bridgetower.dragonforms.com
Open in
urlscan Pro
204.180.130.190
Public Scan
Effective URL: https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Submission Tags: falconsandbox
Submission: On January 29 via api from US — Scanned from DE
Summary
TLS certificate: Issued by SSL.com RSA SSL subCA on July 16th 2021. Valid for: a year.
This is the only time bridgetower.dragonforms.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 207.189.124.61 207.189.124.61 | 13649 (ASN-VINS) (ASN-VINS) | |
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
1 1 | 12.181.79.181 12.181.79.181 | 7018 (ATT-INTER...) (ATT-INTERNET4) | |
1 10 | 204.180.130.190 204.180.130.190 | 53866 (QTS-AS) (QTS-AS) | |
9 | 205.162.42.5 205.162.42.5 | 53866 (QTS-AS) (QTS-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
10 | 2606:4700::68... 2606:4700::6812:69 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 34.196.180.252 34.196.180.252 | 14618 (AMAZON-AES) (AMAZON-AES) | |
30 | 5 |
ASN13649 (ASN-VINS, US)
PTR: forpci61.actonsoftware.com
hfd.bridgetowermedia.com |
ASN53866 (QTS-AS, US)
PTR: cdn.omeda.com
cdn.omeda.com | |
hostedcontent.dragonforms.com |
ASN13335 (CLOUDFLARENET, US)
cc.hostedpci.com | |
ccifrm05.hostedpci.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-180-252.compute-1.amazonaws.com
tlschk1.hostedpci.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
dragonforms.com
1 redirects
bridgetower.dragonforms.com hostedcontent.dragonforms.com — Cisco Umbrella Rank: 88834 |
363 KB |
11 |
hostedpci.com
cc.hostedpci.com — Cisco Umbrella Rank: 482318 ccifrm05.hostedpci.com tlschk1.hostedpci.com — Cisco Umbrella Rank: 351785 |
97 KB |
2 |
omeda.com
cdn.omeda.com — Cisco Umbrella Rank: 47954 |
63 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 584 |
29 KB |
1 |
pubservice.com
1 redirects
www.pubservice.com — Cisco Umbrella Rank: 106058 |
574 B |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 4192 |
376 B |
1 |
bridgetowermedia.com
1 redirects
hfd.bridgetowermedia.com — Cisco Umbrella Rank: 467615 |
458 B |
30 | 7 |
Domain | Requested by | |
---|---|---|
10 | bridgetower.dragonforms.com |
1 redirects
bridgetower.dragonforms.com
cc.hostedpci.com |
7 | ccifrm05.hostedpci.com |
bridgetower.dragonforms.com
ccifrm05.hostedpci.com |
7 | hostedcontent.dragonforms.com |
bridgetower.dragonforms.com
|
3 | cc.hostedpci.com |
bridgetower.dragonforms.com
|
2 | cdn.omeda.com |
bridgetower.dragonforms.com
|
1 | tlschk1.hostedpci.com |
ccifrm05.hostedpci.com
|
1 | code.jquery.com |
bridgetower.dragonforms.com
|
1 | www.pubservice.com | 1 redirects |
1 | bit.ly | 1 redirects |
1 | hfd.bridgetowermedia.com | 1 redirects |
30 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.omeda.com SSL.com RSA SSL subCA |
2021-07-16 - 2022-07-21 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-06 - 2022-06-05 |
a year | crt.sh |
*.hostedpci.com Amazon |
2021-12-20 - 2023-01-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new
Frame ID: 54394E001E5A5E283E2102EEC055EA4A
Requests: 22 HTTP requests in this frame
Frame:
https://ccifrm05.hostedpci.com/iSynSApp/showPxyPage!ccFrame.action?pgmode1=LIVE&locationName=checkout1&sid=526201&reportCCType=N&reportCCDigits=N&formatCCDigits=N&reportCVVDigits=N&reportFormFields=nameoncard&reportInit=Y&fullParentHost=https://bridgetower.dragonforms.com&fullParentQStr=/saveNewSubscription.do
Frame ID: 0FE2AE839E3FB5B42B102DC4C532FB3E
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABTo...
HTTP 302
http://bit.ly/2nY80EQ HTTP 301
https://www.pubservice.com/fd/SubNew1page.aspx?pc=fd&PK=M38WEB HTTP 301
https://bridgetower.dragonforms.com/furniture_new HTTP 302
https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new Page URL
- https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABToDpzBH1
HTTP 302
http://bit.ly/2nY80EQ HTTP 301
https://www.pubservice.com/fd/SubNew1page.aspx?pc=fd&PK=M38WEB HTTP 301
https://bridgetower.dragonforms.com/furniture_new HTTP 302
https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new Page URL
- https://bridgetower.dragonforms.com/loading.do?omedasite=furniture_new Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://hfd.bridgetowermedia.com/acton/ct/41765/s-19de-2201/Bct/q-0051/l-0019:84a89/ct16_0/1/lu?sid=TV2%3ABToDpzBH1 HTTP 302
- http://bit.ly/2nY80EQ HTTP 301
- https://www.pubservice.com/fd/SubNew1page.aspx?pc=fd&PK=M38WEB HTTP 301
- https://bridgetower.dragonforms.com/furniture_new HTTP 302
- https://bridgetower.dragonforms.com/init.do?omedasite=furniture_new
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
init.do
bridgetower.dragonforms.com/ Redirect Chain
|
274 B 614 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner.gif
cdn.omeda.com/hosted/images/dragon/generic/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
loading.do
bridgetower.dragonforms.com/ |
53 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site_10b_10b.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/10/ |
22 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conditional.js
bridgetower.dragonforms.com/js/ |
31 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dragonCampaign.js
bridgetower.dragonforms.com/js/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generic.css
bridgetower.dragonforms.com/style/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
111.css
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ |
7 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
344.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/ |
27 B 477 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
398.css
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ |
420 B 877 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
87.js
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
393.js
hostedcontent.dragonforms.com/hosted/images/dragon/generic/ |
187 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.3.min.js
cc.hostedpci.com/WBSStatic/site60/proxy/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.ba-postmessage.2.0.0.min.js
cc.hostedpci.com/WBSStatic/site60/proxy/js/ |
1023 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hpci-cciframe-1.0.js
cc.hostedpci.com/WBSStatic/site60/proxy/js/ |
38 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
88.png
cdn.omeda.com/hosted/images/dragon/12454/ |
53 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
90.jpg
hostedcontent.dragonforms.com/hosted/images/dragon/12454/ |
259 KB 260 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
showPxyPage!ccFrame.action
ccifrm05.hostedpci.com/iSynSApp/ Frame 0FE2 |
29 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ |
715 B 559 B |
XHR
text/x-json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ |
715 B 559 B |
XHR
text/x-json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ |
711 B 574 B |
XHR
text/x-json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.4.1.min.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.ba-postmessage.min.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsencrypt.min.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 |
55 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hpci-tlschk-1.0.js
tlschk1.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 |
25 B 273 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hpci-paramload-1.0.js
ccifrm05.hostedpci.com/WBSStatic/site60/proxy/js/ Frame 0FE2 |
190 B 673 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.js
ccifrm05.hostedpci.com/cdn-cgi/bm/cv/669835187/ Frame 0FE2 |
35 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
evaluateConditionalContent.do;jsessionid=416567A1D0BF9A2C881F06B1CE253CA3
bridgetower.dragonforms.com/ |
711 B 574 B |
XHR
text/x-json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
result
ccifrm05.hostedpci.com/cdn-cgi/bm/cv/ Frame 0FE2 |
0 573 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
99 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery string| AUTO_LOOKUP_MULTIPLE_FOUND string| AUTO_LOOKUP_MULTIPLE_FOUND_WITH_SECONDARY_KEY string| STANDARD_FIELD_PAYMENT_METHOD string| PAYMENT_METHOD_PAY_WITH_CREDIT_CARD string| PAYMENT_METHOD_PAY_WITH_PAYPAL string| totalPrice string| payPalPlanId function| verifyConsole function| hideEmailLookupScrim function| showEmailLookupScrim function| toggleDisplay boolean| keepSubmitDisabled function| disableSubmit function| enableSubmit boolean| initialized boolean| lookupEmailCalled object| conditionalHandlers boolean| conditionalHandlersCalled function| registerConditionalHandler function| callConditionalHandlers function| toggleOther function| genericValidation function| checkConditions function| checkConditionsPart2 function| stopIframePolling function| applyConditionalResponses function| generateRepeatedGroup function| checkOtherFillinCheckbox function| checkOtherFillinRadio function| hideOtherFillin function| getFormData function| lookupByEmail function| lookupFreshAddress function| checkPayment function| clickBehavior function| entriesPolyFill function| httpPostWithFormData boolean| formInitialLoad boolean| formSubmitErrorOccurred function| calculatePaymentMethod function| clearOtherPaidElements string| shippingAddressCountry string| requestedVersionId string| campaignRequestedVersionId string| billMeLaterResponse boolean| campaigElementExists function| campaignPromocodeChanged function| campaignCountryOrRequestedVersionChanged function| getPromoContentAndPrices function| hidePromoPrices function| showDragonPaidContent function| hideDragonPaidContent function| showHidePromoPrices string| hpciCCFrameHost string| hpciCCFrameFullUrl string| hpciCCFrameName function| hpciSiteErrorHandler function| hpciSiteSuccessHandler function| hpci3DSitePINSuccessHandler function| hpci3DSitePINErrorHandler function| hpciInitCompleteSuccessHandler string| hpciStatus string| hpciNoConflict string| hpciNo3DS boolean| hpciLogging function| hpciStatusReset function| hpciPageReset function| hpciDisable3DS function| hpciAllow3DS function| processCCTokenHPCIMsg function| processNonTokenHPCIMsg function| sendHPCIMsg function| sendHPCIFrameMsg function| hpci3DDefaultSitePINSuccessHandler function| hpci3DDefaultSitePINErrorHandler string| receivePINEnabled function| receivePINMsg function| receiveHPCIMsgAfterPageReset function| receiveHPCIMsg function| sendHPCIChangeStyleMsg function| sendHPCIChangeStyleFrameMsg function| sendHPCIChangeClassMsg function| sendHPCIChangeClassFrameMsg function| sendHPCIChangeTextMsg function| sendHPCIChangeTextFrameMsg function| sendHPCISet3DSecParamMsg function| sendHPCISet3DSecParamFrameMsg function| hpciConsoleLog function| hpciDecodeComp function| hpciEncodeComp function| hpciEnableLogging function| hpciDisableLogging function| hpciUrlParam function| hpciUrlParamStr function| hpciUrlParamsAsObject undefined| display4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bridgetowermedia.com/ | Name: wp41765 Value: "XUAZYDs-TTUC:BXHBCDtlnDl-UCKL-VVTUDDDUYAZUVXDgNssDDLFl-UCKL-VVTUFJmUZ_T^UZXWXVXYUC" |
|
.bit.ly/ | Name: _bit Value: m0t2MD-7ef973bb945ba679b8-00E |
|
bridgetower.dragonforms.com/ | Name: JSESSIONID Value: 416567A1D0BF9A2C881F06B1CE253CA3 |
|
.hostedpci.com/ | Name: __cf_bm Value: tjjWNUD0kErQ_aKLeNYi6.jxVPWj8z7OMjlYrlugkhY-1643424525-0-AXEKSjV3p+Y9LkfgRxwatEY7joRgfwTHFmxLwrxEXVu7c4JnFQVkLmLx07FoaXgvTMKtNlf909M3EcEmG4Nc53Lgb0TKF7WHvrNmiQm7TOH0FYYTyg7RYb7nn9PYugG+wA== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
bridgetower.dragonforms.com
cc.hostedpci.com
ccifrm05.hostedpci.com
cdn.omeda.com
code.jquery.com
hfd.bridgetowermedia.com
hostedcontent.dragonforms.com
tlschk1.hostedpci.com
www.pubservice.com
12.181.79.181
2001:4de0:ac18::1:a:3b
204.180.130.190
205.162.42.5
207.189.124.61
2606:4700::6812:69
34.196.180.252
67.199.248.11
028a86cc196b34f4577fa74cf6b1fbe3c693e586f17846257ff152aed83e3482
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ae967b9232b6c9201619c55ab09ff3906db8cf559ff0ac09cf4e22f8debd84b
0bcd4a5325db84ec119fc0282c68c807f96629ef915b9b764d7d911e7da8679c
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0dbc0190864fe5c6e0bd63e7b5233f94265ee535dc3c3e2031f27a251bbb2f60
1325275d7d918a9d50652552198c9d5e210dc86b299c3dd76f973b12bf1100c5
249c9a90f742880b6aa09e8f3f54e92b79303457cf6ca8fefb198082ac988fc9
2cec78f739fbddfed852cd7934d2530e7cc4c8f14b38673b03ba5fb880ad4cc7
39a61a20716aae99d3b73afeef251bba8ee6d5c2bc81996c7c08e852646211a3
4260e2eb41909a12050f076987d2f15723d475be5b5a8a00b2191ab39727295b
4b8a7c1c8087acf34a95ad9ab66134cbb95b90b43fdc7219bddcb51653db0159
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
6f68768bc609d80bc9feb0ddbb4f73edd7240a25daf5df21c6b9fa5cc0879d6f
75bfafdf39a74edd329cd7cbeff22bd84e145f67dc72700a4ff7ae7e82db57e0
8a7eff464c8ab247defc5d202ac39c0a13505d10ba28ced477d0722671fd0a01
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9474e0583e03f38e9ebfcf99b5f3ecb25dfd3c4ff7524e4a94fc78d82f82ddfd
9c256bb1c6e4bf01dff589c538d4e444e11ec05c600aa7a410c2880bc11289ed
a3efb4d76272bc005d34a9ada025fb31532b7d32cb6fee46bbab32d08ed45144
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
b0c8db3417d795bebc0c80bd4448ec92590067a2fa49e6b28af483c7ea691ed2
b0f1ae631ab07ea523c50623da6ee902989898b1c90ca789e2d3bcff842e8242
d7993cf613408050b47ca5417eac7f90986d57213211a6b27f7579894e306389
dfd535a0a2bed5f7cd6d31289903a65e34710d531352f64e24e1c070a4dc9658
e087c5a51845b985f4609b1a2cf0a0e5efb9a2fed927f2ab43e23332a552c89d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855