staging.paythen.co
Open in
urlscan Pro
2606:4700:20::ac43:4422
Public Scan
Submission: On December 28 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2020. Valid for: a year.
This is the only time staging.paythen.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-30.fra6.r.cloudfront.net
js.stripe.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-18.fra6.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-105.fra6.r.cloudfront.net
js.intercomcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-94.fra53.r.cloudfront.net
static.intercomassets.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
paythen.co
staging.paythen.co |
381 KB |
7 |
intercomcdn.com
js.intercomcdn.com |
394 KB |
5 |
typekit.net
use.typekit.net p.typekit.net |
99 KB |
2 |
intercom.io
1 redirects
widget.intercom.io api-iam.intercom.io |
2 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
83 KB |
2 |
googleapis.com
fonts.googleapis.com |
850 B |
2 |
stripe.com
js.stripe.com |
50 KB |
1 |
intercomassets.com
static.intercomassets.com |
7 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
89 B |
1 |
googletagmanager.com
www.googletagmanager.com |
30 KB |
1 |
aspnetcdn.com
ajax.aspnetcdn.com |
10 KB |
34 | 12 |
Domain | Requested by | |
---|---|---|
9 | staging.paythen.co |
staging.paythen.co
|
7 | js.intercomcdn.com |
widget.intercom.io
js.intercomcdn.com staging.paythen.co |
4 | use.typekit.net |
staging.paythen.co
use.typekit.net |
2 | www.google-analytics.com |
www.googletagmanager.com
staging.paythen.co |
2 | maxcdn.bootstrapcdn.com |
staging.paythen.co
maxcdn.bootstrapcdn.com |
2 | fonts.googleapis.com |
staging.paythen.co
|
2 | js.stripe.com |
staging.paythen.co
js.stripe.com |
1 | static.intercomassets.com | |
1 | api-iam.intercom.io |
js.intercomcdn.com
|
1 | widget.intercom.io | 1 redirects |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | www.googletagmanager.com |
staging.paythen.co
|
1 | ajax.aspnetcdn.com |
staging.paythen.co
|
34 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
paythen.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-06-20 - 2021-06-20 |
a year | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2020-09-22 - 2021-02-03 |
4 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2020-11-16 - 2021-11-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
use.typekit.net DigiCert SHA2 Secure Server CA |
2020-01-28 - 2022-02-01 |
2 years | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.intercomcdn.com Amazon |
2020-03-29 - 2021-04-29 |
a year | crt.sh |
*.intercom.com Amazon |
2020-05-13 - 2021-06-13 |
a year | crt.sh |
intercomassets.com Amazon |
2020-08-15 - 2021-09-14 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://staging.paythen.co/
Frame ID: 94143556DC037FCAC89D7693B2845086
Requests: 25 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
Frame ID: 671C1E846C16BD456EC50DA5506EDB19
Requests: 1 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.3651b008.js
Frame ID: AD07BF2A25DE0631BFBC0794BA95D7B0
Requests: 6 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: AB1FA7D2141B9894DD2DE8367313D5E6
Requests: 2 HTTP requests in this frame
Screenshot
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Stripe (Payment Processors) Expand
Detected patterns
- script /js\.stripe\.com/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: terms
Search URL Search Domain Scan URL
Title: privacy policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://widget.intercom.io/widget/ymko5hi0 HTTP 302
- https://js.intercomcdn.com/shim.latest.js
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
staging.paythen.co/ |
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-0910eedfb5136de9c4704f4be568d04ab61e01ddc053abc33d425d3c912edd3d.css
staging.paythen.co/assets/ |
712 KB 85 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-0e106db91aaf3cbb9336.js
staging.paythen.co/packs/js/ |
1 MB 258 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
191 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
387 B 407 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 443 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
staging.paythen.co/cdn-cgi/bm/cv/669835187/ |
35 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-8113fade8bd561c8ed2be3feb92496a904cd5f3609affad17158bc97a08e1e7a.svg
staging.paythen.co/assets/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/ |
37 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
74 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web2qru.css
use.typekit.net/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 149 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 89 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 383 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-bb7b5b83.chunk.css
staging.paythen.co/packs/css/ |
138 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-d3b1ddde7c72f589a6bd.chunk.js
staging.paythen.co/packs/js/ |
139 B 424 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3-0721a4768a27a0160239.chunk.js
staging.paythen.co/packs/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/ |
32 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ |
32 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-59cdd15d8db95826a41100f00b589171.html
js.stripe.com/v3/ Frame 671C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
result
staging.paythen.co/cdn-cgi/bm/cv/ |
0 637 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shim.latest.js
js.intercomcdn.com/ Redirect Chain
|
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.3651b008.js
js.intercomcdn.com/ Frame AD07 |
243 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.9d1078c3.js
js.intercomcdn.com/ Frame AD07 |
123 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame AD07 |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~app-modern.1427f8e6.js
js.intercomcdn.com/ Frame AD07 |
322 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-modern.33d58edf.js
js.intercomcdn.com/ Frame AD07 |
672 KB 158 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launcher-discovery-modern.8215e400.js
js.intercomcdn.com/ Frame AD07 |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame AB1F |
28 KB 29 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-toy-profile-red-1600956658.jpg
static.intercomassets.com/avatars/4340298/square_128/ Frame AB1F |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackJsonp function| Color function| Chart boolean| _rails_loaded object| Turbolinks function| jQuery function| $ function| setImmediate function| clearImmediate function| Stripe object| a0_0x433e function| a0_0x3d7e object| __CF$cv$params object| intercomSettings function| Intercom function| __intercomAssignLocation8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.staging.paythen.co/ | Name: __stripe_sid Value: 107c80b8-b425-445b-8337-23688777b6d0ecddae |
|
.staging.paythen.co/ | Name: __stripe_mid Value: 68787950-840f-41b9-853f-7e49609fee6cc0be56 |
|
.paythen.co/ | Name: __cf_bm Value: df868fd28c5ab55da15bf5b8007686accb81eef9-1609135076-1800-ATo/Xt2kkJAx+0Krw61BDQPNhCHkRUL2CEOZg5yHhJkyHM1IRbxg17sGWa33BMee99tJNQMJ9Rc6vchRArVL5RQicY5mc0Sy9pPMVW20FLSFVFEKbLu7EpPsLUyNiISym9EVyemRzVw0RtMv6F91jj4= |
|
.staging.paythen.co/ | Name: _ga Value: GA1.3.1311497461.1609135076 |
|
staging.paythen.co/ | Name: _change_my_info_session Value: U4oB1WK414Yp0bAGxSfwGa2S3eYZhX629BwhNR%2Bbta8CTFpPIVXwj%2BEMPLjWQWl37G3ZTvs276idNpKxMzZpwDNe6DGqnocKGBzZk3k%2FOYdKxQA3CYroxVhcP0JdBK7GK5sT695iSa3HiPHEumI5mFWY5ZNYwZBOuA28mdjAil%2BQcjFybhMbGT1S%2BgVeKC8XTCvlbCvOjhd6s6rfJsYgwOlVyHThN%2BXtctScygn1fuuJyPfId%2B4sfBsOB6p6KYVSNDeleqg2TRz4yUFlsORaov3LTuYZmZ8gxBz8l1UMs2Sku8SqY1anDfyBW%2BscIfQ%2F3w2euMahq018ord9WRanGegH1p1DWUY7aKC3rFPBiUtxtbIRWxNi4S0p0kuN1%2BEtY9UXVDkpVufLtEM%3D--dyjtfx%2BLUoh5RuR8--8QtvN%2Bg28pkxO6dEkFHJrg%3D%3D |
|
.staging.paythen.co/ | Name: _dc_gtm_UA-154626237-2 Value: 1 |
|
.staging.paythen.co/ | Name: _gid Value: GA1.3.1972607671.1609135076 |
|
.paythen.co/ | Name: __cfduid Value: d07ab400232911498f813d389c4eadea91609135074 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
api-iam.intercom.io
fonts.googleapis.com
js.intercomcdn.com
js.stripe.com
maxcdn.bootstrapcdn.com
p.typekit.net
staging.paythen.co
static.intercomassets.com
stats.g.doubleclick.net
use.typekit.net
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
143.204.215.94
152.199.19.160
2001:4de0:ac19::1:b:3b
2606:4700:20::ac43:4422
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:820::200e
2a00:1450:400c:c06::9c
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00::210:ba2a
75.2.88.188
99.86.3.105
99.86.3.18
99.86.3.30
0acecc6a554176c11fe821dfa5ebbe234cc229c5e372c1d5d5d7365ab9f9a11d
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
35caee2589a6ef7ea026f18e6ae3cf3112e4000d207f5ea85fabfa8438df0b1b
3c505ba3d42b1c4a52b63d329883bf8519210e15812d2f3f72215e72a65b3a4e
4b2822ed9f5f3a9eb58caa258e836b3cf04f1040b03d194ffa1184ed23827d3a
69089e5389fa81c42b019c12a422d49520328326bfafd070154409f3733d57d0
6a44ec7ce52ecd6c274aa2dbd5ed8d82237903802c0d67776c7964de0c02afa0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac754a2a15f87fada0e8fe4e99c9b3883bd6da85316c7b4b9f1c14e382e217c
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0
8113fade8bd561c8ed2be3feb92496a904cd5f3609affad17158bc97a08e1e7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946
84bdc8a921c55381279c8fdfd91015af7a69fa9d44678621369dd0ff5f343323
89aa4a1f3078b5ac8ca91b5cc2b7f1b95e30c2f2a7e2157bc5913bb19070d484
8c946459dd72341bdc4bc3e178b495c6518f9ef7f8e18564adb5abe12b403295
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
996697cbddd634f2323e3873fe989deb983e4a2ef8e3cafacca276e97dd792bd
a153b84e094739e746a867a27d7264dd768dbbb2b8570875c4a1415deb18f8e9
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a
b21a56baa93d9cd8ad227a326be160504fa2f657ce6ebd5bd871fa075655655e
b7379e4a443cae7a9e9c2456b45d5fa009c7490e807231509d7a6f8f9468b1b5
b9982a42bc2e6d92e568134f95f4c73453ed7f1a919582a8949b8075f8ee94e0
c0415a7bf01c85dcbbc1ae1005f2f5569be0abfd8f89f11c17766a90d27fd994
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
dbdf0b55031d4ea5c634b54a960bd9fdccb537208343efbec6d0a34f3e2dc405
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b