fond.co
Open in
urlscan Pro
54.153.89.143
Public Scan
Effective URL: https://fond.co/essex.com/users/confirmation?confirmation_token=STcsB2eHsyHU9RjfQRUw&_branch_match_id=8272275537...
Submission: On August 26 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on March 5th 2020. Valid for: 2 years.
This is the only time fond.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-241-177.eu-west-1.compute.amazonaws.com
mail.fond.co |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-89-143.us-west-1.compute.amazonaws.com
fond.co |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-231.dus51.r.cloudfront.net
d2ozb2dzx6fukc.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-67.dus51.r.cloudfront.net
d1ikbwk92wlcol.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-168-44.compute-1.amazonaws.com
go.toutapp.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudfront.net
d2ozb2dzx6fukc.cloudfront.net d1ikbwk92wlcol.cloudfront.net |
1 MB |
4 |
stripe.com
js.stripe.com |
66 KB |
3 |
fond.co
2 redirects
mail.fond.co fond.co |
14 KB |
2 |
nr-data.net
bam.nr-data.net |
449 B |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
62 KB |
1 |
newrelic.com
js-agent.newrelic.com |
11 KB |
1 |
google.de
www.google.de |
107 B |
1 |
google.com
www.google.com |
119 B |
1 |
toutapp.com
go.toutapp.com |
297 B |
1 |
doubleclick.net
googleads.g.doubleclick.net |
1 KB |
1 |
googleadservices.com
www.googleadservices.com |
12 KB |
1 |
optimizely.com
cdn.optimizely.com |
63 KB |
1 |
app.link
1 redirects
fond.app.link |
728 B |
27 | 14 |
Domain | Requested by | |
---|---|---|
6 | d2ozb2dzx6fukc.cloudfront.net |
fond.co
d2ozb2dzx6fukc.cloudfront.net |
4 | js.stripe.com |
fond.co
js.stripe.com |
2 | bam.nr-data.net |
js-agent.newrelic.com
fond.co |
2 | www.google-analytics.com |
www.googletagmanager.com
fond.co |
2 | www.googletagmanager.com |
fond.co
|
2 | fond.co | 1 redirects |
1 | js-agent.newrelic.com |
fond.co
|
1 | www.google.de |
fond.co
|
1 | www.google.com |
fond.co
|
1 | go.toutapp.com |
fond.co
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
fond.co
|
1 | d1ikbwk92wlcol.cloudfront.net |
fond.co
|
1 | cdn.optimizely.com |
fond.co
|
1 | fond.app.link | 1 redirects |
1 | mail.fond.co | 1 redirects |
27 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
blog.fond.co |
twitter.com |
facebook.com |
www.linkedin.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.fond.co Sectigo RSA Organization Validation Secure Server CA |
2020-03-05 - 2022-03-23 |
2 years | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2020-07-07 - 2020-10-08 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
sales.marketo.com Amazon |
2020-08-05 - 2021-09-05 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-08-24 - 2021-05-07 |
8 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://fond.co/essex.com/users/confirmation?confirmation_token=STcsB2eHsyHU9RjfQRUw&_branch_match_id=827227553708656616
Frame ID: D6F03E086502308805B5D35E6EFAF292
Requests: 25 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffond.co&stripe_xdm_c=default721075&stripe_xdm_p=1
Frame ID: 01CEB2DDA5ED79F79CACDD5133627EF8
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-93be17fde268c6ff50c5aed9122214d2.html
Frame ID: CF01BB61D6A967A87FC5187EA74F893A
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mail.fond.co/track/click/30255776/fond.app.link?p=eyJzIjoiX0NLaG5fd3ZwbXAxSkJ5QXRxSDd6a0V...
HTTP 302
https://fond.app.link/PCPCut6Qg9 HTTP 307
http://fond.co/essex.com/users/confirmation?confirmation_token=STcsB2eHsyHU9RjfQRUw&_branch... HTTP 301
https://fond.co/essex.com/users/confirmation?confirmation_token=STcsB2eHsyHU9RjfQRUw&_branch... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Blog
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mail.fond.co/track/click/30255776/fond.app.link?p=eyJzIjoiX0NLaG5fd3ZwbXAxSkJ5QXRxSDd6a0VFS2VnIiwidiI6MSwicCI6IntcInVcIjozMDI1NTc3NixcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2ZvbmQuYXBwLmxpbmtcXFwvUENQQ3V0NlFnOVwiLFwiaWRcIjpcIjQ1MWJhNTEzY2FhZTQ2YTJiMjkwZTFjZGE1ZDg2ZWI0XCIsXCJ1cmxfaWRzXCI6W1wiN2M4NTg2ZjhkMzUzMDcxZmRlMWUzOTA1MzJiM2Q4MTJiNDczN2QxNFwiXX0ifQ
HTTP 302
https://fond.app.link/PCPCut6Qg9 HTTP 307
http://fond.co/essex.com/users/confirmation?confirmation_token=STcsB2eHsyHU9RjfQRUw&_branch_match_id=827227553708656616 HTTP 301
https://fond.co/essex.com/users/confirmation?confirmation_token=STcsB2eHsyHU9RjfQRUw&_branch_match_id=827227553708656616 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
confirmation
fond.co/essex.com/users/ Redirect Chain
|
31 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
288518099.js
cdn.optimizely.com/js/ |
178 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-3fdd6eb2c59652a964573af30f10300b21e46472fc42064340d0568e09a10ec3.css
d2ozb2dzx6fukc.cloudfront.net/assets/ |
207 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css
d2ozb2dzx6fukc.cloudfront.net/assets/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.js
d1ikbwk92wlcol.cloudfront.net/production1/ |
3 MB 857 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-cc20b6f918f9114427bbaadefb25ce1257212ee2aa38f2280402d3b632f776b8.js
d2ozb2dzx6fukc.cloudfront.net/assets/ |
465 KB 135 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.sidr.min-6f54be68848a4fc7f23ccfbd0878e75a456fc958ff6890943a736a1acd5d795a.js
d2ozb2dzx6fukc.cloudfront.net/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v2/ |
63 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
171 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fond_logo-a1e593ee476622327d30ab263a263a9528b31be49bcabf17aa3f8e256fdc2cd7.png
d2ozb2dzx6fukc.cloudfront.net/assets/common/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
68 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-Walsheim-Pro-Regular-6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7.woff
d2ozb2dzx6fukc.cloudfront.net/assets/fonts/ |
115 KB 116 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AnyPerk-Regular-531c11099c0a1a8d410f5e7afc41ebda011f270a3e183133ea656b5f540a0116.woff
d2ozb2dzx6fukc.cloudfront.net/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/981506770/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emmpd57j9c
go.toutapp.com/site/ |
0 297 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
channel.html
js.stripe.com/v2/ Frame 01CE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-93be17fde268c6ff50c5aed9122214d2.html
js.stripe.com/v3/ Frame CF01 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AnyPerk-Regular-ccbc9443538f16d1e9ade0951cdfbf83295f7e82a0abbb88a645a0a74589d3b6.ttf
d2ozb2dzx6fukc.cloudfront.net/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/981506770/ |
42 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/981506770/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/2+Q/46 |
collect
www.google-analytics.com/r/ |
35 B 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1177.min.js
js-agent.newrelic.com/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f835ddceab
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
f835ddceab
bam.nr-data.net/events/1/ |
24 B 174 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- d2ozb2dzx6fukc.cloudfront.net
- URL
- https://d2ozb2dzx6fukc.cloudfront.net/assets/fonts/AnyPerk-Regular-531c11099c0a1a8d410f5e7afc41ebda011f270a3e183133ea656b5f540a0116.woff
- Domain
- d2ozb2dzx6fukc.cloudfront.net
- URL
- https://d2ozb2dzx6fukc.cloudfront.net/assets/fonts/AnyPerk-Regular-ccbc9443538f16d1e9ade0951cdfbf83295f7e82a0abbb88a645a0a74589d3b6.ttf
Verdicts & Comments Add Verdict or Comment
101 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| NREUM object| newrelic function| __nr_require object| dataLayer object| geolocation object| optly object| optimizely function| getUserDomain function| cloudHelper function| assetHelper function| getParamValueOf function| getPartnerServiceCategoryId function| scrollToTop function| hideSlideInMenu function| removeActiveCategoryClass function| addActiveCategoryClass object| ActiveScaffold object| sjcl object| s function| $ function| jQuery object| jQuery11240051417844973042026 function| _ function| Class object| FixedSticky object| company_domain_admin_reward_programs_ns object| company_domain_admin_reward_programs_one_shot_ns object| cd_home_ns object| apah_perk_savings_ns object| apah_perk_savings_overview_ns object| anyperk_ns object| reward_programs_reports_overview_ns object| site_admin_stats_company_invitations_ns object| site_admin_stats_revenues_ns object| site_admin_stats_unapproved_company_domains_ns object| site_admin_stats_details_index_ns function| Stripe function| gtag undefined| confirmation_token undefined| company_domain undefined| iframe object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime function| requestAnimFrame object| __algolia function| setImmediate function| clearImmediate function| Color function| Chart undefined| mountHome10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fond.co/ | Name: _gid Value: GA1.2.703752084.1598464646 |
|
.fond.co/ | Name: _ga Value: GA1.2.1775523417.1598464646 |
|
.fond.co/ | Name: __stripe_mid Value: c22cb5e9-b303-4192-a8bf-539e46088b2393ebff |
|
.fond.co/ | Name: optimizelyPendingLogEvents Value: %5B%5D |
|
.fond.co/ | Name: __stripe_sid Value: 2ef5faa3-7e1d-4779-af9e-fc2fab5b293ff9df25 |
|
.fond.co/ | Name: optimizelySegments Value: %7B%22288737912%22%3A%22gc%22%2C%22288767519%22%3A%22false%22%2C%22288801161%22%3A%22direct%22%7D |
|
.fond.co/ | Name: optimizelyBuckets Value: %7B%7D |
|
.fond.co/ | Name: _gat_UA-24269933-12 Value: 1 |
|
.fond.co/ | Name: optimizelyEndUserId Value: oeu1598464646054r0.3355146044903592 |
|
.fond.co/ | Name: _anpk_session Value: 4e9670f421b383daf4d02efa22ad4f04 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
cdn.optimizely.com
d1ikbwk92wlcol.cloudfront.net
d2ozb2dzx6fukc.cloudfront.net
fond.app.link
fond.co
go.toutapp.com
googleads.g.doubleclick.net
js-agent.newrelic.com
js.stripe.com
mail.fond.co
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
d2ozb2dzx6fukc.cloudfront.net
13.226.156.231
13.226.156.67
151.101.112.176
151.101.114.110
162.247.242.21
172.217.16.162
2600:9000:2057:7c00:19:9934:6a80:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:81e::2003
2a00:1450:4001:820::2008
2a02:26f0:6c00:2a0::13b8
34.253.241.177
52.55.168.44
54.153.89.143
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
19f7596275479b0bc1652f146a34dd424a0a9bd8d465f3d2b7a25ebb6ae18eb1
1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406
4dc1c5a5731211394f910cdf1989636030865558fa49624cb9d7ad4ed3f58b04
67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca
6f54be68848a4fc7f23ccfbd0878e75a456fc958ff6890943a736a1acd5d795a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cc808417f88555af987bbf2b2386837259e7128860801311d9d44633f406650
95cbb4072ba94ec569ed0ce6d591a986b5282cdc8d0c161f5add7ca1e6091a19
98dbc2ad2df89999faf5b4a22702e650d2795e91e6f7b1b70232e93f0cd8ef94
a1e593ee476622327d30ab263a263a9528b31be49bcabf17aa3f8e256fdc2cd7
adfc1936dea517d0e8deb8d14a3050af8bae2b844991c52d68d948b002b15c60
bfca659addb962665cc8e260a331d31e23d9aaf6fe08a3c4d728a3cdac847f72
c4a0b213fa8582d07ee474781b5d828fbc1d1ecf2f59875f803f1571891333d3
cc20b6f918f9114427bbaadefb25ce1257212ee2aa38f2280402d3b632f776b8
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d79cb98fad05c3c4e74a25b856530b70db20e4bcf316efaff31ea07035be1064
e1372b5884564182bc982b27e88681185bc1b87171a60436c3de33f13620da5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955