rimborso.becks.it
Open in
urlscan Pro
45.223.59.189
Public Scan
Submission: On July 05 via automatic, source certstream-suspicious — Scanned from IT
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on July 4th 2023. Valid for: 6 months.
This is the only time rimborso.becks.it was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 45.223.59.189 45.223.59.189 | 19551 (INCAPSULA) (INCAPSULA) | |
2 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
2 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2008 | 15169 (GOOGLE) (GOOGLE) | |
10 | 2606:4700::68... 2606:4700::6812:aa72 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::2010 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:1d26 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 8 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
storage.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
becks.it
rimborso.becks.it |
238 KB |
10 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 407 |
145 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274 |
74 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368 |
49 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678 |
308 B |
1 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 506 |
15 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79 |
51 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2767 |
7 KB |
32 | 8 |
Domain | Requested by | |
---|---|---|
14 | rimborso.becks.it |
rimborso.becks.it
www.googletagmanager.com cdn.cookielaw.org |
10 | cdn.cookielaw.org |
www.googletagmanager.com
cdn.cookielaw.org |
2 | cdnjs.cloudflare.com |
rimborso.becks.it
|
2 | cdn.jsdelivr.net |
rimborso.becks.it
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | storage.googleapis.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
rimborso.becks.it
|
1 | stackpath.bootstrapcdn.com |
rimborso.becks.it
|
32 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
cookiepedia.co.uk |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-07-04 - 2023-12-31 |
6 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2023-04-01 - 2024-03-31 |
a year | crt.sh |
storage.googleapis.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-12-13 - 2023-12-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://rimborso.becks.it/
Frame ID: E7377606DEDEF0F50969B609BC003428
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Cashback Beck's 2023Cashback Beck's 2023Back ButtonFilter ButtonDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Imperva (Security) Expand
Detected patterns
- /_Incapsula_Resource
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Ulteriori informazioni
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rimborso.becks.it/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Turne-What-sleed-I-say-con-It-int-hissue-eyes-Ge
rimborso.becks.it/ |
228 KB 74 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
282 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ |
77 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ |
57 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
rimborso.becks.it/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
rimborso.becks.it/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
rimborso.becks.it/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
rimborso.becks.it/ |
138 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
136 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BrandonGrotesque-Black.woff2
rimborso.becks.it/fonts/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BrandonGrotesque-Regular.woff2
rimborso.becks.it/fonts/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BrandonGrotesque-Medium.woff2
rimborso.becks.it/fonts/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BrandonGrotesque-Bold.woff2
rimborso.becks.it/fonts/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
rimborso.becks.it/ |
1 B 70 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7dc19722-fe57-4282-b997-4ff11ffa8a33.json
cdn.cookielaw.org/consent/7dc19722-fe57-4282-b997-4ff11ffa8a33/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp_report
rimborso.becks.it/ |
0 115 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
storage.googleapis.com/abi-martech-consumerdataportal-tag/v1/ |
41 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp_report
rimborso.becks.it/ |
0 61 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
69 B 308 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Turne-What-sleed-I-say-con-It-int-hissue-eyes-Ge
rimborso.becks.it/ |
742 B 874 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202304.1.0/ |
401 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
it-it.json
