www.topglobaldeals.com
Open in
urlscan Pro
2606:4700:20::681a:704
Public Scan
Effective URL: https://www.topglobaldeals.com/offer/sgo-1-ph-sso?tid=a2c1f438cd6846c5ae63dddc1982f441&affiliate_id=63&offer_id=7&sub1=10291ee8...
Submission: On October 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on September 16th 2022. Valid for: 3 months.
This is the only time www.topglobaldeals.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 192.64.119.94 192.64.119.94 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 1 | 34.198.147.111 34.198.147.111 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 99.84.37.31 99.84.37.31 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 23.21.212.132 23.21.212.132 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 3.218.135.42 3.218.135.42 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 35.244.130.28 35.244.130.28 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:20:... 2606:4700:20::681a:704 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2600:9000:202... 2600:9000:202c:d000:8:dd76:fe40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2606:4700:303... 2606:4700:3037::6815:3950 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 20.50.64.3 20.50.64.3 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
21 | 5 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-147-111.compute-1.amazonaws.com
www.trkxc.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-31.ewr52.r.cloudfront.net
t.adating.link |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-212-132.compute-1.amazonaws.com
a.vfgtc.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-135-42.compute-1.amazonaws.com
s.sloffer1.com |
ASN15169 (GOOGLE, US)
PTR: 28.130.244.35.bc.googleusercontent.com
www.hoa44trk.com |
ASN16509 (AMAZON-02, US)
d2rv3np9wrkgl5.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
cloudfront.net
d2rv3np9wrkgl5.cloudfront.net |
718 KB |
3 |
pushnotice.xyz
pushnotice.xyz — Cisco Umbrella Rank: 770192 |
4 KB |
2 |
pushserve.xyz
pushserve.xyz — Cisco Umbrella Rank: 234910 |
2 KB |
2 |
topglobaldeals.com
www.topglobaldeals.com — Cisco Umbrella Rank: 610442 |
4 KB |
2 |
vfgtc.com
2 redirects
a.vfgtc.com — Cisco Umbrella Rank: 283281 |
1 KB |
1 |
hoa44trk.com
1 redirects
www.hoa44trk.com — Cisco Umbrella Rank: 687075 |
521 B |
1 |
sloffer1.com
1 redirects
s.sloffer1.com |
1 KB |
1 |
adating.link
1 redirects
t.adating.link — Cisco Umbrella Rank: 579554 |
1 KB |
1 |
trkxc.com
1 redirects
www.trkxc.com |
2 KB |
1 |
lovely-eva.date
1 redirects
24hok00up-lovely-eva.lovely-eva.date |
283 B |
21 | 10 |
Domain | Requested by | |
---|---|---|
14 | d2rv3np9wrkgl5.cloudfront.net |
www.topglobaldeals.com
|
3 | pushnotice.xyz |
d2rv3np9wrkgl5.cloudfront.net
pushnotice.xyz |
2 | pushserve.xyz |
pushnotice.xyz
|
2 | www.topglobaldeals.com |
d2rv3np9wrkgl5.cloudfront.net
|
2 | a.vfgtc.com | 2 redirects |
1 | www.hoa44trk.com | 1 redirects |
1 | s.sloffer1.com | 1 redirects |
1 | t.adating.link | 1 redirects |
1 | www.trkxc.com | 1 redirects |
1 | 24hok00up-lovely-eva.lovely-eva.date | 1 redirects |
21 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.topglobaldeals.com E1 |
2022-09-16 - 2022-12-15 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-11-28 - 2022-11-27 |
a year | crt.sh |
pushserve.xyz Sectigo RSA Domain Validation Secure Server CA |
2022-08-01 - 2023-08-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.topglobaldeals.com/offer/sgo-1-ph-sso?tid=a2c1f438cd6846c5ae63dddc1982f441&affiliate_id=63&offer_id=7&sub1=10291ee84eecf285fef823cbe50600&sub2=102f1c5c185ee2c52e9b260a2a8ff9&sub3=170910&sub4=&sub5=&sub6=
Frame ID: 2BF06C5EEAFF925166D3A27FC0EAE6F0
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Top Global DealsPage URL History Show full URLs
-
http://24hok00up-lovely-eva.lovely-eva.date/
HTTP 302
http://www.trkxc.com/aff_c?offer_id=14757&aff_id=44140&aff_sub=6969 HTTP 302
https://t.adating.link/125598/3785/0?aff_sub=44140&aff_sub2=102ce6d0a23919f9e8013a091c53e3 HTTP 303
