prmsbw.com
Open in
urlscan Pro
23.83.127.87
Public Scan
Effective URL: https://prmsbw.com/betwinner-ios-app/?id=11PR&s1=01640901-b84e-4424-ae1d-dbab81664aeb&extid=dfdffded-d126-4e39-a22d...
Submission: On February 06 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 25th 2020. Valid for: 3 months.
This is the only time prmsbw.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-165-141.eu-central-1.compute.amazonaws.com
cpafood.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
prmsbw.com
prmsbw.com cdn.prmsbw.com |
611 KB |
8 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
198 KB |
6 |
filesonload.ru
s.filesonload.ru |
270 KB |
4 |
bwapipub.com
bwapipub.com |
4 KB |
3 |
google.com
www.google.com dns.google.com |
1 KB |
2 |
plp7.ru
7hy583fu.plp7.ru |
3 KB |
2 |
is.gd
2 redirects
www.is.gd |
497 B |
1 |
bwtsrv.com
bwtsrv.com |
599 B |
1 |
cloudflare-dns.com
cloudflare-dns.com |
424 B |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
cpafood.com
1 redirects
cpafood.com |
318 B |
38 | 11 |
Domain | Requested by | |
---|---|---|
7 | prmsbw.com |
7hy583fu.plp7.ru
|
7 | fonts.gstatic.com |
7hy583fu.plp7.ru
prmsbw.com cdn.prmsbw.com |
6 | s.filesonload.ru |
7hy583fu.plp7.ru
|
5 | cdn.prmsbw.com |
prmsbw.com
cdn.prmsbw.com |
4 | bwapipub.com |
cdn.prmsbw.com
|
2 | www.google.com |
prmsbw.com
www.gstatic.com |
2 | 7hy583fu.plp7.ru |
7hy583fu.plp7.ru
|
2 | www.is.gd | 2 redirects |
1 | bwtsrv.com |
cdn.prmsbw.com
|
1 | cloudflare-dns.com |
cdn.prmsbw.com
|
1 | dns.google.com |
cdn.prmsbw.com
|
1 | www.gstatic.com |
www.google.com
|
1 | fonts.googleapis.com |
prmsbw.com
|
1 | cpafood.com | 1 redirects |
38 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
apps.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google.com GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
prmsbw.com Let's Encrypt Authority X3 |
2020-01-25 - 2020-04-24 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-08-22 - 2020-08-21 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
dns.google GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
cloudflare-dns.com DigiCert ECC Secure Server CA |
2019-01-28 - 2021-02-01 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://prmsbw.com/betwinner-ios-app/?id=11PR&s1=01640901-b84e-4424-ae1d-dbab81664aeb&extid=dfdffded-d126-4e39-a22d-b5a2e70ee5ea&p=/user/registration/
Frame ID: 64CDF25DE3DDFCBE127245C5532A998B
Requests: 38 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFxIwUAAAAAJXTTywXqky6j5VEGMnyaP9IJSLu&co=aHR0cHM6Ly9wcm1zYncuY29tOjQ0Mw..&hl=en&v=vJuUWXolyYJx1oqUVmpPuryQ&size=invisible&cb=yt82t9s42s4w
Frame ID: EC048A9C836B1BAF82F6FC9A87242AB6
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.is.gd/A09gsz
HTTP 301
https://www.is.gd/A09gsz HTTP 301
http://7hy583fu.plp7.ru/ Page URL
-
https://cpafood.com/b8HUhwB
HTTP 302
https://prmsbw.com/betwinner-ios-app/?id=11PR&s1=01640901-b84e-4424-ae1d-dbab81664aeb&extid=dfd... Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Element UI (JavaScript Frameworks) Expand
Detected patterns
- html /<(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: INSTALL TESTFLIGHT
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.is.gd/A09gsz
HTTP 301
https://www.is.gd/A09gsz HTTP 301
http://7hy583fu.plp7.ru/ Page URL
-
https://cpafood.com/b8HUhwB
HTTP 302
https://prmsbw.com/betwinner-ios-app/?id=11PR&s1=01640901-b84e-4424-ae1d-dbab81664aeb&extid=dfdffded-d126-4e39-a22d-b5a2e70ee5ea&p=/user/registration/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.is.gd/A09gsz HTTP 301
- https://www.is.gd/A09gsz HTTP 301
- http://7hy583fu.plp7.ru/
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
7hy583fu.plp7.ru/ Redirect Chain
|
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors.css
s.filesonload.ru/assets/3.3/ |
308 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plp.css
s.filesonload.ru/assets/3.3/ |
536 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nodes.css
s.filesonload.ru/assets/3.3/ |
112 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors.js
s.filesonload.ru/assets/3.3/ |
355 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plp.js
s.filesonload.ru/assets/3.3/ |
74 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nodes.js
s.filesonload.ru/assets/3.3/ |
45 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RjgO7rYTmqiVp7vzi-Q5UbO3LdcAZYWl9Si6vvxL-qU.woff
fonts.gstatic.com/s/opensans/v13/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k3k702ZOKiLJc3WVjuplzAcuEIXEaFWBWXA4NoGd_Oo.woff
fonts.gstatic.com/s/opensans/v13/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PUT H/1.1 |
/
7hy583fu.plp7.ru/ |
2 B 289 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
prmsbw.com/betwinner-ios-app/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.5736dc7923331b7923a110cc872c838c.css
cdn.prmsbw.com/betwinner-ios-app/ |
284 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
708 B 579 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.e8569858a6f3b726f394.js
cdn.prmsbw.com/betwinner-ios-app/ |
1 MB 264 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
35 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vJuUWXolyYJx1oqUVmpPuryQ/ |
259 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resolve
dns.google.com/ |
258 B 561 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dns-query
cloudflare-dns.com/ |
218 B 424 B |
XHR
application/dns-json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame EC04 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-url
bwapipub.com/landing-registration/ |
72 B 159 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v3
bwapipub.com/recaptcha-key/ |
89 B 174 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detect-visitor
bwapipub.com/landing-registration/ |
131 B 548 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countries
bwapipub.com/landing-registration/ |
12 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btag.json
bwtsrv.com/landings/ |
47 B 599 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
426a63c6a33b71977739ff4f5dfe6de5.png
cdn.prmsbw.com/betwinner-ios-app/ |
132 KB 132 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
600 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
535877f50039c0cb49a6196a5b7517cd.woff
cdn.prmsbw.com/betwinner-ios-app/ |
28 KB 28 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e5317ea9a223249d65f2b0a204a5f497.svg
prmsbw.com/betwinner-ios-app/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
59279827e0343031463f764705b2e81f.png
prmsbw.com/betwinner-ios-app/ |
700 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e84d3c9d5cc89a48f182741dcb1aa390.png
prmsbw.com/betwinner-ios-app/ |
643 B 1014 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
426a63c6a33b71977739ff4f5dfe6de5.png
prmsbw.com/betwinner-ios-app/ |
132 KB 132 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ebbb28862b62a0875d27a576dbf86fbd.svg
prmsbw.com/betwinner-ios-app/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3e69ebca6ebb48cb7696f6b742f17bc4.svg
prmsbw.com/betwinner-ios-app/ |
591 B 989 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
52f420da94ae60f6dcf173d224e365d8.svg
cdn.prmsbw.com/betwinner-ios-app/ |
180 B 222 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| setImmediate function| clearImmediate object| __core-js_shared__ function| P boolean| recaptchaLoaded string| mediaId object| closure_lm_7544771 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.prmsbw.com/ | Name: __cfduid Value: d363a1a63b8ec8d97677604ac2fa952e61581033393 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
7hy583fu.plp7.ru
bwapipub.com
bwtsrv.com
cdn.prmsbw.com
cloudflare-dns.com
cpafood.com
dns.google.com
fonts.googleapis.com
fonts.gstatic.com
prmsbw.com
s.filesonload.ru
www.google.com
www.gstatic.com
www.is.gd
2001:4860:4860::8888
23.83.127.87
2606:4700:20::6819:1615
2606:4700:3031::681b:9155
2606:4700:3035::681b:b767
2606:4700:3037::681c:b13
2606:4700::6810:f9f9
2a00:1450:4001:808::2003
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:820::200a
3.120.165.141
51.38.224.233
80.93.179.62
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
183e13168af00c959ec438581ae90ada16e5e542b429e866e1bff7a8db1ae630
25bdf92000b9fa4cc4c80896580e98927f80d354d5cadad88c079a02190defd6
2ca93a8f5361b8f72fbea6db23ac57f3594c088812f21e97216910291dc0a054
33054abd61ad35910b0b4d9ca11186736f42433b3332f0f8e65addf8926a74ae
404ad577d72a885cc13081b191a87c6cc2e108b776bfc5d7c26c1cb06107b022
4272f132ec9da3de35e5626054c6ff14e23e33aad048e2e97b46610c4513bbd1
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4a8106ac064e738cd838a7a836bd9527ef3f6b40d9ef44dcdd742c3aef3d818c
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5c97b43fc35ffa65cfb3e3dafd02b5fea8cb83cc332c0572dfb0cf0f199bc73a
778e402d59306acf233845578573de15d7d4e0ccd9bc188d555a7aa90691aa5d
85f1d160fca6ca156acfe51bbf5786c71b7419a19b603fdeff66afa9de539c17
8d12093d8c8b7024c1cf783567823053fb76f516a9ff5e64d975732a67b97d55
902424582c5d656abbd7f650a4bb0299e1175aad0e62c77892513fbfbd5a2bc9
908ce415c8420994988351b783b3e349b25576b7b3d7924e72fcb96b9b53fcb4
994f5ce862da96ff13a481f69c73c75c53aeba67bbf56906ee6961a68c27d221
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
9e8f00bed071bc169467cc91b1d2d8405ce391f070d10e6c97781c20d4d96170
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
b3ad94b71dc254aa30843293b9f22c44e4606002067837981c3c5d083d5750bc
b4a6b520b4516b439e779494b3d836def3d5d82a6dd272e53edb47fa63fc208a
ba6a04fe8e549687a74fe53d14f44185cf1a62b2e7da4a16a573c367d89819ea
bd4ebae6b8ee8cda6f9211b482d6ea67b4fb0045ff64f0d1934f97a93d57eb7b
c06e55b1004c1cc16127d2d3b8fd323fcb5991bf0d53fee1a7805198023c2f54
c0da50b7abea3eb47a16b12d2eed6458e73db64360e7587212f629c46692aabe
c254a21b93ce9338b0c154250e80acd05e53a8b2a0da9da5e40955420f234d19
c92fb90761bfed51c1457a892c01a953f9f423f0e162db7468777edc5ac22261
cd01185f335d20e75286a45c3c44d4f9af567fff4c78dbf6ec414a60f3c602f8
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d02c60a952afe206035bf7188889fd399065ea5f863d6e69a680175e6f25b853
dafa565b581743f2b5a79210f7d17f36266bac25a74c8cc4cf77ee1bfd6e22d4
e5d04fe15f8a9a19d20206c6d884c2eca92fa33bae75d551badc8a65074123c6
ee3777326fb60a1a59bb8c62aa8aac4db0161a6cfe1814cbe6067e34929d45a3
f36b48ea92b681a2fb7aad55478dae7df9e826e2aa97ef9c1ea5456834c8c494
f624a88eb7e3376a174906c2d171e1f2ef56ec8f793f80c5ab462567ef3a6a4c