gallasprint.com
Open in
urlscan Pro
2606:4700:3030::681b:8cef
Public Scan
Effective URL: https://gallasprint.com/p/trending-now?cp=FRSHIP
Submission: On July 31 via api from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 28th 2020. Valid for: 7 months.
This is the only time gallasprint.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
d2p4lessyc9hsw.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16
static.hotjar.com | |
script.hotjar.com | |
vars.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14
vc.hotjar.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudfront.net
d2p4lessyc9hsw.cloudfront.net |
2 MB |
4 |
gallasprint.com
gallasprint.com |
9 KB |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
71 KB |
2 |
google.de
www.google.de |
213 B |
2 |
google.com
1 redirects
www.google.com |
299 B |
2 |
facebook.net
connect.facebook.net |
60 KB |
2 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net stats.g.doubleclick.net |
1 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
18 KB |
1 |
hotjar.io
vc.hotjar.io |
116 B |
1 |
cloudinary.com
res.cloudinary.com |
276 KB |
1 |
facebook.com
www.facebook.com |
|
1 |
googleadservices.com
www.googleadservices.com |
11 KB |
1 |
bit.ly
1 redirects
bit.ly |
362 B |
27 | 14 |
Domain | Requested by | |
---|---|---|
7 | d2p4lessyc9hsw.cloudfront.net |
gallasprint.com
|
4 | gallasprint.com |
cdnjs.cloudflare.com
|
2 | www.google.de |
gallasprint.com
|
2 | www.google.com |
1 redirects
gallasprint.com
|
2 | connect.facebook.net |
d2p4lessyc9hsw.cloudfront.net
connect.facebook.net |
2 | www.google-analytics.com |
1 redirects
gallasprint.com
|
2 | cdnjs.cloudflare.com |
gallasprint.com
|
1 | vc.hotjar.io |
cdnjs.cloudflare.com
|
1 | res.cloudinary.com | |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | www.facebook.com |
cdnjs.cloudflare.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | static.hotjar.com |
gallasprint.com
|
1 | www.googleadservices.com |
gallasprint.com
|
1 | bit.ly | 1 redirects |
27 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-28 - 2020-10-09 |
7 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-06-17 - 2020-09-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-06-18 - 2020-09-16 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-06-16 - 2020-09-14 |
3 months | crt.sh |
*.cloudinary.com Go Daddy Secure Certificate Authority - G2 |
2020-05-27 - 2022-06-22 |
2 years | crt.sh |
vc.hotjar.io Let's Encrypt Authority X3 |
2020-07-14 - 2020-10-12 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://gallasprint.com/p/trending-now?cp=FRSHIP
Frame ID: AC22E71E749306A5899D14AF288FE99D
Requests: 26 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: D44C32D24630597D76B55539C015A2E7
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bit.ly/32StKVz
HTTP 301
https://gallasprint.com/p/trending-now?cp=FRSHIP Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.ly/32StKVz
HTTP 301
https://gallasprint.com/p/trending-now?cp=FRSHIP Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=633050574&t=pageview&_s=1&dl=https%3A%2F%2Fgallasprint.com%2Fp%2Ftrending-now%3Fcp%3DFRSHIP&ul=en-us&de=UTF-8&dt=Moteefe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1669794467&gjid=1213372700&cid=1435276470.1596162861&tid=UA-59352049-1&_gid=389817467.1596162861&_r=1&z=285124385 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59352049-1&cid=1435276470.1596162861&jid=1669794467&_gid=389817467.1596162861&gjid=1213372700&_v=j83&z=285124385 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59352049-1&cid=1435276470.1596162861&jid=1669794467&_v=j83&z=285124385 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59352049-1&cid=1435276470.1596162861&jid=1669794467&_v=j83&z=285124385&slf_rd=1&random=2130563347
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
trending-now
gallasprint.com/p/ Redirect Chain
|
12 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_dashboard-326c6f9c3f2166fed559e8d8c6c170ddab5527e8d25e7f7d3e2b297fa93488e5.css
d2p4lessyc9hsw.cloudfront.net/v/b7e489b3/assets/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.3c9341c8fcce1788511b.css
d2p4lessyc9hsw.cloudfront.net/v/b7e489b3/packs/ |
85 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-vendors~main-53236ef96481925f7b2b.chunk.js
d2p4lessyc9hsw.cloudfront.net/v/b7e489b3/packs/ |
2 MB 517 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-main-c2b17a34115592b14d28.js
d2p4lessyc9hsw.cloudfront.net/v/b7e489b3/packs/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.9/ |
58 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-173864.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/954760959/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.7d9bf3f202615877384b.js
script.hotjar.com/ |
353 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
192 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/954760959/ |
42 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/954760959/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame D44C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
current_user.json
gallasprint.com/api/v1/ |
569 B 845 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carts.json
gallasprint.com/api/v1/ |
1012 B 844 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oops-tshirt.png
res.cloudinary.com/moteefe/image/upload/site/ |
276 KB 276 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gothamhtf-bold.woff2
d2p4lessyc9hsw.cloudfront.net/fonts/ |
17 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gothamhtf-medium.woff2
d2p4lessyc9hsw.cloudfront.net/fonts/ |
17 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gothamhtf-book.woff2
d2p4lessyc9hsw.cloudfront.net/fonts/ |
17 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
173864
vc.hotjar.io/sessions/ |
0 116 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visits.json
gallasprint.com/ahoy/ |
211 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.3/flags/4x3/ |
213 B 327 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar number| fbAppId string| GoogleAnalyticsObject function| ga object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| scCGSHMRCache object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ function| hj object| _hjSettings object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_transport_url function| fbAsyncInit number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| FB function| enableFeatureFlags object| dataLayer object| __alreadyTrackedEvents10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gallasprint.com/ | Name: _custommaterials_sessions Value: RUNDY0Q4YUR5Wnk2Z2Uxd1ZQaTMwUjEzNGkycEVOdGJrT1htNHZUMWFxa2w0dllIRnR1M1kxOEh6MTRESEJ1elVBRFpCV0NFWHdNYkl2dEQyTCtpcHQrK2dqYzdhZEV0bVovRnlXYlBuTXMvT29KNlQ2bG5obUNhejZldUJZN3ZUUitmZ1FnV29kM0FvRDlGS2h3YUtnPT0tLTJ0cHYzV1FMcThnSFNhMDkvQkJqWUE9PQ%3D%3D--f659a26e162ecc41e846937c1a2e5397b052f35c |
|
.gallasprint.com/ | Name: _hjid Value: f7089c8c-d8ce-4247-975d-1094c4b0c4f9 |
|
gallasprint.com/ | Name: currency_code Value: GBP |
|
.gallasprint.com/ | Name: _gat Value: 1 |
|
.gallasprint.com/ | Name: _ga Value: GA1.2.1435276470.1596162861 |
|
gallasprint.com/ | Name: _csrf_token Value: bVZuZ1BsdnlSYnowaTFYVFNtZHB3SHZaeEFqMnUxdzUrWTZsOGV4b0R0TS9Pb2VFdXI2d2V2VWpWWUlqSXBGUy0tRTdlNTJ2WlRYMjdldVlReXRRVlpxZz09--c1e51672317553b1b66b3e56a1399e633aba864a |
|
gallasprint.com/ | Name: csrf_token Value: iikJtgnn%2BPbT%2BsYV3xuO%2BWHClf0I9WqsLRqltlyWZTxU6QvQswO9OI2MPkayr%2BEWAFr59q%2F0Ip8a75falyrf3Q%3D%3D |
|
.gallasprint.com/ | Name: _gid Value: GA1.2.389817467.1596162861 |
|
gallasprint.com/ | Name: locale Value: de |
|
.gallasprint.com/ | Name: __cfduid Value: dc8392e758e5603a222410dd57a8872141596162860 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
cdnjs.cloudflare.com
connect.facebook.net
d2p4lessyc9hsw.cloudfront.net
gallasprint.com
googleads.g.doubleclick.net
res.cloudinary.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
147.75.101.5
147.75.33.233
216.58.207.66
2600:9000:214f:e400:10:3eb5:9800:21
2606:4700:3030::681b:8cef
2606:4700::6810:84e5
2606:4700::6810:85e5
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::393
67.199.248.11
0ee21873f0f644e948c8ccc8cbb2647d2691a94b1a36b3ed9980672b103d71d4
19d32b080ba2653d283e981082692581d4c19107788306f22154dc9b7d2ecccf
226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f
241d5ccfe4069e34463f5d70167c47a6b68acde9abae1303684de6824d65fab0
3065e10621af60d6237dc9d1a2cc1522936f4275061e1b997e8de9cdb7dbfe18
3ac65219fb37282fe8152e68c3700a128c161ef609331493b51045b18ec76ffd
44ee04d2e43891702474e6c89a6c30dbb44436ebd11287523d49c05ddcade070
56dee4a45a75cb02ff45ce93b3455473e924eb152fa130eebd87333791456831
6f54621a31b0d825847870b657c4eec4c85f41a9f826e752fc12eca1606928fb
73b27b5a898c9927ec8d1b06e6b31a134712ef671cf1185589a745241fb3dce8
88973a8cd57985f1fd75b654ccf89a538577b6e3ab79135c42b950415741238e
a47633010fbc90602c184cdbf2d844ac6c346a61dbc27ba3bea8d33348d3c742
b2e86e1611415f297d2345437a13890e9b981f2043c26f884507aa127bb88daa
b60357c7d16f8785d7cc361192ec67ecf4414fe24377fdb41d1b1095a4c5c6b8
b850b7404d652631f6b0a1622ad66aff90e8f30b1e936a2f3a08a3fa4ca76a28
c12999fcac979ed60c33ee611d80fbc525b3bafcf6f8de4be19df9a7afd317dc
d10192583b7171860e4e292927ed5578fadf2e9ccac492c87063b036e14e4e1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb032f9221945aed193dbb96873d19699dc63578d59edb01cc55a076d02efefa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f9942d5401f3cf6e53af395a51075a1be733f71a83c2a584cc7ece8d25cf9b
facd17cd32128ba91f403695d470320a2ca5b8cc1cbf784523b92a52b5b51587
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955