merchantsupport.gyft.com
Open in
urlscan Pro
104.16.51.111
Public Scan
Effective URL: https://merchantsupport.gyft.com/hc/en-us
Submission Tags: phishing malicious Search All
Submission: On December 03 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 4th 2020. Valid for: 3 months.
This is the only time merchantsupport.gyft.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2600:9000:206... 2600:9000:206f:4e00:3:6bda:6640:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 9 | 104.16.51.111 104.16.51.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 104.18.70.113 104.18.70.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 104.18.71.113 104.18.71.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
2 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 104.16.53.111 104.16.53.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
32 | 8 |
ASN16509 (AMAZON-02, US)
support.giftcards.clover.com |
ASN13335 (CLOUDFLARENET, US)
p20.zdassets.com | |
theme.zdassets.com | |
p4.zdassets.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
zdassets.com
static.zdassets.com p20.zdassets.com theme.zdassets.com p4.zdassets.com |
1 MB |
9 |
gyft.com
3 redirects
merchantsupport.gyft.com |
20 KB |
3 |
gstatic.com
fonts.gstatic.com |
27 KB |
3 |
jquery.com
code.jquery.com |
116 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
82 KB |
1 |
zendesk.com
gyft.zendesk.com |
10 KB |
1 |
googleapis.com
fonts.googleapis.com |
843 B |
1 |
clover.com
1 redirects
support.giftcards.clover.com |
238 B |
32 | 8 |
Domain | Requested by | |
---|---|---|
10 | static.zdassets.com |
merchantsupport.gyft.com
static.zdassets.com |
9 | merchantsupport.gyft.com |
3 redirects
merchantsupport.gyft.com
static.zdassets.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | theme.zdassets.com |
merchantsupport.gyft.com
p20.zdassets.com |
3 | code.jquery.com |
merchantsupport.gyft.com
code.jquery.com |
2 | maxcdn.bootstrapcdn.com |
merchantsupport.gyft.com
maxcdn.bootstrapcdn.com |
2 | p20.zdassets.com |
merchantsupport.gyft.com
|
1 | gyft.zendesk.com |
merchantsupport.gyft.com
|
1 | p4.zdassets.com |
merchantsupport.gyft.com
|
1 | fonts.googleapis.com |
merchantsupport.gyft.com
|
1 | support.giftcards.clover.com | 1 redirects |
32 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
giftcards.clover.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
support.gyft.com Let's Encrypt Authority X3 |
2020-10-04 - 2021-01-02 |
3 months | crt.sh |
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-10-28 - 2021-05-06 |
6 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
gyft.zendesk.com Cloudflare Inc ECC CA-3 |
2020-07-18 - 2021-07-18 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://merchantsupport.gyft.com/hc/en-us
Frame ID: 892E5E1180169A4DF30A4C6E89AA0F86
Requests: 32 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://support.giftcards.clover.com/
HTTP 301
https://merchantsupport.gyft.com/ HTTP 301
https://merchantsupport.gyft.com/hc HTTP 301
https://merchantsupport.gyft.com/hc/en-us Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Order Gift Cards
Search URL Search Domain Scan URL
Title: Product Overview
Search URL Search Domain Scan URL
Title: Return to Clover gift cards
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://support.giftcards.clover.com/
HTTP 301
https://merchantsupport.gyft.com/ HTTP 301
https://merchantsupport.gyft.com/hc HTTP 301
https://merchantsupport.gyft.com/hc/en-us Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://merchantsupport.gyft.com/api/v2/help_center/articles.json?per_page=10 HTTP 301
- https://merchantsupport.gyft.com/api/v2/help_center/en-us/articles.json?per_page=10
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
