payment.flywire.com
Open in
urlscan Pro
104.17.66.74
Public Scan
Submission: On July 09 via manual from GB
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2020. Valid for: a year.
This is the only time payment.flywire.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
flywire.com
payment.flywire.com |
840 KB |
9 |
zdassets.com
static.zdassets.com ekr.zdassets.com |
553 KB |
3 |
nr-data.net
bam.nr-data.net |
647 B |
3 |
zendesk.com
flywiresupport.zendesk.com |
2 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
19 KB |
1 |
hexagon-analytics.com
hexagon-analytics.com |
240 B |
1 |
siftscience.com
cdn.siftscience.com |
20 KB |
1 |
newrelic.com
js-agent.newrelic.com |
14 KB |
1 |
google.de
www.google.de |
512 B |
1 |
google.com
1 redirects
www.google.com |
587 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
463 B |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
40 | 14 |
Domain | Requested by | |
---|---|---|
16 | payment.flywire.com |
payment.flywire.com
|
8 | static.zdassets.com |
payment.flywire.com
static.zdassets.com |
3 | bam.nr-data.net |
payment.flywire.com
|
3 | flywiresupport.zendesk.com |
payment.flywire.com
static.zdassets.com |
2 | fonts.gstatic.com |
payment.flywire.com
|
2 | www.google-analytics.com |
1 redirects
payment.flywire.com
|
1 | hexagon-analytics.com | |
1 | cdn.siftscience.com |
payment.flywire.com
|
1 | js-agent.newrelic.com |
payment.flywire.com
|
1 | ekr.zdassets.com |
payment.flywire.com
|
1 | www.google.de |
payment.flywire.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googletagmanager.com |
payment.flywire.com
|
1 | fonts.googleapis.com |
payment.flywire.com
|
40 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.flywire.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
flywire.com Cloudflare Inc ECC CA-3 |
2020-07-06 - 2021-07-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA |
2019-06-25 - 2021-05-31 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
flywiresupport.zendesk.com CloudFlare Inc ECC CA-2 |
2019-08-20 - 2020-08-19 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-05-29 - 2021-05-07 |
a year | crt.sh |
*.siftscience.com DigiCert SHA2 Secure Server CA |
2019-01-03 - 2021-03-26 |
2 years | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
*.hexagon-analytics.com DigiCert SHA2 Secure Server CA |
2019-08-01 - 2021-11-03 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://payment.flywire.com/payment/PMO662591361/refunds
Frame ID: 81B0AE0CEBF10C194C4BDF3FC4343547
Requests: 35 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/latest/preload.74d3b0ed59886cb60f42.js
Frame ID: C3EC9415CB58115A384079684E45A316
Requests: 9 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Contact
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: For more information please view our cookie policy.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1295410467&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.flywire.com%2Flogin&ul=en-us&de=UTF-8&dt=Flywire%20-%20Powering%20the%20future%20of%20global%20payments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1021136108&gjid=1324288381&cid=1541794171.1594288375&tid=UA-21478818-13&_gid=124650891.1594288375&_r=1>m=2ou6o0&z=179328283 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-21478818-13&cid=1541794171.1594288375&jid=1021136108&_gid=124650891.1594288375&gjid=1324288381&_v=j83&z=179328283 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21478818-13&cid=1541794171.1594288375&jid=1021136108&_v=j83&z=179328283 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21478818-13&cid=1541794171.1594288375&jid=1021136108&_v=j83&z=179328283&slf_rd=1&random=751085260
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
refunds
payment.flywire.com/payment/PMO662591361/ |
27 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PaymentProcess.2abda4c2.css
payment.flywire.com/assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TrackingSetup.c2857d83.css
payment.flywire.com/assets/css/ |
