paymentportal.clarionevents.com Open in urlscan Pro
13.65.193.29  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response paymentportal.clarionevents.com/	10 KB 4 KB	616ms 151ms	Document text/html	13.65.193.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://paymentportal.clarionevents.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.193.29 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6eb358565ff5a5fef9299759d854738b56104462d9a25c58a16f0e9efbd3def0 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Host paymentportal.clarionevents.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control private Content-Length 3698 Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 X-AspNetMvc-Version 5.2 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Strict-Transport-Security max-age=31536000; Set-Cookie ARRAffinity=a5b0237384fe900d9d8aec131e8c16ccb95cdbc3ffbbfea692e523375f057e7e;Path=/;HttpOnly;Secure;Domain=paymentportal.clarionevents.com ARRAffinitySameSite=a5b0237384fe900d9d8aec131e8c16ccb95cdbc3ffbbfea692e523375f057e7e;Path=/;HttpOnly;SameSite=None;Secure;Domain=paymentportal.clarionevents.com Date Fri, 01 Jan 2021 05:49:06 GMT
GET H/1.1	200 OK	css paymentportal.clarionevents.com/Content/	636 KB 120 KB	441ms 440ms	Stylesheet text/css	13.65.193.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://paymentportal.clarionevents.com/Content/css?v=di-RHuhclx71EisgsEdHIlOyMaPq8a4sKOVEJHM_yqk1 Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.193.29 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bf1750976d7f60cf7e3b398de24d64dd85bfabf28394d013c579f780f619cf8a Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://paymentportal.clarionevents.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Fri, 01 Jan 2021 05:49:06 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent,Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Transfer-Encoding chunked Date Fri, 01 Jan 2021 05:49:06 GMT Expires Sat, 01 Jan 2022 05:49:06 GMT
GET H2	200	jquery-1.12.4.min.js Show response code.jquery.com/	95 KB 33 KB	25ms 8ms	Script application/javascript	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.12.4.min.js Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers Origin https://paymentportal.clarionevents.com Referer https://paymentportal.clarionevents.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 05:49:06 GMT content-encoding gzip last-modified Fri, 20 May 2016 17:18:54 GMT server nginx etag W/"573f46fe-17b8b" vary Accept-Encoding x-hw 1609480146.dop053.fr8.t,1609480146.cds280.fr8.hn,1609480146.cds167.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33738
GET H2	200	jquery-migrate-1.4.1.min.js Show response code.jquery.com/	10 KB 4 KB	31ms 14ms	Script application/javascript	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-migrate-1.4.1.min.js Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Origin https://paymentportal.clarionevents.com Referer https://paymentportal.clarionevents.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 05:49:06 GMT content-encoding gzip last-modified Fri, 20 May 2016 01:26:30 GMT server nginx etag W/"573e67c6-2748" vary Accept-Encoding x-hw 1609480146.dop053.fr8.t,1609480146.cds280.fr8.hn,1609480146.cds266.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 4014
GET H/1.1	200 OK	logo-small.png paymentportal.clarionevents.com/Content/ClarionStyle/	4 KB 4 KB	343ms 172ms	Image image/png	13.65.193.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://paymentportal.clarionevents.com/Content/ClarionStyle/logo-small.png Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.193.29 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 9c4343c9a4052829396f81abfe40a8c7ec56d24e2ab3d360162ec39211c8909a Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://paymentportal.clarionevents.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; Last-Modified Thu, 12 Sep 2019 21:22:21 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "4beed029b069d51:0" Content-Type image/png Date Fri, 01 Jan 2021 05:49:07 GMT Accept-Ranges bytes Content-Length 3821
GET H/1.1	200 OK	ClarionScripts1 Show response paymentportal.clarionevents.com/bundles/	1017 B 1 KB	610ms 160ms	Script text/javascript	13.65.193.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://paymentportal.clarionevents.com/bundles/ClarionScripts1?v=aAAjtpX7Zj2Ranev_NVT-Y8g2Y1YxlfVDlx98ruF0hU1 Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.193.29 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4a020e47fee0e70f5d873840f267c2637c71860515bd7a730c43c5e6c376f957 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://paymentportal.clarionevents.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Fri, 01 Jan 2021 05:49:07 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent,Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public Date Fri, 01 Jan 2021 05:49:07 GMT Content-Length 651 Expires Sat, 01 Jan 2022 05:49:07 GMT
GET H/1.1	200 OK	ClarionScripts3 Show response paymentportal.clarionevents.com/bundles/	755 KB 266 KB	314ms 313ms	Script text/javascript	13.65.193.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://paymentportal.clarionevents.com/bundles/ClarionScripts3?v=-xtnIEhhFMZTm4WHTCIn0RZEUmxkYmFkAcEsvtL4rlw1 Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.193.29 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 189050b1acea74e09c6e82b9050dc2e1ccd6aefd9e16f8af2b2051d464dbcbea Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://paymentportal.clarionevents.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Fri, 01 Jan 2021 05:49:07 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent,Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public Transfer-Encoding chunked Date Fri, 01 Jan 2021 05:49:07 GMT Expires Sat, 01 Jan 2022 05:49:07 GMT
