twint.ch-payment.com
Open in
urlscan Pro
188.114.97.3
Public Scan
Effective URL: https://twint.ch-payment.com/de/pay/bank/sgkb/860162
Submission: On May 21 via manual from CH — Scanned from CH
Summary
TLS certificate: Issued by E1 on May 18th 2024. Valid for: 3 months.
This is the only time twint.ch-payment.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:400... 2a04:4e42:400::649 | 54113 (FASTLY) (FASTLY) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
2 4 | 213.193.104.20 213.193.104.20 | 6730 (SUNRISE) (SUNRISE) | |
1 | 2606:4700:440... 2606:4700:4400::ac40:9773 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:67c:4e8:... 2001:67c:4e8:f004::9 | 62041 (TELEGRAM) (TELEGRAM) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 216.58.206.67 216.58.206.67 | 15169 (GOOGLE) (GOOGLE) | |
27 | 14 |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
ASN6730 (SUNRISE, CH)
PTR: 213-193-104-20.static.cablecom.ch
www.onba.ch |
ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
ch-payment.com
twint.ch-payment.com |
540 KB |
4 |
onba.ch
2 redirects
www.onba.ch |
7 KB |
4 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
54 KB |
2 |
googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 866 fonts.googleapis.com — Cisco Umbrella Rank: 33 |
72 KB |
1 |
telegram.org
telegram.org — Cisco Umbrella Rank: 11351 |
15 KB |
1 |
lottiefiles.com
assets-v2.lottiefiles.com — Cisco Umbrella Rank: 389386 |
557 KB |
1 |
google.com
translate.google.com — Cisco Umbrella Rank: 1182 |
31 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
14 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 776 |
24 KB |
27 | 9 |
Domain | Requested by | |
---|---|---|
13 | twint.ch-payment.com |
twint.ch-payment.com
|
4 | www.onba.ch |
2 redirects
twint.ch-payment.com
|
3 | fonts.gstatic.com |
twint.ch-payment.com
fonts.googleapis.com |
1 | telegram.org |
twint.ch-payment.com
|
1 | fonts.googleapis.com |
twint.ch-payment.com
|
1 | assets-v2.lottiefiles.com |
twint.ch-payment.com
|
1 | translate.googleapis.com | |
1 | www.gstatic.com | |
1 | translate.google.com |
twint.ch-payment.com
|
1 | cdnjs.cloudflare.com |
twint.ch-payment.com
|
1 | code.jquery.com |
twint.ch-payment.com
|
27 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sgkb.ch |
www.onba.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ch-payment.com E1 |
2024-05-18 - 2024-08-16 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
lottiefiles.com GTS CA 1P5 |
2024-03-24 - 2024-06-22 |
3 months | crt.sh |
*.telegram.org Go Daddy Secure Certificate Authority - G2 |
2023-08-11 - 2024-09-11 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://twint.ch-payment.com/de/pay/bank/sgkb/860162
Frame ID: 9538EC3E70B709724E8F8D1162B8EDBF
Requests: 26 HTTP requests in this frame
Frame:
https://twint.ch-payment.com/chatBox/webApp/860162/Europe228849977
Frame ID: 1A8219D651C6CF717341CC965B49F11D
Requests: 6 HTTP requests in this frame
Frame:
data://truncated
Frame ID: 2B30E69FFBA54A2F2098288906BCC4E0
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
SGKB E-Banking LoginPage URL History Show full URLs
-
http://twint.ch-payment.com/de/pay/bank/sgkb/860162
HTTP 307
https://twint.ch-payment.com/de/pay/bank/sgkb/860162 Page URL
Detected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Axios (JavaScript libraries) Expand
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: Terms for Electronic Services
Search URL Search Domain Scan URL
Title: Homepage - St. Gallen Kantonalbank AG
Search URL Search Domain Scan URL
Title: Login E-Banking - St. Gallen Kantonalbank AG
Search URL Search Domain Scan URL
Title: Feedback
Search URL Search Domain Scan URL
Title: Please use a modern browser.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Legal info
Search URL Search Domain Scan URL
Title: Help/Support
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://twint.ch-payment.com/de/pay/bank/sgkb/860162
HTTP 307
https://twint.ch-payment.com/de/pay/bank/sgkb/860162 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://www.onba.ch/login/staticcontent/html/-288421100/css/sgkb/pic_logo.png HTTP 303
- https://www.onba.ch/pages/404.html?al_req_id=ZkxGovZ3CBUFnI3yKZowtwAACCY
- https://www.onba.ch/login/staticcontent/html/-288421100/css/sgkb/banner_login.png HTTP 303
- https://www.onba.ch/pages/404.html?al_req_id=ZkxGovZ3CBUFnI3yKZowtgAACA8
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
860162
twint.ch-payment.com/de/pay/bank/sgkb/ Redirect Chain
|
2 MB 502 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.1.slim.min.js
code.jquery.com/ |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/1.6.8/ |
41 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element.js
translate.google.com/translate_a/ |
90 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
socket.io.js
twint.ch-payment.com/socket.io/ |
132 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
twint.ch-payment.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AgM/d=0/rs=AN8SPfrixlL1amy8r1f0UQHcZ2HL9amUjg/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.CUFV8YGKxl4.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrAKALVD1eUIG8m1xHGX-0isoaMqw/ |
206 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
twint.ch-payment.com/socket.io/ |
118 B 535 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Europe228849977
twint.ch-payment.com/chatBox/webApp/860162/ Frame 1A82 |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
28 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
549 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
404.html
www.onba.ch/pages/ Redirect Chain
|
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
404.html
www.onba.ch/pages/ Redirect Chain
|
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 45 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 KB 38 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 KB 35 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
twint.ch-payment.com/socket.io/ |
2 B 410 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
twint.ch-payment.com/socket.io/ |
32 B 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3mdk9wAzDF.gif
assets-v2.lottiefiles.com/a/b90ff028-1177-11ee-81af-97de0bdd79c1/ |
556 KB 557 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 1A82 |
1 KB 818 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
socket.io.js
twint.ch-payment.com/socket.io/ Frame 1A82 |
132 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram-web-app.js
telegram.org/js/ Frame 1A82 |
65 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 2B30 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ |
6 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
twint.ch-payment.com/socket.io/ |
47 B 469 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
twint.ch-payment.com/socket.io/ |
2 B 404 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 1A82 |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 1A82 |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
twint.ch-payment.com/socket.io/ |
2 B 410 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
twint.ch-payment.com/socket.io/ |
2 B 405 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
twint.ch-payment.com/socket.io/ |
143 B 473 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
twint.ch-payment.com/socket.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- twint.ch-payment.com
- URL
- https://twint.ch-payment.com/socket.io/?EIO=4&transport=polling&t=O-Py-ov&sid=DcjA50FoQ2XcAkRdAA7N
Verdicts & Comments Add Verdict or Comment
70 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery function| axios function| googleTranslateElementInit function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| io function| getSocket function| openSocketChat function| closeSocketChat object| closure_lm_5851112 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
twint.ch-payment.com/de/pay/bank/sgkb | Name: googtrans Value: /auto/de |
|
twint.ch-payment.com/ | Name: connect.sid Value: s%3A%23Europe228849977.1TzLmzeoCyZKjHOS5%2FR1c05E%2Bp4jg1%2F8ZJ%2FIxJVDpDg |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets-v2.lottiefiles.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
telegram.org
translate.google.com
translate.googleapis.com
twint.ch-payment.com
www.gstatic.com
www.onba.ch
twint.ch-payment.com
104.17.25.14
188.114.97.3
2001:67c:4e8:f004::9
213.193.104.20
216.58.206.67
2606:4700:4400::ac40:9773
2a00:1450:4001:808::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:830::200a
2a04:4e42:400::649
234d24549fda75d451ed54a9ebf45d3dfb38679b2d383512cf02832cf0ab9226
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
3c2306994f8cd90aed02cf576cb46a5e35f3faa7ee102a338ce9cd8ddfc928e3
61df796661147a02177d22f6d9edb1fb40e5275ded128b52d669ccda36f4b823
632f30ff405b737d566889cd6aa2faf93fb83959f34793394241ac89c4a415d4
6626727de5146a15b379ab0dbfd1748e29b7dc6d188a8aad95aac9b528c8fdc1
671f45b0accf52804a26e21aabf34967749cb813a200579c2485931bfb0a1458
6ceae83143e132acc1d9770541d46bd37d4a3e426c1fa251b0a9f252d30ef783
6dac947794b7fccebad56a329a50b4f658e1879e311cf885a592b7bb726ee96c
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
93ae19138372dd9cfb3c3140653681c8567b179df3c0d7f542e5b6e44fdba8a5
99499c64815dbcb67dfb2b292588b7796e1baaf1377eb1450dfbe5cc5d614651
a219b96d0ba8e32441c99acedc91641e7531a1bd04b2e70abf34c0e19510f3b8
a2f8faf81c471643cb2a86fdefd8cfc2ed58da8efe6ec1d2e48f26c6a2957fd3
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
c08c886f8cc82460912f46507a47380bd8ba4d827c6eaf727b6dd3e69d6346f2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
da8b2fa561aefb38619993ab6a4a03327d150d064899bf8d33b510b89cb76428
e82ce7355c9626dd1f77ffaffdcc9f8b9e0cea27f104e2d6df4e26d43913e6ec
f08e70626ae1cc87844b612d3c90fe60bfc4eb42708c19bb279efb046011eb27
f1da53b9b2fe7e9e6272026602340c67102cb29b55d8c911fcc2b149537f4877