www.sheridunavan.com
Open in
urlscan Pro
52.86.11.73
Public Scan
Effective URL: https://www.sheridunavan.com/
Submission Tags: @phish_report
Submission: On July 20 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.
This is the only time www.sheridunavan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 184.169.141.142 184.169.141.142 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 52.86.11.73 52.86.11.73 | 14618 (AMAZON-AES) (AMAZON-AES) | |
8 | 3.161.82.111 3.161.82.111 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.55.176.16 52.55.176.16 | 14618 (AMAZON-AES) (AMAZON-AES) | |
10 | 2a04:4e42:600... 2a04:4e42:600::614 | 54113 (FASTLY) (FASTLY) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
5 | 142.250.185.168 142.250.185.168 | 15169 (GOOGLE) (GOOGLE) | |
35 | 11 |
ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-141-142.us-west-1.compute.amazonaws.com
sheridunavan.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-11-73.compute-1.amazonaws.com
www.sheridunavan.com |
ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-111.fra56.r.cloudfront.net
static.myrealestateplatform.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-176-16.compute-1.amazonaws.com
events-va.placester.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
placester.com
events-va.placester.com media.placester.com |
922 KB |
8 |
myrealestateplatform.com
static.myrealestateplatform.com |
2 MB |
7 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
198 KB |
5 |
sheridunavan.com
1 redirects
sheridunavan.com www.sheridunavan.com |
26 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123 |
21 KB |
1 |
gstatic.com
fonts.gstatic.com |
38 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
1021 B |
35 | 7 |
Domain | Requested by | |
---|---|---|
10 | media.placester.com |
www.sheridunavan.com
|
8 | static.myrealestateplatform.com |
www.sheridunavan.com
static.myrealestateplatform.com |
7 | www.googletagmanager.com |
static.myrealestateplatform.com
www.google-analytics.com www.sheridunavan.com |
4 | www.sheridunavan.com |
www.sheridunavan.com
static.myrealestateplatform.com |
2 | www.google-analytics.com |
static.myrealestateplatform.com
www.google-analytics.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | events-va.placester.com |
static.myrealestateplatform.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
www.sheridunavan.com
|
1 | sheridunavan.com | 1 redirects |
35 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
placester.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
pinterest.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.sheridunavan.com R3 |
2024-06-04 - 2024-09-02 |
3 months | crt.sh |
*.myrealestateplatform.com Amazon RSA 2048 M03 |
2024-06-05 - 2025-07-04 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.placester.com Amazon RSA 2048 M02 |
2024-01-17 - 2025-02-14 |
a year | crt.sh |
s4-san.cloudinary.com GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-08-13 - 2024-09-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sheridunavan.com/
Frame ID: BAF7A61C28655C834FD257CFF2977400
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
Sheri Dunavan - Your Trust Is The Heart Of My BusinessPage URL History Show full URLs
-
http://sheridunavan.com/
HTTP 307
https://sheridunavan.com/ HTTP 301
https://www.sheridunavan.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Placester
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sheridunavan.com/
HTTP 307
https://sheridunavan.com/ HTTP 301
https://www.sheridunavan.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.sheridunavan.com/ Redirect Chain
|
186 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
classic-themes.min.css
www.sheridunavan.com/wp-includes/css/ |
217 B 589 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
valhalla-tailwind-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ |
62 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
valhalla-vendor-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ |
265 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
valhalla-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ |
2 MB 118 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1021 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
valhalla-scripts.js
static.myrealestateplatform.com/Valhalla/assets/dist/ |
2 MB 411 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-light-300.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ |
447 KB 448 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ |
37 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ |
340 KB 341 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ |
409 KB 410 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ |
115 KB 116 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
305 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
events-va.placester.com/ |
35 B 194 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
placester-ajax.php
www.sheridunavan.com/wp-content/plugins/toolbox/src// |