GET H/1.1	200 OK	AjaxLoad.css paymentportal.clarionevents.com/Content/AjaxLoad/	4 KB 1 KB	221ms 220ms	Stylesheet text/css	13.65.193.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://paymentportal.clarionevents.com/Content/AjaxLoad/AjaxLoad.css Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.193.29 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a2c75f7ac301591305a06e10ab07275437934bf70e7bf5a1a377a7ecc36b8878 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://paymentportal.clarionevents.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; Content-Encoding gzip ETag "b6434a411794d51:0" Last-Modified Tue, 05 Nov 2019 20:26:07 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Date Fri, 01 Jan 2021 05:49:07 GMT Accept-Ranges bytes Content-Length 977
GET H2	200	3qTvojGmgSyUukBzKslpBmt6.ttf fonts.gstatic.com/s/istokweb/v13/	65 KB 31 KB	39ms 39ms	Font font/ttf	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/istokweb/v13/3qTvojGmgSyUukBzKslpBmt6.ttf Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/Content/css?v=di-RHuhclx71EisgsEdHIlOyMaPq8a4sKOVEJHM_yqk1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3753a35935d65dc66954aeac27a4cc6ab8a8e6bc7011cadf04f12f5ed88c3f2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://paymentportal.clarionevents.com Referer https://paymentportal.clarionevents.com/Content/css?v=di-RHuhclx71EisgsEdHIlOyMaPq8a4sKOVEJHM_yqk1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 05:49:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Feb 2019 22:35:39 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31810 x-xss-protection 0 expires Sat, 01 Jan 2022 05:49:07 GMT
GET H2	200	mem5YaGs126MiZpBA-UNirkOUuhs.ttf fonts.gstatic.com/s/opensans/v16/	27 KB 19 KB	6ms 6ms	Font font/ttf	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhs.ttf Requested by Host: paymentportal.clarionevents.com URL: https://paymentportal.clarionevents.com/Content/css?v=di-RHuhclx71EisgsEdHIlOyMaPq8a4sKOVEJHM_yqk1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://paymentportal.clarionevents.com Referer https://paymentportal.clarionevents.com/Content/css?v=di-RHuhclx71EisgsEdHIlOyMaPq8a4sKOVEJHM_yqk1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 13:44:29 GMT content-encoding gzip x-content-type-options nosniff age 403478 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18834 x-xss-protection 0 last-modified Mon, 25 Mar 2019 20:12:10 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Dec 2021 13:44:29 GMT

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| ctcc_vars function| catapultSetCookie function| catapultReadCookie function| catapultDeleteCookie function| catapultAcceptCookies function| ctccCloseNotification function| ctccFirstPage function| fusionSetOriginalTypographyData function| avadaAddQuantityBoxes function| calcSelectArrowDimensions function| getStickyHeaderHeight function| getWaypointTopOffset function| setStickySidebarStatus function| calcStickySidebarOffset function| addStylesForOldIEVersions function| getAdminbarHeight function| getWaypointOffset function| insertParam function| registerYoutubePlayers function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReady function| onPlayerStateChange function| onPlayerReady function| ytVidId function| playVideoAndPauseOthers function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow function| getScrollBarWidth function| fusionCalcColumnEqualHeights function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection object| cssua object| fusionRecentPostsVars object| fusionMapsVars object| fusionLightboxVideoVars object| fusionLightboxVars object| fusionCarouselVars function| generateCarousel object| fusionFlexSliderVars object| fusionBlogVars object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues object| avadaCommentVars object| toTopscreenReaderText object| avadaRevVars object| avadaElasticSliderVars object| avadaFadeVars object| avadaMobileImageVars object| avadaToTopVars object| avadaMenuVars object| avadaHeaderVars object| avadaSidebarsVars object| fusionScrollToAnchorVars object| fusionIe1011Vars object| fusionVideoGeneralVars object| fusionVideoBgVars object| $youtubeBGVideos function| onYouTubeIframeAPIReady object| fusionEqualHeightVars object| fusionVideoVars object| fusionAnimationsVars object| fusionTestimonialVars object| fusionTabVars object| fusionCountersBox object| fusionBgImageVars object| fusionContainerVars object| avadaPortfolioVars object| avadaFusionSliderVars number| headerHeight function| fusionReanimateSlider object| Modernizr object| jQuery1124007541425830537452 function| Color function| Chart function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| browserPrefixes function| EventEmitter object| eventie function| imagesLoaded object| avadaLightBox object| $ilInstances object| Vimeo function| YTReady object| _fusionImageParallaxImages function| Packery function| AjaxCallStart function| AjaxCallEnd string| responsiveTypeElements boolean| mobileMenuSepAdded number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $wpadminbarHeight number| $stickyTrigger_position number| $woo_store_notice number| $top_frame number| $sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $standardLogoHeight number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| fusionAccordianClick number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paymentportal.clarionevents.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: a5b0237384fe900d9d8aec131e8c16ccb95cdbc3ffbbfea692e523375f057e7e
			.paymentportal.clarionevents.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: a5b0237384fe900d9d8aec131e8c16ccb95cdbc3ffbbfea692e523375f057e7e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://code.jquery.com/jquery-migrate-1.4.1.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.gstatic.com
paymentportal.clarionevents.com
13.65.193.29
2001:4de0:ac19::1:b:3b
2a00:1450:4001:825::2003
189050b1acea74e09c6e82b9050dc2e1ccd6aefd9e16f8af2b2051d464dbcbea
23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27
3753a35935d65dc66954aeac27a4cc6ab8a8e6bc7011cadf04f12f5ed88c3f2f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a020e47fee0e70f5d873840f267c2637c71860515bd7a730c43c5e6c376f957
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6eb358565ff5a5fef9299759d854738b56104462d9a25c58a16f0e9efbd3def0
9c4343c9a4052829396f81abfe40a8c7ec56d24e2ab3d360162ec39211c8909a
a2c75f7ac301591305a06e10ab07275437934bf70e7bf5a1a377a7ecc36b8878
bf1750976d7f60cf7e3b398de24d64dd85bfabf28394d013c579f780f619cf8a