en-us
merchantsupport.gyft.com/hc/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-ebbf4a70487f9466c9be47bf4b6055f6.css
static.zdassets.com/hc/assets/ |
53 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theming_v1_support-7eacdab8920220a42cfc91404f4ed182.css
static.zdassets.com/hc/assets/ |
15 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
p20.zdassets.com/hc/theming_assets/529467/347099/ |
40 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-d5395f0b7ac5027403fc17855c46dbfc.js
static.zdassets.com/hc/assets/ |
91 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 843 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
code.jquery.com/ui/1.11.0/themes/smoothness/ |
32 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
code.jquery.com/ui/1.11.0/ |
451 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
p20.zdassets.com/hc/theming_assets/529467/347099/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
merchantsupport.gyft.com/cdn-cgi/bm/cv/2172558837/ |
25 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1589769b0273f9297aee9d9e80fe4c74e1cafd56.svg
theme.zdassets.com/theme_assets/529467/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
220eaaea05311c8861e65a6204fb48cd13ab0e6e.png
theme.zdassets.com/theme_assets/529467/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
support_2x.png
p4.zdassets.com/hc/theme_assets/529467/200050486/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.5948f421df3553385c54.js
static.zdassets.com/hc/assets/ |
183 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
host.js
gyft.zendesk.com/auth/v2/ |
25 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment-f6f8513da6ab17eadada59a1a4edb536.js
static.zdassets.com/hc/assets/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hc_enduser-e416c39f94f8794bbb680143d6a4fd33.js
static.zdassets.com/hc/assets/ |
1 MB 369 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc7988ad7658ab1c5766f9df9ab2edd14d20e98d.png
theme.zdassets.com/theme_assets/529467/ |
479 KB 480 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entypo-5adc1c49be0325a8cdac239d1b0b05ad.woff
static.zdassets.com/hc/assets/ |
44 KB 44 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1-43af8adb68b570d01ec104093f18c409.js
static.zdassets.com/hc/assets/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49-c2c9f3a2b45be974f6502c8d4e874146.js
static.zdassets.com/hc/assets/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
answerBot.js
static.zdassets.com/answer_bot_embeddable/ |
381 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
merchantsupport.gyft.com/hc/tracking/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
result
merchantsupport.gyft.com/cdn-cgi/bm/cv/ |
0 544 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csrf_token.json
merchantsupport.gyft.com/hc/api/internal/ |
144 B 872 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
articles.json
merchantsupport.gyft.com/api/v2/help_center/en-us/ Redirect Chain
|
20 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-bg_flat_75_ffffff_40x100.png
code.jquery.com/ui/1.11.0/themes/smoothness/images/ |
247 B 403 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| I18N object| a0_0xbb06 function| a0_0x47d0 object| Zendesk object| HelpCenter function| moment object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate number| mce-data-1eokthnf9 object| tinymce object| tinyMCE object| I18n object| __CF$cv$params object| answerBot object| log function| sprintf function| vsprintf object| jQuery1910031446875544795866 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
