heritageaction.quorum.us
Open in
urlscan Pro
52.44.71.168
Public Scan
Effective URL: https://heritageaction.quorum.us/campaign/32807/
Submission: On April 29 via api from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 1st 2021. Valid for: a year.
This is the only time heritageaction.quorum.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-11-230.compute-1.amazonaws.com
gotoweb.co |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-71-168.compute-1.amazonaws.com
heritageaction.quorum.us |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
quorum-media.s3.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
quorum.us
heritageaction.quorum.us static.quorum.us |
788 KB |
6 |
googleapis.com
maps.googleapis.com |
204 KB |
4 |
facebook.net
connect.facebook.net |
161 KB |
3 |
gstatic.com
fonts.gstatic.com maps.gstatic.com |
33 KB |
3 |
twitter.com
platform.twitter.com syndication.twitter.com |
132 KB |
2 |
nr-data.net
bam.nr-data.net |
466 B |
2 |
facebook.com
www.facebook.com |
337 B |
2 |
youtube.com
www.youtube.com |
40 KB |
2 |
amazonaws.com
quorum-media.s3.amazonaws.com |
31 KB |
1 |
newrelic.com
js-agent.newrelic.com |
12 KB |
1 |
ravenjs.com
cdn.ravenjs.com |
13 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
30 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
18 KB |
1 |
vimeo.com
player.vimeo.com |
7 KB |
1 |
gotoweb.co
1 redirects
gotoweb.co |
302 B |
36 | 15 |
Domain | Requested by | |
---|---|---|
6 | maps.googleapis.com |
heritageaction.quorum.us
maps.googleapis.com |
5 | heritageaction.quorum.us |
static.quorum.us
|
4 | connect.facebook.net |
heritageaction.quorum.us
connect.facebook.net |
2 | bam.nr-data.net |
js-agent.newrelic.com
cdn.ravenjs.com |
2 | maps.gstatic.com |
heritageaction.quorum.us
|
2 | www.facebook.com |
heritageaction.quorum.us
|
2 | www.youtube.com |
heritageaction.quorum.us
www.youtube.com |
2 | quorum-media.s3.amazonaws.com |
heritageaction.quorum.us
|
2 | static.quorum.us |
heritageaction.quorum.us
|
2 | platform.twitter.com |
heritageaction.quorum.us
platform.twitter.com |
1 | js-agent.newrelic.com |
heritageaction.quorum.us
|
1 | syndication.twitter.com |
platform.twitter.com
|
1 | fonts.gstatic.com |
quorum-media.s3.amazonaws.com
|
1 | cdn.ravenjs.com |
heritageaction.quorum.us
|
1 | www.googletagmanager.com |
heritageaction.quorum.us
|
1 | maxcdn.bootstrapcdn.com |
heritageaction.quorum.us
|
1 | player.vimeo.com |
heritageaction.quorum.us
|
1 | gotoweb.co | 1 redirects |
36 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.quorum.us |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.quorum.us Sectigo RSA Domain Validation Secure Server CA |
2021-02-01 - 2022-02-01 |
a year | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-05 - 2021-11-09 |
a year | crt.sh |
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-04-12 - 2022-04-13 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-01-11 - 2022-02-11 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-02-22 - 2022-03-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-04-26 - 2022-04-10 |
a year | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://heritageaction.quorum.us/campaign/32807/
Frame ID: 64AA73089C0674B8CF34C7DFB9B9E9DC
Requests: 35 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fheritageaction.quorum.us
Frame ID: 66A321157490CA936926912C6924A84C
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://gotoweb.co/g44r5
HTTP 302
https://heritageaction.quorum.us/campaign/32807/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Powered by Quorum
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gotoweb.co/g44r5
HTTP 302
https://heritageaction.quorum.us/campaign/32807/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
heritageaction.quorum.us/campaign/32807/ Redirect Chain
|
688 KB 106 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
95 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
player.js
player.vimeo.com/api/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_grassroots.css
static.quorum.us/versions/desktop/2.11.3.137/89079689/ |
100 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yNyRxpAxmsnU6Zq5F036.css
quorum-media.s3.amazonaws.com/media/css/grassroots/custom/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
81 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
player_api
www.youtube.com/ |
980 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
www-widgetapi.js
www.youtube.com/s/player/cb5bd7e6/www-widgetapi.vflset/ |
110 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
955848961510457
connect.facebook.net/signals/config/ |
254 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raven.min.js
cdn.ravenjs.com/3.24.1/ |
34 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_grassroots.js
static.quorum.us/versions/desktop/2.11.3.137/89079689/ |
2 MB 638 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
134 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
71H3UqzVlMVWtdOjRmr4_Save-Our-Elections-Logo-WHITE.png
quorum-media.s3.amazonaws.com/media/uploaded_files/2021-03-14/fd3c23f10d91649f1f18ee1914e7b84d/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ySZTeT3IuzJj0GK6uGpbBg.ttf
fonts.gstatic.com/s/nunito/v7/ |
49 KB 28 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
heritageaction.quorum.us/api/grassrootscustomevent/ |
276 B 475 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
heritageaction.quorum.us/api/grassrootsissue/ |
