promo.iredirect.net
Open in
urlscan Pro
209.15.247.44
Public Scan
Effective URL: http://promo.iredirect.net/rea/pop/en/gmd/1/
Submission: On June 12 via manual from IN
Summary
This is the only time promo.iredirect.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 138.197.145.50 138.197.145.50 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
1 1 | 209.15.247.30 209.15.247.30 | 13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1) | |
2 5 | 209.15.247.44 209.15.247.44 | 13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1) | |
2 | 94.31.29.138 94.31.29.138 | 54104 (AS-STACKPATH) (AS-STACKPATH - netDNA) | |
22 | 209.15.247.36 209.15.247.36 | 13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1) | |
1 3 | 172.217.18.174 172.217.18.174 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.18.168 172.217.18.168 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 173.194.76.156 173.194.76.156 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
31 | 6 |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
cashwinners.info |
ASN54104 (AS-STACKPATH - netDNA, US)
PTR: 94.31.29.138.IPYX-077437-ZYO.above.net
cdn.jsdelivr.net |
ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
cdn.zxcdn.com | |
img.zxcdn.com | |
api.zxcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
zxcdn.com
cdn.zxcdn.com img.zxcdn.com api.zxcdn.com |
552 KB |
5 |
iredirect.net
2 redirects
promo.iredirect.net |
63 KB |
3 |
google-analytics.com
1 redirects
www.google-analytics.com |
14 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net |
37 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
102 B |
1 |
googletagmanager.com
www.googletagmanager.com |
27 KB |
1 |
clicktrack.eu
1 redirects
www.clicktrack.eu |
579 B |
1 |
cashwinners.info
1 redirects
cashwinners.info |
532 B |
31 | 8 |
Domain | Requested by | |
---|---|---|
11 | img.zxcdn.com |
promo.iredirect.net
|
10 | cdn.zxcdn.com |
promo.iredirect.net
cdn.jsdelivr.net |
5 | promo.iredirect.net |
2 redirects
promo.iredirect.net
|
3 | www.google-analytics.com |
1 redirects
promo.iredirect.net
|
2 | cdn.jsdelivr.net |
promo.iredirect.net
|
1 | api.zxcdn.com |
cdn.jsdelivr.net
|
1 | stats.g.doubleclick.net |
promo.iredirect.net
|
1 | www.googletagmanager.com |
promo.iredirect.net
|
1 | www.clicktrack.eu | 1 redirects |
1 | cashwinners.info | 1 redirects |
31 | 10 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://promo.iredirect.net/rea/pop/en/gmd/1/
Frame ID: FC3D7B1F91F5F0ED1400A41A3C355981
Requests: 31 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://cashwinners.info/in/gm/da0506/index.php?cid=477088226481&zoneid=1407888&bannerid=1919244&os=IN
HTTP 302
http://www.clicktrack.eu/affiliate/referral.asp?site=rea&url=brw/gmd/1&seg=36105&lid=205318&aff_id=49... HTTP 301
http://promo.iredirect.net/referral.asp?aff_id=4999_36105_19474_968967_57_1979_3-83712&pop_up=1&url=/re... HTTP 301
http://promo.iredirect.net/rea/brw/gmd/1/ HTTP 301
http://promo.iredirect.net/rea/pop/en/gmd/1/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: terms and conditions
Search URL Search Domain Scan URL
Title: McAfee Site Advisor
Search URL Search Domain Scan URL
Title: Norton Safe Web
Search URL Search Domain Scan URL
Title: Google Safe Browsing
Search URL Search Domain Scan URL
Title: Responsible Gambling Policy
Search URL Search Domain Scan URL
Title: sign up bonus
Search URL Search Domain Scan URL
Title: quick self assessment test
Search URL Search Domain Scan URL
Title: http://www.ncpgambling.org/
Search URL Search Domain Scan URL
Title: http://www.gamblersanonymous.org
Search URL Search Domain Scan URL
Title: Cyberpatrol
Search URL Search Domain Scan URL
Title: Cybersitter
Search URL Search Domain Scan URL
Title: Netnanny
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cashwinners.info/in/gm/da0506/index.php?cid=477088226481&zoneid=1407888&bannerid=1919244&os=IN
HTTP 302
http://www.clicktrack.eu/affiliate/referral.asp?site=rea&url=brw/gmd/1&seg=36105&lid=205318&aff_id=4999_36105_19474_968967_57_1979_3-83712&48e47182944qd3384&cid=48e47182944qd3384d&cid=477088226481&zoneid=1407888&bannerid=1919244&os=IN HTTP 301
http://promo.iredirect.net/referral.asp?aff_id=4999_36105_19474_968967_57_1979_3-83712&pop_up=1&url=/rea/brw/gmd/1&seg=36105&lid=205318&atk=standalone HTTP 301
http://promo.iredirect.net/rea/brw/gmd/1/ HTTP 301
http://promo.iredirect.net/rea/pop/en/gmd/1/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1916983976&t=pageview&_s=1&dl=http%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fen%2Fgmd%2F1%2F&ul=en-us&de=UTF-8&dt=Grand%20Mondial%20Casino!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEABC~&jid=1620760824&gjid=321110715&cid=79714452.1528776779&tid=UA-85618867-1&_gid=1013901969.1528776779&_r=1&cd83=vNJc%2FU5joHEWziHgN2xYyb03PReexsC%2Fqrbx%2FQvnozM%3D&cd85=4999_36105_19474_968967_57_1979_3-83712&cd89=&z=978780526 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=79714452.1528776779&jid=1620760824&_gid=1013901969.1528776779&gjid=321110715&_v=j68&z=978780526
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
promo.iredirect.net/rea/pop/en/gmd/1/ Redirect Chain
|
84 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
promo.iredirect.net/rea/pop/en/gmd/1/inc/ |
42 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cdn.jsdelivr.net/npm/jquery@1.11.3/dist/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
promo.iredirect.net/rea/shared/ |
82 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vjs-chat.js
cdn.zxcdn.com/webcdn/js/ |
703 B 854 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shared.css
