![](/screenshots/333eaeab-2a6f-4d46-aa72-9950e352227d.png)
go.prosperitypub.com
Open in
urlscan Pro
2606:4700::6810:cc2
Public Scan
Effective URL: https://go.prosperitypub.com/gl-asi_of3?af=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_medium=STS&utm_content=DFW_GL_STS...
Submission: On April 18 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 20th 2024. Valid for: 10 months.
This is the only time go.prosperitypub.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net
email.analystratings.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.198.107.34.bc.googleusercontent.com
www.t86trk.com |
ASN32244 (LIQUIDWEB, US)
PTR: cloudhost-4486585.us-midwest-2.nxcli.net
lp.prosperitypub.com |
ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net
email.analystratings.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-164-175.us-west-2.compute.amazonaws.com
api.joinnow.live |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
prosperitypub.com
2 redirects
lp.prosperitypub.com go.prosperitypub.com |
427 KB |
7 |
joinnow.live
joinnow.live — Cisco Umbrella Rank: 571388 api.joinnow.live — Cisco Umbrella Rank: 667337 cdn.joinnow.live Failed |
1 MB |
4 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4647 |
14 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
21 KB |
2 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817 |
7 KB |
2 |
gstatic.com
fonts.gstatic.com |
31 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 7278 |
126 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
394 B |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941 www.google.com — Cisco Umbrella Rank: 2 |
315 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
89 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
158 KB |
2 |
t86trk.com
2 redirects
www.t86trk.com |
1 KB |
2 |
marketbeat.com
2 redirects
www.marketbeat.com — Cisco Umbrella Rank: 85946 |
368 B |
2 |
analystratings.net
2 redirects
email.analystratings.net — Cisco Umbrella Rank: 236555 |
874 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
1 KB |
54 | 15 |
Domain | Requested by | |
---|---|---|
13 | go.prosperitypub.com |
joinnow.live
go.prosperitypub.com static.cloudflareinsights.com |
5 | joinnow.live |
joinnow.live
|
4 | challenges.cloudflare.com |
go.prosperitypub.com
challenges.cloudflare.com |
3 | www.google-analytics.com |
www.googletagmanager.com
joinnow.live |
2 | static.cloudflareinsights.com |
go.prosperitypub.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google.de |
joinnow.live
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
joinnow.live |
2 | api.joinnow.live |
joinnow.live
|
2 | connect.facebook.net |
joinnow.live
connect.facebook.net |
2 | www.googletagmanager.com |
joinnow.live
www.googletagmanager.com |
2 | lp.prosperitypub.com | 2 redirects |
2 | www.t86trk.com | 2 redirects |
2 | www.marketbeat.com | 2 redirects |
2 | email.analystratings.net | 2 redirects |
1 | www.google.com | |
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
joinnow.live
|
0 | cdn.joinnow.live Failed | |
54 | 19 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
joinnow.live Amazon RSA 2048 M03 |
2024-02-20 - 2025-03-19 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-27 - 2024-04-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
go.prosperitypub.com Cloudflare Inc ECC CA-3 |
2024-02-20 - 2024-12-31 |
10 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
cloudflareinsights.com GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://go.prosperitypub.com/gl-asi_of3?af=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_medium=STS&utm_content=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_campaign=1708135636901b1z8i&utm_source=DFW&utm_term=STS
Frame ID: FCA37C919FA78E809681BB58A4CD809F
Requests: 50 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cy9tu/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: A492C5B6D8847FFCB965C687B687796D
Requests: 1 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/srnew/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 6140F011C81E84030ADB49BAC6DAAD57
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/333eaeab-2a6f-4d46-aa72-9950e352227d.png)
Page Title
Nur einen Moment…Page URL History Show full URLs
-
http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dR...
