omaggio-it-cioccolato.it-baw-promotions.com
Open in
urlscan Pro
149.210.154.15
Public Scan
Effective URL: https://omaggio-it-cioccolato.it-baw-promotions.com/?fname=%5BFIRST_NAME%5D&lname=%5BLAST_NAME%5D&email=%5BEMAIL%5D&aff=262&cid=4489&oid=890&req=5dc...
Submission: On November 10 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 22nd 2019. Valid for: 3 months.
This is the only time omaggio-it-cioccolato.it-baw-promotions.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.17.1.64 103.17.1.64 | 133320 (INFOLAB-A...) (INFOLAB-AS Alpha Infolab Private limited) | |
1 2 | 52.210.54.138 52.210.54.138 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 143.204.101.74 143.204.101.74 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 188.165.150.178 188.165.150.178 | 16276 (OVH) (OVH) | |
1 | 185.33.223.202 185.33.223.202 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
2 2 | 52.40.184.167 52.40.184.167 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
11 | 149.210.154.15 149.210.154.15 | 20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam) | |
5 | 2606:4700:300... 2606:4700:300a::6813:c797 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2a04:4e42:3::621 2a04:4e42:3::621 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2606:4700::68... 2606:4700::6812:e234 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 136.144.170.26 136.144.170.26 | 20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam) | |
24 | 10 |
ASN133320 (INFOLAB-AS Alpha Infolab Private limited, IN)
PTR: aprintfock.com
aprintfock.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-54-138.eu-west-1.compute.amazonaws.com
clk.tradedoubler.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-74.fra50.r.cloudfront.net
vht.tradedoubler.com |
ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-40-184-167.us-west-2.compute.amazonaws.com
traffictrck.com | |
italianloader.com |
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: cloudwue.managedomainglobal.com
omaggio-it-cioccolato.it-baw-promotions.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com |
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: cloudwik.managedomain.nl
push.researchtip.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
it-baw-promotions.com
omaggio-it-cioccolato.it-baw-promotions.com |
1 MB |
5 |
cloudflare.com
cdnjs.cloudflare.com |
15 KB |
4 |
tradedoubler.com
1 redirects
clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com |
14 KB |
1 |
researchtip.com
push.researchtip.com |
673 B |
1 |
onesignal.com
cdn.onesignal.com |
3 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net |
34 KB |
1 |
jquery.com
code.jquery.com |
64 KB |
1 |
italianloader.com
1 redirects
italianloader.com |
385 B |
1 |
traffictrck.com
1 redirects
traffictrck.com |
508 B |
1 |
adnxs.com
ib.adnxs.com |
706 B |
1 |
aprintfock.com
1 redirects
aprintfock.com |
428 B |
24 | 11 |
Domain | Requested by | |
---|---|---|
11 | omaggio-it-cioccolato.it-baw-promotions.com |
clk.tradedoubler.com
omaggio-it-cioccolato.it-baw-promotions.com |
5 | cdnjs.cloudflare.com |
omaggio-it-cioccolato.it-baw-promotions.com
|
2 | clk.tradedoubler.com | 1 redirects |
1 | push.researchtip.com |
omaggio-it-cioccolato.it-baw-promotions.com
|
1 | cdn.onesignal.com |
omaggio-it-cioccolato.it-baw-promotions.com
|
1 | cdn.jsdelivr.net |
omaggio-it-cioccolato.it-baw-promotions.com
|
1 | code.jquery.com |
omaggio-it-cioccolato.it-baw-promotions.com
|
1 | italianloader.com | 1 redirects |
1 | traffictrck.com | 1 redirects |
1 | ib.adnxs.com |
clk.tradedoubler.com
|
1 | analytics.tradedoubler.com |
vht.tradedoubler.com
|
1 | vht.tradedoubler.com |
clk.tradedoubler.com
|
1 | aprintfock.com | 1 redirects |
24 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2 |
2018-12-10 - 2021-01-27 |
2 years | crt.sh |
analytics.tradedoubler.com COMODO RSA Domain Validation Secure Server CA |
2018-02-02 - 2021-02-01 |
3 years | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.it-baw-promotions.com Let's Encrypt Authority X3 |
2019-09-22 - 2019-12-21 |
3 months | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-08-10 - 2020-02-16 |
6 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-05-29 - 2020-04-23 |
a year | crt.sh |
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-10-11 - 2020-04-18 |
6 months | crt.sh |
push.researchtip.com Let's Encrypt Authority X3 |
2019-10-03 - 2020-01-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://omaggio-it-cioccolato.it-baw-promotions.com/?fname=%5BFIRST_NAME%5D&lname=%5BLAST_NAME%5D&email=%5BEMAIL%5D&aff=262&cid=4489&oid=890&req=5dc81562bd52f&s1=17-3122975&s2=5dc81561797fa&s3=&s4=&s5=
Frame ID: F0007A3F2D7230B5CCCAE882837539FB
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://aprintfock.com/aprintfock/link.php?M=88995&N=20&L=11&F=H
HTTP 302
https://clk.tradedoubler.com/click?p=298614&a=3122975&g=24582716&url=http://traffictrck.com/?c=8741&s2=[t... Page URL
-
https://clk.tradedoubler.com/click?p=298614&a=3122975&g=24582716&url=http://traffictrck.com/?c=8741&s2=[t...
HTTP 302
http://traffictrck.com/?c=8741&s2=1b895682a131f41d6ba3815c89a4e3df&s1=3122975&fname=[FIRST_NAME]&ln... HTTP 302
https://italianloader.com/?fname=%5BFIRST_NAME%5D&lname=%5BLAST_NAME%5D&email=%5BEMAIL%5D&c=4489&s1=17... HTTP 302
https://omaggio-it-cioccolato.it-baw-promotions.com/?fname=%5BFIRST_NAME%5D&lname=%5BLAST_NAME%5D&email=%5BEMAIL%5D&aff=262&cid=... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
animate.css (Web Frameworks) Expand
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://aprintfock.com/aprintfock/link.php?M=88995&N=20&L=11&F=H
HTTP 302
https://clk.tradedoubler.com/click?p=298614&a=3122975&g=24582716&url=http://traffictrck.com/?c=8741&s2=[td_guid]&s1=3122975&fname=[FIRST_NAME]&lname=[LAST_NAME]&email=[EMAIL] Page URL
-
https://clk.tradedoubler.com/click?p=298614&a=3122975&g=24582716&url=http://traffictrck.com/?c=8741&s2=[td_guid]&s1=3122975&fname=[FIRST_NAME]&lname=[LAST_NAME]&email=[EMAIL]
HTTP 302
http://traffictrck.com/?c=8741&s2=1b895682a131f41d6ba3815c89a4e3df&s1=3122975&fname=[FIRST_NAME]&lname=[LAST_NAME]&email=[EMAIL] HTTP 302
https://italianloader.com/?fname=%5BFIRST_NAME%5D&lname=%5BLAST_NAME%5D&email=%5BEMAIL%5D&c=4489&s1=17-3122975&s2=5dc81561797fa HTTP 302
https://omaggio-it-cioccolato.it-baw-promotions.com/?fname=%5BFIRST_NAME%5D&lname=%5BLAST_NAME%5D&email=%5BEMAIL%5D&aff=262&cid=4489&oid=890&req=5dc81562bd52f&s1=17-3122975&s2=5dc81561797fa&s3=&s4=&s5= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://aprintfock.com/aprintfock/link.php?M=88995&N=20&L=11&F=H HTTP 302
- https://clk.tradedoubler.com/click?p=298614&a=3122975&g=24582716&url=http://traffictrck.com/?c=8741&s2=[td_guid]&s1=3122975&fname=[FIRST_NAME]&lname=[LAST_NAME]&email=[EMAIL]
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
click
clk.tradedoubler.com/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefs.js
vht.tradedoubler.com/fp/ |
9 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
analytics.tradedoubler.com/ |
0 241 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuidj
ib.adnxs.com/ |
11 B 706 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
omaggio-it-cioccolato.it-baw-promotions.com/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
omaggio-it-cioccolato.it-baw-promotions.com/css/ |
174 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
82-cer-ynaqvat.css
omaggio-it-cioccolato.it-baw-promotions.com/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ |
52 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.slim.js
code.jquery.com/ |
214 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue
cdn.jsdelivr.net/npm/ |
91 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validator.min.js
cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fittext.min.js
cdnjs.cloudflare.com/ajax/libs/FitText.js/1.2.0/ |
567 B 499 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.matchHeight-min.js
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_header.png
omaggio-it-cioccolato.it-baw-promotions.com/images/it/landingpages/it-2019-milka-no-brand-baw-5cdecbda3ec7c/ |
281 KB 282 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Milka_Card2.jpg
omaggio-it-cioccolato.it-baw-promotions.com/images/it/landingpages/it-2019-milka-no-brand-baw-5cdecbda3ec7c/ |
160 KB 161 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Milka_Card3.jpg
omaggio-it-cioccolato.it-baw-promotions.com/images/it/landingpages/it-2019-milka-no-brand-baw-5cdecbda3ec7c/ |
190 KB 191 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Milka_Card1.jpg
omaggio-it-cioccolato.it-baw-promotions.com/images/it/landingpages/it-2019-milka-no-brand-baw-5cdecbda3ec7c/ |
136 KB 137 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
omaggio-it-cioccolato.it-baw-promotions.com/js/ |
452 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
omaggio-it-cioccolato.it-baw-promotions.com/js/ |
52 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
82-cer-ynaqvat.js
omaggio-it-cioccolato.it-baw-promotions.com/ |
9 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BG_MILKA.jpg
omaggio-it-cioccolato.it-baw-promotions.com/images/it/landingpages/it-2019-milka-no-brand-baw-5cdecbda3ec7c/ |
409 KB 410 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.php
push.researchtip.com/examples/ |
720 B 673 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Vue object| Translator object| fos object| Routing boolean| imitateProcessing function| getParamFromURL function| addslashes function| replacePlaceholders function| setValueToLocalStorage function| getAge function| getCurrentDisplayBlock function| disableDisplayBlock function| changeCoRegButtonColor function| imitationProcessingCheckData object| answersForPhoneRecheck function| telemarketingQuestionsProcess function| saveAnswersForQuestion function| createSubQuestions function| createDirectSubQuestion function| createSubQuestionInHisPosition function| removeQuestion function| getQuestions function| createPremiumQuestionsHtml function| createCheckboxQuestion function| createOneQuestion function| createQuestionImage function| initDatePicker function| createQuestionDate function| createQuestionGrid function| createQuestionFreshButton function| createQuestionRadio function| createQuestionDropdown function| createQuestionButton function| repeatProcess function| getRepeatAttrHtml function| getRecheckAttrHtml function| createRecheckingBlock object| priorityDisplayBlocks string| subdomain string| domain string| scheme string| privacyUrl string| termsUrl string| lpCookiePrivacyUrl string| sponsorPath string| amountQuestionsPerPage object| premiumQuestions string| colorButtons string| exitUrl boolean| forPreview string| pixelUrl object| script object| OneSignal string| test1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
omaggio-it-cioccolato.it-baw-promotions.com/ | Name: PHPSESSID Value: oaq3l32opf7cta2at6l462n69h |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tradedoubler.com
aprintfock.com
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
clk.tradedoubler.com
code.jquery.com
ib.adnxs.com
italianloader.com
omaggio-it-cioccolato.it-baw-promotions.com
push.researchtip.com
traffictrck.com
vht.tradedoubler.com
103.17.1.64
136.144.170.26
143.204.101.74
149.210.154.15
185.33.223.202
188.165.150.178
2001:4de0:ac19::1:b:1a
2606:4700:300a::6813:c797
2606:4700::6812:e234
2a04:4e42:3::621
52.210.54.138
52.40.184.167
08103b3e494aff38d9981c2a9093ad41e9dcf83bd005c821f4ee6e28b1ac5f54
1367d5843203d4cd478f9b292f3a6c4ec8a0a303efbbcc21ede8f37b5114bf84
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
1df1fce4f60f0fb5cfc4ddcc9a9a465e7c6c2d952b96ed1d37f2a7e07ec30381
441a1341fe6435afe51207966d972bbf1370367766f97fb571a9618b6155ebe1
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd
50dcd30b6dc0386f4a21ffff85bd19a0a2ac05db13071edb14b0f5164eb0dd2f
70d2717cecfcf83f6b03c2f718a1eaf909850e69bbe069decd417e67de98f0b2
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
7477ff6231f5038b5ec04b0a51298d9d5d390c36df18dde0ecd32af3ac601a1f
787cfe51e70210c126f578632cf740ca72729fb3f323afc5512e3a2c8f1cc07b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cd5c914895c6b4e4120ed98e73875c6b4a12b7304fbf9586748fe0a1c57d830
7e72bbaab5d3e33dfab384c026651a48c940881111a80a194d06ea3d6ab5c495
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
94bc47b19029811afb1a596aa373e5e017cd9374d31e2fb72a9aa837735b05af
aa3d3908e5a46f49ab9f783a6cfdaaad11393e9ab2f2d00398abdf36181dcfd2
b28c8d2be4e021999d75470ac4bdb84dbef024097cb2ad8503fbe4a72350d864
d2f13faa94e26668e4fbf7efd8831f1f84bc76c8db112c522f088ec3727288c8
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fe832bdc58ac8249c78e856911a8453461aecb0c68a658168648012efae179ea
fe860e3d7d575a288a5db13ba9708b5dd20e6390928725181049ae01bb0d4cd3