![](/screenshots/18ac82d4-90a9-42b1-8ee9-501c0f0b35f1.png)
pay.dtsutanamazon.com
Open in
urlscan Pro
3.230.208.121
Public Scan
Submission Tags: @phishunt_io
Submission: On October 13 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 12th 2022. Valid for: a year.
This is the only time pay.dtsutanamazon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 3.230.208.121 3.230.208.121 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 108.157.214.13 108.157.214.13 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 65.9.94.164 65.9.94.164 | 16509 (AMAZON-02) (AMAZON-02) | |
2 4 | 2.16.241.76 2.16.241.76 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 54.209.241.106 54.209.241.106 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:bae3 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 34.96.67.224 34.96.67.224 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 34.102.232.42 34.102.232.42 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
25 | 9 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-208-121.compute-1.amazonaws.com
pay.dtsutanamazon.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-157-214-13.arn56.r.cloudfront.net
poynt.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-164.prg50.r.cloudfront.net
d85ecz8votkqa.cloudfront.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-76.deploy.static.akamaitechnologies.com
img1.wsimg.com | |
img6.wsimg.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-241-106.compute-1.amazonaws.com
vt.poynt.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.sift.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
cloudfront.net
d85ecz8votkqa.cloudfront.net |
153 KB |
5 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12945 |
1 KB |
5 |
poynt.net
poynt.net — Cisco Umbrella Rank: 57045 vt.poynt.net |
251 KB |
4 |
wsimg.com
2 redirects
img1.wsimg.com — Cisco Umbrella Rank: 9439 img6.wsimg.com — Cisco Umbrella Rank: 11715 |
23 KB |
4 |
dtsutanamazon.com
pay.dtsutanamazon.com |
60 KB |
1 |
hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5254 |
272 B |
1 |
sift.com
cdn.sift.com — Cisco Umbrella Rank: 12530 |
20 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 |
20 KB |
25 | 8 |
Domain | Requested by | |
---|---|---|
6 | d85ecz8votkqa.cloudfront.net |
pay.dtsutanamazon.com
vt.poynt.net |
5 | events.api.secureserver.net |
img1.wsimg.com
|
4 | vt.poynt.net |
poynt.net
vt.poynt.net |
4 | pay.dtsutanamazon.com |
pay.dtsutanamazon.com
|
2 | img6.wsimg.com |
pay.dtsutanamazon.com
vt.poynt.net |
2 | img1.wsimg.com | 2 redirects |
1 | hexagon-analytics.com | |
1 | cdn.sift.com |
poynt.net
|
1 | www.google-analytics.com |
vt.poynt.net
|
1 | poynt.net |
pay.dtsutanamazon.com
|
25 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pay.dtsutanamazon.com Go Daddy Secure Certificate Authority - G2 |
2022-10-12 - 2023-10-12 |
a year | crt.sh |
*.poynt.net Go Daddy Secure Certificate Authority - G2 |
2021-12-16 - 2023-01-17 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2022-08-05 - 2023-09-06 |
a year | crt.sh |
*.sift.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-07 - 2023-01-20 |
a year | crt.sh |
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://pay.dtsutanamazon.com/
Frame ID: 3CCE92D85F70B63000ACD5C44326E9E8
Requests: 13 HTTP requests in this frame
Frame:
https://vt.poynt.net/react/poynt-collect/?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=430px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&displayComponents%5BsubmitButton%5D=false&displayComponents%5Baddress%5D=false&displayComponents%5Bstate%5D=false&displayComponents%5Bcountry%5D=false&displayComponents%5Bphone%5D=false&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bmargin-bottom%5D=3px&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&emailReceipt=true&businessId=2d1b0222-059a-4328-80a9-d7568e442f7a&applicationId=urn%3Aaid%3Apoynt.net&parentUrl=pay.dtsutanamazon.com&isV2=true&useMessagePort=true&breakcache=2022-10-13T04:06:09.200Z
Frame ID: D99FB28ADD3AA97918E32C7BCC448601
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/18ac82d4-90a9-42b1-8ee9-501c0f0b35f1.png)
Page Title
Online payment @ pay.dtsutanamazon.comDetected technologies
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Sift.png)
Detected patterns
- cdn\.sift(?:science)?\.com/s\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
- https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
- https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
pay.dtsutanamazon.com/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
poynt.net/snippet/poynt-collect/ |
192 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.bab1b.css
pay.dtsutanamazon.com/build/checkout/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.a8d73.js
pay.dtsutanamazon.com/build/checkout/ |
177 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default
pay.dtsutanamazon.com/api/paylinks/ |
695 B 725 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
godaddy-paleblue.png
d85ecz8votkqa.cloudfront.net/payments-hub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tccl.min.js
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/ Redirect Chain
|
44 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vt.poynt.net/react/poynt-collect/ Frame D99F |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.9f3d0fcc.chunk.css
vt.poynt.net/react/poynt-collect/static/css/ Frame D99F |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.0b22aec7.chunk.js
vt.poynt.net/react/poynt-collect/static/js/ Frame D99F |
574 KB 187 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.4433cedc.chunk.js
vt.poynt.net/react/poynt-collect/static/js/ Frame D99F |
69 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tccl.min.js
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/ Frame D99F Redirect Chain
|
44 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame D99F |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame D99F |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame D99F |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-regular.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame D99F |
36 KB 37 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame D99F |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame D99F |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.js
cdn.sift.com/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 295 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame D99F |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 295 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
905856.gif
hexagon-analytics.com/images/ |
43 B 272 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _trfd function| sendMessage function| checkHeight object| observer function| PoyntCollect function| TokenizeJs object| _sift boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _trfq object| tccl function| __siftFlashCB undefined| Sift object| PluginDetect6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
poynt.net/ | Name: AWSALBCORS Value: ZfOGB9njkCEGxj95aMjV0YlQbVAyUNpzUOZXisfIQ+N83aPFc23fF4GR6gw1dP/0suoO9D50zmQ4rwqmSnPcArbmghgsXk2aO7b7PJQnx6VAA8OvPq0uQ4BQKPoI |
|
.dtsutanamazon.com/ | Name: mp_b3053c0785212011971a15669b094404_mixpanel Value: %7B%22distinct_id%22%3A%20%22183cf8564201b5-0fc17726e2363a-653f5251-1d4c00-183cf856421a91%22%2C%22%24device_id%22%3A%20%22183cf8564201b5-0fc17726e2363a-653f5251-1d4c00-183cf856421a91%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.dtsutanamazon.com/ | Name: _tccl_visitor Value: 6f2dbc30-0e1f-5faa-8854-167cd0a7d539 |
|
.dtsutanamazon.com/ | Name: _tccl_visit Value: 6f2dbc30-0e1f-5faa-8854-167cd0a7d539 |
|
vt.poynt.net/ | Name: AWSALBCORS Value: xYe4B0nGhWNu2mMVtAhaZjSjzznldk1iSKHeW+oHa8ctRoycsMjfrOu2MPdPilMiZufMBBmjdnR10iphLVtmnI7AoHngROWFXfladhNLZj36YBQdhYj2NSk8JDco |
|
.dtsutanamazon.com/ | Name: __ssid Value: 1acbb15cb6c335a1bc39944de47e396 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.sift.com
d85ecz8votkqa.cloudfront.net
events.api.secureserver.net
hexagon-analytics.com
img1.wsimg.com
img6.wsimg.com
pay.dtsutanamazon.com
poynt.net
vt.poynt.net
www.google-analytics.com
108.157.214.13
2.16.241.76
2a00:1450:4001:80f::200e
2a02:26f0:6c00::210:bae3
3.230.208.121
34.102.232.42
34.96.67.224
54.209.241.106
65.9.94.164
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7
1a0c98715824f41c65c869edd82573d4a4a84562defc7d720fda318f390feb54
23e8a794c8ce8f1fd89f2ecadf754cb2db3bf82f46b137eb543747e7b3c3a2e1
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f
53bcb1ac12397043989c7cfd3e39017e0dc80711ef4a0f36eb5a12e3c2e2bf3a
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
84bc0ce59d4fe462b4de62500b92670923ddfd4d824cf48ab55899e332933bd8
8c9ea7d9c434ad0297a98e3649c622b3e6613230af2eaf6cbb64bf95ac147d6d
8e5131bb2de8dee673a26a346f5915d6cbb0607e7760427fe7a3f935e172ac31
97295cea001f1806f7ab973ff388da4f7f224b6fd27e807837659d6adf971cc3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4e26329c35c527faf0d48539cb2f7e35c260962d3b35fe7b66ba97a09f446f4
a5155dd53361b9a5e109884386e9a39f02208f4e7f8ed2700f8e4baea9fc5627
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
d94eeef91a527e0d4920dc4632e1dfb79dbec9cc6e3013636db941ec33ccd273
fc5f8b2320450561b78e95d8d7cb3531869329067f3587057ef7ecc99b6c0cc2