HTTP 307
https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dR... HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=77013&UserID=11404962&interstitial=1&Has... HTTP 301
https://www.t86trk.com/2P9J9R/2NC6MSS/?uid=297&source_id=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_C... HTTP 302
https://lp.prosperitypub.com/go/sco/?redirect=https%3A%2F%2Fjoinnow.live%2Fa%2Fw45E83&sco=ASI01E&utm_medi... HTTP 302
https://joinnow.live/a/w45E83?email=verdacht@safeonweb.be&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT... HTTP 307
http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dR... HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=77013&UserID=11404962&interstitial=1&Has... HTTP 301
https://www.t86trk.com/2P9J9R/2NC6MSS/?uid=297&source_id=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_C... HTTP 302
https://lp.prosperitypub.com/go/sco/?redirect=https%3A%2F%2Fjoinnow.live%2Fa%2Fw45E83&sco=ASI01E&utm_medi... HTTP 302
https://joinnow.live/a/w45E83?email=verdacht@safeonweb.be&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT... Page URL
- https://go.prosperitypub.com/gl-asi_of3?af=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_medium=STS&ut... Page URL
- https://go.prosperitypub.com/gl-asi_of3?af=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_medium=STS&ut... Page URL
Detected technologies
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcKnuWuEC9QE20qKSsG9VeezXyFn4McgCcV0Pkdf9lDKEBONJm0kXfsXxpasiKwbFx0uvvDupRMOFvJvO5pLaqbyRjhP4UIzPsrrgxLHNEJqhv-2FbYe-2FOYfATTXG-2Bt0DpFiNhjuhuhekNR9SLU-2BvSSoFBdkPhnBKht8yJmFQsoutz5Z59FRMfUVABp0-2FW9fhTcsGarqANmyCz3hi2ec1GZ5pj1lcQgSw46JSJeg0TCqZJ9GWKV_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhpusg9by-2BxhrdAxTwNqwSNcVyymOJEPHfbUEUFc4NUlnN4ccnzdtaznwKQUH6liuE1k3Dan8EV0hUZcNI0nc-2Fqp3HfKcwVNaa86yosSFusHSJiiFaXVtG9tTKIkMb7Oji2-2FFr4OEf5AKh-2BRCRiMgMU3FwKm0ygXtCBitTyWAyk1oBY2In2est2xrTVZjpyeIIWn16hsc-2BdVhrmKvDWt1JN67YXKRs4DmRw7B0rvHlgXrg-3D-3D
HTTP 307
https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcKnuWuEC9QE20qKSsG9VeezXyFn4McgCcV0Pkdf9lDKEBONJm0kXfsXxpasiKwbFx0uvvDupRMOFvJvO5pLaqbyRjhP4UIzPsrrgxLHNEJqhv-2FbYe-2FOYfATTXG-2Bt0DpFiNhjuhuhekNR9SLU-2BvSSoFBdkPhnBKht8yJmFQsoutz5Z59FRMfUVABp0-2FW9fhTcsGarqANmyCz3hi2ec1GZ5pj1lcQgSw46JSJeg0TCqZJ9GWKV_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhpusg9by-2BxhrdAxTwNqwSNcVyymOJEPHfbUEUFc4NUlnN4ccnzdtaznwKQUH6liuE1k3Dan8EV0hUZcNI0nc-2Fqp3HfKcwVNaa86yosSFusHSJiiFaXVtG9tTKIkMb7Oji2-2FFr4OEf5AKh-2BRCRiMgMU3FwKm0ygXtCBitTyWAyk1oBY2In2est2xrTVZjpyeIIWn16hsc-2BdVhrmKvDWt1JN67YXKRs4DmRw7B0rvHlgXrg-3D-3D HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=77013&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51 HTTP 301
https://www.t86trk.com/2P9J9R/2NC6MSS/?uid=297&source_id=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&sub4=DED&sub5=1708135636901b1z8i&sub1=verdacht@safeonweb.be HTTP 302
https://lp.prosperitypub.com/go/sco/?redirect=https%3A%2F%2Fjoinnow.live%2Fa%2Fw45E83&sco=ASI01E&utm_medium=DED&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_campaign=1708135636901b1z8i&utm_source=MKB-MarketBeat&utm_term=&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&transaction_id=158a98ef99824218acb66efed99275e7&sid=&email=verdacht%40safeonweb.be HTTP 302
https://joinnow.live/a/w45E83?email=verdacht@safeonweb.be&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_source=MKB-MarketBeat&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_medium=DED&utm_campaign=1708135636901b1z8i&utm_term= HTTP 307
http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcKnuWuEC9QE20qKSsG9VeezXyFn4McgCcV0Pkdf9lDKEBONJm0kXfsXxpasiKwbFx0uvvDupRMOFvJvO5pLaqbyRjhP4UIzPsrrgxLHNEJqhv-2FbYe-2FOYfATTXG-2Bt0DpFiNhjuhuhekNR9SLU-2BvSSoFBdkPhnBKht8yJmFQsoutz5Z59FRMfUVABp0-2FW9fhTcsGarqANmyCz3hi2ec1GZ5pj1lcQgSw46JSJeg0TCqZJ9GWKV_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhpusg9by-2BxhrdAxTwNqwSNcVyymOJEPHfbUEUFc4NUlnN4ccnzdtaznwKQUH6liuE1k3Dan8EV0hUZcNI0nc-2Fqp3HfKcwVNaa86yosSFusHSJiiFaXVtG9tTKIkMb7Oji2-2FFr4OEf5AKh-2BRCRiMgMU3FwKm0ygXtCBitTyWAyk1oBY2In2est2xrTVZjpyeIIWn16hsc-2BdVhrmKvDWt1JN67YXKRs4DmRw7B0rvHlgXrg-3D-3D HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=77013&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51 HTTP 301
https://www.t86trk.com/2P9J9R/2NC6MSS/?uid=297&source_id=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&sub4=DED&sub5=1708135636901b1z8i&sub1=verdacht@safeonweb.be HTTP 302
https://lp.prosperitypub.com/go/sco/?redirect=https%3A%2F%2Fjoinnow.live%2Fa%2Fw45E83&sco=ASI01E&utm_medium=DED&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_campaign=1708135636901b1z8i&utm_source=MKB-MarketBeat&utm_term=&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&transaction_id=f57143967f8649d78e1f95532188f008&sid=&email=verdacht%40safeonweb.be HTTP 302
https://joinnow.live/a/w45E83?email=verdacht@safeonweb.be&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_source=MKB-MarketBeat&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_medium=DED&utm_campaign=1708135636901b1z8i&utm_term= Page URL
- https://go.prosperitypub.com/gl-asi_of3?af=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_medium=STS&utm_content=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_campaign=1708135636901b1z8i&utm_source=DFW&utm_term=STS Page URL
- https://go.prosperitypub.com/gl-asi_of3?af=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_medium=STS&utm_content=DFW_GL_STS_ASI_ASI224_NON_INDICT_EXT_STS_FRE&utm_campaign=1708135636901b1z8i&utm_source=DFW&utm_term=STS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcKnuWuEC9QE20qKSsG9VeezXyFn4McgCcV0Pkdf9lDKEBONJm0kXfsXxpasiKwbFx0uvvDupRMOFvJvO5pLaqbyRjhP4UIzPsrrgxLHNEJqhv-2FbYe-2FOYfATTXG-2Bt0DpFiNhjuhuhekNR9SLU-2BvSSoFBdkPhnBKht8yJmFQsoutz5Z59FRMfUVABp0-2FW9fhTcsGarqANmyCz3hi2ec1GZ5pj1lcQgSw46JSJeg0TCqZJ9GWKV_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhpusg9by-2BxhrdAxTwNqwSNcVyymOJEPHfbUEUFc4NUlnN4ccnzdtaznwKQUH6liuE1k3Dan8EV0hUZcNI0nc-2Fqp3HfKcwVNaa86yosSFusHSJiiFaXVtG9tTKIkMb7Oji2-2FFr4OEf5AKh-2BRCRiMgMU3FwKm0ygXtCBitTyWAyk1oBY2In2est2xrTVZjpyeIIWn16hsc-2BdVhrmKvDWt1JN67YXKRs4DmRw7B0rvHlgXrg-3D-3D HTTP 307
- https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcKnuWuEC9QE20qKSsG9VeezXyFn4McgCcV0Pkdf9lDKEBONJm0kXfsXxpasiKwbFx0uvvDupRMOFvJvO5pLaqbyRjhP4UIzPsrrgxLHNEJqhv-2FbYe-2FOYfATTXG-2Bt0DpFiNhjuhuhekNR9SLU-2BvSSoFBdkPhnBKht8yJmFQsoutz5Z59FRMfUVABp0-2FW9fhTcsGarqANmyCz3hi2ec1GZ5pj1lcQgSw46JSJeg0TCqZJ9GWKV_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhpusg9by-2BxhrdAxTwNqwSNcVyymOJEPHfbUEUFc4NUlnN4ccnzdtaznwKQUH6liuE1k3Dan8EV0hUZcNI0nc-2Fqp3HfKcwVNaa86yosSFusHSJiiFaXVtG9tTKIkMb7Oji2-2FFr4OEf5AKh-2BRCRiMgMU3FwKm0ygXtCBitTyWAyk1oBY2In2est2xrTVZjpyeIIWn16hsc-2BdVhrmKvDWt1JN67YXKRs4DmRw7B0rvHlgXrg-3D-3D HTTP 302
- https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=77013&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51 HTTP 301
- https://www.t86trk.com/2P9J9R/2NC6MSS/?uid=297&source_id=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&sub4=DED&sub5=1708135636901b1z8i&sub1=verdacht@safeonweb.be HTTP 302
