tommy-socks.takethisgoods.com
Open in
urlscan Pro
79.133.42.10
Public Scan
Effective URL: https://tommy-socks.takethisgoods.com/?utm_source=cpa&cid=1012_2383256644&utm_medium=1012_834173&utm_campaign=2569656
Submission: On April 04 via manual from PL — Scanned from FR
Summary
TLS certificate: Issued by GoGetSSL RSA DV CA on March 5th 2022. Valid for: a year.
This is the only time tommy-socks.takethisgoods.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 217.172.170.237 217.172.170.237 | 8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1) | |
1 1 | 51.250.102.186 51.250.102.186 | 200350 (YANDEXCLOUD) (YANDEXCLOUD) | |
31 | 79.133.42.10 79.133.42.10 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (YNDX) (YNDX) | |
1 | 91.228.154.72 91.228.154.72 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
36 | 4 |
ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: mail.it-hosting.ru
neromestion.ru |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde800-1.fornex.org
tommy-socks.takethisgoods.com |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde696-45.fornex.org
fkthe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
takethisgoods.com
tommy-socks.takethisgoods.com |
594 KB |
4 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2894 |
52 KB |
1 |
fkthe.com
fkthe.com — Cisco Umbrella Rank: 346688 |
291 B |
1 |
clickprk.com
1 redirects
clickprk.com |
463 B |
1 |
neromestion.ru
neromestion.ru |
271 B |
36 | 5 |
Domain | Requested by | |
---|---|---|
31 | tommy-socks.takethisgoods.com |
tommy-socks.takethisgoods.com
|
4 | mc.yandex.ru |
1 redirects
tommy-socks.takethisgoods.com
|
1 | fkthe.com |
tommy-socks.takethisgoods.com
|
1 | clickprk.com | 1 redirects |
1 | neromestion.ru | |
36 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.neromestion.ru R3 |
2022-03-31 - 2022-06-29 |
3 months | crt.sh |
*.takethisgoods.com GoGetSSL RSA DV CA |
2022-03-05 - 2023-04-04 |
a year | crt.sh |
mc.yandex.ru Yandex CA |
2021-12-22 - 2022-06-03 |
5 months | crt.sh |
fkthe.com GoGetSSL RSA DV CA |
2020-05-05 - 2022-08-03 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://tommy-socks.takethisgoods.com/?utm_source=cpa&cid=1012_2383256644&utm_medium=1012_834173&utm_campaign=2569656
Frame ID: 842C5B1870E668B13238421B36D73087
Requests: 36 HTTP requests in this frame
Screenshot
Page Title
Tommy Hilfiger комплект носков из 30 пар - PL (Польша)Page URL History Show full URLs
- https://neromestion.ru/clickprk4/ Page URL
-
https://clickprk.com/D2gU
HTTP 302
https://tommy-socks.takethisgoods.com/?utm_source=cpa&cid=1012_2383256644&utm_medium=1012_834173&utm_campaign=2569656 Page URL
Detected technologies
Yandex.Metrika (Analytics) ExpandDetected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://neromestion.ru/clickprk4/ Page URL
-
https://clickprk.com/D2gU
HTTP 302
https://tommy-socks.takethisgoods.com/?utm_source=cpa&cid=1012_2383256644&utm_medium=1012_834173&utm_campaign=2569656 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://mc.yandex.ru/watch/22765945?wmode=7&page-url=https%3A%2F%2Ftommy-socks.takethisgoods.com%2F%3Futm_source%3Dcpa%26cid%3D1012_2383256644%26utm_medium%3D1012_834173%26utm_campaign%3D2569656&page-ref=https%3A%2F%2Fneromestion.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo3vd6jkbum%3Afp%3A2169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A304501176808%3Ahid%3A765414284%3Az%3A0%3Ai%3A20220404120151%3Aet%3A1649073712%3Ac%3A1%3Arn%3A280232942%3Arqn%3A1%3Au%3A1649073712348447828%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649073709495%3Ads%3A13%2C48%2C1515%2C1%2C452%2C0%2C%2C150%2C4%2C%2C%2C%2C2179%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649073712%3At%3ATommy%20Hilfiger%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%BB%D0%B5%D0%BA%D1%82%20%D0%BD%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%20%D0%B8%D0%B7%2030%20%D0%BF%D0%B0%D1%80%20-%20PL%20(%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0)&t=gdpr(14)aw(1)ti(2) HTTP 302
- https://mc.yandex.ru/watch/22765945/1?wmode=7&page-url=https%3A%2F%2Ftommy-socks.takethisgoods.com%2F%3Futm_source%3Dcpa%26cid%3D1012_2383256644%26utm_medium%3D1012_834173%26utm_campaign%3D2569656&page-ref=https%3A%2F%2Fneromestion.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo3vd6jkbum%3Afp%3A2169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A304501176808%3Ahid%3A765414284%3Az%3A0%3Ai%3A20220404120151%3Aet%3A1649073712%3Ac%3A1%3Arn%3A280232942%3Arqn%3A1%3Au%3A1649073712348447828%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649073709495%3Ads%3A13%2C48%2C1515%2C1%2C452%2C0%2C%2C150%2C4%2C%2C%2C%2C2179%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649073712%3At%3ATommy%20Hilfiger%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%BB%D0%B5%D0%BA%D1%82%20%D0%BD%D0%BE%D1%81%D0%BA%D0%BE%D0%B2%20%D0%B8%D0%B7%2030%20%D0%BF%D0%B0%D1%80%20-%20PL%20%28%D0%9F%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%29&t=gdpr%2814%29aw%281%29ti%282%29
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
neromestion.ru/clickprk4/ |
118 B 271 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
tommy-socks.takethisgoods.com/ Redirect Chain
|
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/css/ |
45 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
tommy-socks.takethisgoods.com/files/_js/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validation_EN.js
tommy-socks.takethisgoods.com/files/_js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ab.min.js
tommy-socks.takethisgoods.com/files/_js/ |
476 B 508 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
timer.js
tommy-socks.takethisgoods.com/files/_js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lastpack.js
tommy-socks.takethisgoods.com/files/_js/ |
2 KB 963 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/js/ |
982 B 659 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
func.js
tommy-socks.takethisgoods.com/files/_blocks/notificators/ |
66 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unload_submit.js
tommy-socks.takethisgoods.com/files/_blocks/notificators/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top.JPG
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
935 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
578 B 756 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n1.JPG
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
103 KB 103 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n2.JPG
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n3.JPG
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
30.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
928 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava1.jpg
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava2.jpg
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava3.jpg
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order11.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order12.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order13.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
order14.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG_1748.JPG
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
96 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rekv7.png
tommy-socks.takethisgoods.com/files/_blocks/copyright/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer3__discount_bg.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
222 B 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
139 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.js
fkthe.com/ |
46 B 291 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reviews3__stars.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
287 B 465 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer__name_icon.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
405 B 583 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer__phone_icon.png
tommy-socks.takethisgoods.com/files/tommy_socks_PL_1/img/ |
429 B 607 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/22765945/ Redirect Chain
|
