prismhaven.com
Open in
urlscan Pro
195.133.39.165
Public Scan
Effective URL: https://prismhaven.com/?dom=track.nerdyniches.com&m1=&m2=&m3=&m4=&m5=&m7=&m6=&vr=logo&cep=DCbSDjFDufXHUGJR6v3iJ6hJlJvhs...
Submission: On August 29 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by E5 on August 28th 2024. Valid for: 3 months.
This is the only time prismhaven.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.151.82 172.67.151.82 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 3 | 18.159.13.173 18.159.13.173 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 2600:9000:234... 2600:9000:234e:5600:12:7f18:2cc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 9 | 195.133.39.165 195.133.39.165 | 50053 (ANTON-LEV...) (ANTON-LEVIN-AS) | |
3 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42:600... 2a04:4e42:600::649 | 54113 (FASTLY) (FASTLY) | |
1 | 78.140.182.82 78.140.182.82 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 20.50.64.3 20.50.64.3 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
19 | 8 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-13-173.eu-central-1.compute.amazonaws.com
track.amsfor.com | |
sigate-stract.icu |
ASN16509 (AMAZON-02, US)
track.nerdyniches.com |
ASN50053 (ANTON-LEVIN-AS, GE)
novastarlit.com | |
prismhaven.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
prismhaven.com
prismhaven.com |
213 KB |
2 |
push-visit.xyz
push-visit.xyz |
2 KB |
2 |
pushdrive.site
pushdrive.site |
9 KB |
2 |
nerdyniches.com
2 redirects
track.nerdyniches.com |
2 KB |
2 |
amsfor.com
1 redirects
track.amsfor.com |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
28 KB |
1 |
html-cafe.com
html-cafe.com |
46 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
31 KB |
1 |
rawgit.com
rawgit.com — Cisco Umbrella Rank: 18350 |
19 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
842 B |
1 |
novastarlit.com
1 redirects
novastarlit.com |
688 B |
1 |
sigate-stract.icu
sigate-stract.icu |
632 B |
1 |
emowok.com
1 redirects
emowok.com |
580 B |
19 | 13 |
Domain | Requested by | |
---|---|---|
8 | prismhaven.com |
sigate-stract.icu
prismhaven.com |
2 | push-visit.xyz |
pushdrive.site
|
2 | pushdrive.site |
prismhaven.com
|
2 | track.nerdyniches.com | 2 redirects |
2 | track.amsfor.com | 1 redirects |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | html-cafe.com |
prismhaven.com
|
1 | code.jquery.com |
prismhaven.com
|
1 | rawgit.com |
prismhaven.com
|
1 | fonts.googleapis.com |
prismhaven.com
|
1 | novastarlit.com | 1 redirects |
1 | sigate-stract.icu |
track.amsfor.com
|
1 | emowok.com | 1 redirects |
19 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
track.nerdyniches.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
track.amsfor.com R11 |
2024-08-23 - 2024-11-21 |
3 months | crt.sh |
sigate-stract.icu R11 |
2024-07-05 - 2024-10-03 |
3 months | crt.sh |
prismhaven.com E5 |
2024-08-28 - 2024-11-26 |
3 months | crt.sh |
pushdrive.site WE1 |
2024-07-13 - 2024-10-11 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-08-05 - 2024-10-28 |
3 months | crt.sh |
rawgit.com WE1 |
2024-08-20 - 2024-11-18 |
3 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
html-cafe.com ZeroSSL RSA Domain Secure Site CA |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-08-05 - 2024-10-28 |
3 months | crt.sh |
push-visit.xyz GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2024-07-08 - 2025-01-08 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://prismhaven.com/?dom=track.nerdyniches.com&m1=&m2=&m3=&m4=&m5=&m7=&m6=&vr=logo&cep=DCbSDjFDufXHUGJR6v3iJ6hJlJvhs1Zn-D2Xv5P6Y537UM3es_Eblkab0QrrlPVcympVq3ZvqA4Z7D7bUQnwiMrQLmsVxkPTdFgZQMExTcs2f9goFDpAgA__4Yt_BeLRV_HP8ioeScP0WFJD9CiHLXs3VuLZ3CvBiviN1Q-wElOLpatQwSTN7nGP5PXUEpKPVHz9315rXsPgBJd3hPeuu7G-ArgM2hxytdP3K6J02B7iMlG_hWD3B2Exb1FAgWowgz4sDdjzM_JDSfgPtCAi-kRtD3aIoumULw-L8ulYVVBDRvqScVyjm192zAfxj2RIJBw7Z3lJkjNFcIxCHRAMhGuIfrzbD9npRYtHF3ANgJFTpHzsQxbCD8kuI1QtytNXRAcitzdPgO4qRiWkbzTRdw&lptoken=176c2486920d19f8417d
Frame ID: 161A969F184C50491836BBC37A25EBBC
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
LandersPage URL History Show full URLs
-
http://emowok.com/eowNFrb
HTTP 307
https://emowok.com/eowNFrb HTTP 302
https://track.amsfor.com/8c3c97e6-4d67-4f06-a599-e4678139db0e?click_id=eowNFrb&var2=&var3=&var4=&var5... HTTP 307
https://track.amsfor.com/8c3c97e6-4d67-4f06-a599-e4678139db0e/2?click_id=eowNFrb&var2=&var3=&var4=&va... Page URL
- https://sigate-stract.icu/redirect?target=BASE64aHR0cHM6Ly90cmFjay5uZXJkeW5pY2hlcy5jb20vZDVjMjFkMGItOD... Page URL
-
https://track.nerdyniches.com/d5c21d0b-898d-42c8-a754-704a13f53a33
HTTP 307
https://track.nerdyniches.com/d5c21d0b-898d-42c8-a754-704a13f53a33/2 HTTP 302
https://novastarlit.com/?path=/FR/5020/&dom=track.nerdyniches.com&m1=&m2=&m3=&m4=&m5=&m7=&m6=&vr=log... HTTP 302
https://prismhaven.com/?dom=track.nerdyniches.com&m1=&m2=&m3=&m4=&m5=&m7=&m6=&vr=logo&cep=DCbSDjFDu... Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Mettre à jour le suivi et ne pas payer de frais
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://emowok.com/eowNFrb
HTTP 307
https://emowok.com/eowNFrb HTTP 302
https://track.amsfor.com/8c3c97e6-4d67-4f06-a599-e4678139db0e?click_id=eowNFrb&var2=&var3=&var4=&var5=&var6=Indianapolis&var7=Rochard&var8=Gael&var9=33685246968&no=e&sms_cost=%sms_cost% HTTP 307
https://track.amsfor.com/8c3c97e6-4d67-4f06-a599-e4678139db0e/2?click_id=eowNFrb&var2=&var3=&var4=&var5=&var6=Indianapolis&var7=Rochard&var8=Gael&var9=33685246968&no=e&sms_cost=%sms_cost% Page URL
- https://sigate-stract.icu/redirect?target=BASE64aHR0cHM6Ly90cmFjay5uZXJkeW5pY2hlcy5jb20vZDVjMjFkMGItODk4ZC00MmM4LWE3NTQtNzA0YTEzZjUzYTMz&ts=1724920141346&hash=lXGlmEz7xnzV_7yoMbCyMK8uMBvMl0BT4DSSMSEhkxg&rm=DJ Page URL
-
https://track.nerdyniches.com/d5c21d0b-898d-42c8-a754-704a13f53a33
HTTP 307
https://track.nerdyniches.com/d5c21d0b-898d-42c8-a754-704a13f53a33/2 HTTP 302
https://novastarlit.com/?path=/FR/5020/&dom=track.nerdyniches.com&m1=&m2=&m3=&m4=&m5=&m7=&m6=&vr=logo&cep=DCbSDjFDufXHUGJR6v3iJ6hJlJvhs1Zn-D2Xv5P6Y537UM3es_Eblkab0QrrlPVcympVq3ZvqA4Z7D7bUQnwiMrQLmsVxkPTdFgZQMExTcs2f9goFDpAgA__4Yt_BeLRV_HP8ioeScP0WFJD9CiHLXs3VuLZ3CvBiviN1Q-wElOLpatQwSTN7nGP5PXUEpKPVHz9315rXsPgBJd3hPeuu7G-ArgM2hxytdP3K6J02B7iMlG_hWD3B2Exb1FAgWowgz4sDdjzM_JDSfgPtCAi-kRtD3aIoumULw-L8ulYVVBDRvqScVyjm192zAfxj2RIJBw7Z3lJkjNFcIxCHRAMhGuIfrzbD9npRYtHF3ANgJFTpHzsQxbCD8kuI1QtytNXRAcitzdPgO4qRiWkbzTRdw&lptoken=176c2486920d19f8417d HTTP 302
https://prismhaven.com/?dom=track.nerdyniches.com&m1=&m2=&m3=&m4=&m5=&m7=&m6=&vr=logo&cep=DCbSDjFDufXHUGJR6v3iJ6hJlJvhs1Zn-D2Xv5P6Y537UM3es_Eblkab0QrrlPVcympVq3ZvqA4Z7D7bUQnwiMrQLmsVxkPTdFgZQMExTcs2f9goFDpAgA__4Yt_BeLRV_HP8ioeScP0WFJD9CiHLXs3VuLZ3CvBiviN1Q-wElOLpatQwSTN7nGP5PXUEpKPVHz9315rXsPgBJd3hPeuu7G-ArgM2hxytdP3K6J02B7iMlG_hWD3B2Exb1FAgWowgz4sDdjzM_JDSfgPtCAi-kRtD3aIoumULw-L8ulYVVBDRvqScVyjm192zAfxj2RIJBw7Z3lJkjNFcIxCHRAMhGuIfrzbD9npRYtHF3ANgJFTpHzsQxbCD8kuI1QtytNXRAcitzdPgO4qRiWkbzTRdw&lptoken=176c2486920d19f8417d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://emowok.com/eowNFrb HTTP 307
- https://emowok.com/eowNFrb HTTP 302
- https://track.amsfor.com/8c3c97e6-4d67-4f06-a599-e4678139db0e?click_id=eowNFrb&var2=&var3=&var4=&var5=&var6=Indianapolis&var7=Rochard&var8=Gael&var9=33685246968&no=e&sms_cost=%sms_cost% HTTP 307
- https://track.amsfor.com/8c3c97e6-4d67-4f06-a599-e4678139db0e/2?click_id=eowNFrb&var2=&var3=&var4=&var5=&var6=Indianapolis&var7=Rochard&var8=Gael&var9=33685246968&no=e&sms_cost=%sms_cost%
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
2
track.amsfor.com/8c3c97e6-4d67-4f06-a599-e4678139db0e/ Redirect Chain
|
762 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect
sigate-stract.icu/ |
470 B 632 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
prismhaven.com/ Redirect Chain
|
25 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ace-push.js
pushdrive.site/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 842 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
prismhaven.com/static/FR/5020/css/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.css
prismhaven.com/static/FR/5020/css/ |
80 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ace-push.min.js
pushdrive.site/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
prismhaven.com/static/FR/5020/img/ |
14 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.svg
prismhaven.com/static/FR/5020/img/ |
441 B 944 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box4.png
prismhaven.com/static/FR/5020/img/ |
185 KB 186 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check-mini.webp
prismhaven.com/static/FR/5020/img/ |
880 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
progressbar.js
rawgit.com/kimmobrunfeldt/progressbar.js/1.0.0/dist/ |
71 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-land3.jpg
html-cafe.com/out/lander3/img/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
visit
push-visit.xyz/api/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit
push-visit.xyz/api/v1/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
prismhaven.com/ |
9 B 175 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker object| ProgressBar function| $ function| jQuery function| startCountdown function| countdown function| goToNextSection function| updateProgressBars function| getURLParameter string| dom string| link5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.track.amsfor.com/ | Name: 8c3c97e6-4d67-4f06-a599-e4678139db0e-v4 Value: YQbkxWvy7NshIl5pWIBwBZRFM80r9h-b51UTQqfMnjM |
|
.track.amsfor.com/ | Name: cc-v4 Value: iv2OWV%2Bhx960GJV8NKBLRvmROuhttHzyCH%2FXEfum5mg0xzkAw23SQ9CBFqPz8jmNhMflRRQ9d2t9sQxboW51r6EhHfDfhbPFwEZz1aWbZcB%2FP4mUjp%2BmcA%2FZB3Cct9gcRdZxIeGQCQHY6%2Bpc%2BXIEVA%3D%3D |
|
.track.nerdyniches.com/ | Name: d5c21d0b-898d-42c8-a754-704a13f53a33-v4 Value: fXIkWDSQcIQuusdKiPs1Mlwfyquatz9FZJHKO-H18ew |
|
.track.nerdyniches.com/ | Name: cep-v4 Value: fHQKAK_dOm8Hxe9YPQi9NVXMJPtOYTh6-YL_VVk0FtgD4_jfsnMDRHfwADoh8MlKgBU-Qecib6iGwmltklupFQhqgeAA7Hy4DVqDYSR2tD7rMbyvyv2n54Tv_PlEGTjWFlatcnsMv5uZBz7JSUKyO5MupbpZjyoOuTRmrrP9dSB5rMXm0ikcHyGnw7hfINHN77aW5keAGOKytw2vbrLZsjStIBBYv8G11gLFzSriahfhncKG9Y1W_sy0dCJLFlwv2XITIXG2qdPjrerZFWjcvdBUzltn2YK4MEt0JGEqXiwsploZMmMTzbSgpgUHI7L2Qnn2gVg27Id6_RgtqKX-fUKJvLf79BVTVJD2pi13SmP1W4JLBVvEbGWVV_8QOjW-LOGwMjYzGILClYPQP1-tOA |
|
prismhaven.com/ | Name: access_token Value: DCbSDjFDufXHUGJR6v3iJ6hJlJvhs1Zn-D2Xv5P6Y537UM3es_Eblkab0QrrlPVcympVq3ZvqA4Z7D7bUQnwiMrQLmsVxkPTdFgZQMExTcs2f9goFDpAgA__4Yt_BeLRV_HP8ioeScP0WFJD9CiHLXs3VuLZ3CvBiviN1Q-wElOLpatQwSTN7nGP5PXUEpKPVHz9315rXsPgBJd3hPeuu7G-ArgM2hxytdP3K6J02B7iMlG_hWD3B2Exb1FAgWowgz4sDdjzM_JDSfgPtCAi-kRtD3aIoumULw-L8ulYVVBDRvqScVyjm192zAfxj2RIJBw7Z3lJkjNFcIxCHRAMhGuIfrzbD9npRYtHF3ANgJFTpHzsQxbCD8kuI1QtytNXRAcitzdPgO4qRiWkbzTRdw |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
emowok.com
fonts.googleapis.com
fonts.gstatic.com
html-cafe.com
novastarlit.com
prismhaven.com
push-visit.xyz
pushdrive.site
rawgit.com
sigate-stract.icu
track.amsfor.com
track.nerdyniches.com
172.67.151.82
18.159.13.173
188.114.97.3
195.133.39.165
20.50.64.3
2600:9000:234e:5600:12:7f18:2cc0:93a1
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a04:4e42:600::649
78.140.182.82
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
1052cab12fb12da3c30eac0a17d89b67d7bf6c766c967bf1a937f51eb9f57916
54e45a0cb0fb522c4c3637e3fa2d6a7729bf8e9b2266d268cae0ca0583bf6d16
5b22315059af4d6401335a3ed8be7f28f4bc0e6277ce6e7b71620a06aa863742
611f9e60b51490a64ffc7272367136c6bbd34b799b7e0076e83a6c3299db207f
6d04e293cbb5bc943a3fa34eeedc2bd97cd7c05833aaf863a9c8687dd9302728
6ff12b88049b6c4dd06dab82ffd2310edff5fb6424ee8602c6bf66b71a6bf121
710d7f22beb529cd250d812bf9c1a9cfcc1a9ef213cefb61694e6cc7cf45f2fa
822e167be352fac697b3909dad27b8a7b4f14a8c769ec5d5554a08a6e2e791a9
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
856faf8bc7c3ae22fd23363f364902b38a8b603971cf8cf4a0fe1b4586412bf5
aabfeb6ea02f8e4f3e5490309d203f71b63ef57d475adba9df2344d3e32a1947
c75e7cdae28f5e6ae9ac84c6a81562cde943e722263b44305c41ac713bbebec1
cd189d67e4096696368bf718891d488addc301616f9a62c9df95efde6d38b6d5
d002a3303aafeb0dd9675633359c5cb388465232b5b232f85224aed8bef1b960
dcf16d6704f17993077be84b8e4ceea4abcae3190b6d626538331f9eb1d3bfef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e