- https://lp.prosperitypub.com/go/sco/?redirect=https%3A%2F%2Fjoinnow.live%2Fa%2Fw45E83&sco=ASI01E&utm_medium=DED&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_campaign=1708135636901b1z8i&utm_source=MKB-MarketBeat&utm_term=&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&transaction_id=158a98ef99824218acb66efed99275e7&sid=&email=verdacht%40safeonweb.be HTTP 302
- https://joinnow.live/a/w45E83?email=verdacht@safeonweb.be&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_source=MKB-MarketBeat&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_medium=DED&utm_campaign=1708135636901b1z8i&utm_term= HTTP 307
- http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcKnuWuEC9QE20qKSsG9VeezXyFn4McgCcV0Pkdf9lDKEBONJm0kXfsXxpasiKwbFx0uvvDupRMOFvJvO5pLaqbyRjhP4UIzPsrrgxLHNEJqhv-2FbYe-2FOYfATTXG-2Bt0DpFiNhjuhuhekNR9SLU-2BvSSoFBdkPhnBKht8yJmFQsoutz5Z59FRMfUVABp0-2FW9fhTcsGarqANmyCz3hi2ec1GZ5pj1lcQgSw46JSJeg0TCqZJ9GWKV_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhpusg9by-2BxhrdAxTwNqwSNcVyymOJEPHfbUEUFc4NUlnN4ccnzdtaznwKQUH6liuE1k3Dan8EV0hUZcNI0nc-2Fqp3HfKcwVNaa86yosSFusHSJiiFaXVtG9tTKIkMb7Oji2-2FFr4OEf5AKh-2BRCRiMgMU3FwKm0ygXtCBitTyWAyk1oBY2In2est2xrTVZjpyeIIWn16hsc-2BdVhrmKvDWt1JN67YXKRs4DmRw7B0rvHlgXrg-3D-3D HTTP 302
- https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=77013&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51 HTTP 301
- https://www.t86trk.com/2P9J9R/2NC6MSS/?uid=297&source_id=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&sub4=DED&sub5=1708135636901b1z8i&sub1=verdacht@safeonweb.be HTTP 302
- https://lp.prosperitypub.com/go/sco/?redirect=https%3A%2F%2Fjoinnow.live%2Fa%2Fw45E83&sco=ASI01E&utm_medium=DED&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_campaign=1708135636901b1z8i&utm_source=MKB-MarketBeat&utm_term=&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&transaction_id=f57143967f8649d78e1f95532188f008&sid=&email=verdacht%40safeonweb.be HTTP 302
- https://joinnow.live/a/w45E83?email=verdacht@safeonweb.be&af=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_source=MKB-MarketBeat&utm_content=MKB_GL_DED_ASI_ASI224_NON_INDICT_EXT_D02_CTO&utm_medium=DED&utm_campaign=1708135636901b1z8i&utm_term=
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
w45E83
joinnow.live/a/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
197 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f5fc0f1e.css
joinnow.live/static/css/ |
165 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.245c0100.js
joinnow.live/static/js/ |
741 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.d5493794.chunk.js
joinnow.live/static/js/ |
4 MB 765 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
299 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
246 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
login
api.joinnow.live/webinars/w45E83/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
4f544d15-efee-4553-a8dc-05ec5dd6906b
https://joinnow.live/ |
110 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
37406f9e-55d1-4cd9-a5d0-a8646e6fb491
https://joinnow.live/ |
191 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
login
api.joinnow.live/webinars/w45E83/ |
47 KB 11 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 47 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 205 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
joinnow.live/icons/ |
109 KB 109 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gl-asi_of3
go.prosperitypub.com/ |
20 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
events
api.joinnow.live/webinars/w45E83/attendees/rmhuqA/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
