billswitch.beforepay.com.au
Open in
urlscan Pro
18.155.70.207
Public Scan
Submission: On November 29 via automatic, source certstream-suspicious — Scanned from AU
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on November 29th 2022. Valid for: a year.
This is the only time billswitch.beforepay.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 18.155.70.207 18.155.70.207 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.253.118.95 172.253.118.95 | 15169 (GOOGLE) (GOOGLE) | |
4 | 13.239.70.190 13.239.70.190 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 54.192.150.107 54.192.150.107 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 54.79.95.191 54.79.95.191 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 3.5.165.123 3.5.165.123 | 16509 (AMAZON-02) (AMAZON-02) | |
41 | 8 |
ASN16509 (AMAZON-02, US)
PTR: server-18-155-70-207.sin52.r.cloudfront.net
billswitch.beforepay.com.au |
ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-70-190.ap-southeast-2.compute.amazonaws.com
cognito-identity.ap-southeast-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-107.sin2.r.cloudfront.net
p25tdx3nkfhrbcbpri6hcaw2je.appsync-api.ap-southeast-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-79-95-191.ap-southeast-2.compute.amazonaws.com
32v80e1137.execute-api.ap-southeast-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
mobile-compare.s3.ap-southeast-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
amazonaws.com
cognito-identity.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 601404 p25tdx3nkfhrbcbpri6hcaw2je.appsync-api.ap-southeast-2.amazonaws.com 32v80e1137.execute-api.ap-southeast-2.amazonaws.com mobile-compare.s3.ap-southeast-2.amazonaws.com |
59 KB |
15 |
beforepay.com.au
billswitch.beforepay.com.au |
791 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107 |
2 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2619 |
7 KB |
41 | 4 |
Domain | Requested by | |
---|---|---|
15 | billswitch.beforepay.com.au |
billswitch.beforepay.com.au
|
9 | mobile-compare.s3.ap-southeast-2.amazonaws.com | |
7 | 32v80e1137.execute-api.ap-southeast-2.amazonaws.com |
billswitch.beforepay.com.au
|
4 | cognito-identity.ap-southeast-2.amazonaws.com |
billswitch.beforepay.com.au
|
2 | p25tdx3nkfhrbcbpri6hcaw2je.appsync-api.ap-southeast-2.amazonaws.com |
billswitch.beforepay.com.au
|
2 | fonts.googleapis.com |
billswitch.beforepay.com.au
|
1 | stackpath.bootstrapcdn.com |
billswitch.beforepay.com.au
|
41 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cimet.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.billswitch.beforepay.com.au Amazon RSA 2048 M01 |
2022-11-29 - 2023-12-28 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
cognito-identity.ap-southeast-2.amazonaws.com Amazon |
2022-06-07 - 2023-07-06 |
a year | crt.sh |
*.appsync-api.ap-southeast-2.amazonaws.com Amazon |
2022-01-06 - 2023-02-04 |
a year | crt.sh |
*.execute-api.ap-southeast-2.amazonaws.com Amazon |
2022-07-02 - 2023-07-31 |
a year | crt.sh |
*.s3-ap-southeast-2.amazonaws.com Amazon |
2022-09-21 - 2023-09-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://billswitch.beforepay.com.au/
Frame ID: 35B701EBB66C06ACC9F3DFE9097B9C09
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Beforepay Energy Compare | Deals On Gas and Electricity Plans & RatesDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: CIMET
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
billswitch.beforepay.com.au/ |
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-side.png
billswitch.beforepay.com.au/icons/ |
64 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 681 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 996 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.8591d099.chunk.css
billswitch.beforepay.com.au/static/css/ |
118 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14.d76482e9.chunk.js
billswitch.beforepay.com.au/static/js/ |
2 MB 408 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f971e588.chunk.js
billswitch.beforepay.com.au/static/js/ |
76 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ABCDiatypeRegular.27f6df0c.woff2
billswitch.beforepay.com.au/static/media/ |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta.json
billswitch.beforepay.com.au/ |
27 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.6129f3ca.chunk.js
billswitch.beforepay.com.au/static/js/ |
37 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.0030294f.chunk.js
billswitch.beforepay.com.au/static/js/ |
81 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.b26cd735.chunk.js
billswitch.beforepay.com.au/static/js/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
68 B 322 B |
Fetch
application/x-amz-json-1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
2 KB 2 KB |
Fetch
application/x-amz-json-1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
p25tdx3nkfhrbcbpri6hcaw2je.appsync-api.ap-southeast-2.amazonaws.com/ |
9 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
graphql
p25tdx3nkfhrbcbpri6hcaw2je.appsync-api.ap-southeast-2.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.a5bc8547.png
billswitch.beforepay.com.au/static/media/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
electricity-icon.6c0ca55b.svg
billswitch.beforepay.com.au/static/media/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
656 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RadialHeavy.76c80269.woff2
billswitch.beforepay.com.au/static/media/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-footer.c3b47ef0.png
billswitch.beforepay.com.au/static/media/ |
77 KB 78 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
token
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
520 B 895 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
token
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-side.png
billswitch.beforepay.com.au/icons/ |
64 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
journey-details
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
60 B 433 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
journey-details
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
token
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
token
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937482dodo-img-(1).png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/72/logo/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937543tpg-.png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/73/logo/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937601optst-img.png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/74/logo/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937643origin-logo.png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/75/logo/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937680Belong_Partner_Tile-(1).png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/78/logo/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937712Goodtel_MasterLogo.png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/79/logo/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937739Tangerine-Logo_New.png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/80/logo/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
163393777810mates.png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/81/logo/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1633937831SkyMesh-Logo-small-dark.png
mobile-compare.s3.ap-southeast-2.amazonaws.com/mobile/provider/84/logo/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
token
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
token
32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 32v80e1137.execute-api.ap-southeast-2.amazonaws.com
- URL
- https://32v80e1137.execute-api.ap-southeast-2.amazonaws.com/prod/token
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackJsonpenergy-frontend object| regeneratorRuntime function| setImmediate function| clearImmediate number| 2f1acc6c3a606b082e5eef5e54414ffb1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
billswitch.beforepay.com.au/ | Name: customerRequestId Value: cfaa15be-3b6d-49fa-8a9d-ecc527c4f5ce |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' https://www.compareenergymarket.com.au https://core.cimet.io/ https://devcore02.cimet.io/ https://stackpath.bootstrapcdn.com https://*.googleapis.com https://www.google.com https://*.ap-southeast-2.amazonaws.com https://*.s3.ap-southeast-2.amazonaws.com https://*.execute-api.ap-southeast-2.amazonaws.com https://*.appsync-api.ap-southeast-2.amazonaws.com https://www.googleadservices.com https://*.g.doubleclick.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://www.googletagmanager.com https://www.google-analytics.com https://www.gstatic.com; img-src * data:; manifest-src 'self'; font-src *; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
32v80e1137.execute-api.ap-southeast-2.amazonaws.com
billswitch.beforepay.com.au
cognito-identity.ap-southeast-2.amazonaws.com
fonts.googleapis.com
mobile-compare.s3.ap-southeast-2.amazonaws.com
p25tdx3nkfhrbcbpri6hcaw2je.appsync-api.ap-southeast-2.amazonaws.com
stackpath.bootstrapcdn.com
32v80e1137.execute-api.ap-southeast-2.amazonaws.com
104.18.10.207
13.239.70.190
172.253.118.95
18.155.70.207
3.5.165.123
54.192.150.107
54.79.95.191
023a312d79f8e71435a24d0a477cdb57d9362740922e6dfec2984aab21959638
023a75094f5af662b36f4c5532b8fb1bddea70a65794189851baeeccc9aee8dd
025cafcbb01a9d1e8a12f1358644a922764944a49ef30f7dc789ad87e2d0349d
057aa4690ed8f41d4cc8d1e9af6b8a00f9a22a4fa17ea86b9bef308b6c7a6cbd
19e608817192a263a706080759295358dda8dca85f12ef1966ff4d598a5d1aec
1dadac24be3c426c71a197068dec700298e77dc5cb76bfef03d4ad5cd34202f6
215ae66ab9562bab24e9a3bb85a93d1960444423de24bab4cc3ec9439aed7b3e
2f498a6ef70c4a41176f7ec4decfdaca23dcb633bfa7d26e82a585109bac4c32
44a5779c1da333a1487ec98bc6c375643701d168b0e65ecdb0e9fae4fc4be658
717d8bc6cd34724511af0640774e00c951384aed8d1560563d6aa8f8bb4f71e6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
808c99dad9b1849cc8d1afa958126ca0fba6f3f9b8cdc996b0b726705cfd72ba
85fd40f6943a03121a35eae3b5dd4c5c6047d897f0590a3fac35c78767c16751
8aad275b2c748bec3b112921fd0cd983a6d3ed2550610f0b4099ff442e939edb
90dab2770dcb5fc98946776b53d1d32cd2fa56b248adf82bc51721e25b88f2c9
98fb02c68449ef1380d5b358fcb02769e5a3a383321a4dd42b8fe8b9b46f9e5a
9de0eefafa264c1c2d59ad8784c385cbc917c7e530d5a4af0a230b2164d4664d
9e67df11a355d62be79d1c6919b3b4d7d6221ccfc8f0e1319e386edf08f1ad60
a167c7384fde4083f7bf98679e67fcd3eb50744b44865a4660ae44fc6833057f
a47b1ad5926c1848e9377267858b38b0ce9c24a07c9c612a86abc3b2fb7f1ef3
b1caca649b987745bb29e8b725de5cb7de66d801fb8d9261651b5375adee34f7
b3fefb40d92a2b758504155fe95c412a606152c99447a22795d4bc2677a2136e
b9018192e0e4c090d45f8f9a6163c1b8101dd3222ece559b1875d86460322c6f
bb11d15d4279875c5139affe838cae0df4385754ac86e596dacac72f01ccef77
bb59d4d5e85ca4da2a1b06a02fed12eaeaeac3c38553d36ea6eb02921f9ca9f1
bc71d362d6233489cacd1ca5b5ad47c6ac240565e3d2ba1d2ad5cc3d1290c21e
c34be4a44cadf1b3bb77b5f45d97baf0b7b10c0a591e3077df9445b16d8bd894
c4169ba04c836fe8bc5a1e8f28622f24c2ee680d5c99aadaf2164ba1923be7bc
cd5f462a379ad2790748ad84a314897da677b68c2dd76194cc348105ec77c359
d4267be758231c795d9a4363d052a1afacb40648f8e8bbf21060363a81c79426
f0526487d1438c5ae184806e82dfcc35ab7d53793aad816f852c31aa74d58978
f4ac22e7c0e1afcb52cb404954b8eacfb2b76c5cf102e3296f6f21e3e322519f
f6b8c1fccdd904f11ee2978790e2d3b6a8dca9d05a264e3ef281df34b50cd433