microsoft-tamu.liftforwardshop-staging.com
Open in
urlscan Pro
54.174.175.170
Public Scan
Submission: On January 09 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 9th 2020. Valid for: 3 months.
This is the only time microsoft-tamu.liftforwardshop-staging.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 54.174.175.170 54.174.175.170 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
7 | 2a04:4e42:1b:... 2a04:4e42:1b::393 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 143.204.101.19 143.204.101.19 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 13.224.193.80 13.224.193.80 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 52.89.79.226 52.89.79.226 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 151.101.14.110 151.101.14.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 1 | 13.225.78.9 13.225.78.9 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 13.224.196.14 13.224.196.14 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 13.225.86.15 13.225.86.15 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 162.247.242.18 162.247.242.18 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
1 | 54.84.75.185 54.84.75.185 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 13.225.78.97 13.225.78.97 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
28 | 11 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-174-175-170.compute-1.amazonaws.com
microsoft-tamu.liftforwardshop-staging.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-19.fra50.r.cloudfront.net
dl.airtable.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-193-80.fra2.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-89-79-226.us-west-2.compute.amazonaws.com
api.segment.io |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-9.fra2.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-14.fra2.r.cloudfront.net
js.intercomcdn.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-86-15.fra2.r.cloudfront.net
cdn.heapanalytics.com |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-6.nr-data.net
bam.nr-data.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-75-185.compute-1.amazonaws.com
heapanalytics.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
api-iam.intercom.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
liftforwardshop-staging.com
microsoft-tamu.liftforwardshop-staging.com |
378 KB |
7 |
cloudinary.com
res.cloudinary.com |
28 KB |
3 |
intercomcdn.com
js.intercomcdn.com |
259 KB |
2 |
nr-data.net
bam.nr-data.net |
470 B |
2 |
heapanalytics.com
cdn.heapanalytics.com heapanalytics.com |
30 KB |
2 |
intercom.io
1 redirects
widget.intercom.io api-iam.intercom.io |
2 KB |
1 |
newrelic.com
js-agent.newrelic.com |
10 KB |
1 |
segment.io
api.segment.io |
159 B |
1 |
segment.com
cdn.segment.com |
68 KB |
1 |
airtable.com
dl.airtable.com |
4 KB |
28 | 10 |
Domain | Requested by | |
---|---|---|
9 | microsoft-tamu.liftforwardshop-staging.com |
microsoft-tamu.liftforwardshop-staging.com
|
7 | res.cloudinary.com |
microsoft-tamu.liftforwardshop-staging.com
|
3 | js.intercomcdn.com |
js.intercomcdn.com
|
2 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | api-iam.intercom.io |
js.intercomcdn.com
|
1 | heapanalytics.com | |
1 | cdn.heapanalytics.com |
cdn.segment.com
|
1 | widget.intercom.io | 1 redirects |
1 | js-agent.newrelic.com |
microsoft-tamu.liftforwardshop-staging.com
|
1 | api.segment.io |
cdn.segment.com
|
1 | cdn.segment.com |
microsoft-tamu.liftforwardshop-staging.com
|
1 | dl.airtable.com |
microsoft-tamu.liftforwardshop-staging.com
|
28 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.liftforward.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cyberpower.liftforwardshop-staging.com Let's Encrypt Authority X3 |
2020-01-09 - 2020-04-08 |
3 months | crt.sh |
*.cloudinary.com Go Daddy Secure Certificate Authority - G2 |
2018-07-01 - 2020-06-22 |
2 years | crt.sh |
dl.airtable.com Amazon |
2019-05-30 - 2020-06-30 |
a year | crt.sh |
*.segment.com DigiCert SHA2 Secure Server CA |
2019-06-24 - 2020-07-01 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-04-10 - 2020-03-21 |
a year | crt.sh |
*.intercomcdn.com Amazon |
2019-04-27 - 2020-05-27 |
a year | crt.sh |
cdn.heapanalytics.com Amazon |
2019-10-22 - 2020-11-22 |
a year | crt.sh |
*.nr-data.net GeoTrust RSA CA 2018 |
2018-01-11 - 2020-03-17 |
2 years | crt.sh |
heapanalytics.com Amazon |
2019-02-20 - 2020-03-20 |
a year | crt.sh |
*.intercom.com Amazon |
2019-06-11 - 2020-07-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://microsoft-tamu.liftforwardshop-staging.com/
Frame ID: 2B124D43A56FADDF2D32B60968CF3306
Requests: 25 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame.61217e79.js
Frame ID: 4A3564EC4C98AAA5D225AF393CFD4ABF
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
Erlang (Programming Languages) ExpandDetected patterns
- headers server /^Cowboy$/i
Ruby (Programming Languages) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Cowboy (Web Frameworks) Expand
Detected patterns
- headers server /^Cowboy$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Heap (Analytics) Expand
Detected patterns
- script /heap-\d+\.js/i
Segment (Analytics) Expand
Detected patterns
- script /cdn\.segment\.com\/analytics\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://res.cloudinary.com/liftforwarddev/image/upload/v1/164/small/gXx0kQ8QQIa0Cd8FGijQ_full_RW7Lij_qyjmvq.jpg HTTP 307
- https://res.cloudinary.com/liftforwarddev/image/upload/v1/164/small/gXx0kQ8QQIa0Cd8FGijQ_full_RW7Lij_qyjmvq.jpg
- http://res.cloudinary.com/liftforwarddev/image/upload/v1/175/small/Surface_Pen_Burgundy_bk9jmf.jpg HTTP 307
- https://res.cloudinary.com/liftforwarddev/image/upload/v1/175/small/Surface_Pen_Burgundy_bk9jmf.jpg
- http://res.cloudinary.com/liftforwarddev/image/upload/v1/101/small/Port-Replicator-Eos-Dock-PD9-00003-mnco_cmjhsk.png HTTP 307
- https://res.cloudinary.com/liftforwarddev/image/upload/v1/101/small/Port-Replicator-Eos-Dock-PD9-00003-mnco_cmjhsk.png
- http://res.cloudinary.com/liftforwarddev/image/upload/v1/166/small/RW70sc_ddi0ss.jpg HTTP 307
- https://res.cloudinary.com/liftforwarddev/image/upload/v1/166/small/RW70sc_ddi0ss.jpg
- http://res.cloudinary.com/liftforwarddev/image/upload/v1/238/small/RW6KQV_ppoybl.jpg HTTP 307
- https://res.cloudinary.com/liftforwarddev/image/upload/v1/238/small/RW6KQV_ppoybl.jpg
- http://res.cloudinary.com/liftforwarddev/image/upload/v1/188/small/Surface_Arc_Mouse_Burgundy.jpg HTTP 307
- https://res.cloudinary.com/liftforwarddev/image/upload/v1/188/small/Surface_Arc_Mouse_Burgundy.jpg
- https://widget.intercom.io/widget/enl5ff6l HTTP 302
- https://js.intercomcdn.com/shim.latest.js
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
microsoft-tamu.liftforwardshop-staging.com/ |
24 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all-f2e060eb70aae4fef34b6406de47365a135f1bdc5024a3bce175e68bc73159b9.css
microsoft-tamu.liftforwardshop-staging.com/assets/microsoft/stylesheets/ |
123 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all-2562a28b64549e40e58f3809a266b8c7523db6bba7481efb110fc468bdc60ab5.js
microsoft-tamu.liftforwardshop-staging.com/assets/spree/frontend/ |
142 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
liftforward-logo-white-f452ab1db58358e112b952f639561a279be89eaaab4b9f70a776a5a9458e44de.svg
microsoft-tamu.liftforwardshop-staging.com/assets/logos/ |
9 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_transparent_lexsj0.png
res.cloudinary.com/liftforward/image/upload/c_crop,h_360,w_1650,y_205/v1508529487/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unnamed.png
dl.airtable.com/.attachments/6296e4a493344af0f7d980f101ec441c/eee84a69/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gXx0kQ8QQIa0Cd8FGijQ_full_RW7Lij_qyjmvq.jpg
res.cloudinary.com/liftforwarddev/image/upload/v1/164/small/ Redirect Chain
|
969 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Pen_Burgundy_bk9jmf.jpg
res.cloudinary.com/liftforwarddev/image/upload/v1/175/small/ Redirect Chain
|
850 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Port-Replicator-Eos-Dock-PD9-00003-mnco_cmjhsk.png
res.cloudinary.com/liftforwarddev/image/upload/v1/101/small/ Redirect Chain
|
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RW70sc_ddi0ss.jpg
res.cloudinary.com/liftforwarddev/image/upload/v1/166/small/ Redirect Chain
|
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RW6KQV_ppoybl.jpg
res.cloudinary.com/liftforwarddev/image/upload/v1/238/small/ Redirect Chain
|
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Arc_Mouse_Burgundy.jpg
res.cloudinary.com/liftforwarddev/image/upload/v1/188/small/ Redirect Chain
|
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
powered_by_liftforward-81643f3752956ad438d4caeac388e728438326cdd5cfe7748edcd86160511e1d.png
microsoft-tamu.liftforwardshop-staging.com/assets/logos/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/Bgwc71273d2zAcobIuikif6OaUEJvvM5/ |
362 KB 68 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
microsoft-tamu.liftforwardshop-staging.com/ |
15 KB 15 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segoeui-4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b.woff2
microsoft-tamu.liftforwardshop-staging.com/assets/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segoeuil-4f578c4246c534d84502db8ae83dfee1943a1bf04e9881605f7abeffc398f6e7.woff
microsoft-tamu.liftforwardshop-staging.com/assets/ |
180 KB 180 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segoeuisl-bc5bcd301f06cf3a435d7c33c3f4c89ee50357597cd432d2399033dc428a488c.woff2
microsoft-tamu.liftforwardshop-staging.com/assets/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 159 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1158.min.js
js-agent.newrelic.com/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shim.latest.js
js.intercomcdn.com/ Redirect Chain
|
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-3936224455.js
cdn.heapanalytics.com/js/ |
70 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3b101623cd
bam.nr-data.net/1/ |
57 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 212 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.61217e79.js
js.intercomcdn.com/ Frame 4A35 |
289 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.b5b604bc.js
js.intercomcdn.com/ Frame 4A35 |
577 KB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame 4A35 |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
3b101623cd
bam.nr-data.net/events/1/ |
24 B 209 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require function| Query function| Uri function| jsUri function| $ function| jQuery object| Rails boolean| _rails_loaded object| Spree object| jQuery112403736656281363222 object| SolidusPaypalBraintree object| BraintreeError function| show_flash object| analytics function| Intercom object| heap object| optimizely function| normalize number| __INTERCOM_MESSENGER_INIT_TIME__5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.liftforwardshop-staging.com/ | Name: ajs_anonymous_id Value: %22596d9ab8-c099-4a67-a7a9-fcff840a6af7%22 |
|
.liftforwardshop-staging.com/ | Name: ajs_group_id Value: null |
|
.liftforwardshop-staging.com/ | Name: ajs_user_id Value: null |
|
microsoft-tamu.liftforwardshop-staging.com/ | Name: _shop_session Value: G0dBYJonxXfTQYtBF1R7QIO5J9ReNmmwmeR30zaqWEuCp4QKRicuBrd4krdsVS93KUKAyBqqMNXeOQkZbpuQo8sBf9NwMy9VpKFILSrsUa%2FQHJlnHWxWNUDdNgQKAy0z0ZweO9Ab3blAQJIHvSkRTGI66YB27oktyv%2FL0g%3D%3D--lEtQ8QjMUF0opTlF--jHURxHQa2ssWxY81s6fvuA%3D%3D |
|
microsoft-tamu.liftforwardshop-staging.com/ | Name: guest_token Value: IjliMTduVDJEbk8tdlQ0WEl5R2ZsdXci--dd2793edefd72c628beaf93aecd6ad70d71350a7 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
api.segment.io
bam.nr-data.net
cdn.heapanalytics.com
cdn.segment.com
dl.airtable.com
heapanalytics.com
js-agent.newrelic.com
js.intercomcdn.com
microsoft-tamu.liftforwardshop-staging.com
res.cloudinary.com
widget.intercom.io
13.224.193.80
13.224.196.14
13.225.78.9
13.225.78.97
13.225.86.15
143.204.101.19
151.101.14.110
162.247.242.18
2a04:4e42:1b::393
52.89.79.226
54.174.175.170
54.84.75.185
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1856b06f01b8522759ee6d225c19f1a040b3f544150b101a357a3e1b47f251a5
2562a28b64549e40e58f3809a266b8c7523db6bba7481efb110fc468bdc60ab5
2c4bb5336f81422fe2f4694325f09372594eee10f9e79e35140027b89b513cc1
2ec5c66a431ec07b51052c35a6d0d8cf1d2943239b6236a1a5cd16e2dfd84d61
49568e4b8b6a3b5b1646f93ce1918d0909c53bc8f8337718af49c7d6bb576aae
4f578c4246c534d84502db8ae83dfee1943a1bf04e9881605f7abeffc398f6e7
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
5a7f116f812a0c1e730db6af5d3f588892e58a489df162e3da14f3fbfb59c99e
7715841b39980d9824a7947f4f129b82e3b783dd146aac2d959bd5797404c07b
81643f3752956ad438d4caeac388e728438326cdd5cfe7748edcd86160511e1d
845bc54d1ded580eb9505cadcf5fd86c3f7f05309cbb2e6c8f03eed0fe27ff28
869e83e681dec3c657d9078ada970c3ff72d11e9cdc2bfeadce22d98e26646e9
8eecbee58ed79e98e3b239c2c6216e40f1a2ec319687797fd379938daa1a82f1
9abc1ab2180469d048fea5542c44413360a1f35034a9e7f508bda94007fd3109
9bb79507a947da5fb9ec474e9b401838f0112e00097a7adfd675ec5e3c2a559e
aaf24f4398f91945e161f67f7f242e6f39ff1aea43bd87a432ff94288fccb163
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5bcd301f06cf3a435d7c33c3f4c89ee50357597cd432d2399033dc428a488c
c40a228fe49e923c959440554a7c3bcc64e4a528c1e7274bfac70d710d4106f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69c782a9af4691178e7727017aec0e40ee80dc50266622b31c23781b4a4c0dc
e7c008e32be3ce726dce342721fcbb784bd13d389a700792e40446dfc024c15a
ef470be72bc10701bd2c2c9bd3d1b0d2a9db7b9a89b2ef3aadcce697e5f57c08
f452ab1db58358e112b952f639561a279be89eaaab4b9f70a776a5a9458e44de
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23