complete.jpg
cdn.joinnow.live/static/pages/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
api.joinnow.live/webinars/w45E83/attendees/rmhuqA/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
viewing-information
api.joinnow.live/webinars/w45E83/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d54b6a87-f09c-4529-9492-3f1b4512b9e1.mp3
cdn.joinnow.live/static/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
go.prosperitypub.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ |
387 KB 163 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/ |
41 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
go.prosperitypub.com/ |
16 KB 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
db44df0b-d06b-454f-bf4b-a49406945311
https://go.prosperitypub.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
go.prosperitypub.com/cdn-cgi/ |
0 174 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ba36ff799dfe268
go.prosperitypub.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1030135627:1713479207:yLFe2xd7bSMf1-aNzhbEifgECBTFwDBDvMi6-0RGP2s/8768687a3bba9025/ |
15 KB 15 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
go.prosperitypub.com/ |
16 KB 7 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cy9tu/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame A492 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
96025095-8394-43eb-837a-b9b56365a17b
https://go.prosperitypub.com/ |
80 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ba36ff799dfe268
go.prosperitypub.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1030135627:1713479207:yLFe2xd7bSMf1-aNzhbEifgECBTFwDBDvMi6-0RGP2s/8768687a3bba9025/ |
2 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
gl-asi_of3
go.prosperitypub.com/ |
18 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
rum
go.prosperitypub.com/cdn-cgi/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
go.prosperitypub.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ |
389 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/ |
41 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
go.prosperitypub.com/ |
16 KB 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a947e0bf-d534-4f71-adc5-1766778625d1
https://go.prosperitypub.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
go.prosperitypub.com/cdn-cgi/ |
0 37 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
go.prosperitypub.com/ |
16 KB 7 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
2c6d185fdc11407
go.prosperitypub.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1922216158:1713479142:AzU5rkP6wIH-bXW5KOm9pZH6A5vezTTtPYaLm6uGEHU/8768688fbdac9025/ |
15 KB 16 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/srnew/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 6140 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
21cc47d8-43f3-4ed1-b756-2cf6431205a5
https://go.prosperitypub.com/ |
80 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.joinnow.live
- URL
- https://api.joinnow.live/webinars/w45E83/attendees/rmhuqA/events
- Domain
- cdn.joinnow.live
- URL
- https://cdn.joinnow.live/static/pages/images/complete.jpg
- Domain
- api.joinnow.live
- URL
- https://api.joinnow.live/webinars/w45E83/attendees/rmhuqA/events
- Domain
- api.joinnow.live
- URL
- https://api.joinnow.live/webinars/w45E83/viewing-information?attendee=rmhuqA&timezone=Europe%2FBerlin
- Domain
- cdn.joinnow.live
- URL
- https://cdn.joinnow.live/static/d54b6a87-f09c-4529-9492-3f1b4512b9e1.mp3
- Domain
- go.prosperitypub.com
- URL
- https://go.prosperitypub.com/cdn-cgi/rum?