338 B 492 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery string| domain object| already object| feed function| getDayEnd function| getTimeRemaining function| getCookie function| initializeClock object| myClock object| deadline number| timeInMinutes number| currentTime object| dayEndTimestamp function| lastpack object| $jsonData object| landing_notifiers number| price string| currency number| delivery_price string| key object| LANDING boolean| formIsSubmitted object| UnloadSubmit object| p object| Ya object| yaCounter2276594519 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.clickprk.com/ | Name: ad1WE1KUjZ6SHBEcDE0U3Z5SFdtRnJBZz09 Value: 1 |
|
tommy-socks.takethisgoods.com/ | Name: PHPSESSID Value: 1cd0e0bdbf41256fac98508bcd85bccf |
|
tommy-socks.takethisgoods.com/ | Name: usrRef Value: aHR0cHM6Ly9uZXJvbWVzdGlvbi5ydS8%3D |
|
tommy-socks.takethisgoods.com/ | Name: afCookie Value: cpa |
|
tommy-socks.takethisgoods.com/ | Name: affiliate_1 Value: 1012_2383256644 |
|
tommy-socks.takethisgoods.com/ | Name: affiliate_2 Value: 2569656 |
|
tommy-socks.takethisgoods.com/ | Name: affiliate_3 Value: 1012_834173 |
|
tommy-socks.takethisgoods.com/ | Name: myClock Value: Mon Apr 04 2022 12:46:51 GMT+0000 (GMT) |
|
tommy-socks.takethisgoods.com/ | Name: Value: 60 |
|
tommy-socks.takethisgoods.com/ | Name: lastpack Value: 59 |
|
.takethisgoods.com/ | Name: _ym_uid Value: 1649073712348447828 |
|
.takethisgoods.com/ | Name: _ym_d Value: 1649073712 |
|
.yandex.ru/ | Name: yandexuid Value: 4832957161649073711 |
|
.yandex.ru/ | Name: yuidss Value: 4832957161649073711 |
|
mc.yandex.ru/ | Name: yabs-sid Value: 2660970291649073711 |
|
.yandex.ru/ | Name: i Value: cWHACVt+JOC4P9LvNlft9Ux5PrezBo+7dYILlMQPgfqyp3LfuX5Hk7hhdaO0FxIBe9dxpRFuBfYA6nT6T3U3QdT1oEk= |
|
.yandex.ru/ | Name: ymex Value: 1680609711.yrts.1649073711#1680609711.yrtsi.1649073711 |
|
.takethisgoods.com/ | Name: _ym_isad Value: 2 |
|
.takethisgoods.com/ | Name: _ym_visorc Value: w |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clickprk.com
fkthe.com
mc.yandex.ru
neromestion.ru
tommy-socks.takethisgoods.com
217.172.170.237
2a02:6b8::1:119
51.250.102.186
79.133.42.10
91.228.154.72
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05dbc53f7ee2547579d0581976b770e68d56747a7b84773ef0168e7290684783
12a5dc69f31ab79dd216ef1f7aaa8bcb655e4c4999f7bd5f6c93636f0a7f8b18
3153e8178923e9418ac476a91c858213fae65841d870bd0ca60bfa6fa891a28e
3afb2f2a594f41a9911b7dd4f6d4982248e79f55377506dfc7730bb01594aa3c
3c35bc21fc6c5999db338b1c6d0502fbf76a9a8fb67d038c9ded51dbe2d82522
3c903d7f271f926152772573af1a5f987c34056f2135fb643fe3baf343411493
51264759ea154a150ea23134e66ce4cdf5f8b43f3a606f5f550b54c29f233fe4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55fb8edfb5414f547fc3e8ea29d83789d7da6c2448e9c7261db7d94e87853907
5e29f243ebb9deb47ba44761bfa91fe5b6e5c4fffe5d145ef36e66c994ecc739
609f694b5a424760a67b6aebbf76a1c9475a6523ba72d36299e91cf9637854af
67a8103ece964b2e3d977c2a252fadbc5b081f768bcfffa0683fedaa66d2d455
779e842a27d26eabdd6c8a95a8c05aac6b68d775572e16acd1970fd0f0f7582f
828f5bfa31ddabad32bc2564a7cb86a56263116ede3f4c25c56898ce12306a7f
831d38313b8feb8e6c410080f85767859ad4684f6366e1a868a33503b8b1df3e
9251fd15d3754f2cb8e349bc88b0741ef82ba775a7edb767bfc10fa875103960
96e0af984fd7a995f2341dedcd2ed3606f58e2e72c2a2b14c1e4dd9350180cd4
96f4160d9de4130f4a807926bfd39755c39c104f2c821e4c73e5bfa3b1f4a222
a8a4cb7f49691303e8667a88a5930e3d54788a85b47d6b64f8a23158fd5f10b7
aa97c0e58a8415ecb5bfa75957a3c236d0cab89332ade3a964ebc1ec9973b5e3
b41386d4a5e5188c065f84a88607da104153a8d4f55ee3982c575e1928b04eff
be197608e9912557e67065614af47d227f116fb1b62610467ce278cd8c737877
beac3e5d58c71b461bda8a9cd62e81216412c2d764467e6269d6b36f3e70594f
c2b622bae917d4d4280f8952147d318e844263bde86623fc3956b3e8afbb4d4d
c613349efa12c3c629f69416322293c57826919c7de874bb4297841281fec7d0
c6d3e300ec2a436aa898a6f76ef14c2d19040cadf2f95c4e374ff2cfe017bc55
c8bbfa0270db07ca3ec08d22b808137af7b046acb4fd770cdb0193caf125fd90
cec4261fd37d534ecb4c414d459168dde70502b460da60ac216890c63b04b8b9
d5b21ed5e90d0f33c4d4ed10417f94c8e0f6c9e29089fe0ddc06f8cff3be65b2
d5b6f51b7794e2019a85991967b2abadfa5cfb6ea5eaf048b66ca4d0d4dad5f5
d90297f7206c44060000e483de3115cd9d88ec67105d9686d7bc85076b39dd40
ddd1af71e87c4dd81100da5f25a5adfaae8b3342076ecec329d0a8c1578a0ecd
e1a6baf011d91c88081a3add8e176da899b4e611836be4e26538acbf925055c3
e436b99b7202da1c15dc8abea86d67bbf7254fdd9448eebd9bdde4131f2c4bd3
f9f014bb7b0f99c3b4a02f2fc477764ed007f92e791dcf389a71d6d8b82ab810