cdn.cookielaw.org/consent/7dc19722-fe57-4282-b997-4ff11ffa8a33/8cdba5c3-3174-4ac0-94c0-b3c91d8b380c/ |
42 KB 12 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ |
13 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/ |
62 KB 13 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ |
497 B 494 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ABINBEV_Header.png
cdn.cookielaw.org/logos/11821760-d248-4745-b43e-10d85e89e988/b90ed9ff-cffe-48ae-a0c4-a7676cc6d0f1/ef642baf-223f-4f53-adcf-5c5436e80878/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer function| $ function| jQuery number| uidEvent object| bootstrap object| $root object| reese84 function| a1_0xe2c2 function| a1_0x2615 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| OneTrustStub function| OptanonWrapper object| ConsumerDataTag string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| Zepto object| tdSettings object| abitagSettings object| Optanon object| OneTrust10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.becks.it/ | Name: PHPSESSID Value: jsj16derqba2qpdsqv8g86alt8 |
|
.becks.it/ | Name: visid_incap_2936074 Value: whHaB4p6QTKHE5v3qEWosFoBpWQAAAAAQUIPAAAAAACKjLor2pX81/2XXNSmz4xK |
|
.becks.it/ | Name: nlbi_2936074 Value: asiYdWdr9WIBhlI0Ms1pPgAAAAB7yVdGMSpUvvzwdWYM7q36 |
|
.becks.it/ | Name: incap_ses_478_2936074 Value: RN4zOFdD7yByErloLTSiBloBpWQAAAAA8TCm2gA3xIWtNvByOCOWfA== |
|
rimborso.becks.it/ | Name: km_vs Value: 1 |
|
rimborso.becks.it/ | Name: sp_t Value: 1 |
|
rimborso.becks.it/ | Name: ki_t Value: 1 |
|
.becks.it/ | Name: nlbi_2936074_2147483392 Value: mMF9EHVGaEkPjj4dMs1pPgAAAACGIK69QxLL52dPNW4Xeeof |
|
rimborso.becks.it/ | Name: reese84 Value: 3:yZ4+RgmTnmBhqwb0lqVN0g==:xqvgAw/9ME8ADcAcyYWlYkYzYsWna+czJAzhyW0rUpjAHxM95lmQbIkIurlbtW3xpgedaalgeKVT2ju2cmCPJQNjHC36woC7O+auYB8odf9Hmdgk++YEhji+D1ANv8YFHbv3zLLZLW6NlBykE925lbBRllMI1mvBRz80zTHeSH/+rT1cNo1bubD0R7p2A4hsaMpEkxBkYehIhNIqXfXCKCcIUhPafCSahef5ZwGWG/IXgKOOj/S4Nnsf+G82NCNTxdsKJ04bJ2ODekHp81DdI1dEzZAQqNJuIS5TaYCEV8j5F+oOfChoJdKolG7L6aEtXYSLWA349HDct8wFhKaqos4WxHERr8ywNxODvJb69POHM34diD4bhFEmH/MrYLXLYUXBC6tHRgVhKF/bfZKhR4pqWrDbYw3UtbsRHT1kGdpbVxyDWqzZrnBILgReort+tqmTAYddgV7gGbuzld7ZnIz3cEboS5NTJNUgwBWoqI0YJgIzFkrr2WeilHlX5HmZxaNZSVQ7u+vLiqbPvgsmw3saorkEBrHdBssGbzckq86IW/fUWkaro++i7CGUgtzk0lAoB/zCVnMBi3HtMZXdzaDyNaN/8cLi+Ad3afWG0/M=:KlLZgo3RRc4NUUSRvq9GUr5d1tVyxAOQO1w8Bnn+o94= |
|
.rimborso.becks.it/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jul+05+2023+05%3A36%3A27+GMT%2B0000+(GMT)&version=202304.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ea1739c2-9f38-4b52-8601-30376824273f&interactionCount=0&landingPath=https%3A%2F%2Frimborso.becks.it%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; frame-ancestors 'self' |
Strict-Transport-Security | max-age=31536000 ; includeSubDomains ; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SameOrigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.cookielaw.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
geolocation.onetrust.com
rimborso.becks.it
stackpath.bootstrapcdn.com
storage.googleapis.com
www.googletagmanager.com
2606:4700::6811:180e
2606:4700::6812:1d26
2606:4700::6812:aa72
2606:4700::6812:bcf
2a00:1450:4001:801::2010
2a00:1450:4001:82b::2008
2a04:4e42::485
45.223.59.189
1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd
152f2d700fb6af2a465696f4d8e628a576c93169d2ae3d3543f3e017ee5a0783
1ce512e296559ad3f97bf9663cf47595b35e0962d733132a379b80d097972815
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
50771dfd267b61afcdcaf9240c72570dfd2e806a65f401dad9074653048a8030
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
651dc30f47ac3d7e2fe382b1b6383eb24ba2c454b533f94984e52c43e656bd8f
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
6c1beeb932c0bcd7c9b8a71d74701fd08c653795b83ffab1a23e10bd72dc2fad
72c24ffda27758055c1da0956436cc6926a1682e81fdd7525120006a7f043dee
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
88bf2885981c5e174b42d452709daafbda4ed79e0a07992a3bcd6b7122f6dfac
8ac265ff569e99a102b7ccb8fb30ee9e59c094d419bc6d5221d3a168a83dab2d
95bddcc37b5a4d864a8f0dea60df1600b2310b27688f3286439d94cd9641b148
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
c6625c94fd99999aa3897084b48093e807dcdf0b6af2bb6558cfc84c23ed478e
c96eb55f464b4b7d0723b338b50e47a1391d5435f017d3c8d6a9a6349fd8639e
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
da7b01b82d125392739ffb5f2547e079662e8cb9aceefdb14fc788cffaead31c
dbe10d31ba6ef7c8669401036f20d39bd22a135da833c39de5a323a10418fc17
e0ccbefc97294343866eadf4c965feeda14574c7cbe1e813d83c0a65b5b80ddb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff6963a291e1c43290dbba5e37bfd4bb7b9de417f845323842a511cfb38e630d
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba