-02 - 2023-09-30 |
3 months | crt.sh |
sat.crwds.net Cloudflare Inc ECC CA-3 |
2022-10-02 - 2023-10-02 |
a year | crt.sh |
*.exoclick.com Go Daddy Secure Certificate Authority - G2 |
2022-08-03 - 2023-09-04 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
gg.bet Cloudflare Inc ECC CA-3 |
2023-07-13 - 2024-07-12 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Frame ID: F9243015FC2BB694A5DF2F842BC12CA0
Requests: 27 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kzucw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 6D4065608BF39618A6A901BB6EE702EC
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Just a moment...Page URL History Show full URLs
-
http://www.rocketleaguebetting.com/
HTTP 302
https://ggbetpromo.com/l/58d03af67fb3bcf99ee6cc00 HTTP 302
https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw== Page URL
-
https://coffee2play.com/away.php?visitorId=64d6a4601a46cf64f400ab7f&duration=3&reason=blind&to=aHR0c...
HTTP 302
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf5167... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Cloudflare
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.rocketleaguebetting.com/
HTTP 302
https://ggbetpromo.com/l/58d03af67fb3bcf99ee6cc00 HTTP 302
https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw== Page URL
-
https://coffee2play.com/away.php?visitorId=64d6a4601a46cf64f400ab7f&duration=3&reason=blind&to=aHR0cHM6Ly9nZy5iZXQvZXNwb3J0cz9yZWY9Z2dfdzIwNDczYzI3ODI4bDEwMzhnZ2JwMTc5XyZhZmZkYXRhJTVCc3ViZGF0YSU1RD04MDI5ODE3NWJmNTE2NzFhNmFjY2I2Nzg4NmI4NTNmMyZhZmZkYXRhJTVCZ2VvJTVEPWdiJmFmZmRhdGElNUJyb3RhdG9yJTVEPTI3ODI4JmFmZmRhdGElNUJsYW5kaW5nJTVEPTEwMzg%3D
HTTP 302
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.rocketleaguebetting.com/ HTTP 302
- https://ggbetpromo.com/l/58d03af67fb3bcf99ee6cc00 HTTP 302
- https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
coffee2play.com/ Redirect Chain
|
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/ |
125 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
001.gif
coffee2play.com/static/template/60/img/ |
61 KB 61 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
blank.gif
gbett1.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
blank.gif
ggbets1.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
blank.gif
gg.bet/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
129 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ping.php
p.ugabartint.net/ |
0 200 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
80298175bf51671a6accb67886b853f3.jpg
sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/ |
0 674 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag_gen.js
a.exoclick.com/ |
899 B 962 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
80298175bf51671a6accb67886b853f3
sat.ugabartint.net/ie/js/ |
12 B 228 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 222 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 132 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 346 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
231 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
update_statistic.php
coffee2play.com/ |
0 482 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
esports
gg.bet/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
challenges.css
gg.bet/cdn-cgi/styles/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
gg.bet/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ |
165 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/b/7186c00a/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
gg.bet/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
586 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
13a2f714-7404-4ac8-8009-511f56fd77d8
https://gg.bet/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8a36a8de9f948d7
gg.bet/cdn-cgi/challenge-platform/h/b/flow/ov1/1474653369:1691784477:77cD88BC1W9sZhKaSdHxVxJ1gVQJsQNecvi4aq-f3Jo/7f537b0feb7add1f/ |
10 KB 7 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kzucw/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 6D40 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8a36a8de9f948d7