merchantsupport.gyft.com/ | Name: _help_center_session Value: MGdsMVFtWlhJYU1tTWNoZ3NrSElLTEVPbUpSaHRBL0VwYmJkT1NMaG96cXVaQjhUdkg3NjhMemM3VXFyUjIvdGxZcEZFYnd1M2xFb282eXBVbTZxa0kvZktxalJnTVhtaEdDeFhWQ2pKS1hJaG1WWCtLSVdTYVI5MVVpZEFRY2pSMkdXV3NtYUhKM1IydmRNODF3aGpiSEk2Y01XRlVmT25CTXFGczNiaDN6bk9CcXRmcld5R1NORlpRcEVKL20xLS1xaFl2N2tjYmZETUxDMmJFcW1OS2ZnPT0%3D--9f658916d3853e8a6dd1e87b376533b24f0b9325 |
|
.merchantsupport.gyft.com/ | Name: __cfruid Value: 2fc905e0426db1e83b2389c713d296a5a7eee7dc-1607019845 |
|
.merchantsupport.gyft.com/ | Name: __cf_bm Value: 6002bb2107628ce9394e53124ef114c3424ff648-1607019847-1800-AeSSBt3g/KtjgCNwjYQA2QE+BIkOBNjlhHlUWgA/mNkS |
|
merchantsupport.gyft.com/ | Name: _zendesk_session Value: BAh7CkkiD3Nlc3Npb25faWQGOgZFVEkiJTYwYTExYTA4NjhjOTgxZjY3ZDZhNGZjMTBkNTUyZjZlBjsAVEkiDGFjY291bnQGOwBGaQM7FAhJIgpyb3V0ZQY7AEZpAxv8CkkiDmlzX21vYmlsZQY7AFRGSSITd2FyZGVuLm1lc3NhZ2UGOwBUewA%3D--a3f8202c0430056efbd537c900024ee8387311fb |
|
merchantsupport.gyft.com/ | Name: _zendesk_shared_session Value: -dEpZYVdISFJMZ2xYOW1LNHI5RVlWdC9CcHVHZDl2UHE5ZkVLeVRoK3Y1MEpQbzFRYldSQzBuc1ZKTkpvUkM2NXRMeVpxanhJUmNyd0lNN2pDWkpnTVhSWHRlSmhkZ3RaTVdobm1NRTN6ZHRhcUF5cTdpcEZTaE0yanRXTjhOVnVKdFZLRUZUVmdWVTVQK0RXRUNGMVp3PT0tLWlOK3MrZHpVQU1zanpQb1BGUndndkE9PQ%3D%3D--3f72d75d7e2187380920188e5e86be96dad1abeb |
|
.merchantsupport.gyft.com/ | Name: __cfduid Value: df08d46d2cd0849917b63b07fabb7f11f1607019845 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=259200; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
gyft.zendesk.com
maxcdn.bootstrapcdn.com
merchantsupport.gyft.com
p20.zdassets.com
p4.zdassets.com
static.zdassets.com
support.giftcards.clover.com
theme.zdassets.com
104.16.51.111
104.16.53.111
104.18.70.113
104.18.71.113
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
2600:9000:206f:4e00:3:6bda:6640:93a1
2a00:1450:4001:803::200a
2a00:1450:4001:819::2003
0343f37ebbd97d0f147e4adb5fa3b2362f7f48d79db51cbaa613ebcb4dbc9515
06ba7c62f0b110ea62670d76b52bd809148553e4dd40d3bb95de172029a11fb9
12a867e48c4fb26e47408297f909b8f4c4bee2fc22837f3eaf1d2f1ba15285e2
1697d1e4e23121531a7203cbeb41379b91d8c69fbb543cedf3ff1fd73c2a8504
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d7ca392d9b45723af1cd44a9178db19fd0af6a7aaa49afd882e3a472201f7b2
3e46bffb5f4bd8c42e67e417d2bbb3740eb7474e65c16e0053e736237380d77f
419f5ded14ea793b766e4316baa9397d0c1bcf4dec40e7191bad9dae7e490209
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
63c87c74fa568ef94639f966bd405654b43bbcd78aabd8074ce9ed6a5398d5a3
78564ecc2c52c079f35c16b44ff2a9256b745d79ec5b66353f7b73469af2c26f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a45f8e08f50ab8ec40d9501949a572a34a9fd8e3cf15baaed65904f91ce6b32
7edbb81bd47ae196001051b58c67c3e0b90f3dce50edcddf9f5bf2a36a5ca9ab
8099f06c3097dbe4ed8d47434ec496823e66e1bc774121babbcbb36dcb451ccb
93ae5bcffb1086fd5bee54962487cbe0bc011cd5354b33b8d56ed8ce7148ecd2
9d8d2945f22dc5d872a814a9cbe4e5ab3d0a4a56b3c651d675591dcf83e7a7ca
ad46fb9287d9b01ef7cf3264d4a419776f8a643f0e6a71b522ba4b2f9cd27733
af75ef88a08a11991a5572ea5c9c97e7db1b7049bd0a1b4178d2051082e82c73
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bc1e2a9f7c99c470aeb0259103200f72f394388a814080d413b1f15f9561262b
c2263002d3521779ee5854440cee6fc797304a69e0c04d691a0e7d3505110946
c778e8d899ab473ff75ad2bbc147bb110be74022cdbff7509a2c67958acc9cfa
c79f45aa72da8267dd5abcffe78bfd8fbc9add544bbccf6db01d5b6f54e1c7d8
cc6fef41f718988375e6774e0772183e68d2fe4ac7fdb46f99e1276ace91b1a4
cc83c558e23dddaa4c5acacc706061e73fecf978293814a6797079794dba18b2
cea3b1e5710947fcfa130216ca09c114a928c0c1712754d9d8151d37fb54e416
cfcb2af9fc17cbac57d472c1259e5da32ad698506143d946de9fc02a88a928ab
d33e3df0554793c6719aff0ba646184aa2d30605eee515afcd85e1925fdafff2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855