https://a.vfgtc.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=44140;&affiliateID=44542&source=... HTTP 302
https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=44140%3B&affili... HTTP 302
https://s.sloffer1.com/170910/8196/28391/?aff_sub=44140%3B&aff_sub2=125598&aff_sub3=wbmhu7ioaagfqkj... HTTP 303
https://www.hoa44trk.com/3T3CM8/BP658?sub3=170910&sub2=102f1c5c185ee2c52e9b260a2a8ff9&sub1=10291ee84e... HTTP 302
https://www.topglobaldeals.com/offer/sgo-1-ph-sso?tid=a2c1f438cd6846c5ae63dddc1982f441&affiliate_id=63&offe... Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- <div [^>]*id="__nuxt"
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://24hok00up-lovely-eva.lovely-eva.date/
HTTP 302
http://www.trkxc.com/aff_c?offer_id=14757&aff_id=44140&aff_sub=6969 HTTP 302
https://t.adating.link/125598/3785/0?aff_sub=44140&aff_sub2=102ce6d0a23919f9e8013a091c53e3 HTTP 303
https://a.vfgtc.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=44140;&affiliateID=44542&source=102f1c5c185ee2c52e9b260a2a8ff9&subID2=125598&s2=102f1c5c185ee2c52e9b260a2a8ff9&s3=44140;&s4=125598&url=1&affsub=44140&affsource= HTTP 302
https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=44140%3B&affiliateID=170910&source=102f1c5c185ee2c52e9b260a2a8ff9&subID2=125598&target=&Site=&Bnr=ALGO&cid=wb02k79hu7phukjj2mqu9614&affsource= HTTP 302
https://s.sloffer1.com/170910/8196/28391/?aff_sub=44140%3B&aff_sub2=125598&aff_sub3=wbmhu7ioaagfqkjjigki392m&source=102f1c5c185ee2c52e9b260a2a8ff9&bo=2753,2754,2755,2756&aff_sub5=_&adv_sub5=buckets HTTP 303
https://www.hoa44trk.com/3T3CM8/BP658?sub3=170910&sub2=102f1c5c185ee2c52e9b260a2a8ff9&sub1=10291ee84eecf285fef823cbe50600&bo=2753%2C2754%2C2755%2C2756 HTTP 302
https://www.topglobaldeals.com/offer/sgo-1-ph-sso?tid=a2c1f438cd6846c5ae63dddc1982f441&affiliate_id=63&offer_id=7&sub1=10291ee84eecf285fef823cbe50600&sub2=102f1c5c185ee2c52e9b260a2a8ff9&sub3=170910&sub4=&sub5=&sub6= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
sgo-1-ph-sso
www.topglobaldeals.com/offer/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81151f6.js
d2rv3np9wrkgl5.cloudfront.net/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
db39c09.js
d2rv3np9wrkgl5.cloudfront.net/ |
205 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72296ac.js
d2rv3np9wrkgl5.cloudfront.net/ |
1 MB 271 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
33fb520.css
d2rv3np9wrkgl5.cloudfront.net/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a1d6807.js
d2rv3np9wrkgl5.cloudfront.net/ |
98 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f9530d.css
d2rv3np9wrkgl5.cloudfront.net/css/ |
435 B 778 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8667ba5.js
d2rv3np9wrkgl5.cloudfront.net/ |
534 B 888 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0653ad2.css
d2rv3np9wrkgl5.cloudfront.net/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0580495.js
d2rv3np9wrkgl5.cloudfront.net/ |
35 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8eda1b3.js
d2rv3np9wrkgl5.cloudfront.net/ |
461 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-google-logo.66ae25b.svg
d2rv3np9wrkgl5.cloudfront.net/img/ |
1 KB 917 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-model-01.f73ce13.jpeg
d2rv3np9wrkgl5.cloudfront.net/img/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-model-02.53897d9.jpeg
d2rv3np9wrkgl5.cloudfront.net/img/ |
101 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-secret.80338e6.svg
d2rv3np9wrkgl5.cloudfront.net/img/ |
1 KB 975 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
491 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
866 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
script-status
www.topglobaldeals.com/api-node/api/landing/ |
33 B 414 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ace-push.js
pushnotice.xyz/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit
pushserve.xyz/api/v1/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
visit
pushserve.xyz/api/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log-client-error
