pay.somesteam4fun.com
Open in
urlscan Pro
3.230.208.121
Public Scan
Effective URL: https://pay.somesteam4fun.com/
Submission Tags: discord.fish
Submission: On June 07 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 7th 2022. Valid for: a year.
This is the only time pay.somesteam4fun.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 3.230.208.121 3.230.208.121 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 108.157.4.101 108.157.4.101 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 52.222.250.100 52.222.250.100 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 52.44.174.248 52.44.174.248 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 2 | 23.36.163.228 23.36.163.228 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:bae3 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 34.96.67.224 34.96.67.224 | 15169 (GOOGLE) (GOOGLE) | |
24 | 9 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-208-121.compute-1.amazonaws.com
pay.somesteam4fun.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-101.dus51.r.cloudfront.net
poynt.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-100.fra60.r.cloudfront.net
d85ecz8votkqa.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-174-248.compute-1.amazonaws.com
vt.poynt.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com
img1.wsimg.com | |
img6.wsimg.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net |
ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.sift.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
cloudfront.net
d85ecz8votkqa.cloudfront.net |
153 KB |
5 |
poynt.net
poynt.net — Cisco Umbrella Rank: 54104 vt.poynt.net |
195 KB |
5 |
somesteam4fun.com
1 redirects
pay.somesteam4fun.com |
41 KB |
4 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12286 |
1 KB |
2 |
wsimg.com
1 redirects
img1.wsimg.com — Cisco Umbrella Rank: 8612 img6.wsimg.com — Cisco Umbrella Rank: 10848 |
12 KB |
1 |
sift.com
cdn.sift.com — Cisco Umbrella Rank: 12100 |
20 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
0 |
hexagon-analytics.com
Failed
hexagon-analytics.com Failed |
|
0 |
dev-secureserver.net
Failed
traffic-clients.dev-secureserver.net Failed |
|
24 | 9 |
Domain | Requested by | |
---|---|---|
6 | d85ecz8votkqa.cloudfront.net |
pay.somesteam4fun.com
vt.poynt.net |
5 | pay.somesteam4fun.com |
1 redirects
pay.somesteam4fun.com
|
4 | events.api.secureserver.net |
img1.wsimg.com
|
4 | vt.poynt.net |
poynt.net
vt.poynt.net |
1 | cdn.sift.com |
poynt.net
|
1 | www.google-analytics.com |
vt.poynt.net
|
1 | img6.wsimg.com |
vt.poynt.net
|
1 | img1.wsimg.com | 1 redirects |
1 | poynt.net |
pay.somesteam4fun.com
|
0 | hexagon-analytics.com Failed | |
0 | traffic-clients.dev-secureserver.net Failed |
pay.somesteam4fun.com
|
24 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pay.somesteam4fun.com Go Daddy Secure Certificate Authority - G2 |
2022-06-07 - 2023-06-07 |
a year | crt.sh |
*.poynt.net Go Daddy Secure Certificate Authority - G2 |
2021-12-16 - 2023-01-17 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-09 - 2022-08-01 |
3 months | crt.sh |
*.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2021-09-14 - 2022-10-16 |
a year | crt.sh |
*.sift.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-07 - 2023-01-20 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://pay.somesteam4fun.com/
Frame ID: 0A0FBC1E53EEE0BC43F574B21D37CEB2
Requests: 11 HTTP requests in this frame
Frame:
https://vt.poynt.net/react/poynt-collect/?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=430px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&displayComponents%5BsubmitButton%5D=false&displayComponents%5Baddress%5D=false&displayComponents%5Bstate%5D=false&displayComponents%5Bcountry%5D=false&displayComponents%5Bphone%5D=false&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bmargin-bottom%5D=3px&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&emailReceipt=true&businessId=95f8e7c3-c7d6-4fe6-8686-157bf89b7088&applicationId=urn%3Aaid%3Apoynt.net&parentUrl=pay.somesteam4fun.com&isV2=true&useMessagePort=true&breakcache=2022-06-07T18:45:10.482Z
Frame ID: B8FDE0F3EDFDE7BAF027464048CFC018
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Online payment @ Some STEAM 4 FunPage URL History Show full URLs
-
http://pay.somesteam4fun.com/
HTTP 301
https://pay.somesteam4fun.com/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Sift (Analytics) Expand
Detected patterns
- cdn\.sift(?:science)?\.com/s\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pay.somesteam4fun.com/
HTTP 301
https://pay.somesteam4fun.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
- https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
pay.somesteam4fun.com/ Redirect Chain
|
1 KB 980 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
poynt.net/snippet/poynt-collect/ |
113 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.bab1b.css
pay.somesteam4fun.com/build/checkout/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.ea36c.js
pay.somesteam4fun.com/build/checkout/ |
114 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default
pay.somesteam4fun.com/api/paylinks/ |
677 B 733 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
godaddy-paleblue.png
d85ecz8votkqa.cloudfront.net/payments-hub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tccl.min.js
traffic-clients.dev-secureserver.net/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vt.poynt.net/react/poynt-collect/ Frame B8FD |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6de95c74.chunk.css
vt.poynt.net/react/poynt-collect/static/css/ Frame B8FD |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.302ede7e.chunk.js
vt.poynt.net/react/poynt-collect/static/js/ Frame B8FD |
467 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.9950f33a.chunk.js
vt.poynt.net/react/poynt-collect/static/js/ Frame B8FD |
54 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tccl.min.js
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/ Frame B8FD Redirect Chain
|
44 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame B8FD |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame B8FD |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame B8FD |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-sherpa-regular.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame B8FD |
36 KB 37 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame B8FD |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame B8FD |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame B8FD |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.js
cdn.sift.com/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ Frame B8FD |
43 B 289 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
683882.gif
hexagon-analytics.com/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- traffic-clients.dev-secureserver.net
- URL
- https://traffic-clients.dev-secureserver.net/assets/js/tccl.min.js
- Domain
- hexagon-analytics.com
- URL
- https://hexagon-analytics.com/images/683882.gif?bk=37eb7daac0&tm=53&r=795351504&v=105&cs=UTF-8&h=pay.somesteam4fun.com&l=en-US&S=ee63635833a9691f674d8986374dee08&uu=94a8b3b246927f123e6ed5244e24a60&t=Online%20payment%20%40%20Some%20STEAM%204%20Fun&u=https%3A%2F%2Fpay.somesteam4fun.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| _trfd function| PoyntCollect function| TokenizeJs object| _sift function| __siftFlashCB undefined| Sift object| PluginDetect2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
poynt.net/ | Name: AWSALBCORS Value: Ex/ngJ8Y9XtXcqdyMo6NLLFhM8abpA4jsDDKxe/803keZ+9x9CLNB9uRTIqSCgi6enJhM0EP8F1hvj3ySAGd8B7nhLpNXcRniEY9QOM/CsyCTsFIsd8zxaoSLaor |
|
.somesteam4fun.com/ | Name: __ssid Value: 94a8b3b246927f123e6ed5244e24a60 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.sift.com
d85ecz8votkqa.cloudfront.net
events.api.secureserver.net
hexagon-analytics.com
img1.wsimg.com
img6.wsimg.com
pay.somesteam4fun.com
poynt.net
traffic-clients.dev-secureserver.net
vt.poynt.net
www.google-analytics.com
hexagon-analytics.com
traffic-clients.dev-secureserver.net
108.157.4.101
23.36.163.228
2a00:1450:4001:82a::200e
2a02:26f0:6c00::210:bae3
3.230.208.121
34.96.67.224
52.222.250.100
52.44.174.248
11b1ecf398e31fe2847b0ace207836f8b04fd2af29c19f718bebf8b9aed13b12
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7
1f8fcd2b7b49914f50fc2b90ded30d988476b7c14df1fedb969b319b90219480
2b659549bf283f1b374fe9b43bd766e45b57102c12a296eab5cd92b585163cfe
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f
53bcb1ac12397043989c7cfd3e39017e0dc80711ef4a0f36eb5a12e3c2e2bf3a
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
89ab23161f16b127695db71e581e533bf77eca3d03d5bedd7840fe5e1b868cdd
97295cea001f1806f7ab973ff388da4f7f224b6fd27e807837659d6adf971cc3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5155dd53361b9a5e109884386e9a39f02208f4e7f8ed2700f8e4baea9fc5627
a800d4f09105aab6871398aa800e51f09e04d0ffa75198704955b9b82506f33a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4c1ccd2921bece5a2fe6e95f5ffe9cd89f25e39f3992e26fbde154280b5155c
d32a3f88d11829e89b858f4983bcb3c7a9413da438437316f887c26fac0f00f5
e417f526b22dee5f13cc66efef789e0a61ae666348b107d44b5de4ef1b2b9ab0