me.and.co
Open in
urlscan Pro
2606:4700::6811:d01f
Public Scan
Effective URL: https://me.and.co/lufdr4zn
Submission: On December 27 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.
This is the only time me.and.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN19527 (GOOGLE-2, US)
PTR: 171.84.209.35.bc.googleusercontent.com
www.payments.gibsoncreative.pro |
ASN13335 (CLOUDFLARENET, US)
me.and.co | |
cdn.and.co | |
api-payme.and.co |
ASN15169 (GOOGLE, US)
PTR: 108.164.211.130.bc.googleusercontent.com
static.wepay.com |
ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com |
ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-68-79.compute-1.amazonaws.com
heapanalytics.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
and.co
me.and.co cdn.and.co api-payme.and.co |
423 KB |
5 |
fullstory.com
1 redirects
fullstory.com edge.fullstory.com rs.fullstory.com |
62 KB |
5 |
stripe.com
js.stripe.com checkout.stripe.com |
77 KB |
3 |
gstatic.com
fonts.gstatic.com |
39 KB |
3 |
heapanalytics.com
cdn.heapanalytics.com heapanalytics.com |
39 KB |
2 |
plaid.com
cdn.plaid.com |
52 KB |
1 |
amazonaws.com
s3.amazonaws.com |
9 KB |
1 |
wepay.com
static.wepay.com |
4 KB |
1 |
datadoghq-browser-agent.com
www.datadoghq-browser-agent.com |
12 KB |
1 |
googleapis.com
fonts.googleapis.com |
814 B |
1 |
bootstrapcdn.com
netdna.bootstrapcdn.com |
4 KB |
1 |
gibsoncreative.pro
1 redirects
www.payments.gibsoncreative.pro |
134 B |
39 | 12 |
Domain | Requested by | |
---|---|---|
14 | cdn.and.co |
me.and.co
cdn.and.co |
4 | js.stripe.com |
me.and.co
js.stripe.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | rs.fullstory.com |
cdn.and.co
|
2 | heapanalytics.com |
me.and.co
|
2 | api-payme.and.co |
cdn.and.co
|
2 | cdn.plaid.com |
me.and.co
cdn.plaid.com |
1 | s3.amazonaws.com | |
1 | edge.fullstory.com |
me.and.co
|
1 | fullstory.com | 1 redirects |
1 | cdn.heapanalytics.com |
me.and.co
|
1 | checkout.stripe.com |
me.and.co
|
1 | static.wepay.com |
me.and.co
|
1 | www.datadoghq-browser-agent.com |
me.and.co
|
1 | fonts.googleapis.com |
me.and.co
|
1 | netdna.bootstrapcdn.com |
me.and.co
|
1 | me.and.co | |
1 | www.payments.gibsoncreative.pro | 1 redirects |
39 | 18 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-01 - 2021-08-01 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-08 - 2021-04-07 |
2 years | crt.sh |
*.wepayapi.com DigiCert SHA2 High Assurance Server CA |
2019-05-16 - 2021-06-03 |
2 years | crt.sh |
secure.plaid.com DigiCert SHA2 Extended Validation Server CA |
2020-04-17 - 2022-04-22 |
2 years | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2020-09-22 - 2021-02-03 |
4 months | crt.sh |
cdn.heapanalytics.com Amazon |
2020-09-24 - 2021-10-26 |
a year | crt.sh |
edge.fullstory.com GTS CA 1D2 |
2020-12-26 - 2021-03-26 |
3 months | crt.sh |
*.fullstory.com Let's Encrypt Authority X3 |
2020-11-29 - 2021-02-27 |
3 months | crt.sh |
heapanalytics.com Amazon |
2020-12-24 - 2022-01-22 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-08-04 - 2021-08-09 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://me.and.co/lufdr4zn
Frame ID: F937536CC46A0A5E43E4846E6BBDEAEA
Requests: 35 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
Frame ID: 013B810D22CB2F4E7746FE16EA66F739
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/controller-c343ba186ce23558b2f2a796b74de6af.html
Frame ID: 7A1CB72E38867393DCCD9CD356A866A0
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/elements-inner-card-bcfa140ccd341b0462fa6104de2a811c.html
Frame ID: A26B564F77268AFCCEEB0DA8079B4772
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.payments.gibsoncreative.pro/
HTTP 301
https://me.and.co/lufdr4zn Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Heap (Analytics) Expand
