![](/screenshots/51c285ca-8177-4f2b-9ab8-d2267a52c4fc.png)
fraudmarc.com
Open in
urlscan Pro
34.251.201.224
Public Scan
Effective URL: https://fraudmarc.com/universal-spf
Submission: On October 12 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 25th 2022. Valid for: 3 months.
This is the only time fraudmarc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3031::6815:4290 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 34.251.201.224 34.251.201.224 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 13.225.78.54 13.225.78.54 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 99.86.1.78 99.86.1.78 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 35.201.112.186 35.201.112.186 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
3 | 35.186.194.58 35.186.194.58 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 13.224.189.49 13.224.189.49 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 13.225.78.83 13.225.78.83 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 107.21.231.73 107.21.231.73 | 14618 (AMAZON-AES) (AMAZON-AES) | |
35 | 11 |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-201-224.eu-west-1.compute.amazonaws.com
fraudmarc.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-54.fra2.r.cloudfront.net
uploads-ssl.webflow.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-78.fra6.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com |
ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-83.fra2.r.cloudfront.net
js.intercomcdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-231-73.compute-1.amazonaws.com
api-iam.intercom.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 12072 |
181 KB |
4 |
intercom.io
1 redirects
widget.intercom.io — Cisco Umbrella Rank: 2082 api-iam.intercom.io — Cisco Umbrella Rank: 2446 |
6 KB |
4 |
fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2218 rs.fullstory.com — Cisco Umbrella Rank: 2056 |
69 KB |
3 |
intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2093 |
199 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61 |
127 KB |
2 |
fraudmarc.com
1 redirects
fraudmarc.com |
7 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668 |
345 B |
1 |
gstatic.com
www.gstatic.com |
158 KB |
1 |
cloudfront.net
d3e54v103j8qbb.cloudfront.net |
30 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
968 B |
1 |
universalspf.org
1 redirects
universalspf.org |
586 B |
35 | 11 |
Domain | Requested by | |
---|---|---|
18 | uploads-ssl.webflow.com |
fraudmarc.com
uploads-ssl.webflow.com |
3 | api-iam.intercom.io |
js.intercomcdn.com
|
3 | js.intercomcdn.com |
widget.intercom.io
|
3 | rs.fullstory.com |
edge.fullstory.com
|
2 | www.googletagmanager.com |
fraudmarc.com
www.googletagmanager.com |
2 | fraudmarc.com | 1 redirects |
1 | widget.intercom.io | 1 redirects |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | edge.fullstory.com |
fraudmarc.com
|
1 | www.gstatic.com |
www.google.com
|
1 | d3e54v103j8qbb.cloudfront.net |
fraudmarc.com
|
1 | www.google.com |
fraudmarc.com
|
1 | universalspf.org | 1 redirects |
35 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.fraudmarc.com |
webflow.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fraudmarc.com R3 |
2022-08-25 - 2022-11-23 |
3 months | crt.sh |
uploads-ssl.webflow.com Amazon |
2022-08-28 - 2023-09-26 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
edge.fullstory.com GTS CA 1D4 |
2022-10-06 - 2023-01-04 |
3 months | crt.sh |
*.fullstory.com R3 |
2022-10-12 - 2023-01-10 |
3 months | crt.sh |
*.intercomcdn.com Amazon |
2022-01-30 - 2023-02-28 |
a year | crt.sh |
*.intercom.com Amazon |
2022-03-16 - 2023-04-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://fraudmarc.com/universal-spf
Frame ID: 40B5509F87946E7BE6CEB847FD244ACD
Requests: 30 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.7419a177.js
Frame ID: E71314E34C9A7FA07520692E29457C24
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/51c285ca-8177-4f2b-9ab8-d2267a52c4fc.png)
Page Title
Universal SPFPage URL History Show full URLs
-
http://universalspf.org/
HTTP 307
https://universalspf.org/ HTTP 302
https://fraudmarc.com/universal-spf/ HTTP 301
https://fraudmarc.com/universal-spf Page URL
Detected technologies
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
![](/vendor/wappa/icons/reCAPTCHA.png)
Detected patterns
- /recaptcha/api\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Login
Search URL Search Domain Scan URL
Title: © Fraudmarc, Inc.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://universalspf.org/
HTTP 307
https://universalspf.org/ HTTP 302
https://fraudmarc.com/universal-spf/ HTTP 301
https://fraudmarc.com/universal-spf Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://widget.intercom.io/widget/t0v6kk4z HTTP 302
- https://js.intercomcdn.com/shim.latest.js
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
universal-spf
fraudmarc.com/ Redirect Chain
|
27 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fmc.webflow.8120f0e92.min.css
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/css/ |
108 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 968 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087654b91d337_icon-dropdown-arrow-small-dark.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
320 B 776 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
629774ad38b30b71ac3792d3_fraudmarc-name-black.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc108779ea91d394_icon-menu.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
317 B 774 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6297b002549bed8661dda834_Tim-B-CSO-med.webp
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087278f91d38f_avatar-01.webp
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087d37391d391_avatar-03.webp
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc10875ee191d390_avatar-02.webp
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087c7dd91d3e2_ui-snippet-icon-menu-vertical.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
888 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc10870f9391d3e3_ui-snippet-icon-check.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
236 B 694 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc10870ec791d336_icon-check-small-dark.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
235 B 691 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087246d91d335_icon-check.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
241 B 699 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
629777e55d83f84b7f337d8b_fraudmarc-white.svg
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087724c91d392_avatar-04.webp
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webflow.944801905.js
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/js/ |
299 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ |
396 KB 158 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
145 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc10877edc91d33d_Outfit-Medium.woff2
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
21 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087d18691d333_Outfit-SemiBold.woff2
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
22 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6296b23afc1087a67c91d332_Outfit-Regular.woff2
uploads-ssl.webflow.com/6296b23afc1087b52991d2ef/ |
22 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs.js
edge.fullstory.com/s/ |
252 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
211 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 345 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page
rs.fullstory.com/rec/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shim.latest.js
js.intercomcdn.com/ Redirect Chain
|
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.7419a177.js
js.intercomcdn.com/ Frame E713 |
437 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.b0025ac3.js
js.intercomcdn.com/ Frame E713 |
235 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame E713 |
6 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
integrations
rs.fullstory.com/rec/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
bundle
rs.fullstory.com/rec/ |
29 B 43 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame E713 |
6 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api-iam.intercom.io/messenger/web/ Frame E713 |
4 B 745 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| $ function| jQuery function| tram object| Webflow object| google_tag_manager object| google_tag_data boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| recaptcha function| onYouTubeIframeAPIReady object| gaGlobal string| _fs_loaded function| _fs_shutdown object| intercomSettings function| Intercom function| __intercomAssignLocation6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fraudmarc.com/ | Name: _ga_7177L2ZBL9 Value: GS1.1.1665610056.1.0.1665610056.0.0.0 |
|
.fraudmarc.com/ | Name: _ga Value: GA1.1.1802161037.1665610057 |
|
.fraudmarc.com/ | Name: fs_uid Value: #6D4AF#6226387550310400:6597966499123200:::#/1697146057 |
|
.fraudmarc.com/ | Name: fs_cid Value: 1.0 |
|
.fraudmarc.com/ | Name: intercom-id-t0v6kk4z Value: d118082f-5ef7-4212-85e8-5454d66315a6 |
|
.fraudmarc.com/ | Name: intercom-session-t0v6kk4z Value: |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
d3e54v103j8qbb.cloudfront.net
edge.fullstory.com
fraudmarc.com
js.intercomcdn.com
region1.google-analytics.com
rs.fullstory.com
universalspf.org
uploads-ssl.webflow.com
widget.intercom.io
www.google.com
www.googletagmanager.com
www.gstatic.com
107.21.231.73
13.224.189.49
13.225.78.54
13.225.78.83
2001:4860:4802:34::36
2606:4700:3031::6815:4290
2a00:1450:4001:827::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
34.251.201.224
35.186.194.58
35.201.112.186
99.86.1.78
16f12322556f51680fc02bdc130220eef92379b19b6865b3931dfb5f2478d162
2035e1e1026587972c27d4a79e8d211abb07e4e4395cdd244105fb2b7f89e915
21de85a3f2d11ce899b802cb083b6b57b5051aa2cbf1d287cefd3eed0a4c32f5
22c0a648ea099bede080a0eba7282d7d2d1dc0a1e168c1603ff8b8a247a22b55
2b29936031b5abe3ec44fbf8faed795dd7bc3f2890c80969d645ecc3d0cfe2e6
2b6251049db1388db9b00288034ddd2d9cd980267e4502d64254cd36466ce004
305d9328dbefe0f91c700e30b474bf4cce7194a5a1baac91a095ada422e0d210
37e615ba0a03c74eb6800439c067488cf0fbaf787a1104e0da625fe19e6b26b8
395b1c8dfaf569625a4bd2e8d67a07f0bf2423e6896091fbfd6ef2c77279a940
5b2bf20c1487369c796afc29a7321f9ebd711e48d3d7beaecf08fdc4be17d6ca
5fb4483d5fd935f9f4191ecbfb1c81bf71fd864486c34783925f129a9790913d
61b0d0295123439e64e89fd46a5cc778fd52383432e086cdc6280947305222e1
686903740430cc3c1bb866e0dc5468e133f7c50a12d1b58cad4d66f0900a68e0
73d9b5be1a18c78f127d3aa3bfc6165da1ba2d6a9452f561dfba038954d5baa8
799643ee0f38aec372af1c0e1e90d83afa6eb74734f16af57bb0ed5e6f88e737
7b5e25f5e6aa3e1b24c6afc3672d1ddc2771c27a7722a8bdae9e5762aada39e3
8e9e1e074b00f36d7188691eb44ce9dcf61bdcbe5e5f14e80cf75915a24a17aa
908d60d964e817e16a767992e9c9e7952cbd9b4a9d42d3578ca8a6285af52e5a
9e54283a5ff210dafd5be2e6b593896f60cd5cc0621eb2bd51c8d6d05b85e92c
a1b82b92c71981a7a0c0693edb253d7a602fd4bb481037ded915cfb8235d2d8c
a1bf022f544466bfbc08c3817c8dd6559916748e3a0ea2afb30039900ae213dd
a634d2f0e1c3fffb0c4aa3601101e2613f55aae404dc9d9d041c4ddd40565f41
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
b7c34865247988f4a8a4a8653326caa39fa71c4167da7e3ded63132a38710975
c3ebbe840d316e1aa9f404933d9259f39da3cc5e338a790d0ea92e6c39e8c5c9
caa55c4d5bd08104c12ed126564312600460e48965a38dce67e3ad8dad040f17
cab4d710994afa4f4ec53d49237c5f32125f5fda72ae41f09852de9f774ddb52
cbdfdee26a4a87201aef74a1a838a59d36677bbc30910365140921286c40eb0d
d6ceede966c7c746fdef338f0a26cc3f21bc8a503bed499f63c0b5c54e0ab91d
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
dd022aee285cc34b880028711d171a0ad49c9ab70f11bf4e2f55d16bd76c646e
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e8353f620f2dea65f3b52c4e070f2f8d69b79f385900917a76367a1ce92f96
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d