academy.fin2u.net
Open in
urlscan Pro
3.215.44.95
Public Scan
Effective URL: https://academy.fin2u.net/
Submission: On September 16 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 25th 2020. Valid for: 3 months.
This is the only time academy.fin2u.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.238.223.168 34.238.223.168 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 3.215.44.95 3.215.44.95 | 14618 (AMAZON-AES) (AMAZON-AES) | |
18 | 52.217.81.246 52.217.81.246 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:3::622 2a04:4e42:3::622 | 54113 (FASTLY) (FASTLY) | |
4 | 2a00:f48:2000... 2a00:f48:2000:1023::3 | 47447 (TTM) (TTM) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81a::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:20e... 2600:9000:20e8:6c00:11:c3fe:5b00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.111.248.20 104.111.248.20 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
30 | 9 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-223-168.compute-1.amazonaws.com
secure.inticart.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-44-95.compute-1.amazonaws.com
academy.fin2u.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-20.deploy.static.akamaitechnologies.com
cdn.iubenda.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
amazonaws.com
s3.amazonaws.com |
626 KB |
4 |
swarmcdn.com
assets.swarmcdn.com |
210 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
fin2u.net
academy.fin2u.net |
21 KB |
1 |
iubenda.com
cdn.iubenda.com |
6 KB |
1 |
gumlet.com
cdn.gumlet.com |
7 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
29 KB |
1 |
wistia.com
fast.wistia.com |
120 KB |
1 |
inticart.com
1 redirects
secure.inticart.com |
502 B |
30 | 9 |
Domain | Requested by | |
---|---|---|
18 | s3.amazonaws.com |
academy.fin2u.net
s3.amazonaws.com |
4 | assets.swarmcdn.com |
academy.fin2u.net
assets.swarmcdn.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | academy.fin2u.net |
academy.fin2u.net
|
1 | cdn.iubenda.com |
s3.amazonaws.com
|
1 | cdn.gumlet.com |
academy.fin2u.net
|
1 | www.googletagmanager.com |
academy.fin2u.net
|
1 | fast.wistia.com |
academy.fin2u.net
|
1 | secure.inticart.com | 1 redirects |
30 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.fin2u.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
academy.fin2u.net Let's Encrypt Authority X3 |
2020-07-25 - 2020-10-23 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-08-04 - 2021-08-09 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-09-09 - 2021-05-07 |
8 months | crt.sh |
*.swarmcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-12-02 - 2020-12-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.gumlet.com Amazon |
2020-04-04 - 2021-05-04 |
a year | crt.sh |
www.iubenda.com DigiCert Secure Site ECC CA-1 |
2020-02-18 - 2021-05-19 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://academy.fin2u.net/
Frame ID: 493577056A224BA1D806DD69E5148C27
Requests: 31 HTTP requests in this frame
Frame:
https://s3.amazonaws.com/helpshelf-production/gen/html/Lq0807PG.min.html?s=Lq0807PG&p=%2F&h=&hn=academy.fin2u.net&uid=&ue=&ufn=&uh=-1796011905&dpm=0&dm=0&ih=720&iw=460&rhm=0&rwm=0&gc=%5B%5D&av=%5B%5D&ac=%5B%5D
Frame ID: 4AB3C51254A291CE02E7959F7D6752D0
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://secure.inticart.com/
HTTP 302
https://academy.fin2u.net/ Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Limited Time Offer
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://secure.inticart.com/
HTTP 302
https://academy.fin2u.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
academy.fin2u.net/ Redirect Chain
|
75 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
summit.theme.min.4158dd79.css
s3.amazonaws.com/heysummit-production/static/dist/css/ |
260 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
summit.head.min.c0c34489.js
s3.amazonaws.com/heysummit-production/static/dist/js/ |
283 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
academy.fin2u.net/utils/fa-custom-generator/3497/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ceftj5SrnPDktSqfMSVxLY.png
s3.amazonaws.com/heysummit-production/media/uploads/events/fin2u-deals/ |
58 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
E-v1.js
fast.wistia.com/assets/external/ |
660 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
summit.body.min.74a0ff56.js
s3.amazonaws.com/heysummit-production/static/dist/js/ |
583 KB 163 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.countdown.min.js
s3.amazonaws.com/heysummit-production/static/js/lib/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swarmdetect.js
assets.swarmcdn.com/cross/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
80 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2
s3.amazonaws.com/heysummit-production/static/fonts/fontsdotcom/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2
s3.amazonaws.com/heysummit-production/static/fonts/fontsdotcom/ |
16 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
14c73713-e4df-4dba-933b-057feeac8dd1.woff2
s3.amazonaws.com/heysummit-production/static/fonts/fontsdotcom/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aad99a1f-7917-4dd6-bbb5-b07cedbff64f.woff2
s3.amazonaws.com/heysummit-production/static/fonts/fontsdotcom/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 396 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lq0807PG.min.js
s3.amazonaws.com/helpshelf-production/gen/loader/ |
26 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gumlet.min.js
cdn.gumlet.com/gumlet.js/2.0/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swarmcdn.js
assets.swarmcdn.com/cross/ |
723 KB 200 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button_join-us-now_1.png
s3.amazonaws.com/heysummit-production/media/uploads/pagebuilder/5518/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
S2_Home_Education.png
s3.amazonaws.com/heysummit-production/media/uploads/pagebuilder/5518/ |
115 KB 115 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pagebuilder-component-placeholder.png
s3.amazonaws.com/heysummit-production/media/defaults/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
58 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user_default_image_square_medium.png
s3.amazonaws.com/heysummit-production/media/thumbnails/defaults/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user_default_image_square_small.png
s3.amazonaws.com/heysummit-production/media/thumbnails/defaults/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
602c17e0-94ea-407a-9537-9ead7d30efd3.js
assets.swarmcdn.com/cross/config/ |
401 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lq0807PG.min.html
s3.amazonaws.com/helpshelf-production/gen/html/ Frame 4AB3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-times-light.png
s3.amazonaws.com/helpshelf-production/static/lib-core/ |
312 B 711 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b3.png
s3.amazonaws.com/helpshelf-production/media/uploads/sites/fin2u/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-js.css
assets.swarmcdn.com/cross/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iubenda.js
cdn.iubenda.com/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
163 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes string| csrftoken string| hs_subdir string| hs_subdir_path function| $ function| jQuery object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| dataLayer number| wordCloudMaxSearchIterations object| wordCloudFilledAreas function| calcWordCloudWordOverlap function| randomizeWordCloud object| google_tag_manager object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| version object| tagsToReplace function| replaceTag function| escapeHtml function| validateEmail function| extend function| removeFromArray object| mobileDetect function| handleCookieConsent function| initCTA function| ordinal_suffix_of function| parseQueryString function| trackUniqueFBPixel function| trigger_click_or_modal function| trackUTMandVars function| initResizeTextAreas function| resizeTextArea function| delayedTextAreaResize function| setCookie function| getCookie function| setupConvertLocalDateEvents function| setTooltip function| hideTooltip function| resetFormElement function| htmlDecode function| findGetParameter function| storeAttendeeVars function| initLoadingContainerContent function| setLoadingContainerContent object| crudActionsBeingProcessed number| crudStepIndex function| crudListActionClicked function| makeAjaxCrudListActionCall function| loadCrudForm function| searchCrudList function| submitCrudForm function| validateFormFiles function| prepareFormData function| showCrudFormMessage function| showCrudFormFieldErrors function| showCrudListMessage function| addFormsetRow function| deleteFormsetRow function| loadCrudModalStep function| ticketFormDateRange function| initCustomFragmentModalListener object| heySummitAnimationItems function| prepHeySummitAnimationParent function| resetHeySummitAnimation function| stopHeySummitAnimation function| startHeySummitAnimation function| startHeySummitAnimationScrollHorizontal function| startHeySummitAnimationScrollHorizontalFrame function| startHeySummitAnimationLoadTop function| startHeySummitAnimationLoadTopFrame function| loadExternalLibraries function| loadExternalLibrariesOnlyAfterCookieConsent function| Popper object| bootstrap string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile function| ClipboardJS function| MobileDetect function| lity function| Blazy function| moment function| cardAddedCallback function| cardFailedCallback function| validateRegPermissionsForm function| validateRegCategoriesAndTalksForm function| validateRegTicketsForm function| validateRegCategoriesForm function| validateRegTalksForm function| logTweetIntent function| logViralIncentiveIntent object| swarmoptions object| helpShelfSettings object| GUMLET_CONFIG object| d object| s undefined| attendee_email boolean| is_Custom_Video object| currentScriptTag boolean| isAsyncLoad object| scriptElem object| firstScript boolean| SWARMIFY_LOADED object| data object| gumlet function| _handleMultipleEvents function| _logType function| parseXML function| _addEventListener function| EventedObject function| FakeXMLHttpRequest function| verifyState function| verifyRequestSent function| verifyHeadersReceived function| verifyResponseBodyType function| vjs function| videojs function| hasOwnProp number| errNum boolean| _backgroundSizeSupported object| cx function| oldOnError function| _Event object| httpStatusCodes object| unsafeHeaders object| FakeXMLHttpRequestProto string| property object| vttjs function| WebVTT function| $f function| Froogaloop object| nacl object| manticors object| swarmify object| closure_lm_906654 object| browser_swarm boolean| SWARM_LOADED object| HelpShelfLoader function| HelpShelfLoaderClass function| Class object| style boolean| externalLibrariesOnScrollLoaded object| _iub function| IubSpinner7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
academy.fin2u.net/ | Name: hs_uhash Value: -1796011905 |
|
academy.fin2u.net/ | Name: browser_id Value: 178bd096-c80d-48bf-832b-bb16cb39d53c |
|
.academy.fin2u.net/ | Name: _gat_UA-126896458-1 Value: 1 |
|
academy.fin2u.net/ | Name: heysummit_referer Value: |
|
.academy.fin2u.net/ | Name: _gid Value: GA1.3.566192927.1600279171 |
|
.academy.fin2u.net/ | Name: _ga Value: GA1.3.1164731419.1600279171 |
|
academy.fin2u.net/ | Name: csrftoken Value: uStjeUvGK0LezEXgAp8zqF6ihQt25pyan059YFSFWA7SfD2yH3XQlbDiTBlGKwRw |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
academy.fin2u.net
assets.swarmcdn.com
cdn.gumlet.com
cdn.iubenda.com
fast.wistia.com
s3.amazonaws.com
secure.inticart.com
www.google-analytics.com
www.googletagmanager.com
104.111.248.20
2600:9000:20e8:6c00:11:c3fe:5b00:93a1
2a00:1450:4001:81a::200e
2a00:1450:4001:821::2008
2a00:f48:2000:1023::3
2a04:4e42:3::622
3.215.44.95
34.238.223.168
52.217.81.246
04495bf935a53577c090394c8fa0c21011487969a62a25e9e0ab6a3c12e04ce4
0903aeb2dad08d6a15d2447448067acb07131ee126e365adbc387da60f494d75
161f2317dd5741d1d3db8742dc2245804eee2ade6875976e0689e62b9f0c0632
207c5b636f8f18dd396b1e58af0c21f3a957f18384c753ec227ddbf878e3e28e
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
26037401f5451b783ff4ad91e156d111aab4839cdf8bbdde8d983b9ddadda9d8
264927d8d2d00b219406fdb6bd819a6393241083adde28122fff16796345d9c8
2f4f6a60c09d6f2f9233be67a6126ea34c89d3d24ef972ba2885e042b36d89cf
34fe03aa5ee213199c2e9672728a4941e4fbd88b21d77c773f6021ebcf5a5942
546c5c4226870838e2f457b0150d341f718006137e306b2708d5c8b2bf663c57
5766ebb25a81ff02467ae47102c02ce663d2810af454a3916f6a0b5fafa7344d
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
64fc6a4c962c67ab157e9cb34ed7e1c86742cb97e19d66f797f290bd32d0ff3f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7203f86a62711448964409ca56151099d5045e240d75e1a43d0b6b8c5e08ef0c
790fa159386b80e1ff4677d65fc9eb7c59f9b86c4ee6e9de737d6964867af4b8
79b7f70621405ea1cf4d13a4bf2fda368e132e19eadcaa3bdf123798718b7e61
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0
84b1fad5bb56151c14ce5a1cdcd8f7d776aced2c45c43e7ece370390384c18ee
8612ada4ed87d2ba6806c898f95f6100c3a6c3bd32b3406be1fb711d8b6f1c23
8f537165f938253fc1391ad83ba8688fb250a46860389897d02b142551e6df4d
b6b2d0d892d10921ef6f702319e5025fbfe023a5e586d666844ef79ecc28158f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5a6742522163ff51424a44a001baf9d025a259972915821e28b106a5ce89c91
cc1ce387c25971be3bffd25bb645ec0b6d37c3f7cdc80c419e8c381c856bdfb1
e4a285edd4d51812b10eb15b37a8e130cda6edb06680fc83766d29f79158f628
efc7ac648dc8db352235e7effc55f7a515d91e9c3c838af9cc2c7bd7e2e959aa
f0414248e0cf3d8c6a92ba22a824a15a4d78929a4fae72062da95ecdb9d143ac
fcea4d334863db5f369dc56faa35a3b7de65a305b48049aace7c8438823b8704
fe0dff6ee26dbf4a948ad20a3f37f270b45c2506ba05b333a3adf5fdf4de8d13
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514