gg.bet/cdn-cgi/challenge-platform/h/b/flow/ov1/1474653369:1691784477:77cD88BC1W9sZhKaSdHxVxJ1gVQJsQNecvi4aq-f3Jo/7f537b0feb7add1f/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gbett1.net
- URL
- https://gbett1.net/blank.gif?1691788384364
- Domain
- ggbets1.net
- URL
- https://ggbets1.net/blank.gif?1691788384364
- Domain
- gg.bet
- URL
- https://gg.bet/blank.gif?1691788384364
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| _cf_chl_opt function| qrlPxtxRzK function| JYZask7 function| ns7 function| MeVM1 function| ML8 object| WsG9 function| zE2 boolean| izk5 function| BrlrPo2 object| OEru7 object| turnstile boolean| rfLBs0 string| tNxrK711 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
coffee2play.com/ | Name: visitca13d75b95fad69effaf2984081eb0a3 Value: 1 |
|
.gbett1.net/ | Name: __cf_bm Value: 7iTc7uN.VwmMKoFABxGpJdQD4brT_WpksG5WbKLbl7Q-1691788384-0-ATTWb+lII5O6zy0dMvYm0uYqM5qsgBUeR2K5dOC+ZqXj4psTQikamjMqFvO7nOUbZJ43WWFEVExN5ev3UixjxJY= |
|
.ggbets1.net/ | Name: __cf_bm Value: 0YTuxunbPF4.O_Jm4CkuXJfGmz.BZKWbgxTDtj7TJdY-1691788384-0-AeEoNGZ7+H0PxGwKZc/L5b5+XSbvFKII30WFoYZ74A5STtj5TJSnsR6lma+qdoWsurzom1HSb0Uh6C6oFHs+XGs= |
|
.gg.bet/ | Name: __cf_bm Value: PDFMaj4kElJVF.y9_QsRByMdZG7qQe_B2U4oQTiRq70-1691788384-0-AfU5R4C8pcPpdovOLMxjR3RphONjpfD/E10k18Ti+lXFuU4gLF3M9Imt++aFRanyCgada5QxM8NN2NFcNV7Vxzo= |
|
.sat.ugabartint.net/ | Name: __cf_bm Value: eHGZdl9fRGT5Ut0J5tzqKY_DMb9lTfxdnegpBnB3ENg-1691788384-0-AfO/fgtcIqaHp1iVcXTQhu8+j925piBihhx/yr8OyuMD8TSDfSNHoaC9RtbA6cvqxa3/td54kTh0XU7b/sk9iHI= |
|
.crwds.net/ | Name: _7jt1oxhp4z Value: eyJpdiI6InhTdHZSV1ljeTZ3ekYxVkh4TEtYUmc9PSIsInZhbHVlIjoibVlXb1ZwYitib2gyTWdJaytJRTJRbkF1cHgxaDhVa1JYQU0ybUxveGVIaHlGMVZuZU9SRGdVN2YzUlc1aThEKzNibEp3RDU2VTVwOXhiNzZvK1Vyd29TVTlzUU5LdzBBOVIrYTVYOFpjVjA9IiwibWFjIjoiOWNiNTIwYTE5Y2Y3NzNmNmNkNzFjY2YwZGRhNTViNTc4Zjc4MTFkZmRiNGVjMmNjM2Q2YWMzNzk5MDJiZjI3MCIsInRhZyI6IiJ9 |
|
.sat.crwds.net/ | Name: __cf_bm Value: ERpKHbjMScYNoT.KdNK1gcgl4oBG1yLYzIWl48lgrl4-1691788384-0-ActPbCxYZtrmH5m1lEN+IXw3awUAtLLKh51LbzHCQadL9B+TgXO7d5UcwLgwa0eHbl7EZET/ip7EHHj7OuY0Rmo= |
|
.coffee2play.com/ | Name: _ga Value: GA1.2.189795133.1691788385 |
|
.coffee2play.com/ | Name: _gid Value: GA1.2.1690329819.1691788385 |
|
.coffee2play.com/ | Name: _gat_UA-156256613-1 Value: 1 |
|
.coffee2play.com/ | Name: _ga_C20DZ2NS21 Value: GS1.2.1691788385.1.0.1691788385.0.0.0 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300; includeSubDomains; |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.exoclick.com
challenges.cloudflare.com
coffee2play.com
gbett1.net
gg.bet
ggbetpromo.com
ggbets1.net
p.ugabartint.net
region1.google-analytics.com
sat.crwds.net
sat.ugabartint.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.rocketleaguebetting.com
gbett1.net
gg.bet
ggbets1.net
2001:4860:4802:34::36
2001:4de0:ac19::1:b:3a
23.109.27.100
2606:4700:3030::ac43:a32f
2606:4700:3036::ac43:b6fc
2606:4700::6811:3b8
2a00:1450:4001:810::200e
2a00:1450:4001:828::2008
2a00:1450:400c:c0c::9d
2a05:7880:328:c667:efff:fa09:4c24:22f
2a05:7880:5:dc5f:dd96:272:e748:138a
2a07:180:4a1:2cac:8e76:43ad:29a3:e828
94.136.40.82
1432f3b76ed0604fb73b05bd8bc13442da0acf590c624c73b7fe66b189bb1d71
27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
3220a4fa947ed3905b76507c4a595ec88b2c96ae80958c63887fcf69e404fdae
53d93a3dba9fedad50dde043d36238e2b022160b1b10c78af57927dce483885b
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5a43f7d49d8172f43b8439aaafd5488b37b59033aeb556d601f3d99588565735
6a008be34474b15708bb82a3841c7cf42b0b08c9432ad8aaf3ea9242ea1b1499
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75c2c1c413af6a0970d38aa47b92fbd3f613e6ca2534fed2bd69f28448c4cb2d
7de2f50acda08aac02553ce9b5a02eddbb9cc2ad64aa067f9537c0131664a509
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
bb2e9574dd9773b4846407b0eee43044672b970584825ae32eb3690a0dbdd339
bdb43dff8ffefd3022188e044d22f753873e280223890c47e4c8922fd4b623a8
cd21f8b1e1c7e57310678f7a68da26bc8a8989774ffe9ae9bbc82e64d6532766
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e243a56fe5d553e4ccf34d0c1d7d8e80a4db8329620fa7b3b9d37551cdbfb8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e739e85a7c2fbf3b4b6f12e86ec4ec0ae7183e33719b7e8e716aef3c4f8e5a23
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa