buy.norton.com
Open in
urlscan Pro
40.78.54.67
Public Scan
Effective URL: https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=SBNX35znRxyLTq6wUx0Mo3EHUkEw4MzBm3EjUs0&adid=761885&IRID=19...
Submission Tags: falconsandbox
Submission: On December 03 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 9th 2020. Valid for: 10 months.
This is the only time buy.norton.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 224.247.227.35.bc.googleusercontent.com
www.trkppc.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-101-248.eu-west-1.compute.amazonaws.com
norton.ow5a.net |
ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-89-93.deploy.static.akamaitechnologies.com
buy-static.norton.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-65-236.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-216-201.eu-west-1.compute.amazonaws.com
symantec.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
oms.norton.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
ensighten.com
nexus.ensighten.com |
167 KB |
3 |
demdex.net
dpm.demdex.net symantec.demdex.net |
2 KB |
3 |
norton.com
buy.norton.com buy-static.norton.com oms.norton.com |
19 KB |
2 |
facebook.net
connect.facebook.net |
93 KB |
2 |
ow5a.net
2 redirects
norton.ow5a.net |
2 KB |
2 |
trkppc.com
2 redirects
www.trkppc.com |
777 B |
2 |
kitanders.com
1 redirects
dfg65dfgdfgdf.kitanders.com |
741 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
1 |
facebook.com
www.facebook.com |
379 B |
1 |
symassets.com
now.symassets.com |
11 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
18 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
1 |
ojrq.net
1 redirects
www.ojrq.net |
574 B |
19 | 13 |
Domain | Requested by | |
---|---|---|
6 | nexus.ensighten.com |
buy.norton.com
nexus.ensighten.com |
2 | dpm.demdex.net |
nexus.ensighten.com
|
2 | connect.facebook.net |
nexus.ensighten.com
connect.facebook.net |
2 | norton.ow5a.net | 2 redirects |
2 | www.trkppc.com | 2 redirects |
2 | dfg65dfgdfgdf.kitanders.com | 1 redirects |
1 | oms.norton.com | |
1 | cm.everesttech.net | 1 redirects |
1 | symantec.demdex.net |
nexus.ensighten.com
|
1 | www.facebook.com | |
1 | buy-static.norton.com |
buy.norton.com
|
1 | now.symassets.com |
buy.norton.com
|
1 | maxcdn.bootstrapcdn.com |
buy.norton.com
|
1 | ajax.googleapis.com |
buy.norton.com
|
1 | buy.norton.com |
dfg65dfgdfgdf.kitanders.com
|
1 | www.ojrq.net | 1 redirects |
19 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.norton.com |
us.norton.com |
be-nl.norton.com |
www.nortonlifelock.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
buy.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-07-09 - 2021-04-28 |
10 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
www.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-11-12 - 2021-05-16 |
6 months | crt.sh |
store.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-09-23 - 2021-04-28 |
7 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
oms.norton.com DigiCert SHA2 High Assurance Server CA |
2020-08-28 - 2021-09-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=SBNX35znRxyLTq6wUx0Mo3EHUkEw4MzBm3EjUs0&adid=761885&IRID=19264&source=ir
Frame ID: 6B9680F761F473AB2DBEE65803B797E2
Requests: 18 HTTP requests in this frame
Frame:
https://symantec.demdex.net/dest5.html?d_nsid=undefined
Frame ID: BD6E743B4CF221BCB1396A83D131C5DD
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://dfg65dfgdfgdf.kitanders.com/1745077Pg2191474Be0Ox0zw24nEr95577zysh Page URL
-
http://dfg65dfgdfgdf.kitanders.com/1745077Pg2191474Be0Ox0zw24nEr95577zysh?inf=236326063a2163761a8390
HTTP 302
https://www.trkppc.com/TMHW7S9C/XCSCDPL1/?sub1=1745077&sub2=15b-1745077-2163761-95577-8390-236326063 HTTP 302
https://www.trkppc.com/TMHW7S9C/XD1GFPDJ/?__rpt=0&__po=417116&__ptid=2501f3efc96c4171a88719a567cb08... HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=28d491a8a2474590b3b36170591e5773&subId2=15b-17450... HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F19264%2F761885%2F4405%3FsubId1... HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=28d491a8a2474590b3b36170591e5773&subId2=15b-17450... HTTP 301
https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=SBNX35znRxyLTq6wUx0Mo3EHUkEw4MzBm3EjUs0... Page URL
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Hulp krijgen
Search URL Search Domain Scan URL
Title: productenpagina.
Search URL Search Domain Scan URL
Title: Verleng of upgrade hier.
Search URL Search Domain Scan URL
Title: Directe hulp.
Search URL Search Domain Scan URL
Title: Juridische informatie
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://dfg65dfgdfgdf.kitanders.com/1745077Pg2191474Be0Ox0zw24nEr95577zysh Page URL
-
http://dfg65dfgdfgdf.kitanders.com/1745077Pg2191474Be0Ox0zw24nEr95577zysh?inf=236326063a2163761a8390
HTTP 302
https://www.trkppc.com/TMHW7S9C/XCSCDPL1/?sub1=1745077&sub2=15b-1745077-2163761-95577-8390-236326063 HTTP 302
https://www.trkppc.com/TMHW7S9C/XD1GFPDJ/?__rpt=0&__po=417116&__ptid=2501f3efc96c4171a88719a567cb085f&__rpa=1&__rc=1&sub1=1745077&sub2=15b-1745077-2163761-95577-8390-236326063&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=28d491a8a2474590b3b36170591e5773&subId2=15b-1745077-2163761-95577-8390-236326063 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F19264%2F761885%2F4405%3FsubId1%3D28d491a8a2474590b3b36170591e5773%26subId2%3D15b-1745077-2163761-95577-8390-236326063%26level%3D1%26srcref%3Dhttp%253A%252F%252Fdfg65dfgdfgdf.kitanders.com%252F1745077Pg2191474Be0Ox0zw24nEr95577zysh&cid=4405&tpsync=yes HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=28d491a8a2474590b3b36170591e5773&subId2=15b-1745077-2163761-95577-8390-236326063&level=1&srcref=http%3A%2F%2Fdfg65dfgdfgdf.kitanders.com%2F1745077Pg2191474Be0Ox0zw24nEr95577zysh&brwsr=f66de1b9-3589-11eb-b9ff-42010a24661e&brwsrsig=VaGW4kSlYXh7z6PQcFVfHxBAV5kWRE HTTP 301
https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=SBNX35znRxyLTq6wUx0Mo3EHUkEw4MzBm3EjUs0&adid=761885&IRID=19264&source=ir Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://cm.everesttech.net/cm/dd?d_uuid=01471838293813694551952459106035333671 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=X8kbNwAAAHaYdxqj
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
1745077Pg2191474Be0Ox0zw24nEr95577zysh
dfg65dfgdfgdf.kitanders.com/ |
214 B 425 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
aff_norton360premium
buy.norton.com/ Redirect Chain
|
9 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.2/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/symantec/ |
677 KB 139 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ |
107 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_nlok_estore_cart.svg
now.symassets.com/content/dam/norton/global/images/non-product/logos/dark/ |
11 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_symc_gs_97x27.svg
buy-static.norton.com/estore/images/Non-Product/Logo/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code_min.js
nexus.ensighten.com/symantec/scode/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
om_code_estore_min.js
nexus.ensighten.com/symantec/scode/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/symantec/prod/ |
384 B 526 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d218054064e684250e2284f8a7a768e2.js
nexus.ensighten.com/symantec/prod/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4d81d08fd689a5f89ee7ea303695396b.js
nexus.ensighten.com/symantec/prod/code/ |
347 B 530 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
89 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2010787619164716
connect.facebook.net/signals/config/ |
239 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
367 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 379 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
symantec.demdex.net/ Frame BD6E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=X8kbNwAAAHaYdxqj
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s75958363034839
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ |
43 B 423 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
108 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| ensBootstraps object| Bootstrapper object| adobe function| Visitor object| ensClientConfig object| ensLogger boolean| ensBrowserSupported object| gateway string| trueURL object| v function| $data string| _siteCode object| tms function| ttHideInter string| k string| TLT_SN string| TLT_UV string| TLT_FTV string| TLT_NC string| TLT_UID string| error string| referrer string| incomingURL string| store_locale string| partner string| cart_flow_id string| userflow string| site_id string| site_name string| store_id string| store_name string| om_affiliate_id_param string| om_program_id_param string| om_program_type_param string| original_subchannel string| current_subchannel string| traffic_source string| country string| region string| language string| TLTSID string| media_type_or_version_id string| error_page string| pagename string| channel string| hier1 string| hier2 string| reportsuite_id string| sso string| session_guid string| promoid string| autodowngrade string| postenrollment string| hostname string| CatalogCode string| SymSession string| SubChannel string| MawareRenewalFlag function| s_getLoadTime function| removeTxt function| internalSearchLinkClick_Natural function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s number| s_loadT object| _numeric_ object| s_c_il number| s_c_in string| PageN object| expiration_date function| trackCustomDownload object| uStudio number| s_objectID number| s_giq function| isEmpty function| removeTrailingComma string| qsVal object| promoid_arr undefined| removed_products undefined| tproducts undefined| random_numbers undefined| cookieRemovedProduct undefined| s_code object| val function| fbq function| _fbq object| ruleMETA string| s_tnt string| tmp object| s_i_symanteccom20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.norton.com/ | Name: criteo_mm Value: MediaMath |
|
.norton.com/ | Name: ttControl Value: 5443473d3130 |
|
buy.norton.com/ | Name: ESID Value: 027569f588-be01-428IGFQ4um6dvDNGtK_6qvVNElHiaH-sTUbVWgUlSSdc2CTwREBOYZXRpNAKqYFGTubv4 |
|
.norton.com/ | Name: ae Value: 687474703a2f2f6275792e6e6f72746f6e2e636f6d2f72656469726563746f722f6166665f6e6f72746f6e3336307072656d69756d3f69726777633d3126636c69636b69643d53424e5833357a6e5278794c547136775578304d6f334548556b4577344d7a426d33456a55733026616469643d37363138383526495249443d313932363426736f757263653d6972 |
|
.norton.com/ | Name: SSE Value: 4245236e6c2353796d616e7465635f73796d457056656e646f72 |
|
.norton.com/ | Name: TLID Value: 6E0C1B8A5EB4CA421DB7B077330CCD3D |
|
.norton.com/ | Name: PROGRAMID Value: 19264 |
|
.norton.com/ | Name: pr Value: 5043443d31322d30332d323032307c5049443d31393236347c5349443d7c5054593d496d70616374526164697573 |
|
.norton.com/ | Name: COUNTRY Value: BE |
|
.norton.com/ | Name: storetimeoutpopup Value: 3 |
|
.norton.com/ | Name: SHOPPERID Value: "" |
|
.norton.com/ | Name: PROGRAM_TYPE Value: ImpactRadius |
|
.norton.com/ | Name: LANGUAGE Value: nl |
|
.buy.norton.com/ | Name: X-CSRF-TOKEN Value: ayEfkXBIkyACGQgfxEuCcrrPltZ9Mw2c5Bbxgf8csB4_ |
|
.norton.com/ | Name: tp Value: 4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d31322f30332f323032307c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6c7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d616666696c696174657c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d |
|
.norton.com/ | Name: es Value: 4e56533d317c5353473d38353330353444442d323542372d334641342d313841322d4531464632413635444539377c4643443d4465632d30332d323032302030393a30373a30337c4c43443d4465632d30332d323032302030393a30373a30337c4e4c563d73796d616e746563696e7465726e616c6572726f72 |
|
.norton.com/ | Name: cv Value: exist |
|
buy.norton.com/ | Name: 53038 Value: MediaMath |
|
.norton.com/ | Name: storetimeout Value: 30 |
|
buy.norton.com/ | Name: JSESSIONID Value: 6E0C1B8A5EB4CA421DB7B077330CCD3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
buy-static.norton.com
buy.norton.com
cm.everesttech.net
connect.facebook.net
dfg65dfgdfgdf.kitanders.com
dpm.demdex.net
maxcdn.bootstrapcdn.com
nexus.ensighten.com
norton.ow5a.net
now.symassets.com
oms.norton.com
symantec.demdex.net
www.facebook.com
www.ojrq.net
www.trkppc.com
104.109.89.93
15.237.136.106
172.245.13.26
18.197.253.20
2001:4de0:ac19::1:b:1a
2a00:1450:4001:81f::200a
2a02:26f0:fe00:1b0::1015
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.250.65.236
34.253.145.149
34.95.127.121
35.227.247.224
40.78.54.67
52.211.216.201
52.31.101.248
015d4a65411d10107171af9847f37e9f028b3b8c2749a81fa780c94395d3f24c
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2cd6045dfcd75c0f7301e4cf151f0d5b9999382919bb2eff4043c340122f50d0
32413d26d799744c1c7d4f20d4655fb1dbd1a5632136ac7cb60dfc4a478c066a
532ac5212597742e1d5d141a7500fdafe96edaa9449c8f3fbe0519fd954aef34
536c3ccdc7dedd7df39f255f79dbc59aaf459be9a426a7a9127fb08cdd79f393
543cd4f86dc4d2955026964e9f1a0d4bc6b44919f248a88a58d19c2b3b970071
77b8e1ace51eef658dad260dfab1ca4e4e47fbac2659527c289b6becf954a547
801492a1b0274ca4bf384a7849135638a428059d7f79982895c8e0ff5e0dc77c
82a2e00985035d05bd7cabf874466c595528171ca9005ca24a66f03c50d9ec73
88ebed76efa7889ea011ce99b54cd158909201fd089e69a41f98592bc7b3986e
89515b4a5aae3b74117f965a361f5f7793b7a40b19988d863cdfa24ac78ff7d0
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
961fb2a7d67efdc1bb679e15009627a9b1ce7ddac5fb56e356bec79ace81ad69
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629