pushnotice.xyz/api/v1/visit/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
log-client-error
pushnotice.xyz/api/v1/visit/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __NUXT__ object| webpackJsonp function| installComponents object| core object| __core-js_shared__ object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
t.adating.link/ | Name: enc_aff_session_3785 Value: ENC03678010118d665b955cc294444cf6ac3fcfaf6813a28350ed1e8138e6818900b940faaec5338e9ae8e50a9a55c184b704781d0e68f94c2fac5b44ee801374c3611312ea11c69a046a946e8cad6be67ce43018122c43cbef736351b089cc006b604d70dc0b2fffeb0fb5f36d6ac277684b59cbd7ba664d2d4cf748f4c0977bcf1f00ad0112387ce2b2739dc24cb3cfecba5ad9cb2b6c3068681dbd2dfb9b3d1a480e6483c8 |
|
t.adating.link/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNi4wLjUyNDkuOTEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D |
|
.a.vfgtc.com/ | Name: ab267e05-23a0-430a-bac4-772f7f629740-v4 Value: 2ml77l15BhGIXlqnIy_bC7wjfFCXn_6aLZx_kOsvbVk |
|
.a.vfgtc.com/ | Name: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4 Value: ZCMMSB4W_UPlh6sTxb8bOORjUj7LvNSC07iSm7szI3w |
|
.a.vfgtc.com/ | Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22wbmhu7ioaagfqkjjigki392m%22%2C%22caid%22%3A%222d2fb929-79a5-4a1c-840d-3f370da182b6%22%7D |
|
s.sloffer1.com/ | Name: enc_aff_session_8196 Value: ENC03d1ca72fd8fc763a89ce0f9544330f725e98490b519248b62cc712f54486872cf56ed1b0540b9107fc711d4bcc53d85c324286c5dfa489d355df637e8f9665b48ae13bf7643518a216c3ff42861007e0eb97d58eb6c5e86bdcabf628b2eeb1ec96226bda642405f5aa57f3c031277bc1aac833b268f5e9d2e2b5e8cfcd448b3650fec1b848bec222a1e214186d273f511e0c0ef97c206dc616fbeb3e4c806864a6242004d7120fc704baa2fd7f40efdf739c14ecec73d5395c8492b897347f14a0fb3276b |
|
s.sloffer1.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNi4wLjUyNDkuOTEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D |
|
www.hoa44trk.com/ | Name: uniqueClick_BP658 Value: fbf04f84-fb26-4f85-be01-4fa119057233:1665233707 |
|
www.hoa44trk.com/ | Name: transaction_id Value: a2c1f438cd6846c5ae63dddc1982f441 |
|
www.topglobaldeals.com/ | Name: auth.strategy Value: local |
|
.pushnotice.xyz/ | Name: TiPMix Value: 54.68278577535975 |
|
.pushnotice.xyz/ | Name: x-ms-routing-name Value: self |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
24hok00up-lovely-eva.lovely-eva.date
a.vfgtc.com
d2rv3np9wrkgl5.cloudfront.net
pushnotice.xyz
pushserve.xyz
s.sloffer1.com
t.adating.link
www.hoa44trk.com
www.topglobaldeals.com
www.trkxc.com
192.64.119.94
20.50.64.3
23.21.212.132
2600:9000:202c:d000:8:dd76:fe40:21
2606:4700:20::681a:704
2606:4700:3037::6815:3950
3.218.135.42
34.198.147.111
35.244.130.28
99.84.37.31
14b797a9c224858227b5e4fe289d6773c9c7b18b2f3c2345a1792023456a0a99
2106963aa683d7a26def2f8392b7ba5177d28c35a8368e3eb4aa079ea26f6a70
308b8db18c5a42af16166a0db97e241295c1660e6411ed667f2e79cc1e880c2c
5722617974160d10a2564c051caf679e6686955012aa626f1dcf163e20ebcedd
7341d29890fd4ab9db23e084bd795111293ccb0ea9b851a73c2c154614f83c25
79ab545c0db2589f19510a85f4a3073964b12bf8d2d56a1581fd6292159dfff3
9233bd40e3c612e97c7cb896d350260317ff34ee0c002f70380c004099843fdd
92f4142f52898d2810fbd61cf97df7e5003e1e079057298af223aea2728e7d85
af33b45a46897175cb21b4f0583394c601e7e5f789a4221ba220a594511a3254
b28a869676eedd92c2e33c16a976d55f28830a370421d05b1100bc359581e188
b60c7d118364f4e252cbe2a2647a6f2c04716c63a0564396e6dd0d4cddeb4de5
c7b8e8bec6f8c6a408b67b856c4b470ca142af956565c5f8fcfb71a4d027a28e
c99034484a86ff08a9073024b4991936e3f2b6b16943665d90ff684e2230fab5
cceb4b6578c9b8664ae7990c01aaf0822e86cd6272273aadc7a0bfdbb11e8c52
d6b1a026e6e842b1250ff3e0fdfcc675decf3f6132bdb2f314c4c88f24bf8c0d
d7e742ccb75a608f95b00ac61ff6cb6086a9fd7459cf9f20c9303fbeef0a1945
ea592ca112540e7b5bc0fe6f0146e963142574d2d837704984cc060de3180306
eb9239a5005b65190fcc5f27c487d5f4787c2039cf9118501c90739b76284393
f46776d1fd2c69df68a2dc6574b72911a435b536a3fa2b6436606659cadb588b
fff14eb25e49538000f46afb94293f1e1b88099f31c164b1de06bf2e4645ec35