980 B 861 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pgblackprintramblertransparent-4.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2020/07/ |
24 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f585c75e72033aad8efca4912d7717726da71296.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2021/11/ |
170 KB 170 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
174795c1e869f8efe2bc331cfe0051fe7ff303ea.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2021/11/ |
97 KB 97 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ |
137 KB 138 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdhs.png
media.placester.com/image/upload/c_fill,dpr_1.0,f_auto,fl_lossy,h_30,q_auto,w_30/v1/inception-app-prod/NmYwYTg1NjMtMjBlZC00NTAyLWI5MTQtMjk5YjJiNmE4NTFi/content/2021/04/ |
296 B 791 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7e87933ab3313582fad694ff5feb37b67fcf846f.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_768/c_scale,w_768/v1/inception-app-prod/NmYwYTg1NjMtMjBlZC00NTAyLWI5MTQtMjk5YjJiNmE4NTFi/favicon/2021/10/ |
35 KB 36 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ |
117 KB 118 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 225 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
275 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
placester-ajax.php
www.sheridunavan.com/wp-content/plugins/toolbox/src// |
289 B 704 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
media.placester.com/image/upload/c_scale,q_100,w_32/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2020/07/ |
4 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ |
213 KB 213 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ |
124 KB 124 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ValhallaConfig object| _pdata object| valhallaUserway function| trim function| $ function| jQuery function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| Outlayer function| Isotope function| Masonry function| Packery function| moment function| Pikaday function| Cookies object| maplibregl object| valhalla function| MapBuilder string| GoogleAnalyticsObject function| ga object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.sheridunavan.com/ | Name: cookie-banner-accepted Value: no-banner |
|
www.sheridunavan.com/ | Name: placester_events_session Value: 4389a1eb-0645-4637-b6cb-cd76b61437c3 |
|
www.sheridunavan.com/ | Name: placester_events_uuid Value: 0073ad74-6ce0-42bd-bd12-d0ffe1197490 |
|
.sheridunavan.com/ | Name: _ga Value: GA1.2.1289664755.1721437020 |
|
.sheridunavan.com/ | Name: _gid Value: GA1.2.1276807388.1721437020 |
|
.sheridunavan.com/ | Name: _gat Value: 1 |
|
.sheridunavan.com/ | Name: _ga_3MWBNTELPD Value: GS1.2.1721437020.1.0.1721437020.0.0.0 |
|
www.sheridunavan.com/ | Name: placester_events_session_timestamp Value: 1721437020 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
events-va.placester.com
fonts.googleapis.com
fonts.gstatic.com
media.placester.com
region1.google-analytics.com
sheridunavan.com
static.myrealestateplatform.com
www.google-analytics.com
www.googletagmanager.com
www.sheridunavan.com
142.250.185.168
184.169.141.142
2001:4860:4802:34::36
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:831::200a
2a04:4e42:600::614
3.161.82.111
52.55.176.16
52.86.11.73
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0df602c426ef1d0f4a64e200a06ab06bb60bdb80df85b56b9d17eddf37bc7b18
14a7aa2dc2c23fadfff9fd22cfffb2e8e6ba5a44b0b56950737693f26188fb1a
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca
27a2e12899c870d283b48719fcee5742806b7a8d2bf8cfd9824ea7ff3192038c
30de3b5203bf3feaf955bf8fa9257a32f622733b8a4a3a64960536d9f29d7542
3b89a6a3ca2d570b54f0bd623d61633ba4a1d54eb409fc15254afb2477579336
5127b133655d52e7f123265ea329f9fcb21db9d02bbfd2265cf0a8599e9ebcb2
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5ce31fdb5f8be601a4d346a3650562d7aea30c429554cbbcce9a6f3ad7e82205
656b5b7c9aab407b59c83070d031cafd964456ffb29186a34a9ca155e54e35bd
676bfca4569f153b7bcbcf35c0f872c83daacb6a163c2d544a70fe379a992c24
6dde191f162ea759b28143affea70246a4adb4ee0b67b08fe34b2f7defbf8464
77207025cbeb0333998281271806e64ab63fc695223a654db56278921fc94cbf
899b712fe0888d307623d34c0d516dc0e8de2535112e9c1020b6e59ba4de22ac
969e606c443151d6f241c55704995bfce170616fa381121d5a0ebf497fe03527
9ac06ddbf9e71000fb8f9af22735a9d38de31bb12b15410f060c95c05ffee249
9f285391e161e6adedda91618d02087cd960c10a1617266f34d5698a341cdeca
a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
b3bfd3c02d08a4ff47fde2c690af5011f53900c1da973cf47fd54db0e924af47
bbef731fa4ca70589754181ac2bf64b347140034886594380956b11827b4690c
ca04b88267cad2ab1fdd91529a35124c50ee6391fa46acab0e5e60dda8c6bad1
cf2d539e7d665d36d94f297c9a48d8345e46e0cf3bb76d0c5b3439eadb583107
d1f315b17da933baa53cc82c7d363571e2d76194d897b70da55c25ea1e3a0928
d733cc1cefc7561eef487ae205f69a1287884854a7c9d8a0e3bff2061ca46315
d7a9cbdce84ae3c7e2f052fbe708f813124ffa0b228c217ea04f619ae5e2817e
d8ef02530fad79e566671e249f5058187a9138c36e565195bbfec8724c06351d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d514d804f2a4a845062e1113c70d3d54868a74160d022ce718cd080c4ce452