![](/screenshots/5b78a7bf-c361-42a5-af19-f69bf84b4f93.png)
client.morismoreno.com
Open in
urlscan Pro
52.33.103.53
Public Scan
Effective URL: https://client.morismoreno.com/login
Submission: On January 19 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.
This is the only time client.morismoreno.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-103-53.us-west-2.compute.amazonaws.com
client.morismoreno.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-18.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
bloomio-public.s3.us-west-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
bloom.io
api.bloom.io cdn.bloom.io |
92 KB |
5 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 752 |
145 KB |
5 |
morismoreno.com
1 redirects
client.morismoreno.com |
448 KB |
4 |
bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 839 |
161 B |
4 |
linkedin.com
2 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 349 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550 |
2 KB |
3 |
amazonaws.com
bloomio-public.s3.us-west-2.amazonaws.com |
100 KB |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616 |
303 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174 |
94 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
172 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 |
185 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6518 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79 |
249 B |
1 |
g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 8429 |
1 KB |
1 |
wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 26822 |
5 KB |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 783 |
16 KB |
35 | 15 |
Domain | Requested by | |
---|---|---|
5 | analytics.tiktok.com |
client.morismoreno.com
analytics.tiktok.com |
5 | client.morismoreno.com |
1 redirects
client.morismoreno.com
|
4 | api.bloom.io |
client.morismoreno.com
|
4 | sessions.bugsnag.com |
client.morismoreno.com
|
3 | bloomio-public.s3.us-west-2.amazonaws.com |
client.morismoreno.com
|
3 | px.ads.linkedin.com |
2 redirects
snap.licdn.com
|
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | connect.facebook.net |
client.morismoreno.com
connect.facebook.net |
2 | www.googletagmanager.com |
client.morismoreno.com
www.googletagmanager.com |
1 | cdn.bloom.io |
client.morismoreno.com
|
1 | www.facebook.com |
client.morismoreno.com
|
1 | px4.ads.linkedin.com |
client.morismoreno.com
|
1 | www.google.de |
client.morismoreno.com
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | tracking.g2crowd.com |
client.morismoreno.com
|
1 | r.wdfl.co |
client.morismoreno.com
|
1 | snap.licdn.com |
www.googletagmanager.com
|
35 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
client.morismoreno.com R3 |
2024-01-19 - 2024-04-18 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-12-13 - 2024-12-12 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-10-29 - 2024-01-27 |
3 months | crt.sh |
r.wdfl.co Amazon RSA 2048 M03 |
2023-09-02 - 2024-09-30 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-24 - 2024-07-23 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
www.linkedin.com DigiCert SHA2 Secure Server CA |
2023-11-03 - 2024-05-03 |
6 months | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-08-03 |
10 months | crt.sh |
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-19 - 2024-04-12 |
a year | crt.sh |
api.bloom.io E1 |
2023-12-07 - 2024-03-06 |
3 months | crt.sh |
*.bloom.io RapidSSL TLS RSA CA G1 |
2023-12-21 - 2024-12-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://client.morismoreno.com/login
Frame ID: D9A0DFF051827D78BD9BECF8B9CD461B
Requests: 31 HTTP requests in this frame
Screenshot
![](/screenshots/5b78a7bf-c361-42a5-af19-f69bf84b4f93.png)
Page Title
My BusinessPage URL History Show full URLs
-
https://client.morismoreno.com/
HTTP 302
https://client.morismoreno.com/login Page URL
Detected technologies
![](/vendor/wappa/icons/Ruby on Rails.png)
Detected patterns
Detected patterns
- r\.wdfl\.co
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Detected patterns
- [^a-z]mtc.*\.js
Detected patterns
- r\.wdfl\.co
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://client.morismoreno.com/
HTTP 302
https://client.morismoreno.com/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4222428&time=1705691019546&url=https%3A%2F%2Fclient.morismoreno.com%2Flogin HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4222428&time=1705691019546&url=https%3A%2F%2Fclient.morismoreno.com%2Flogin&cookiesTest=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4222428&time=1705691019546&url=https%3A%2F%2Fclient.morismoreno.com%2Flogin&cookiesTest=true&e_ipv6=AQKhhQIVvdHsAQAAAY0jG3rENV1w1oQi3dg5k1FSw8n3beYnB79M5VFnQO6lsd4skWnDv2E
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
client.morismoreno.com/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-qqSVur9b.js
client.morismoreno.com/assets/ |
436 KB 141 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-Uha4Fo9h.js
client.morismoreno.com/assets/ |
2 MB 285 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-88D014Dc.css
client.morismoreno.com/assets/ |
92 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
231 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
43 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
277 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
213 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rw.js
r.wdfl.co/ |
17 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1009369.js
tracking.g2crowd.com/attribution_tracking/conversions/ |
16 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 249 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 249 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 266 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 703 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
540193567959498
connect.facebook.net/signals/config/ |
142 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MTc3MGUxMzJiMQ.js
analytics.tiktok.com/i18n/pixel/static/ |
396 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_55404.js
analytics.tiktok.com/i18n/pixel/static/ |
137 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 846 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 845 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SharpGroteskMedium25.woff2
bloomio-public.s3.us-west-2.amazonaws.com/assets/fonts/ |
50 KB 51 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WorkSansRegular.woff2
bloomio-public.s3.us-west-2.amazonaws.com/assets/fonts/ |
23 KB 24 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WorkSansMedium.woff2
bloomio-public.s3.us-west-2.amazonaws.com/assets/fonts/ |
25 KB 25 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sessions.bugsnag.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
sessions.bugsnag.com/ |
21 B 73 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sessions.bugsnag.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
sessions.bugsnag.com/ |
21 B 88 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
me
api.bloom.io/api/users/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
page-views
api.bloom.io/api/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
me
api.bloom.io/api/users/ |
125 B 443 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page-views
api.bloom.io/api/ |
126 B 424 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e20d5ca7d42a55338e9bd7c306398989-sm.png
cdn.bloom.io/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| dataLayer object| __INITIAL_STATE__ object| __REACT_QUERY_STATE__ object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq string| _rwq function| rewardful object| gaGlobal function| lintrk boolean| _already_called_lintrk object| ORIBILI boolean| _rewardful_loaded function| Rewardful object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| saveAs13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.morismoreno.com/ | Name: _gcl_au Value: 1.1.211567441.1705691019 |
|
.morismoreno.com/ | Name: _ga Value: GA1.1.1968958209.1705691020 |
|
.morismoreno.com/ | Name: _ga_J3CF0KPJLM Value: GS1.1.1705691019.1.0.1705691019.60.0.0 |
|
.tiktok.com/ | Name: _ttp Value: 2bBaeHbMNyMnJvoszkUscamIvui |
|
tracking.g2crowd.com/ | Name: _session_id Value: 94a670a86f07963630602e792cd77ced |
|
.g2crowd.com/ | Name: __cf_bm Value: BuGpnQkjcmTUdUhODk7UKjV0AEVPlZ.R6h6m4Dzn0VE-1705691019-1-ATLsGZcU9L3LQJ8FJ824Oak129utCwNQbrEJO5nyYC9bIEIbvRunCfgABnPC3E0+Q+/rU9RHf54Oi8dwd3zv0ao= |
|
.morismoreno.com/ | Name: _tt_enable_cookie Value: 1 |
|
.morismoreno.com/ | Name: _ttp Value: 1wvpjAo_bA02KB2GYV4UbHHvJ-n |
|
.morismoreno.com/ | Name: _fbp Value: fb.1.1705691019852.297253893 |
|
.linkedin.com/ | Name: li_sugr Value: 33298d1c-a03e-461a-bfe8-691365b71019 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&18aac13d-524d-46c0-867c-11c2ba2f1f75" |
|
.linkedin.com/ | Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2945:u=1:x=1:i=1705691019:t=1705777419:v=2:sig=AQFzzGqj_Q3n6VkjJmu_8uvhZjvA6-gc" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MDU2OTEwMTk7MjswMjFLz/4n5EojP6p7Rq/xjJeEZFmRgxz2Zudp2052XPHoCQ== |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
api.bloom.io
bloomio-public.s3.us-west-2.amazonaws.com
cdn.bloom.io
client.morismoreno.com
connect.facebook.net
px.ads.linkedin.com
px4.ads.linkedin.com
r.wdfl.co
region1.analytics.google.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
tracking.g2crowd.com
www.facebook.com
www.google.de
www.googletagmanager.com
13.107.42.14
2001:4860:4802:34::36
2600:1901:0:7a0b::
2600:9000:223c:6a00:14:468c:5700:93a1
2600:9000:225e:c00:1b:348c:b140:93a1
2606:4700:3034::6815:29c4
2606:4700:4400::ac40:90e1
2620:1ec:21::14
2a00:1450:4001:810::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a02:26f0:3500:16::215:1490
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f150:82:face:b00c:0:25de
52.33.103.53
52.92.164.114
95.101.111.18
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
1b9af1f03c9195c667ea21fb91c4508695e4bc6eb7823a8fb76ced23e9b92065
21e0143d413a3a530ffbc4f5614f96e5d4fa711cb703b36d80b7ef0a2adfbd38
2facacea15d9ddff401dbdd5a61e0f4675eac9d81fc6ec091c891fed1e9ec408
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
4bae337936843a8ea39fb492dc809945a3b09282f33eeb0d1bcd70c283921dc2
593e3ccac547ac2cb2e1dfb09e312fef90f8f949d924653aae581cb8d79360d9
73ffe0dc24c586ff8a691d520b6a68b54e506544e4f6d7523f83ba70d824e8d4
7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35
7af359c38cb35bf255e6a35593338a2ae1722b50951dff48884b1aa70c78c405
9851c9ccecb4e02389944c95b27b56854feed720d48f4cf2eab5d669d67078f4
995c1239a060970104b60c66f6642724a90cc2abae17a60aa7aa13d73f12ad06
9c5053cd4d39c508bfeab202851db4906812d13134f5a847b34d2375a2734389
a0123d32c12b1cb24a3e627e2633f59ced36655a33a2883e94bdf51d01ab0a24
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b7b4933ab1fd387671be3564979269c4f29f8e324d2d64149dd5a221d5364e7f
c3f5c57c3a606f8a858b17e0a9593bb4223db727bbdc38da2c3d141abb6d057b
c86ae1c95984b27450053b8d9bcb04a9529ecf4b80300548a7bc0f2e3f2b12be
d4ccaec06ada021b429fc80b874fc39251c0aff840370bef60227e977c084c37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629