allstateca2.invoca.net
Open in
urlscan Pro
50.19.219.174
Public Scan
Effective URL: https://allstateca2.invoca.net/login?return_to=https%3A%2F%2Fallstateca2.invoca.net%2Fa_campaigns%2Fterms%2F1763484__%3B%21%21I...
Submission: On March 23 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 9 months.
This is the only time allstateca2.invoca.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 50.19.219.174 50.19.219.174 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
10 | 52.222.250.76 52.222.250.76 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 143.204.101.123 143.204.101.123 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.217.173.88 52.217.173.88 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:223... 2600:9000:223f:fe00:1f:aa31:7740:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:831::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c0c::9d | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:806::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.107.204.85 34.107.204.85 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
22 | 9 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-219-174.compute-1.amazonaws.com
allstateca2.invoca.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-76.fra60.r.cloudfront.net
d2jek438uk892n.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-123.fra50.r.cloudfront.net
ddjpm113gwch5.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE, US)
fonts.gstatic.com | |
www.google.de |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com
app.pendo.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
cloudfront.net
d2jek438uk892n.cloudfront.net ddjpm113gwch5.cloudfront.net |
3 MB |
2 |
google-analytics.com
1 redirects
ssl.google-analytics.com — Cisco Umbrella Rank: 404 |
17 KB |
2 |
pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 836 app.pendo.io — Cisco Umbrella Rank: 1784 |
132 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
2 |
invoca.net
1 redirects
allstateca2.invoca.net |
8 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6058 |
408 B |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 |
484 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 70 |
379 B |
1 |
amazonaws.com
s3.amazonaws.com |
31 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
849 B |
22 | 10 |
Domain | Requested by | |
---|---|---|
10 | d2jek438uk892n.cloudfront.net |
allstateca2.invoca.net
|
3 | ddjpm113gwch5.cloudfront.net |
allstateca2.invoca.net
|
2 | ssl.google-analytics.com |
1 redirects
allstateca2.invoca.net
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | allstateca2.invoca.net | 1 redirects |
1 | app.pendo.io | |
1 | www.google.de |
allstateca2.invoca.net
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | cdn.pendo.io |
allstateca2.invoca.net
|
1 | s3.amazonaws.com |
allstateca2.invoca.net
|
1 | fonts.googleapis.com |
allstateca2.invoca.net
|
22 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.invoca.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
invoca.net Amazon RSA 2048 M02 |
2023-02-22 - 2023-11-22 |
9 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
s3.amazonaws.com Amazon RSA 2048 M01 |
2022-12-06 - 2023-12-05 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
cdn.pendo.io Amazon RSA 2048 M01 |
2023-02-20 - 2023-08-28 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
pendo.io GTS CA 1D4 |
2023-02-21 - 2023-05-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://allstateca2.invoca.net/login?return_to=https%3A%2F%2Fallstateca2.invoca.net%2Fa_campaigns%2Fterms%2F1763484__%3B%21%21IIU9BLNPZ2ob%21L_VeM1Z0L_xRGpb6w5skLIM6gf4-dpBB1WD5ggG1Du8VqB8ZBmjVvaWfq8nM87dgQFz6qSFdLHN6lv9kkcfwJhne%24
Frame ID: 3610B8C42D113579ED61F4B999F35C05
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Login | Allstate Canada - 2.0Page URL History Show full URLs
-
https://allstateca2.invoca.net/a_campaigns/terms/1763484__;!!IIU9BLNPZ2ob!L_VeM1Z0L_xRGpb6w5skLIM6gf4-dpBB1...
HTTP 302
https://allstateca2.invoca.net/login?return_to=https%3A%2F%2Fallstateca2.invoca.net%2Fa_campaigns%2Fterms%2... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Summit on-demand
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://allstateca2.invoca.net/a_campaigns/terms/1763484__;!!IIU9BLNPZ2ob!L_VeM1Z0L_xRGpb6w5skLIM6gf4-dpBB1WD5ggG1Du8VqB8ZBmjVvaWfq8nM87dgQFz6qSFdLHN6lv9kkcfwJhne$
HTTP 302
https://allstateca2.invoca.net/login?return_to=https%3A%2F%2Fallstateca2.invoca.net%2Fa_campaigns%2Fterms%2F1763484__%3B%21%21IIU9BLNPZ2ob%21L_VeM1Z0L_xRGpb6w5skLIM6gf4-dpBB1WD5ggG1Du8VqB8ZBmjVvaWfq8nM87dgQFz6qSFdLHN6lv9kkcfwJhne%24 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1086737856&utmhn=allstateca2.invoca.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Login%20%7C%20Allstate%20Canada%20-%202.0&utmhid=1105848499&utmr=-&utmp=%2Flogin%3Freturn_to%3Dhttps%25253A%25252F%25252Fallstateca2.invoca.net%25252Fa_campaigns%25252Fterms%25252F1763484__%25253B%252521%252521IIU9BLNPZ2ob%252521L_VeM1Z0L_xRGpb6w5skLIM6gf4-dpBB1WD5ggG1Du8VqB8ZBmjVvaWfq8nM87dgQFz6qSFdLHN6lv9kkcfwJhne%252524&utmht=1679568795030&utmac=UA-6663848-1&utmcc=__utma%3D124481618.309918130.1679568795.1679568795.1679568795.1%3B%2B__utmz%3D124481618.1679568795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1628362360&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6663848-1&cid=309918130.1679568795&jid=1628362360&_v=5.7.2&z=1086737856 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6663848-1&cid=309918130.1679568795&jid=1628362360&_v=5.7.2&z=1086737856 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6663848-1&cid=309918130.1679568795&jid=1628362360&_v=5.7.2&z=1086737856&slf_rd=1&random=988883347
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
allstateca2.invoca.net/ Redirect Chain
|
16 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 849 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
honeybadger-69cf8ceff2506f06fd97.chunk.js
d2jek438uk892n.cloudfront.net/assets/packs/js/ |
318 B 698 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-3fa01f82.css
d2jek438uk892n.cloudfront.net/assets/packs/css/ |
549 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-88f4d271f9324505b336.js
d2jek438uk892n.cloudfront.net/assets/packs/js/ |
6 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~application-465f6570f0338aaad320.chunk.js
d2jek438uk892n.cloudfront.net/assets/packs/js/ |
143 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-0afa47be8db54d1365b3.chunk.js
d2jek438uk892n.cloudfront.net/assets/packs/js/ |
41 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-72c51134889d91f8c0cee6b097770352567dce327bc3c28583949e8139c2663b.js
d2jek438uk892n.cloudfront.net/assets/ |
117 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~header-5da55f4ba7c0adcc3d59.chunk.js
d2jek438uk892n.cloudfront.net/assets/packs/js/ |
170 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-6fa3c6cc36aeee745605.chunk.js
d2jek438uk892n.cloudfront.net/assets/packs/js/ |
55 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core-2.0.72.js
ddjpm113gwch5.cloudfront.net/assets/ |
483 KB 135 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
babel.min-f3280692f2153bb6604637c41d57185eaf69e48fadb933d96444d2a01e2036fb.js
d2jek438uk892n.cloudfront.net/assets/ |
3 MB 570 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
primary_header_and_nav-e705305705a420564782.chunk.js
d2jek438uk892n.cloudfront.net/assets/packs/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
current.png
s3.amazonaws.com/ringrevenue-uploads-3/logos/438/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-hero-0.0.68.js
ddjpm113gwch5.cloudfront.net/assets/ |
354 KB 137 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pendo.js
cdn.pendo.io/agent/static/6f45f68b-e8b7-4224-4ff4-14d61fcf671e/ |
396 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56350c6f2ed7844a7e46da28ec174569.png
ddjpm113gwch5.cloudfront.net/assets/ |
114 KB 115 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6f45f68b-e8b7-4224-4ff4-14d61fcf671e
app.pendo.io/data/ptm.gif/ |
42 B 361 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
164 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| PageEvents object| Invoca object| webpackJsonp function| clearImmediate function| setImmediate object| regeneratorRuntime object| jQuery110205416794501995885 function| ColReorder number| 2f1acc6c3a606b082e5eef5e54414ffb object| SharedComponents object| FacebookSettings object| ReactComponents object| CustomDataActions function| jQuery function| $ function| _ object| Backbone object| Backdraft object| toastr object| React object| ReactDOM object| ReactDOMServer object| JST function| Dropzone object| Application object| Dialog object| CitySearch function| Class object| Creative function| validate_email_on function| validate_password_on function| log_error function| log_warning function| log_info function| log function| handle_exception function| hide_flash function| show_flash_notice function| show_flash_error function| BestInPlaceEditor function| ext_override_grid_panel_apply_state_ignore_hidden function| ext_override_grid_panel_apply_state function| stripTags function| escapeHTML function| unescapeHTML function| include function| escape_quotes function| escaped_template_for_combo function| nothing_on_enter_key function| blur_if_enter_pressed function| is_enter_key