www.benefitsaccountmanager.com
Open in
urlscan Pro
107.180.25.39
Public Scan
Submission: On June 01 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 18th 2021. Valid for: a year.
This is the only time www.benefitsaccountmanager.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 107.180.25.39 107.180.25.39 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
8 | 2606:4700::68... 2606:4700::6812:1790 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 35.201.118.58 35.201.118.58 | 15169 (GOOGLE) (GOOGLE) | |
1 | 84.17.46.53 84.17.46.53 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
9 | 2606:4700:20:... 2606:4700:20::681a:686 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:11:... 2606:4700:11::6817:850b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:474a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 11 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-25-39.ip.secureserver.net
www.benefitsaccountmanager.com |
ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com
form.jotform.com |
ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com
to.getnitropack.com |
ASN13335 (CLOUDFLARENET, US)
cdn01.jotfor.ms | |
cdn02.jotfor.ms | |
cdn03.jotfor.ms | |
cdn.jotfor.ms |
ASN13335 (CLOUDFLARENET, US)
js.jotform.com | |
events.jotform.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
jotfor.ms
cdn01.jotfor.ms — Cisco Umbrella Rank: 21902 cdn02.jotfor.ms — Cisco Umbrella Rank: 21880 cdn03.jotfor.ms — Cisco Umbrella Rank: 22477 cdn.jotfor.ms — Cisco Umbrella Rank: 19252 |
400 KB |
8 |
nitrocdn.com
cdn-aefgi.nitrocdn.com |
241 KB |
6 |
gstatic.com
fonts.gstatic.com |
209 KB |
4 |
jotform.com
form.jotform.com — Cisco Umbrella Rank: 19870 js.jotform.com — Cisco Umbrella Rank: 33528 events.jotform.com — Cisco Umbrella Rank: 21839 |
16 KB |
2 |
benefitsaccountmanager.com
1 redirects
www.benefitsaccountmanager.com |
47 KB |
1 |
jotform.io
widgets.jotform.io — Cisco Umbrella Rank: 45648 |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206 |
5 KB |
1 |
getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 15165 |
470 B |
32 | 8 |
Domain | Requested by | |
---|---|---|
8 | cdn-aefgi.nitrocdn.com |
www.benefitsaccountmanager.com
|
6 | fonts.gstatic.com |
www.benefitsaccountmanager.com
|
4 | cdn.jotfor.ms |
form.jotform.com
cdn01.jotfor.ms |
2 | js.jotform.com |
form.jotform.com
|
2 | cdn02.jotfor.ms |
form.jotform.com
|
2 | cdn01.jotfor.ms |
form.jotform.com
|
2 | www.benefitsaccountmanager.com | 1 redirects |
1 | events.jotform.com |
form.jotform.com
|
1 | widgets.jotform.io |
form.jotform.com
|
1 | cdnjs.cloudflare.com |
form.jotform.com
|
1 | cdn03.jotfor.ms |
form.jotform.com
|
1 | to.getnitropack.com |
www.benefitsaccountmanager.com
|
1 | form.jotform.com |
www.benefitsaccountmanager.com
|
32 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
leplb0190.upoint.alight.com |
m.facebook.com |
twitter.com |
pinterest.com |
www.healthmanagementcorp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
benefitsaccountmanager.com Go Daddy Secure Certificate Authority - G2 |
2021-07-18 - 2022-08-19 |
a year | crt.sh |
nitrocdn.com Cloudflare Inc ECC CA-3 |
2022-05-05 - 2022-08-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.jotform.com Sectigo RSA Domain Validation Secure Server CA |
2021-06-28 - 2022-06-28 |
a year | crt.sh |
*.getnitropack.com Thawte RSA CA 2018 |
2022-01-06 - 2023-01-06 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-17 - 2023-05-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.benefitsaccountmanager.com/www-ybr-com-usbank/
Frame ID: 8D37251C1D3DC52695521D3B216276CE
Requests: 24 HTTP requests in this frame
Frame:
data://truncated
Frame ID: B756D1FDCA751D9C256B61D24A0F0239
Requests: 1 HTTP requests in this frame
Frame:
https://form.jotform.com/213185365920052
Frame ID: C094F98C5F994162221505ACC2BB2473
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
U.S. Bank Employee Benefits | Login / Register / EnrollmentPage URL History Show full URLs
-
https://www.benefitsaccountmanager.com/www-ybr-com-usbank
HTTP 301
https://www.benefitsaccountmanager.com/www-ybr-com-usbank/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Prototype (JavaScript Frameworks) Expand
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: link
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Pinterest
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.benefitsaccountmanager.com/www-ybr-com-usbank
HTTP 301
https://www.benefitsaccountmanager.com/www-ybr-com-usbank/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.benefitsaccountmanager.com/www-ybr-com-usbank/ Redirect Chain
|
199 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/source/rev-b81f446/wp-content/themes/Avada-2/includes/lib/assets/fonts/fontawesome/webfonts/ |
74 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/source/rev-b81f446/wp-content/themes/Avada-2/includes/lib/assets/fonts/fontawesome/webfonts/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
079ef325-f38e-49c5-874f-cd22c8d82803
https://www.benefitsaccountmanager.com/ |
824 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
91 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
91 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
91 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh7USSwiPHA.ttf
fonts.gstatic.com/s/lato/v22/ |
62 KB 62 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.ttf
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/source/rev-b81f446/wp-content/themes/Avada-2/includes/lib/assets/fonts/icomoon/ |
18 KB 12 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va9E4kDNxMZdWfMOD5Vvl4jO.ttf
fonts.gstatic.com/s/firasans/v15/ |
57 KB 28 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v22/ |
59 KB 30 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va9B4kDNxMZdWfMOD5VnPKreRhf_.ttf
fonts.gstatic.com/s/firasans/v15/ |
56 KB 28 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v22/ |
58 KB 29 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
95 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
89 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S6u8w4BMUTPHjxsAXC-v.ttf
fonts.gstatic.com/s/lato/v22/ |
60 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame B756 |
865 B 865 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
213185365920052
form.jotform.com/ Frame C094 |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BAM-logo-200-x-200-px.png
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/optimized/rev-b81f446/wp-content/uploads/2022/01/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
U.S.-Bancorp-Employee-Benefits-Logo-300x104.png
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/optimized/rev-b81f446/wp-content/uploads/2021/06/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BAM-benefits-logoheaderforposts-300x63.png
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/optimized/rev-b81f446/wp-content/uploads/2019/10/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
to.getnitropack.com/ |
20 B 470 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nitro-min-noimport-9f352eddf7dff4b2336d7ca974bbeb25-stylesheet.css
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/optimized/rev-b81f446/combinedCss/ |
79 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nitro-min-noimport-d987932a68fbd6039ce4d1f0054dca12-stylesheet.css
cdn-aefgi.nitrocdn.com/JrzxhyKKtDuOBzrJbAkclUHHqDMftPHq/assets/static/optimized/rev-b81f446/combinedCss/ |
969 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5e6b428acc8c4e222d1beb91.css
cdn01.jotfor.ms/themes/CSS/ Frame C094 |
199 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment_styles.css
cdn02.jotfor.ms/css/styles/payment/ Frame C094 |
65 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment_feature.css
cdn03.jotfor.ms/css/styles/payment/ Frame C094 |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prototype.forms.js
cdn01.jotfor.ms/static/ Frame C094 |
126 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jotform.forms.js
cdn02.jotfor.ms/static/ Frame C094 |
533 KB 140 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
punycode.js
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame C094 |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postMessage.js
js.jotform.com/vendor/ Frame C094 |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidgetsServer.js
js.jotform.com/ Frame C094 |
30 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.min.js
widgets.jotform.io/getParentUrl/min/ Frame C094 |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smoothscroll.min.js
cdn.jotfor.ms//js/vendor/ Frame C094 |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
errorNavigation.js
cdn.jotfor.ms//js/ Frame C094 |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-Regular.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame C094 |
81 KB 81 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-Medium.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame C094 |
87 KB 88 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
events.jotform.com/form/213185365920052/ Frame C094 |
0 186 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation undefined| href object| NPSH object| NitroScrollHelper object| NPRL object| NitroResourceLoader object| NPh object| NitroPackHelper boolean| IS_NITROPACK string| NITROPACK_STATE object| nitro_lazySizesConfig object| lazySizes function| loadCSS object| webVitals undefined| proxyPurgeOnly undefined| nitroData undefined| xhr boolean| isPreload object| onStylesLoadEvent1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.benefitsaccountmanager.com/ | Name: nitroCachedPage Value: 1 |
223 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-aefgi.nitrocdn.com
cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
events.jotform.com
fonts.gstatic.com
form.jotform.com
js.jotform.com
to.getnitropack.com
widgets.jotform.io
www.benefitsaccountmanager.com
107.180.25.39
2606:4700:11::6817:850b
2606:4700:20::681a:686
2606:4700:20::ac43:474a
2606:4700::6811:180e
2606:4700::6812:1790
2a00:1450:4001:82a::2003
35.201.118.58
84.17.46.53
02418488724e2a09a84322749b77a0021436a9d5d3e12e8eceb2c1e4cabe63b9
07456b576759b7b343838d106a6f17268a0c44639c3fe979c423d70166d3988f
1bea2bff969a2615064eddf337296a4cf165564d1607ee702d66668aa95d1369
218f6f647f83ceec4b0995a5186404d9fc4a5fb5c535d0cdd016bf52afbb5e7e
22f3c0bad20a824194399d60c1009b4e602260f8de243eec5319c695813a78cd
257897a5abe39df95df7900e51d84f4de85877513337efdf2e97e0ef36622ae2
281b2fd15cfbfc80b53dd48cb1cd4f54c1667a5e0da7f6bce08a8ea6b7fca2c4
29bd66ad4676dcb2c8d3c8bf8684b9eb4a2f011192c2e5331e98199a701d1bb6
37d1121bfebf4923cf9e0807bebc7b14252c0faf80244b7ae385511497e21b7a
3b4e8c835bb4ff2fc19bb679e1fce1504f149918252d57fcfec67007a99e8d41
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
49176b244de4b07d2a8a79cd8663a2fced053acc22b1807929521665d09f3e3a
58c9e2bb422691aa80bb96ce30c29cc3a553b751dfedad5eea65ed3cffdabed7
7506e2f19e9234a6a621d4e2ebffb207e4caa9d607889d86423074174acb0569
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0
7adfdaaa2b3cda1b8554473f6fa9e726f7ea07585fed7aa5e62d829566bd0635
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
83f2a7e755b2717d23a15a9dcca62cdc2fb1d2621c604f87726282371a25f1c1
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
87210a64a020daa7888a8ad2e65edd828cdf66a7da098693678d8ee7ae4f8143
882db78df947eec90024dddcaf42c51ef5557a101fe2b13e39b528bb20832624
88bbf22c01defeff2948bad22b54901b3d22f1eb02d6e901a6cb9729b5ed3ce8
8ba0418876495d8a032dfc31fdb9726920e97b757d76de36940df2c01102a87f
945abd1a8ab41745c2b4358fa07d39db703a54fd0e1b15d7da7938911b304d67
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
a528649f3cb08a9f2e43efa53a71a01cedfb6d8034a5bd2f097a827e53f0c66a
a563aa60395e445bac4f1baba89a0f12006b52c9ba8619f094ea8595d903346f
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
b229d664a58a75e0a438fad204b292b5777e79fafd4b840cce21bac7ad2a7a28
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
b7504e6a92b3a8639d2b28fddf9838f4f58c941659070e4577a642898f540de8
b8cd75678fd3966c4c247a72cc91199605ee6a3828e0b464373cb28871a7cc7f
bb06133bba79a84f6dd09551c7e938c34e22452433ef71ca6a57c93c3a8fc6f0
c4aff136ec434ec9b85efadf19ae824c5b126c14ceadda6322cdfbb1a1a9b1f7
c741ba780270942baf429b543b060d39aa8af8880261a4f66b25b56570b9e9a6
cf9d3e718e9355bc6f4dc73973f66579fd77c596a1d360bb6d627551df1ef923
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
d541e3936c89d10117581b2153619b370ec875729e5bae24000c547d06090e15
d7391406e1e6b8fb508d044d8f940c11fa271beb10e1c62c370a83040f469794
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855