tommy-socks.misty-shops.com
Open in
urlscan Pro
79.133.42.10
Public Scan
Effective URL: https://tommy-socks.misty-shops.com/?utm_source=cpa&cid=1012_2372186126&utm_medium=1012_834173&utm_campaign=2569656
Submission: On March 03 via api from PL — Scanned from GB
Summary
TLS certificate: Issued by GoGetSSL RSA DV CA on November 22nd 2021. Valid for: a year.
This is the only time tommy-socks.misty-shops.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 178.62.77.180 178.62.77.180 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 1 | 91.228.154.172 91.228.154.172 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
31 | 79.133.42.10 79.133.42.10 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (YNDX) (YNDX) | |
1 | 91.228.154.72 91.228.154.72 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
36 | 4 |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde696-43.fornex.org
clickrpk.com |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde800-1.fornex.org
tommy-socks.misty-shops.com |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde696-45.fornex.org
fkthe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
misty-shops.com
tommy-socks.misty-shops.com |
594 KB |
4 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2926 |
51 KB |
1 |
fkthe.com
fkthe.com — Cisco Umbrella Rank: 674718 |
290 B |
1 |
clickrpk.com
1 redirects
clickrpk.com |
461 B |
1 |
sookersatenb.ru
sookersatenb.ru |
270 B |
36 | 5 |
Domain | Requested by | |
---|---|---|
31 | tommy-socks.misty-shops.com |
tommy-socks.misty-shops.com
|
4 | mc.yandex.ru |
1 redirects
tommy-socks.misty-shops.com
|
1 | fkthe.com |
tommy-socks.misty-shops.com
|
1 | clickrpk.com | 1 redirects |
1 | sookersatenb.ru | |
36 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.sookersatenb.ru R3 |
2022-03-03 - 2022-06-01 |
3 months | crt.sh |
*.misty-shops.com GoGetSSL RSA DV CA |
2021-11-22 - 2022-12-22 |
a year | crt.sh |
mc.yandex.ru Yandex CA |
2021-12-22 - 2022-06-03 |
5 months | crt.sh |
fkthe.com GoGetSSL RSA DV CA |
2020-05-05 - 2022-08-03 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://tommy-socks.misty-shops.com/?utm_source=cpa&cid=1012_2372186126&utm_medium=1012_834173&utm_campaign=2569656
Frame ID: 48A8D094CD2F1E9CEC5395D38E6B0F87
Requests: 36 HTTP requests in this frame
Screenshot
Page Title
Tommy Hilfiger комплект носков из 30 пар - PL (Польша)Page URL History Show full URLs
- https://sookersatenb.ru/clickrpk3/ Page URL
-
http://clickrpk.com/CaYu
HTTP 302
https://tommy-socks.misty-shops.com/?utm_source=cpa&cid=1012_2372186126&utm_medium=1012_834173&utm_campaign=2569656 Page URL
Detected technologies
Yandex.Metrika (Analytics) ExpandDetected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://sookersatenb.ru/clickrpk3/ Page URL
-
http://clickrpk.com/CaYu
HTTP 302
https://tommy-socks.misty-shops.com/?utm_source=cpa&cid=1012_2372186126&utm_medium=1012_834173&utm_campaign=2569656 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://mc.yandex.ru/watch/22765945?wmode=7&page-url=https%3A%2F%2Ftommy-socks.misty-shops.com%2F%3Futm_source%3Dcpa%26cid%3D1012_2372186126%26utm_medium%3D1012_834173%26utm_campaign%3D2569656&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A308551583146%3Ahid%3A878803778%3Az%3A0%3Ai%3A20220303222656%3Aet%3A1646346416%3Ac%3A1%3Arn%3A869469336%3Arqn%3A1%3Au%3A1646346416869236201%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646346415336%3Ads%3A13%2C74%2C198%2C1%2C165%2C0%2C%2C155%2C4%2C%2C%2C%2C608%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646346416%3At%3ATommy%20Hilfiger%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%BB%D0%B5%D0%BA%D1%82%20%D0%BD%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%20%D0%B8%D0%B7%2030%20%D0%BF%D0%B0%D1%80%20-%20PL%20(%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0)&t=gdpr(14)aw(1)ti(2) HTTP 302
- https://mc.yandex.ru/watch/22765945/1?wmode=7&page-url=https%3A%2F%2Ftommy-socks.misty-shops.com%2F%3Futm_source%3Dcpa%26cid%3D1012_2372186126%26utm_medium%3D1012_834173%26utm_campaign%3D2569656&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A308551583146%3Ahid%3A878803778%3Az%3A0%3Ai%3A20220303222656%3Aet%3A1646346416%3Ac%3A1%3Arn%3A869469336%3Arqn%3A1%3Au%3A1646346416869236201%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646346415336%3Ads%3A13%2C74%2C198%2C1%2C165%2C0%2C%2C155%2C4%2C%2C%2C%2C608%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646346416%3At%3ATommy%20Hilfiger%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%BB%D0%B5%D0%BA%D1%82%20%D0%BD%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%20%D0%B8%D0%B7%2030%20%D0%BF%D0%B0%D1%80%20-%20PL%20%28%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%29&t=gdpr%2814%29aw%281%29ti%282%29
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
sookersatenb.ru/clickrpk3/ |
117 B 270 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
tommy-socks.misty-shops.com/ Redirect Chain
|
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/css/ |
45 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
tommy-socks.misty-shops.com/files/_js/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validation_EN.js
tommy-socks.misty-shops.com/files/_js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ab.min.js
tommy-socks.misty-shops.com/files/_js/ |
476 B 508 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
timer.js
tommy-socks.misty-shops.com/files/_js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lastpack.js
tommy-socks.misty-shops.com/files/_js/ |
2 KB 963 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/js/ |
982 B 659 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
func.js
tommy-socks.misty-shops.com/files/_blocks/notificators/ |
66 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unload_submit.js
tommy-socks.misty-shops.com/files/_blocks/notificators/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top.JPG
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
935 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
578 B 756 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n1.JPG
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
103 KB 103 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n2.JPG
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n3.JPG
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
30.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
928 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava1.jpg
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava2.jpg
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava3.jpg
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order11.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order12.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order13.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order14.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG_1748.JPG
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
96 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rekv7.png
tommy-socks.misty-shops.com/files/_blocks/copyright/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
138 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.js
fkthe.com/ |
46 B 290 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer3__discount_bg.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
222 B 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reviews3__stars.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
287 B 465 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer__name_icon.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
405 B 583 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer__phone_icon.png
tommy-socks.misty-shops.com/files/tommy_socks_PL_1/img/ |
429 B 607 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/22765945/ Redirect Chain
|
338 B 420 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery string| domain object| already object| feed function| getDayEnd function| getTimeRemaining function| getCookie function| initializeClock object| myClock object| deadline number| timeInMinutes number| currentTime object| dayEndTimestamp function| lastpack object| $jsonData object| landing_notifiers number| price string| currency number| delivery_price string| key object| LANDING boolean| formIsSubmitted object| UnloadSubmit object| p object| Ya object| yaCounter2276594518 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.clickrpk.com/ | Name: ad1V2JOVHFTbVRsc2UwUXBKYnhJTSsyUT09 Value: 1 |
|
tommy-socks.misty-shops.com/ | Name: PHPSESSID Value: 3149ddcecbad10d610827121fc36b8bd |
|
tommy-socks.misty-shops.com/ | Name: afCookie Value: cpa |
|
tommy-socks.misty-shops.com/ | Name: affiliate_1 Value: 1012_2372186126 |
|
tommy-socks.misty-shops.com/ | Name: affiliate_2 Value: 2569656 |
|
tommy-socks.misty-shops.com/ | Name: affiliate_3 Value: 1012_834173 |
|
tommy-socks.misty-shops.com/ | Name: myClock Value: Thu Mar 03 2022 23:11:55 GMT+0000 (GMT) |
|
tommy-socks.misty-shops.com/ | Name: Value: 60 |
|
tommy-socks.misty-shops.com/ | Name: lastpack Value: 59 |
|
.misty-shops.com/ | Name: _ym_uid Value: 1646346416869236201 |
|
.misty-shops.com/ | Name: _ym_d Value: 1646346416 |
|
.yandex.ru/ | Name: yandexuid Value: 3567086081646346416 |
|
.yandex.ru/ | Name: yuidss Value: 3567086081646346416 |
|
mc.yandex.ru/ | Name: yabs-sid Value: 593626771646346416 |
|
.yandex.ru/ | Name: i Value: 0exFH08hTVBCof6woJi7IDYqMVbw85Opb1532GkyV4zub3VBoFQ+1KBkJn8B/0STLn6lGMYIr+ZWD7xsEBzb5FHaAOw= |
|
.yandex.ru/ | Name: ymex Value: 1677882416.yrts.1646346416#1677882416.yrtsi.1646346416 |
|
.misty-shops.com/ | Name: _ym_isad Value: 2 |
|
.misty-shops.com/ | Name: _ym_visorc Value: w |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clickrpk.com
fkthe.com
mc.yandex.ru
sookersatenb.ru
tommy-socks.misty-shops.com
178.62.77.180
2a02:6b8::1:119
79.133.42.10
91.228.154.172
91.228.154.72
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05dbc53f7ee2547579d0581976b770e68d56747a7b84773ef0168e7290684783
12a5dc69f31ab79dd216ef1f7aaa8bcb655e4c4999f7bd5f6c93636f0a7f8b18
3153e8178923e9418ac476a91c858213fae65841d870bd0ca60bfa6fa891a28e
3afb2f2a594f41a9911b7dd4f6d4982248e79f55377506dfc7730bb01594aa3c
3c903d7f271f926152772573af1a5f987c34056f2135fb643fe3baf343411493
43bc38c5ae2e8727b3e519982a7110b231e5a26acf16d0d336cc0f534b58d7da
468a9d8f06381cd5d23423114d9b003ca9078d6f9f1048701d277cb6745cc8dc
51264759ea154a150ea23134e66ce4cdf5f8b43f3a606f5f550b54c29f233fe4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55beca7a16a1ab52b70298e8e46bdfb20b0654ba2b7d0d831792595bd9e3c018
5e29f243ebb9deb47ba44761bfa91fe5b6e5c4fffe5d145ef36e66c994ecc739
609f694b5a424760a67b6aebbf76a1c9475a6523ba72d36299e91cf9637854af
67a8103ece964b2e3d977c2a252fadbc5b081f768bcfffa0683fedaa66d2d455
6b46d7edaed26c86cdde5fa704c1de8ca48ea8dfd6ef764f20cec656fcb1f9c4
779e842a27d26eabdd6c8a95a8c05aac6b68d775572e16acd1970fd0f0f7582f
9251fd15d3754f2cb8e349bc88b0741ef82ba775a7edb767bfc10fa875103960
96e0af984fd7a995f2341dedcd2ed3606f58e2e72c2a2b14c1e4dd9350180cd4
96f4160d9de4130f4a807926bfd39755c39c104f2c821e4c73e5bfa3b1f4a222
a8a4cb7f49691303e8667a88a5930e3d54788a85b47d6b64f8a23158fd5f10b7
aa97c0e58a8415ecb5bfa75957a3c236d0cab89332ade3a964ebc1ec9973b5e3
b41386d4a5e5188c065f84a88607da104153a8d4f55ee3982c575e1928b04eff
be197608e9912557e67065614af47d227f116fb1b62610467ce278cd8c737877
beac3e5d58c71b461bda8a9cd62e81216412c2d764467e6269d6b36f3e70594f
bf72b6058ba2bd73439a40f3f91aa0d8b8ce976ee54c7d4b81bdf1a31633a019
c2b622bae917d4d4280f8952147d318e844263bde86623fc3956b3e8afbb4d4d
c613349efa12c3c629f69416322293c57826919c7de874bb4297841281fec7d0
c6d3e300ec2a436aa898a6f76ef14c2d19040cadf2f95c4e374ff2cfe017bc55
c8bbfa0270db07ca3ec08d22b808137af7b046acb4fd770cdb0193caf125fd90
cec4261fd37d534ecb4c414d459168dde70502b460da60ac216890c63b04b8b9
d5b21ed5e90d0f33c4d4ed10417f94c8e0f6c9e29089fe0ddc06f8cff3be65b2
d5b6f51b7794e2019a85991967b2abadfa5cfb6ea5eaf048b66ca4d0d4dad5f5
d90297f7206c44060000e483de3115cd9d88ec67105d9686d7bc85076b39dd40
e1a6baf011d91c88081a3add8e176da899b4e611836be4e26538acbf925055c3
e436b99b7202da1c15dc8abea86d67bbf7254fdd9448eebd9bdde4131f2c4bd3
f9f014bb7b0f99c3b4a02f2fc477764ed007f92e791dcf389a71d6d8b82ab810