function| on_grid_error_base function| on_grid_error function| ext_view_config function| ext_maximize_grid function| ext_download_grid function| check_cookied_column function| clear_typeahead function| parse_domain_from_url function| make_popup function| field_to_float function| field_to_int function| append_query_params function| query_separator function| go_to_location function| link_toggle_div function| toggle_hours_of_operation function| toggle_sms_fields function| disable_operating_hours function| on_operating_hours_edit function| put_date_value function| char_count_update function| makeWrappedNode function| makeNode function| toggle_ivr_tree function| load_ivr_tree_data function| renderPrompt function| renderDestination function| createExtColumnTree function| toggle_row function| update_table_highlighting function| toggle_target function| toggle_content_in_ext_grid_cell function| on_multi_checkbox_clicked function| resize_text_area function| newImageUploadControl function| initialize_html_editor function| HtmlViewer function| resize_iframe function| LinkUrlTestRunnerManager function| LinkUrlTestRunner function| checkbox_ajax function| build_invoice_date_url function| build_number_usage_detail_url function| add_commas function| enum_renderer function| money_renderer function| nullable_money_renderer function| count_renderer function| date_renderer function| date_only_renderer function| publisher_id_from_network_renderer function| publisher_id_from_network_using_id_renderer function| publisher_id_from_network_with_campaign_renderer function| publisher_id_from_network_renderer_with_id_name function| zero_pad function| format_seconds_renderer function| conversion_rate_0_to_100_renderer function| conversion_rate_renderer function| get_color_by_value function| add_trend_color_around_value function| is_drilldown_column function| is_trend_or_difference_column function| percent_renderer function| precision_formatter function| budget_alert_renderer function| notes_renderer function| show_notes_edit function| format_conditions function| billing_link_renderer function| ranking_renderer function| earnings_renderer function| empty_renderer function| total_percent function| grand_total function| totals_renderer function| call_recording_renderer_in_popup function| call_recording_renderer function| call_recording_renderer_internal function| call_recording_renderer_with_signal_details function| showSignalDetails function| get_call_recording object| Html5Player object| GlobalSearch object| AccountInfo object| Tooltip object| STATUS_CHECK_BOX_CYCLE object| notes function| campaign_notes_renderer function| network_notes_renderer function| advertiser_notes_renderer function| affiliate_notes_renderer object| Stats function| EditableTable function| Pusher function| Mousetrap function| common_on_load_init function| on_load undefined| accountMenu object| navManager object| Ext object| __MUI_LICENSE_INFO__ object| titanCore object| Babel object| Titan object| pendo object| _gaq object| _titanCore function| ThemeProvider object| theme function| TitanWrapper object| _gat object| gaGlobal7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.invoca.net/ | Name: vid Value: 2023-03-23+10%3A53%3A13 |
|
.invoca.net/ | Name: _rr_session_id Value: 826a867c346d3992db395760e4e6816e |
|
.invoca.net/ | Name: __utma Value: 124481618.309918130.1679568795.1679568795.1679568795.1 |
|
.invoca.net/ | Name: __utmc Value: 124481618 |
|
.invoca.net/ | Name: __utmz Value: 124481618.1679568795.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.invoca.net/ | Name: __utmt Value: 1 |
|
.invoca.net/ | Name: __utmb Value: 124481618.1.10.1679568795 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
allstateca2.invoca.net
app.pendo.io
cdn.pendo.io
d2jek438uk892n.cloudfront.net
ddjpm113gwch5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
143.204.101.123
2600:9000:223f:fe00:1f:aa31:7740:93a1
2a00:1450:4001:806::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9d
34.107.204.85
50.19.219.174
52.217.173.88
52.222.250.76
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2e2fc77315039f98f8fea47fece88e5b9a8485d1a666766d0ecfab7957ee6cff
36b1d5ea5c2db361e4cdf80a6f8f1dd990469dc33ac0642250505653e0397b22
5dc75a671d60b5b1541c3197f814db0914c2df5470be182a10e713be9931f8d4
6b2a1fc00ae30566b3cd774cd6436ec667f96197a4be56faafe531dbbd571e96
7bfbb0f17522413f89415021f5e874864a917c33107eed8eea233715d43fc88a
8b973c290007e644535f633afbe859b1e85b83f76a71016efab8da8c9d78541a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94107abcf11e97438a465fd092c47d0b137d0057c9c7779c7255ceaaa71174e5
9500258ba52396adee6ec272ccae891a6aad50617386218e195e9764cede2f66
9df44983dfb1af789cdc245545dfa2e7d1dee6989a601ecc330fb37b78fe5c1d
a1478a45435f5f3d700122e5f829f6ee7ecca62c15fc0769187d222c355403d7
a19fa93de544fb7102c44ed11f6f01a87bd83f34a6ba3c8fcc868da34ab666c9
baaebec9fa7af48f4b302ff4d2b424afc3048198fcca7e33c70e48b303842c90
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cabc9281b547019d16f1e33aca7a5fa1b713b5ca26d30c6475dfbb19082c5edf
d7c62b2f2bc3d4b9c7e91e071c7bae0ffc47f49a4c8be0973f8fb288ea24dbf3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0857ee4987309b4a28fa8fb373d25ffa06924d123affa40860c2e8f94b1c7f5
f43327a94a92e27f5fd51cf8ff71d0555cd62615776b2be5c950272465abd0d4
fc51d0e1c6c932ec573f7d53e5474bc64670455066ff8ae9f393f4119ee40e02