nationalresearchrewards.com
Open in
urlscan Pro
149.28.208.237
Public Scan
Effective URL: https://nationalresearchrewards.com/landing?campaignId=18001&email=natalio899%40gmail.com
Submission: On February 27 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on January 29th 2024. Valid for: 3 months.
This is the only time nationalresearchrewards.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 35.164.33.0 35.164.33.0 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 3.137.13.56 3.137.13.56 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 35.190.9.82 35.190.9.82 | 15169 (GOOGLE) (GOOGLE) | |
2 | 149.28.208.237 149.28.208.237 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
16 | 2600:9000:247... 2600:9000:2479:4000:15:64c0:d300:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:400... 2a04:4e42:400::729 | 54113 (FASTLY) (FASTLY) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c08::5f | 15169 (GOOGLE) (GOOGLE) | |
1 | 152.199.4.33 152.199.4.33 | 15133 (EDGECAST) (EDGECAST) | |
2 | 13.32.208.59 13.32.208.59 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c09::61 | 15169 (GOOGLE) (GOOGLE) | |
1 | 99.84.191.95 99.84.191.95 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 107.21.19.191 107.21.19.191 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 44.218.169.199 44.218.169.199 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 44.208.173.2 44.208.173.2 | 14618 (AMAZON-AES) (AMAZON-AES) | |
32 | 11 |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-33-0.us-west-2.compute.amazonaws.com
employmentvalley.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-13-56.us-east-2.compute.amazonaws.com
1t1dhxtkug.execute-api.us-east-2.amazonaws.com |
ASN15169 (GOOGLE, US)
PTR: 82.9.190.35.bc.googleusercontent.com
www.clicktrac.net |
ASN20473 (AS-CHOOPA, US)
PTR: 149.28.208.237.vultrusercontent.com
nationalresearchrewards.com | |
scr.nationalresearchrewards.com |
ASN16509 (AMAZON-02, US)
cdn1.nationalresearchrewards.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-59.iad66.r.cloudfront.net
api.pushnami.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-95.iad89.r.cloudfront.net
cdn.pushnami.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-191.compute-1.amazonaws.com
psp.pushnami.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-169-199.compute-1.amazonaws.com
fpc.pushnami.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-173-2.compute-1.amazonaws.com
trc.pushnami.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
nationalresearchrewards.com
nationalresearchrewards.com cdn1.nationalresearchrewards.com scr.nationalresearchrewards.com |
200 KB |
10 |
pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 6072 cdn.pushnami.com — Cisco Umbrella Rank: 15361 psp.pushnami.com — Cisco Umbrella Rank: 20252 fpc.pushnami.com — Cisco Umbrella Rank: 198213 trc.pushnami.com — Cisco Umbrella Rank: 6436 |
394 KB |
1 |
google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 590 |
17 KB |
1 |
aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2393 |
10 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 362 |
34 KB |
1 |
sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4725 |
17 KB |
1 |
clicktrac.net
1 redirects
www.clicktrac.net |
472 B |
1 |
amazonaws.com
1 redirects
1t1dhxtkug.execute-api.us-east-2.amazonaws.com — Cisco Umbrella Rank: 197842 |
180 B |
1 |
employmentvalley.com
1 redirects
employmentvalley.com |
331 B |
32 | 9 |
Domain | Requested by | |
---|---|---|
16 | cdn1.nationalresearchrewards.com |
nationalresearchrewards.com
cdn1.nationalresearchrewards.com |
4 | psp.pushnami.com |
browser.sentry-cdn.com
|
2 | trc.pushnami.com |
browser.sentry-cdn.com
|
2 | api.pushnami.com |
nationalresearchrewards.com
api.pushnami.com |
1 | fpc.pushnami.com |
browser.sentry-cdn.com
|
1 | cdn.pushnami.com |
api.pushnami.com
|
1 | ssl.google-analytics.com |
nationalresearchrewards.com
|
1 | scr.nationalresearchrewards.com |
nationalresearchrewards.com
|
1 | ajax.aspnetcdn.com |
nationalresearchrewards.com
|
1 | ajax.googleapis.com |
nationalresearchrewards.com
|
1 | browser.sentry-cdn.com |
nationalresearchrewards.com
|
1 | nationalresearchrewards.com | |
1 | www.clicktrac.net | 1 redirects |
1 | 1t1dhxtkug.execute-api.us-east-2.amazonaws.com | 1 redirects |
1 | employmentvalley.com | 1 redirects |
32 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nationalresearchrewards.com R3 |
2024-01-29 - 2024-04-28 |
3 months | crt.sh |
cdn1.retailrewardsclub.net Amazon RSA 2048 M01 |
2023-02-01 - 2024-03-02 |
a year | crt.sh |
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-08-01 - 2024-09-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2024-01-30 - 2025-01-30 |
a year | crt.sh |
*.pushnami.com Amazon RSA 2048 M02 |
2024-02-03 - 2025-03-03 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://nationalresearchrewards.com/landing?campaignId=18001&email=natalio899%40gmail.com
Frame ID: AB18E0E2036421A08C7B35AB2410A127
Requests: 28 HTTP requests in this frame
Frame:
https://api.pushnami.com/scripts/v1/hub
Frame ID: 054A88186FEA331DCC2E6B0A677E0E5E
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://employmentvalley.com/b2db5c5c-b41e-427f-87e5-b1ed2447e0dfa001c610f615fbb99836a65a551f8e4d
HTTP 302
https://1t1dhxtkug.execute-api.us-east-2.amazonaws.com/redirect_prod/b2db5c5c-b41e-427f-87e5-b1ed2447e0dfa001c610f615fbb99836a65a55... HTTP 301
https://www.clicktrac.net/cmp/NHNQ/439CD58/?sub1=R0OGJUI1vsn240121&email=natalio899%40gmail.com&sub4=b... HTTP 302
https://nationalresearchrewards.com/landing?campaignId=18001&email=natalio899%40gmail.com Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://employmentvalley.com/b2db5c5c-b41e-427f-87e5-b1ed2447e0dfa001c610f615fbb99836a65a551f8e4d
HTTP 302
https://1t1dhxtkug.execute-api.us-east-2.amazonaws.com/redirect_prod/b2db5c5c-b41e-427f-87e5-b1ed2447e0dfa001c610f615fbb99836a65a551f8e4d HTTP 301
https://www.clicktrac.net/cmp/NHNQ/439CD58/?sub1=R0OGJUI1vsn240121&email=natalio899%40gmail.com&sub4=b2db5c5c-b41e-427f-87e5-b1ed2447e0df HTTP 302
https://nationalresearchrewards.com/landing?campaignId=18001&email=natalio899%40gmail.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
landing
nationalresearchrewards.com/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-validation.css
cdn1.nationalresearchrewards.com/static/css/ |
151 B 505 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.js
browser.sentry-cdn.com/5.15.5/ |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.autotab.js
cdn1.nationalresearchrewards.com/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.19.1/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en_US.js
cdn1.nationalresearchrewards.com/static/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template.js
cdn1.nationalresearchrewards.com/static/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template.css
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LANDING_01_02.jpg
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LANDING_01_03.jpg
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_yes.png
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_no.png
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
claimBtn.png
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LANDING_01_07.jpg
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LANDING_01_12.jpg
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LANDING_01_14.jpg
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g_track.php
scr.nationalresearchrewards.com/pixel/ |
0 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5ca3be34dcb0250010f6c6a1
api.pushnami.com/scripts/v1/pushnami-adv/ |
253 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
88 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LANDING_01_06.jpg
cdn1.nationalresearchrewards.com/static/1005/LANDING/13019/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hub
api.pushnami.com/scripts/v1/ Frame 054A |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
psfpv4_client.js
cdn.pushnami.com/js/exp/ |
328 KB 328 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
data
psp.pushnami.com/psfp/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
data
psp.pushnami.com/psfp/ |
27 B 187 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
psp
psp.pushnami.com/api/ |
2 B 152 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
psp
psp.pushnami.com/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check
fpc.pushnami.com/psfp/69c89f43-112b-433d-96cd-bfc7b0a972a4/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
trc.pushnami.com/api/push/ |
2 B 168 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
trc.pushnami.com/api/push/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.clicktrac.net/ | Name: uniqueClick_439CD58 Value: 012f5cff-05e2-4214-804a-72180866d70e:1709071576 |
|
www.clicktrac.net/ | Name: transaction_id Value: a055ebd74ad3483e946f0f8df6f6161b |
|
nationalresearchrewards.com/ | Name: _ffpass Value: 1 |
|
.nationalresearchrewards.com/ | Name: _gsr Value: _cid:18001 |
|
nationalresearchrewards.com/ | Name: SESSION Value: MzFhMWQ1ZjctMmYzNi00MmRlLWJhYzQtMjBmMjEzN2Q5MDJj |
|
.nationalresearchrewards.com/ | Name: __utma Value: 81113608.1402161530.1709071577.1709071577.1709071577.1 |
|
.nationalresearchrewards.com/ | Name: __utmb Value: 81113608.0.10.1709071577 |
|
.nationalresearchrewards.com/ | Name: __utmc Value: 81113608 |
|
.nationalresearchrewards.com/ | Name: __utmz Value: 81113608.1709071577.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1t1dhxtkug.execute-api.us-east-2.amazonaws.com
ajax.aspnetcdn.com
ajax.googleapis.com
api.pushnami.com
browser.sentry-cdn.com
cdn.pushnami.com
cdn1.nationalresearchrewards.com
employmentvalley.com
fpc.pushnami.com
nationalresearchrewards.com
psp.pushnami.com
scr.nationalresearchrewards.com
ssl.google-analytics.com
trc.pushnami.com
www.clicktrac.net
107.21.19.191
13.32.208.59
149.28.208.237
152.199.4.33
2600:9000:2479:4000:15:64c0:d300:93a1
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::61
2a04:4e42:400::729
3.137.13.56
35.164.33.0
35.190.9.82
44.208.173.2
44.218.169.199
99.84.191.95
0ccb8847b87beedf15e5c4b09a1e3cd0a2b5f09ec9e94560153e0b9902c4c6d9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1659c0ec27b5575b19ca8e1407e484e5e6cf07101815a4c290d40564623ce527
1697488ebbfe6aa5169953a9bfeda0627b05674ae081676646327a65c63c9e84
1b7cfaa128f095d6b0ba04cfcfa9b96085555ca2d14bab75d4dd12039ba92469
1ee94537308b969ae3e3fe075f960e89e5817fc57f9464fd66b65a124448c66a
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2a378e7a2828dfef8280843a218725d11d8fb17f21f9717fa2d57fc960707e57
32ce8d05c7e5356de3cb47ee0b3438a539dc62a7a05c66adde8e2668008adc0c
47441c104436b39b40c834cbd43629df74488b18f3a20c1d5e666d7b04e97292
497d3e7a0651538a31fd2e78e44cbd7e071d46a0119938cb4c23748d6fe44385
4f6a28873e9313840852338f6e1344900ae597665934b4171f63743733082146
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
712af239198b3912d6185c5fcb672c162ab38e5d06ef1feaea5e71d4364fa488
872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c
89a53feea2220dd55f7f3b00fef2bab12db13172a4117f67a0ffc1f478e42e28
8be67da785d665f0e34148d3257349d1c9e11eef43eb8121a11c1017ecdc148d
912a0e9b48c7833000cec35598d1199e6af7ad503474c845b7f9724f56677131
97e0462bd8c906873b7676857abba0bcf9233febf2344af1b23d679b59b6d00d
9d2aefa415d6f3cb44ce567975ebf8f10964b99e06a595ff7b3c6bd1ee11d2a9
a0131566a443e1e959750b882555d3dc2931e2e007e3c1686b1da66fc1f74cb4
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b84750cc5a395288fcfd0cf42e3a60d6135e2f14db83fce05e97e5abacc2f9b4
dfc3c452444c6519ba78c42eb88be7af356fe5ef239851dd135ef0abadbd62cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc9a4ac844d217003ff162246dfcce81e6c4d4559785ec7dabb657eb693ce90