dealspotr.com
Open in
urlscan Pro
35.201.84.120
Public Scan
Submission Tags: @phish_report
Submission: On May 16 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 2nd 2023. Valid for: a year.
This is the only time dealspotr.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 35.201.84.120 35.201.84.120 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
8 | 2a02:26f0:480... 2a02:26f0:480:f::213:7ee1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2606:4700::68... 2606:4700::6813:9308 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
8 | 35.244.232.21 35.244.232.21 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 18.239.94.42 18.239.94.42 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.122.72 18.66.122.72 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c1d::9d | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 54.171.224.241 54.171.224.241 | 16509 (AMAZON-02) (AMAZON-02) | |
39 | 13 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.84.201.35.bc.googleusercontent.com
dealspotr.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 21.232.244.35.bc.googleusercontent.com
cdn.dealspotr.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-42.ams1.r.cloudfront.net
pagestates-tracking.crazyegg.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-72.fra60.r.cloudfront.net
assets-tracking.crazyegg.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-224-241.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
dealspotr.com
dealspotr.com — Cisco Umbrella Rank: 166534 cdn.dealspotr.com — Cisco Umbrella Rank: 190554 |
175 KB |
9 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 565 |
190 KB |
7 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2400 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7454 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7566 tracking.crazyegg.com — Cisco Umbrella Rank: 4579 |
37 KB |
1 |
google.fi
www.google.fi — Cisco Umbrella Rank: 39496 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89 |
252 B |
1 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095 |
243 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
103 KB |
39 | 7 |
Domain | Requested by | |
---|---|---|
9 | dealspotr.com |
dealspotr.com
|
8 | cdn.dealspotr.com |
dealspotr.com
|
8 | use.typekit.net |
dealspotr.com
use.typekit.net |
4 | script.crazyegg.com |
dealspotr.com
script.crazyegg.com |
1 | tracking.crazyegg.com |
script.crazyegg.com
|
1 | www.google.fi |
dealspotr.com
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | assets-tracking.crazyegg.com |
script.crazyegg.com
|
1 | pagestates-tracking.crazyegg.com |
script.crazyegg.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | www.googletagmanager.com |
dealspotr.com
|
39 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
www.facebook.com |
www.instagram.com |
www.linkedin.com |
demand.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dealspotr.com Sectigo RSA Domain Validation Secure Server CA |
2023-05-02 - 2024-06-01 |
a year | crt.sh |
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-01 - 2025-03-03 |
a year | crt.sh |
script.crazyegg.com E1 |
2024-04-05 - 2024-07-04 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
cdn.dealspotr.com R3 |
2024-03-23 - 2024-06-21 |
3 months | crt.sh |
crazyegg.com Amazon RSA 2048 M02 |
2024-04-28 - 2025-05-27 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.google.fi WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dealspotr.com/promo-codes/amtrak.com?ref=driverlayer.com
Frame ID: C138508A5C2B9F061BADDA19DDA984D9
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
AMTRAK Discount Code — Get 50% Off in May 2024Detected technologies
Crazy Egg (Analytics) ExpandDetected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Title: Demand.io
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
amtrak.com
dealspotr.com/promo-codes/ |
113 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all-d49f2c694d.min.js
dealspotr.com/dist/ |
238 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all-28c079af88.min.css
dealspotr.com/dist/ |
74 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iga8cza.css
use.typekit.net/ |
26 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0116.js
script.crazyegg.com/pages/scripts/0102/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
311 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons_menu.svg
dealspotr.com/img/ |
939 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amtrak.jpg
cdn.dealspotr.com/io-images/logo/ |
802 B 878 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amazoncom.jpg
cdn.dealspotr.com/io-images/logo/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sc-ios-promo.webp
dealspotr.com/img/ |
53 KB 53 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
booktravel.jpg
cdn.dealspotr.com/io-images/logo/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amtrak.jpg
cdn.dealspotr.com/io-images/logo/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ebaycom.jpg
cdn.dealspotr.com/io-images/logo/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
walmartcom.jpg
cdn.dealspotr.com/io-images/logo/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
macyscom.jpg
cdn.dealspotr.com/io-images/logo/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotwire.jpg
cdn.dealspotr.com/io-images/logo/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-320.webp
dealspotr.com/img/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-160.webp
dealspotr.com/img/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-icon.svg
dealspotr.com/img/ |
2 KB 752 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dealspotr.com.json
script.crazyegg.com/pages/data-scripts/0102/0116/site/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2e23b996f30aa45a4331ff625e76329e.js
script.crazyegg.com/pages/versioned/common-scripts/ |
95 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dealspotr.com.json
script.crazyegg.com/pages/data-scripts/0102/0116/sampling/ |
164 B 218 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
healthcheck
pagestates-tracking.crazyegg.com/ |
19 B 462 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
healthcheck
assets-tracking.crazyegg.com/ |
19 B 464 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
65684df9-9461-4883-b0c4-18883d0b23ac
https://dealspotr.com/ |
45 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 243 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.fi/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/5113c2/00000000000000007735a483/30/ |
30 KB 30 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/743863/00000000000000007735b531/30/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1709eb/000000000000000000010b60/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/eab951/00000000000000007735b534/30/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/79d08f/00000000000000007735b53c/30/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/cef9f3/000000000000000000010b5e/27/ |
24 KB 24 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/c4af2b/00000000000000007735a47a/30/ |
30 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clock
tracking.crazyegg.com/ |
48 B 155 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
dealspotr.com/ |
15 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
681939bd-8f0b-4ca3-861f-9bf0d65c06c0
https://dealspotr.com/ |
241 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| BASE_URI object| dataLayer function| gtag function| isValidUrl function| getRootDomain object| firstTLDs object| secondTLDs function| removeSubdomain function| titleCase function| $ function| jQuery object| FontAwesomeConfig object| ___FONT_AWESOME___ boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.dealspotr.com/ | Name: session_id Value: cphpskla5u2lfcc85sgcs9bp6v |
|
.dealspotr.com/ | Name: _ce.irv Value: new |
|
.dealspotr.com/ | Name: cebs Value: 1 |
|
.dealspotr.com/ | Name: _ga_DDW6VVLHPK Value: GS1.1.1715871040.1.0.1715871040.60.0.0 |
|
.dealspotr.com/ | Name: _ga Value: GA1.1.2019334851.1715871041 |
|
.dealspotr.com/ | Name: _ce.clock_event Value: 1 |
|
.dealspotr.com/ | Name: _ce.clock_data Value: 43%2C185.212.149.204%2C2%2Cd99826ce3e8db1fc4200dc7f37d115c0 |
|
.dealspotr.com/ | Name: cebsp_ Value: 1 |
|
.dealspotr.com/ | Name: _ce.s Value: v~04088ea690faffd622d890eab83951e2cc807202~lcw~1715871041138~lva~1715871040657~vpv~0~v11.cs~372640~v11.s~aa610520-1393-11ef-8706-bd5c5fc86a1a~lcw~1715871041139 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets-tracking.crazyegg.com
cdn.dealspotr.com
dealspotr.com
p.typekit.net
pagestates-tracking.crazyegg.com
region1.analytics.google.com
script.crazyegg.com
stats.g.doubleclick.net
tracking.crazyegg.com
use.typekit.net
www.google.fi
www.googletagmanager.com
18.239.94.42
18.66.122.72
2001:4860:4802:32::36
2606:4700::6813:9308
2a00:1450:4001:80f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c1d::9d
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ee1
35.201.84.120
35.244.232.21
54.171.224.241
0293a7712d0160061409c3f38e429f3aca916f64e395a57cd5a5fcd6b0ffc0e3
0320cf460b6d0571714596f448dd8c8e5c07ca3a62be82f03a748e465a7ab297
03eccfb644bf8fcb5a4be4e2bc8bbf628dbd905b5f39a9f1f54bc1460944904a
0d34a52fbcd30c4c52d811d01cb15e2f5e921ee27b759142866420b18138e811
15c4e54fcf0ab0e956f6963e515bd85656f766e180d403a3e83ff1e7b977ac5b
160f8cc050512a40c6445bc42fac73fe2a1488abda38473c7e6360100268f1e3
17257baf994b30e0adcb937022ba3a18b5a6d572420af3e385e322fd33fdff9d
18ef6a82bf35fd6b95f0a6a0c2a5aed3b40302e082c37157dfb5ac7ed4030257
1b2b008c413eb9040747472469369d0edc0b5759535a71820df791522aa729ab
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c2d95cebeb2f7c3f58005a426fa1e64a2f7d9f1e9a9ad971a1549d9a25dbf21
20481d0cd2cf009f7a0f4b81f0b94b16bbeb59cd58e77b1f629e7b20eb9eb80e
223cdc81b95380cc04d6b79e0e285ea9827c4a2fe767df07872345beac68a4bf
27eca8e27de070df4f78f2b3b43aabd28d92a19a1e8cafc1b855a53e4250195d
316ec62afc257bfef1f2fd5823bcf38b8a88dc262ad1fc1c6173645482bda8f0
4524d89270c48c639b91b509d6887384233592a89fceff8bff5e6f887444f16c
49dd51efa6cf7deacbe8ffc88e4d1149f6a69a5d6da403ea5f97dda990a0fe00
5d195ea799ada187bcbda6503f0ed65aa84ffc84f39ce985e561244403c2c518
695fb21f2cc3f2f8bb143c6f0c8748a4870e6536e87f1dc3bf3db46412884d18
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8b6e1621b8ede01def3b5b74dca23d7971e6916d306464ddf550fd3d2f28eb2b
9a4d6c8feb8b3c650a1afe2fab1091a8ba9d7d903d6dae7fdeab77ba5ead96e0
9e3df577c7755e569443228270c2666029128f4a564211b5a3761bd30108ba56
9e8eef5cafbcc947736d8ba50b05e7c10d3dfe14a9596f6de2a512fa87bd8516
ac249777f4d3f55b26bb90a966ef8ba98369472ad1acd2bcbfc30271c8f171ba
b1b5cbe54701da71aecc256514fb834fa360d1f4ebeafc8d1946b6a0e549d656
b1cd7f136c764c3c13897637cf06ec9261932d58aa27c527c09bcd1f7001b4fa
bb4cde62ffb213bdfb2072b73bfcb425831e185cafc1ddfe95ce834da2e39371
c114e8c9146e113cd37fc2b6c8e6b2b99202dbd20791c1e2b457aa82d06dff7d
cbb2a75e5bed8d3d0d01a17d98316650e56fd695f596d6d9f13e1c1af2c6cf53
de390310d052ecb8de34c12fb76c04c013aef8d30cc6c8b1e5de8cfd76b099b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e64728e99b92e06af69642ebc4f465c350641e5eaf98acc43c78952142fa33
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ad2d3a7000c6a0dafac44f3acbe1957850b3e02633190ad898460e9e01a7f7
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447