54 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.7dde7737.css
payment.flywire.com/assets/css/ |
343 KB 140 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PaymentProcess.f1fa2b1dc383bccd5774.js
payment.flywire.com/assets/js/ |
64 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TrackingSetup.7286a54caa3972c7c9d5.js
payment.flywire.com/assets/js/ |
756 KB 178 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidgetSetup.72904c8565a2858e46bc.js
payment.flywire.com/assets/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.c9f8280f507c9d72ccb0.js
payment.flywire.com/assets/js/ |
1 MB 209 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.2283d93bf31a6616c249.js
payment.flywire.com/assets/js/ |
952 KB 234 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
84 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
experiments
payment.flywire.com/ |
3 KB 1 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feature_flags
payment.flywire.com/ |
164 B 189 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
localize
payment.flywire.com/ |
21 B 269 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoginPage.b03eac43.css
payment.flywire.com/assets/css/ |
1 KB 586 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoginPage.68c2f136adb14c869482.js
payment.flywire.com/assets/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
584 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v9/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
211 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AtlasGrotesk-Regular-Web.woff2
payment.flywire.com/assets/media/ |
38 KB 39 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c4b547a36d19831bde0881f98d5b61ec.svg
payment.flywire.com/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 512 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c8ae78d6-3220-4f30-9969-243a98c68f80
ekr.zdassets.com/compose/ |
792 B 835 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preload.74d3b0ed59886cb60f42.js
static.zdassets.com/web_widget/latest/ Frame C3EC |
54 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~web_widget.e66e0a18c0834979f05a.chunk.js
static.zdassets.com/web_widget/latest/ Frame C3EC |
1 MB 276 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web_widget.7a3cb1c1d09ad8405b37.chunk.js
static.zdassets.com/web_widget/latest/ Frame C3EC |
834 KB 161 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat-sdk.8bec18ba6b375cdd85e2.chunk.js
static.zdassets.com/web_widget/latest/ Frame C3EC |
255 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
talk-sdk.a78cdd8b4495e55b4f0a.chunk.js
static.zdassets.com/web_widget/latest/ Frame C3EC |
57 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
flywiresupport.zendesk.com/embeddable/ |
739 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
217 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us-json.2e604d5f7f5acbdeda49.chunk.js
static.zdassets.com/web_widget/latest/locales/ Frame C3EC |
25 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1169.min.js
js-agent.newrelic.com/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.js
cdn.siftscience.com/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
flywiresupport.zendesk.com/ Frame C3EC |
0 454 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
flywiresupport.zendesk.com/ Frame C3EC |
0 253 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acf0d21bbd
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
952632.gif
hexagon-analytics.com/images/ |
43 B 240 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame C3EC |
19 KB 20 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
acf0d21bbd
bam.nr-data.net/events/1/ |
24 B 186 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
acf0d21bbd
bam.nr-data.net/events/1/ |
24 B 186 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NREUM object| newrelic function| __nr_require object| webpackJsonp object| SENTRY_RELEASE object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| __post_robot_10_0_18__ object| __zoid_9_0_31__ object| flywire function| gtag object| dataLayer object| _sift object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| zEWebpackACJsonp function| zE function| zEmbed object| gaplugins object| gaGlobal object| gaData boolean| zEACLoaded function| $zopim function| __siftFlashCB undefined| Sift object| PluginDetect2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.flywire.com/ | Name: __ssid Value: fac32cde859f2a10667baccd00d5fec |
|
payment.flywire.com/ | Name: rack.session Value: BAh7CEkiD3Nlc3Npb25faWQGOgZFVG86HVJhY2s6OlNlc3Npb246OlNlc3Npb25JZAY6D0BwdWJsaWNfaWRJIkUyMjJjN2E1YWE2ZDkzNmYyODBjNmQzZmJiNjI3YWIzY2M3ZjFiNDAxODQ5MDY1YWFjNGNhOTIyODM1YTU4ZDJjBjsARkkiCWNzcmYGOwBGSSIxaVlDbmRwTlpPZDRNc1BqOVNHeCtGZkhNUnBkT3dCWHlveW9HR3JLR0kyST0GOwBGSSINdHJhY2tpbmcGOwBGewZJIhRIVFRQX1VTRVJfQUdFTlQGOwBUSSItYmRlNjAwZjc3YzZiODU3ZDkyNTlkYjEzMzU4ZWRlZGZlN2YxNWMzZAY7AEY%3D--5ffc6ef03f003b9001195cf3986abcef7390c8b0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
cdn.siftscience.com
ekr.zdassets.com
flywiresupport.zendesk.com
fonts.googleapis.com
fonts.gstatic.com
hexagon-analytics.com
js-agent.newrelic.com
payment.flywire.com
static.zdassets.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.53.111
104.17.66.74
104.18.70.113
104.18.72.113
151.101.114.110
162.247.242.18
162.247.242.20
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:816::2003
2a00:1450:4001:818::2004
2a00:1450:400c:c04::9a
34.102.232.42
34.96.67.224
08d648bd0db05f714022f16423a2ebf873c42b59db454727b5108834a900d7cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1e63ace57040569ef71ddec08c63bde0cdb1fb2d9e98027caaf84fa9258e7048
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
283ffd6a4c10775a510a3b992695cca96e292061f7739750d9ccea2291dd4de1
2d8e1de797d741bb51035220b302e932a28ab630135b4a622ebda6ed03bff992
37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176
3eaa9818456d88f5796d461134dc13ff49ac768cad2aa4f8dd502f3703b05e2f
408c0108f30235530ee5bc3cf7a006d9fac4dba903588c9b240b2029b2d34b70
42c22dacac294ebf9f845d38c0563d1a0569b0f7d290e995f7e73eeb92d569b8
468370f3c018163acc6f3b8f2470af2547bba6c5d557e12c2df8f0f94d5f9b77
4bddf794498e46367640721907de26bd4ef693eb359939156ed890a6f15aeba4
4ffd21c4a5a42014b5d0def8bae57eede45263de9482aceb56a04b3d269fc7fd
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6c8cc9a40cedaf547915d487af1d7e335dd79e58ccaa4a0dbfb99157a605e7f3
6fc9d60ade7849a86a6a4b7a3c1313b6d3bd010f781c99c51ae541e23cc9b3be
72e6b67e0ce23508b6542f6e6a0a699171e72f7766fa84480d8c77a230c21193
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
79f36db745073756eebb28359366f0c3a26f6bb7dbe2bb084c7313b5a3811054
89bbfb93359487967ff278269648356b7f561c1db54b1a80579b049999810f50
8acee261c036317bc3e6978e382afa280670755c1ecf8d67759631f10342254c
911245e9a32d617b8b908d8e742522fa9ed193aae41570cdb80b263517e453cb
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9a4f24ba696cea746ebddee15c232eeab34209b45573079e8ef80a50e036ba67
9c6ffdf557914fd6c82440ec27f3058824e7bed15dc714c56a66efc0e890e3c6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a696e7e64a042e0bae3f395c501ae06dead10359d0ab6d3e050052a374b405c4
a6979e1d2ae170104588dfad5400532da8cd8f32070ae5fc8b1cfbf40a0ba45a
abf556066e12c44c67c74819a0f9bcb209f99b70675904a1b625c545d9d7e1d7
bfd6103260fb8303da0ad9f7b594b456249374a51ee7fd4bd1ff95ab0c62d693
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
d5933d313112d56d8b7f9798e7bc61660d528d85be2a4a20605b36ec64b6623f
d9f60f4977ab0239c2c7cf3e5d91fb8cc07e1e3d020c175e6ed14697a8a8ecc4
de144112e80c836241a717067b1a0a6a3940532ef732b95846ff9f2c2628b322
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f0d48128252be34701067cf48fdf029357715888a942897c529b1ff6c67d7a
e8c3afa3a915ff44b52f346aa36b7b95c31e6acea14a75920d712a8a5be242b1
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027b7c2f914dd3c641d41d226fdfd180a33431d630ec7604c27b8703ed928cc
f711e1ea648f8d342567ab61279e642882aa2c7e5af132b3a11a9a83ed4af9c7
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955