cdn.zxcdn.com/webcdn/css/rea/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modal.js
cdn.zxcdn.com/webcdn/js/rea/shared/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookieConsent.min.js
cdn.zxcdn.com/webcdn/js/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
cdn.zxcdn.com/webcdn/img/rea/shared/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
www.googletagmanager.com/ |
94 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-icons.fs8.png
cdn.zxcdn.com/webCDN/img/Shared/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secure-en.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mcafee.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
norton.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ZC_JpotFire-game-sprite.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/zc/5/ |
58 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GMD-REA-winnerIR_2x.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/gmd/1/ |
74 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GMD-REA-winnerGM_2x.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/gmd/1/ |
83 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GMD-REA-winnerDP_2x.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/gmd/1/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GMD-REA-logo.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/gmd/1/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ZC_JpotFire-arrow.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/zc/5/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CCC_Golden-ICE-coins.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/ccc/4/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GMD-REA-ring.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/gmd/1/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CCC_Golden-ICE-jpot-spriteA.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/ccc/4/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GMD-REA-jackpot.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/gmd/1/ |
135 KB 135 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GMD-REA-arrow.fs8.png
img.zxcdn.com/webcdn/img/rea/pop/en/gmd/1/ |
798 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ProgressiveJackpotTicker.min.js
cdn.zxcdn.com/webcdn/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| thisLang string| thisSiteCode string| thisBrand string| thisCategory string| thisVariation string| thisPath string| btag5 string| btag1 string| btag3 string| __galab function| isGoogleAnalyticsLoaded function| logGAEvent string| GoogleAnalyticsObject function| __gaTracker function| $ function| jQuery function| cross_domain_storage function| wopen function| checkCaptchaResponse number| d string| v number| formWS boolean| isCaptchaValidated object| respond string| currency object| thisAffID string| siteTotalGames string| mobilesiteTotalGames string| decimalSeparator string| groupSeparator string| positivePattern string| decimalDigits string| isGDPR number| xit string| embeddedStyle object| cookieConsentStrings object| cookieconsent function| privacyModal object| dataLayer object| fm object| google_tag_manager object| gaplugins object| gaGlobal object| gaData boolean| blMatch undefined| jQuery111302726319363462093_15287767786014 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.iredirect.net/ | Name: _gat Value: 1 |
|
.iredirect.net/ | Name: _gid Value: GA1.2.1013901969.1528776779 |
|
.iredirect.net/ | Name: _ga Value: GA1.2.79714452.1528776779 |
|
promo.iredirect.net/ | Name: ASPSESSIONIDSQASTCBT Value: KOLGKGIDANIKGLFHDNBKAIPC |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.zxcdn.com
cashwinners.info
cdn.jsdelivr.net
cdn.zxcdn.com
img.zxcdn.com
promo.iredirect.net
stats.g.doubleclick.net
www.clicktrack.eu
www.google-analytics.com
www.googletagmanager.com
138.197.145.50
172.217.18.168
172.217.18.174
173.194.76.156
209.15.247.30
209.15.247.36
209.15.247.44
94.31.29.138
077f0a640e06318d6602b22e58f94c8158d5cf24dc9367c592b321bb93c66500
155d2d0315dae7ca135de8db6ca1d8da3580b1f3851f034f8a60a0fd23f014b5
22716a549bd0004662070390833d06c497b1d266d743f51801c98f8bc093bdff
25b1ccf01765886e38404fd61dc4386d3fa04b9fb433b3bbe1bc4bcb7ef5c8c9
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274
36c1e137cd2ed70bdb8d0f2e05e1f33ca1740ab5158510f183196a263d142d9e
395248fa2a0de2257903418d5cf5c40d36a9e2ec04a5c5f3d9f8ca9b67ef7028
3b48ff81370dc42c16de1364f8820d1ca964b380161810b1339403ad54faa46f
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4382a72ad8a5391314dfe31afdab20cd4f6cd9f19a9540022a8012d431090402
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bcc1f4487465b7bb970e250f53fbdf92018ef5845dff9e774f853d8433d30e7
503692fef0864a3fdec086dac7d761466399904b7fdb209506b5654f96071ad1
64b9fe9185cee865240ae3e83e127ecc591d67c1e413cea05e6fc3ea6433cfe7
74710f925b4b4324362ed4673238c982436c2156593662375ab1deb47869cf5a
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae
7e8b23f674c3213bcc73a8b167f32f8f839953e88c9acb34b629bf930b285c36
7fed6a9fb598bcea573009c0be86610ce24dd877f97d415ffe7ceed3b44a686e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e
99b528cc3df2397da15bc4b6f9263270ba2257d071f39a6a1c61e0f9bb8c4c8f
a18f7dd81b36b33cb08499af70281f01aea6ca7788c21f54f7b36190a6c4d5b9
a58a58c915d407390d40a48eb719bd3860466ab47c533250dd47f6938b2551e6
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afc89a179e8f1f2e126c0b2bd556872e142872fd42ac353f72575d84e39d4cfe
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051
c06b9a1a240f959d50dd7c45ae8fcf04502e5cc3c8dd2036dd2bed1adeb45632
cb8d99d99b60f1d837ab19c1c7eea0aaa31e925bb6e09ee45b6f8430b6cb6da7
fab99fd698b41133a046e06d10a92325aea980f68d299cca4bbebfbbd03990c9