Detected patterns
- script /heap-\d+\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.payments.gibsoncreative.pro/
HTTP 301
https://me.and.co/lufdr4zn Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://fullstory.com/s/fs.js HTTP 301
- https://edge.fullstory.com/s/fs.js
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
lufdr4zn
me.and.co/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 814 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datadog-logs-us.js
www.datadoghq-browser-agent.com/ |
32 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~main.style.96024020e5109c3bf8dd.css
cdn.and.co/me-webapp/ |
799 B 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.style.d52fe012a80e01ac5572.css
cdn.and.co/me-webapp/ |
110 B 318 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tokenization.v2.js
static.wepay.com/min/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
link-initialize.js
cdn.plaid.com/link/v2/stable/ |
77 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
191 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkout.js
checkout.stripe.com/ |
101 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~main.ba0d37ab502fff10491b.js
cdn.and.co/me-webapp/ |
282 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.315aa14ec1a068038b0d.js
cdn.and.co/me-webapp/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-383334621.js
cdn.heapanalytics.com/js/ |
99 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs.js
edge.fullstory.com/s/ Redirect Chain
|
199 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.a3a78b0dce3a1dbd1fbc.js
cdn.and.co/me-webapp/ |
86 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~payPage~paySuccessPage~subscriptionPage.d1b2bbfbae103b32992a.js
cdn.and.co/me-webapp/ |
0 102 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paySuccessPage.1839e364bc4ad10570ac.js
cdn.and.co/me-webapp/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subscriptionSuccessPage.c52d11051cf9b3a1abdd.js
cdn.and.co/me-webapp/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-59cdd15d8db95826a41100f00b589171.html
js.stripe.com/v3/ Frame 013B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
link-dynamic-loader.js
cdn.plaid.com/link/2.0.826/ |
0 28 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
lufdr4zn
api-payme.and.co/v2/parameters/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lufdr4zn
api-payme.and.co/v2/parameters/ |
454 B 672 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page
rs.fullstory.com/rec/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 213 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
add_user_properties_v3
heapanalytics.com/api/ |
37 B 212 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bundle
rs.fullstory.com/rec/ |
29 B 91 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~payPage~paySuccessPage~subscriptionPage.d1b2bbfbae103b32992a.js
cdn.and.co/me-webapp/ |
480 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~payPage~subscriptionPage.679367760117cf47bd49.js
cdn.and.co/me-webapp/ |
273 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~payPage.5b627fb63fb67a388aae.js
cdn.and.co/me-webapp/ |
35 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payPage.f154975519c94916484f.js
cdn.and.co/me-webapp/ |
21 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paySuccessPage.1839e364bc4ad10570ac.js
cdn.and.co/me-webapp/ |
21 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controller-c343ba186ce23558b2f2a796b74de6af.html
js.stripe.com/v3/ Frame 7A1C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
cdn.and.co/webapp/ |
725 B 717 B |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
elements-inner-card-bcfa140ccd341b0462fa6104de2a811c.html
js.stripe.com/v3/ Frame A26B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
s3.amazonaws.com/assets.and.co/freelancers/281227/ |
9 KB 9 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bundle
rs.fullstory.com/rec/ |
29 B 88 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| DD_LOGS object| heap boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS function| Stripe object| webpackJsonp object| regeneratorRuntime object| WePay object| Plaid object| __core-js_shared__ object| core object| StripeCheckout object| StripeButton function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| __SENTRY__ string| _fs_loaded function| _fs_shutdown4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.and.co/ | Name: _hp2_ses_props.383334621 Value: %7B%22ts%22%3A1609066077797%2C%22d%22%3A%22me.and.co%22%2C%22h%22%3A%22%2Flufdr4zn%22%7D |
|
.and.co/ | Name: _hp2_id.383334621 Value: %7B%22userId%22%3A%228648627987907276%22%2C%22pageviewId%22%3A%228521185442028171%22%2C%22sessionId%22%3A%224784576042453678%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
me.and.co/ | Name: _dd_s Value: logs=1&id=5a25b20a-2b82-4695-9726-e94751441259&created=1609066077534&expire=1609066977534 |
|
.and.co/ | Name: __cfduid Value: da2674e6bdb3460bc91b26b83056c309e1609066073 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-payme.and.co
cdn.and.co
cdn.heapanalytics.com
cdn.plaid.com
checkout.stripe.com
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
heapanalytics.com
js.stripe.com
me.and.co
netdna.bootstrapcdn.com
rs.fullstory.com
s3.amazonaws.com
static.wepay.com
www.datadoghq-browser-agent.com
www.payments.gibsoncreative.pro
100.25.68.79
130.211.164.108
151.101.192.176
2001:4de0:ac19::1:b:3a
2600:1901:0:2470::
2606:4700::6811:d01f
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:825::2003
35.186.194.58
35.201.112.186
35.209.84.171
52.216.228.211
65.9.68.13
65.9.78.70
65.9.83.32
65.9.83.6
0aab1361a0bcb51f1952ebe4003b7036a0e42a0b5ef9eaa40c456f21a176327b
181e8133e6a5b446028a2d31b99fbe9989c25b8b17489dce95202cba01e5eced
1a7c6631a6c34443c4e0c1361114329b0ae76a82366271164bf7950fa72c32ea
1d747903d210019f1d5fabebd245dc9b3d9772e4468319d5b07b15bde7dc5d6e
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
31faadea1ea2a37d802effb84617935c7ffe76bdd7efe1eda9ae07a8f2b4cf6c
3e39d3088d6426a7e3654faf93a289fc4d9e55927c343b73c15415974690aec2
42f975b344a5c0cef4dea3473a65f6c29b348e5891bbdaccf4769cf37d30d77e
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
49c1c191416354506ac7fdfc0a72b4225219761c34e33f2c33a1f3be91b41699
5833d77bd706e1c6257f79f84272b16da643231f501f6a54e763a2f59decf8e2
5f620c666884c6446e3f9b0730ea5d4f91b9dff609e60f7ce73baae84ca46b9c
6fffdc016c3f4156dc7b2b621559f008dfecb1724977bd38823d9f0dde169406
749ec7b7ed216b7c3ff4fc21f6c41bccc7a96222ba2426720364698e5d036383
7b725f901497030487b4c1d1d7fe8ef20d421d4f9fd761c52dd81cf4c348a9ff
7fcb15026679e83e60873898a4959f5f6da851bd727ffc80227a4a27316585c1
8ea725a47941dfcb2b207f14118edefc57539ea3cd15da4c2326edb87261502b
8fc2a8452fb25e0de7ec67298703b2ec55d0bae3b022198453028e7a91c77de3
93960813a7dc20957f385588cd885ca2f13e43b269e8454f9a7bdea6273573fd
996697cbddd634f2323e3873fe989deb983e4a2ef8e3cafacca276e97dd792bd
9b9d41e1644b4ce76c7b1a33c5a3c4dc3b84dc2b7bdfd3744bf595766334ea67
a266b2a194248f182d38ee5408f04f61f8e6b4500b35dbba746a43875eb7725a
a59fec4d33f417b6441411dfb73855c9d874cf7dd7a02327bf6e4b11de328aa0
b8024cae76cec01e0a6ba32eb69f2255a54e10581ee7200c4b33023af11b9c51
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4f76067af3066b3aef017898cf7f102456227a5e1fd6f3723513745d95044a8
c852ef458b8e1053d7ce3340373095f7b112c0f45b059746a33fd77b49a16ecb
d9e6119980bb22856c97276a3683143af74ffaf45ab7d60d534d426ef0c735d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8