8 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
heritageaction.quorum.us/api/grassrootsregistrationpage/ |
613 B 620 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
heritageaction.quorum.us/api/grassrootscampaign/get_grassroots_campaign_detail/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 66A3 |
319 KB 103 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sdk.js
connect.facebook.net/en_US/ |
215 KB 63 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame 66A3 |
183 B 419 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
22 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
common.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ |
85 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
util.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ |
280 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
controls.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ |
89 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ |
44 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1208.min.js
js-agent.newrelic.com/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d1446abd66
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 83 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
d1446abd66
bam.nr-data.net/events/1/ |
24 B 191 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
97 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| detectIEEdge boolean| ieVersion object| NREUM object| newrelic function| __nr_require object| __twttrll object| twttr object| __twttr object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| google_tag_manager function| fbq function| _fbq object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| DJANGIO_ENTRY_POINT object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| Raven object| optionalFields string| property object| action_center_settings number| supporter_points object| organization object| pages string| index_route object| organization_design object| userdata object| Userdata object| permissions string| language string| sso_url object| registrationPages object| customFields object| campaignList boolean| cookielessSafariWindow boolean| registrationForm function| inIframe object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| axios object| DjangIO function| swal function| sweetAlert function| generateStaticUrl function| BACKENDERROR function| segue object| store function| SearchifyWrapper object| options function| setRavenContext function| fbAsyncInit object| FB object| __e3_ object| _xdc_3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
heritageaction.quorum.us/ | Name: qsesid Value: hxrxitvqv1k9m5gfax6hem1510jvt8od |
|
.quorum.us/ | Name: _fbp Value: fb.1.1619680842937.1205014251 |
|
heritageaction.quorum.us/ | Name: current_version Value: "2.11.3.137/89079689" |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
cdn.ravenjs.com
connect.facebook.net
fonts.gstatic.com
gotoweb.co
heritageaction.quorum.us
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
platform.twitter.com
player.vimeo.com
quorum-media.s3.amazonaws.com
static.quorum.us
syndication.twitter.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
104.244.42.8
151.101.112.217
151.101.114.110
162.247.242.20
2600:9000:211e:fe00:12:cac3:2380:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:acf
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::729
52.203.11.230
52.217.168.89
52.44.71.168
06edb09e9900c88829ec8a5f44cca81c1cf8ef2ab6cfc7b3259e2cc60c4b0192
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c48fa7e668a3dd18c6cfa7a70d763f0e38317e20c194fabc9242f0bac626ca2
204760af3c386e6d06d9dcf2ef9273665e547b256eecb99c12198fadc7065f39
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
37979214ad31c90e2d063fec3828eaacf3626894623d7e725772c94be9f618f9
3994812e124fcfd075ba0cc1fbfa999279dc9b6613f2d4dfd72a7f008b7b1568
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0
4818c7914fc7fd9ae882615029656c37e3bf48fdcbc85ac735a0f51cb2b231d3
4adc290ce6633839d17ed792daaaceb7d927fea11868158a635ff31d01ce3b60
50e7a369edb5cc6461684d8e5ddfe0ecd5119b8fff1beb18858fd8a5bfa7c903
533097210582901be3fd4145e318d2fd8a4f88d2c8cdd2523b87138dc7f34ea5
5c619b22c112f6aa5749dea833cbfec6e9cd65b34f8a90223a2ae47717090bd4
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
7f2fa1c7095595c0713b1215ce37e21f633c569a1a76cd753f813807bc593b0c
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
85f43eb5335383163b9f863900fe0e8657a075590113bceb8db55422ca483d18
8bd4ddf9a9d1084d9b10eeb457fe5abcb35c313e6124230369a804da9c268036
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
b25e1e7145a66edbf71a2d71a39de7b8b9f9aafea4891b7d8bbc663a478144b1
be3466eb12e52af9c38326594ad22fb2a55053ec6c21dbcd2ff7393938bf29db
c51192f403521696ef494fd1a77c9f242a2728f730d6e583a31535261d277fb5
cac2b0eb4792338c47e5692a01b975e32fc979c6280ab87e971c349d3d5e1654
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d39205527d68e42e7ebbf36239cebca6a9e8c8c74d9a2a8a15367b24aa335963
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dc79d142fe5b1b38a92d46689548d3047b703d5b00cebcf90f46a0d4ffcc3236
e0548fb25f7157dc519f7907cf2c057c4d5525fe78d2b60b99081668253a063b
e15a737eee950a7bec243c72d3fdf694fc8649667e900809d45163343f27653e
ea110ded41b6d5e370f4b0c50c8ce30d6ace18aceeb953f205f62998f94bde4b
eceb5a1c6301feb3dd752bc6b5c10569cedd184f3f75503d13f312aadaf207f8
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c