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| _cf_chl_opt object| __cfBeacon function| tVOu8 function| VmXRQa2 function| lmgW1 boolean| apNA4 function| HoCtrb4 function| brkBi8 function| VJRp2 object| VyEp8 object| gABHL6 function| evzTMP3 object| jaxUJs4 number| eWiA8 object| angular object| turnstile boolean| dXmTUH6 string| VgxZi89 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.marketbeat.com/ | Name: ASP.NET_SessionId Value: xoys0nwykugiekwhxj4cbdra |
|
www.t86trk.com/ | Name: uniqueClick_2NC6MSS Value: 419987ec-1bc3-4d27-863a-24d80f8709c4:1713482658 |
|
www.t86trk.com/ | Name: transaction_id Value: 158a98ef99824218acb66efed99275e7|f57143967f8649d78e1f95532188f008 |
|
.joinnow.live/ | Name: _ga Value: GA1.2.1785215657.1713482663 |
|
.joinnow.live/ | Name: _gid Value: GA1.2.37662020.1713482663 |
|
.joinnow.live/ | Name: _gat_gtag_UA_12888913_10 Value: 1 |
|
.go.prosperitypub.com/ | Name: __cf_bm Value: Lr9z4g2CKBPi1kwYSUiTAv2pA319.QJFe0faESpzliA-1713482664-1.0.1.1-XJWvbL3HqFlwRT00i6aoiITi_kETh41EUckF46cZjTepqdA.skK9JWt0croEyypsEih_ADA2EdbRk8abxMw.pCwwjfRTBl5pBUz1CRE7sVI |
|
.joinnow.live/ | Name: _ga_ZVDWFYYH06 Value: GS1.1.1713482663.1.0.1713482664.59.0.0 |
|
go.prosperitypub.com/ | Name: cf_chl_rc_ni Value: 1 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.joinnow.live
cdn.joinnow.live
challenges.cloudflare.com
connect.facebook.net
email.analystratings.net
fonts.googleapis.com
fonts.gstatic.com
go.prosperitypub.com
joinnow.live
lp.prosperitypub.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.marketbeat.com
www.t86trk.com
api.joinnow.live
cdn.joinnow.live
go.prosperitypub.com
167.89.115.120
167.89.118.83
192.190.221.37
2001:4860:4802:32::36
2600:9000:223d:e400:7:f2a8:a940:93a1
2606:4700:3108::ac42:28f2
2606:4700::6810:5049
2606:4700::6810:cc2
2606:4700::6811:3b8
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
34.107.198.251
44.240.164.175
02a2f7b51071f69b0fae1f6ccdac8a6328aa372a8ece86ece722a26cc8e4653e
061742b055e6328a489e3a8df25eaca6ae675249a2fa2627fb3ee058dc237648
070e98888d540656206bd94a81b4652a78c60f6c1d5c47c876f6e8d909d3447f
0ce0b7abb8be2c863182e53f5e7f4aa8a057049fa8dba2d3b1972bf65a58d64c
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680
360ca49c3307d7e1abc310ec69ca2ce64ad6716fbbbc118b3e6e1cd8c78f4aa3
6110f342ec49832d26aa285b0aba37a129b5112c79f197406de990fa438b9c58
615a071b8ad8c093a67ba889daa323b5a9abd101dc24dad3572c79b661a267d2
688b63b36f6461748c4fdf4e059a59c5fed7901f61c4e23a138f60d320642c50
75d442497bb830cddea9004edffc7e2f31a0c384eb5a5766efefbfbc87e4b622
82afffad89a286d138f8b6c3e1369a49c505984dad27d5695be94f82144f4bc2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
887287e7ee6a0c57ce891f3930de14ca8ed24cd5fa13dcfcb37a9437611fec9f
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a
96189b722c623f76b50c9b11362cd3b2400f18cf09e8fb3b6fc1e798b665499a
99bad247109067d0403b14045dec07fed14394b92172e86028e183904cb9d772
a9b91edcd079732ce12c2cf22024d7dd0c73af92c8e4747dd22bcabe8d21a750
b0cdda6aa67af86a4ee50a5cd63f5c3bb3b77f29ea828e0d0c2a7536a693a9ab
b5813f59b45dccb129d53d2988ca6a300d04eaba0a2179e3a5fdccf89bd85fad
c1c79bce3489931776bf8e0834ee8a9def12eaa7ca703d88adf01b41bed26ee9
d33e9af2312d7ffe5a8db20e99bf35af9abf301ec0b84dd49a4800447d8aa633
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3395680d7f4a519d32bf6b827e00221ead14e8510ae38119708d32094f1e16c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cec47a08e6480e7e734f82871089c565a3a0da4c09c1ff3c90f1e0c40f6694
e863a8a6fd24445f5967c49914b8c06ab19a38818c22b28f9c06c2f813839e99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbe1ab58a424185aa9ea8d4d18f93cb67cb37af4abb267e1f820c20cc0a691a3
fc95f27f2f2418635c07ead25c437a86546db53bf838991626a073cc6835e8f7