![](/screenshots/abaec9e9-4203-4fc1-9bb6-4de95e770b50.png)
www.ton-gain.com
Open in
urlscan Pro
2606:4700::6812:bd6
Public Scan
Effective URL: https://www.ton-gain.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postbac...
Submission: On May 10 via manual from FR
Summary
TLS certificate: Issued by R3 on April 13th 2021. Valid for: 3 months.
This is the only time www.ton-gain.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 93.113.36.194 93.113.36.194 | 41011 (CH-NET-AS) (CH-NET-AS) | |
1 2 | 2a05:d018:483... 2a05:d018:483:6110:e635:531c:19c9:3392 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2a05:d018:483... 2a05:d018:483:6110:4be6:fd5f:a447:83e0 | 16509 (AMAZON-02) (AMAZON-02) | |
2 3 | 52.210.134.198 52.210.134.198 | 16509 (AMAZON-02) (AMAZON-02) | |
20 | 2606:4700::68... 2606:4700::6812:bd6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:47b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 5 |
ASN16509 (AMAZON-02, US)
gdmtrck.com | |
gdmconvtrck.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-134-198.eu-west-1.compute.amazonaws.com
mail.hodtd.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
ton-gain.com
www.ton-gain.com |
212 KB |
3 |
hodtd.com
2 redirects
mail.hodtd.com |
3 KB |
2 |
gfstrck.com
1 redirects
gfstrck.com |
4 KB |
1 |
cleverpush.com
static.cleverpush.com |
102 KB |
1 |
gdmconvtrck.com
gdmconvtrck.com |
1 KB |
1 |
gdmtrck.com
1 redirects
gdmtrck.com |
480 B |
1 |
kokande.com
1 redirects
kokande.com |
507 B |
24 | 7 |
Domain | Requested by | |
---|---|---|
20 | www.ton-gain.com |
www.ton-gain.com
|
3 | mail.hodtd.com |
2 redirects
gdmconvtrck.com
|
2 | gfstrck.com | 1 redirects |
1 | static.cleverpush.com |
www.ton-gain.com
|
1 | gdmconvtrck.com |
gfstrck.com
|
1 | gdmtrck.com | 1 redirects |
1 | kokande.com | 1 redirects |
24 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
trk.adstrck123.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
clfstrk.com Amazon |
2020-06-09 - 2021-07-09 |
a year | crt.sh |
gdmconvtrck.com Amazon |
2021-02-21 - 2022-03-22 |
a year | crt.sh |
mail.hodtd.com Amazon |
2021-01-19 - 2022-02-16 |
a year | crt.sh |
www.ton-gain.com R3 |
2021-04-13 - 2021-07-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-12 - 2021-08-12 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.ton-gain.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=1027ba8f6b39b05449e9a4fe520205
Frame ID: 5EE10032AB6BE146D433861119E71772
Requests: 20 HTTP requests in this frame
Frame:
https://www.ton-gain.com/sc/GHWgqugLnlsgIxIpLjhsxwItOgoIqKoxgxsOgoyOhzLMnQLHNoimgsNkrLPLvKOJjsurnyKrGmwooIsxvKGnsgsMyhioJwuhigmjLtikoksxhlykwGPqvOMgigxnmtOxijggskixlLhJwwkLJwhiLrhikKiRkgwthiKgmiirKgjvxwmkLNimwKumsNimLyuksjlslwIpLpGOwKImtpHspwmkKjlsgrRgzGoMiRxoyXsMxGkuxvKGMgmuwHvwpMkthtkooiGoxqrmthlxwgmijwRwq
Frame ID: 517E52B48E4C864010B69E5D98E55A3B
Requests: 2 HTTP requests in this frame
Frame:
https://www.ton-gain.com/sc/PWglzmwyKKggjhhovKHnQtghgohPnotgxgGIqkJgsQuzRItuMgxwjmLiQvurQnlKNjyLPxOIxikimowyLioqvKgmiPhGiiXkrQllhgjikJkmQimzmQgkrlskoJMyhioJwuhSmglQohgMilwgskhvGlrOiuxjorpiigHiknwlRwpMkthvKGphuHpKjkOHyMmLnkslymmRjgspzIkthwOsLIktzkOoKmqKrhszyzpLhxssMzqKzgspwmqLzmGthjGrQllwhwItOgoIqKoxixsOggl
Frame ID: 7633B1980B9242A6D881BE3EA651B2B5
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/abaec9e9-4203-4fc1-9bb6-4de95e770b50.png)
Page URL History Show full URLs
-
http://kokande.com/index.php/campaigns/hy856a8sxye2f/track-url/hq340eo1zq6a1/3f47586b5d861f26dc...
HTTP 301
https://gdmtrck.com/?a=69141&c=263155&s2=1750 HTTP 302
https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1620636395242&h=6a533be6690efba3... Page URL
-
https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1620636395347&h=4cec2b468567ec81...
HTTP 302
https://mail.hodtd.com/aff_c?offer_id=14513&aff_id=9095&url_id=17710&aff_sub=69141&aff_sub2=8da0a83... HTTP 302
https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&url=https%3A%2F%2Fwww.ton-gain.com%2Fcgi-bi... Page URL
-
https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.ton-g...
HTTP 302
https://www.ton-gain.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-... Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Register here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://kokande.com/index.php/campaigns/hy856a8sxye2f/track-url/hq340eo1zq6a1/3f47586b5d861f26dcc5918565a08b47f59b760e
HTTP 301
https://gdmtrck.com/?a=69141&c=263155&s2=1750 HTTP 302
https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1620636395242&h=6a533be6690efba326f4caef59d100727a33af7d&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D263155%26s2%3D1750&mt=3&sip=2a01:4f8:192:5414::2 Page URL
-
https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1620636395347&h=4cec2b468567ec815d3b76390ae91ede4a94ecd3&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D263155%26s2%3D1750&mt=3&sip=2a01:4f8:192:5414::2&us=26e5a76540d4494884bd1884620298f4
HTTP 302
https://mail.hodtd.com/aff_c?offer_id=14513&aff_id=9095&url_id=17710&aff_sub=69141&aff_sub2=8da0a836c26d41d98372d9f53cf77fee17347 HTTP 302
https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&url=https%3A%2F%2Fwww.ton-gain.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D461%26wingame_pk%3D63%26freetest_pk%3D229%26sub_id%3D9095-69141%26sub_id_postback%3D1027ba8f6b39b05449e9a4fe520205&urlauth=553262342722233418913570398247 Page URL
-
https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.ton-gain.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D461%26wingame_pk%3D63%26freetest_pk%3D229%26sub_id%3D9095-69141%26sub_id_postback%3D1027ba8f6b39b05449e9a4fe520205&urlauth=553262342722233418913570398247
HTTP 302
https://www.ton-gain.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=1027ba8f6b39b05449e9a4fe520205 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://kokande.com/index.php/campaigns/hy856a8sxye2f/track-url/hq340eo1zq6a1/3f47586b5d861f26dcc5918565a08b47f59b760e HTTP 301
- https://gdmtrck.com/?a=69141&c=263155&s2=1750 HTTP 302
- https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1620636395242&h=6a533be6690efba326f4caef59d100727a33af7d&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D263155%26s2%3D1750&mt=3&sip=2a01:4f8:192:5414::2
- https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1620636395347&h=4cec2b468567ec815d3b76390ae91ede4a94ecd3&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D263155%26s2%3D1750&mt=3&sip=2a01:4f8:192:5414::2&us=26e5a76540d4494884bd1884620298f4 HTTP 302
- https://mail.hodtd.com/aff_c?offer_id=14513&aff_id=9095&url_id=17710&aff_sub=69141&aff_sub2=8da0a836c26d41d98372d9f53cf77fee17347 HTTP 302
- https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&url=https%3A%2F%2Fwww.ton-gain.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D461%26wingame_pk%3D63%26freetest_pk%3D229%26sub_id%3D9095-69141%26sub_id_postback%3D1027ba8f6b39b05449e9a4fe520205&urlauth=553262342722233418913570398247
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
gfstrck.com/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user
gdmconvtrck.com/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aff_r
mail.hodtd.com/ Redirect Chain
|
346 B 725 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
wingame.pl
www.ton-gain.com/cgi-bin/ Redirect Chain
|
39 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
www.ton-gain.com/_global/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www.ton-gain.com/_global/fonts/font-awesome-4.6.3/css/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation-flex-grid.css
www.ton-gain.com/_global/wingame/default/css/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
series.css
www.ton-gain.com/_global/wingame/75/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweepstake.css
www.ton-gain.com/wingame/63/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MooTools-Core-1.6.0-compressed.js
www.ton-gain.com/_global/js/framework/ |
87 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.ton-gain.com/_global/js/ |
32 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.js
www.ton-gain.com/wingame/global/js/ |
2 KB 993 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
series.js
www.ton-gain.com/_global/wingame/75/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweepstake.js
www.ton-gain.com/wingame/63/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close_icon.svg
www.ton-gain.com/wingame/global/images/ |
841 B 678 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-carrefour2.png
www.ton-gain.com/_static/_global/_supload/images/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_229_966_1559294413.png
www.ton-gain.com/files/web/freetest/_images/ |
36 KB 36 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JzNYHB8hTYGdToADx.js
static.cleverpush.com/channel/loader/ |
496 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-carrefour-be2.jpg
www.ton-gain.com/_static/_global/_supload/images/ |
90 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PatuaOne-Regular.woff2
www.ton-gain.com/_static/_global/_supload/fonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GHWgqugLnlsgIxIpLjhsxwItOgoIqKoxgxsOgoyOhzLMnQLHNoimgsNkrLPLvKOJjsurnyKrGmwooIsxvKGnsgsMyhioJwuhigmjLtikoksxhlykwGPqvOMgigxnmtOxijggskixlLhJwwkLJwhiLrhikKiRkgwthiKgmiirKgjvxwmkLNimwKumsNimLyuksjlsl...
www.ton-gain.com/sc/ Frame 517E |
243 B 334 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PWglzmwyKKggjhhovKHnQtghgohPnotgxgGIqkJgsQuzRItuMgxwjmLiQvurQnlKNjyLPxOIxikimowyLioqvKgmiPhGiiXkrQllhgjikJkmQimzmQgkrlskoJMyhioJwuhSmglQohgMilwgskhvGlrOiuxjorpiigHiknwlRwpMkthvKGphuHpKjkOHyMmLnksly...
www.ton-gain.com/sc/ Frame 7633 |
241 B 330 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MnyMWgkowoLgiirljhpLsLGkImggKoIjQiLJwhiLrhikMlzwjGtvOiuxjorKohxLsisIqwGxigoGopsxspwRsMPGhjgmtylOQOJOurxInlzLHpRzogoigqLJyXsghwxor
www.ton-gain.com/sc/ Frame 517E |
79 B 159 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HlzWgvgilyIgikpkrnghOIxikimowyLiKquHnQtghgoklnotgxgGhxsLGkImggKoqjQuxHRwpMkthvhgmnlwpykiiykohixhlylxmhPzrIwksgLIoJzNyRxLumKOIXL
www.ton-gain.com/sc/ Frame 7633 |
79 B 267 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
117 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log function| setDateTime function| set_optout boolean| page_submitted undefined| field_validator string| current_page undefined| mooli undefined| scroll_position_x function| do_countdown function| bigger_checkbox function| iframe_selector function| open_iframe function| open_layer function| clean_links object| virtual_pages function| initialize_quiz function| add_pop_iframe_closer_events function| setFilledClass function| show_next_page function| show_previous_page function| show_page_by_index object| POPUNDER string| sponsor_switch string| sponsor_switch_wingame string| sponsorlimit string| context object| CP object| CleverPush function| cleverPushInitCallback undefined| dccBts function| setImmediate function| clearImmediate number| __cleverPushSdkLoadCount number| c2 number| c11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ton-gain.com/ | Name: __cfduid Value: d98ffa3c4be490d16f8f2ecb04555ca111620636395 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gdmconvtrck.com
gdmtrck.com
gfstrck.com
kokande.com
mail.hodtd.com
static.cleverpush.com
www.ton-gain.com
2606:4700:20::ac43:47b8
2606:4700::6812:bd6
2a05:d018:483:6110:4be6:fd5f:a447:83e0
2a05:d018:483:6110:e635:531c:19c9:3392
52.210.134.198
93.113.36.194
18e16de0930fc53e5cb5602639cc2c5ee49ccbdd38e2933972516a83a3fd56b9
18ee57494d49bf9a1a268427cb939cc317be758aa8afa67fa28748888f70c1e2
1fd3ced746f97367a76c8e2f234bc5bcbdef61ddb19d3dcfea2a2b852589c6c9
2499ac28de7421ce005acdfe26fefa96a3b380fafc47160fad0ceb2c669ddc81
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
2acb11aaa510314dda747b7cae606aed69c58cbec2b2a4e33b33d416eb955dc2
2d5c49901b1a2882cab5371a14c7ffce185032ce5553912193f791a872ebe88b
696536c3c1a8248da30b2d6bcbd75e6ea323e677d48c1fec0c0ba9861c91d273
6b403a1702637e989e84349facd5105ebd4631f23bdd9d03fc2c5d07545924f6
6b8461cb761b016ab0e2eadccde3b9d4e828ee5ac144024fe13df473d4b24cc3
6d59cb01b6d58a9fced9364ac9df7b0f0c1b43d3a2dd770addbac190af9864c2
8b229a517a3e9da9e45dd1911e27622ed8078344de5da142382aa2965d3d9304
97497ebfb659e7beb20ec272672de225f1cf8a52ec62cf2c294fe62fd4f92321
a1ba6fb265468a2453e57c51d4e464fb20cd94c3003b96d97ac3e7cce12abe27
a8eb8c4b50492f02bdffbed642f9d2c29cf1d1ec1843174161e77e302e38dfdb
d087f40ff1faaf11e6acabf0dac337eae122708e660e5ea4cadaf7df225e2e98
d2b06b49751830454c06bdcdcdf7516603fa2e21595e8359c0a087d70aecd52a
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
daa0c2803da4e07d07e6c01c4f77719fdab7ee6561c1e66d5ee349c55a408db2
dd3aae1324547e753a4b5fc0fbc5c0904a2e257e93d879d82bf3ef2958af09fb
e33445590a22392ca432d44ed78fa494b1ad5eada8bc5d7c42ee686ed6ec6408
e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab