a-borlight.shoppinmove.com
Open in
urlscan Pro
185.26.99.76
Public Scan
Effective URL: https://a-borlight.shoppinmove.com/?utm_source=cpa&cid=1012_1899599746&utm_medium=1012_393783&utm_campaign=2163713
Submission: On January 23 via api from US
Summary
TLS certificate: Issued by GoGetSSL RSA DV CA on October 3rd 2019. Valid for: 2 years.
This is the only time a-borlight.shoppinmove.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 185.146.1.65 185.146.1.65 | 48716 (PS) (PS) | |
1 1 | 212.224.124.95 212.224.124.95 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
31 | 185.26.99.76 185.26.99.76 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
1 | 185.26.99.159 185.26.99.159 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
1 5 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
37 | 5 |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde42-17.fornex.org
clickpzk.com |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde117-19.fornex.org
a-borlight.shoppinmove.com |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde128-6.fornex.org
mtrkmtrk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
shoppinmove.com
a-borlight.shoppinmove.com |
1 MB |
5 |
yandex.ru
1 redirects
mc.yandex.ru |
43 KB |
1 |
mtrkmtrk.com
mtrkmtrk.com |
457 B |
1 |
clickpzk.com
1 redirects
clickpzk.com |
459 B |
1 |
cocoban.ru
www.cocoban.ru |
501 B |
37 | 5 |
Domain | Requested by | |
---|---|---|
31 | a-borlight.shoppinmove.com |
a-borlight.shoppinmove.com
|
5 | mc.yandex.ru |
1 redirects
a-borlight.shoppinmove.com
|
1 | mtrkmtrk.com |
a-borlight.shoppinmove.com
|
1 | clickpzk.com | 1 redirects |
1 | www.cocoban.ru | |
37 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cocoban.ru Let's Encrypt Authority X3 |
2020-01-22 - 2020-04-21 |
3 months | crt.sh |
*.shoppinmove.com GoGetSSL RSA DV CA |
2019-10-03 - 2021-04-07 |
2 years | crt.sh |
mtrkmtrk.com COMODO RSA Domain Validation Secure Server CA |
2018-03-23 - 2020-03-22 |
2 years | crt.sh |
mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://a-borlight.shoppinmove.com/?utm_source=cpa&cid=1012_1899599746&utm_medium=1012_393783&utm_campaign=2163713
Frame ID: 21560CBD378E6F4046FEFECD2364EFB7
Requests: 38 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.cocoban.ru/clickpzk14/ Page URL
-
http://clickpzk.com/xKvx
HTTP 302
https://a-borlight.shoppinmove.com/?utm_source=cpa&cid=1012_1899599746&utm_medium=1012_393783&utm_campaign=2163713 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
CentOS (Operating Systems) Expand
Detected patterns
- headers server /CentOS/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Yandex.Metrika (Analytics) Expand
Detected patterns
- script /mc\.yandex\.ru\/metrika\/watch\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.cocoban.ru/clickpzk14/ Page URL
-
http://clickpzk.com/xKvx
HTTP 302
https://a-borlight.shoppinmove.com/?utm_source=cpa&cid=1012_1899599746&utm_medium=1012_393783&utm_campaign=2163713 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://mc.yandex.ru/watch/22765945?wmode=7&page-url=https%3A%2F%2Fa-borlight.shoppinmove.com%2F%3Futm_source%3Dcpa%26cid%3D1012_1899599746%26utm_medium%3D1012_393783%26utm_campaign%3D2163713&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579756750195%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200123061910%3Aet%3A1579756751%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A29509060%3Ahid%3A453133842%3Ads%3A36%2C70%2C69%2C3%2C127%2C0%2C0%2C151%2C5%2C%2C%2C%2C474%3Afp%3A485%3Awn%3A15943%3Ahl%3A2%3Agdpr%3A14%3Av%3A1792%3Ast%3A1579756751%3Au%3A1579756751310079241%3At%3A%D0%A4%D0%BE%D0%BD%D0%B0%D1%80%D1%8C%20Boruit HTTP 302
- https://mc.yandex.ru/watch/22765945/1?wmode=7&page-url=https%3A%2F%2Fa-borlight.shoppinmove.com%2F%3Futm_source%3Dcpa%26cid%3D1012_1899599746%26utm_medium%3D1012_393783%26utm_campaign%3D2163713&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579756750195%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200123061910%3Aet%3A1579756751%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A29509060%3Ahid%3A453133842%3Ads%3A36%2C70%2C69%2C3%2C127%2C0%2C0%2C151%2C5%2C%2C%2C%2C474%3Afp%3A485%3Awn%3A15943%3Ahl%3A2%3Agdpr%3A14%3Av%3A1792%3Ast%3A1579756751%3Au%3A1579756751310079241%3At%3A%D0%A4%D0%BE%D0%BD%D0%B0%D1%80%D1%8C%20Boruit
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.cocoban.ru/clickpzk14/ |
117 B 501 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
a-borlight.shoppinmove.com/ Redirect Chain
|
46 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
a-borlight.shoppinmove.com/files/boruit_2/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
a-borlight.shoppinmove.com/files/boruit_2/css/ |
36 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-styles2.min.css
a-borlight.shoppinmove.com/files/boruit_2/css/ |
155 KB 107 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.10.2.min.js
a-borlight.shoppinmove.com/files/_js/ |
93 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validation.js
a-borlight.shoppinmove.com/files/_js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ab.min.js
a-borlight.shoppinmove.com/files/_js/ |
476 B 505 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
timer.js
a-borlight.shoppinmove.com/files/_js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lastpack.js
a-borlight.shoppinmove.com/files/_js/ |
2 KB 960 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
a-borlight.shoppinmove.com/files/boruit_2/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
func.js
a-borlight.shoppinmove.com/files/_blocks/notificators/ |
47 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unload_submit.js
a-borlight.shoppinmove.com/files/_blocks/notificators/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonar000.jpg
a-borlight.shoppinmove.com/files/boruit_2/img/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bullit00.jpg
a-borlight.shoppinmove.com/files/boruit_2/img/ |
491 B 673 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_1000.jpg
a-borlight.shoppinmove.com/files/boruit_2/img/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_2000.jpg
a-borlight.shoppinmove.com/files/boruit_2/img/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_6000.jpg
a-borlight.shoppinmove.com/files/boruit_2/img/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otz00000.jpg
a-borlight.shoppinmove.com/files/boruit_2/img/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otvet000.jpg
a-borlight.shoppinmove.com/files/boruit_2/img/ |
85 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rekv8.png
a-borlight.shoppinmove.com/files/_blocks/copyright/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u135-17-.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u135-171.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u135-172.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u285-17-.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u285-171.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u285-172.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mtrk.js
mtrkmtrk.com/ |
53 B 457 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u135-170.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21212120.gif
a-borlight.shoppinmove.com/files/boruit_2/img/ |
354 KB 355 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wewew000.gif
a-borlight.shoppinmove.com/files/boruit_2/img/ |
453 KB 454 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lllllll0.gif
a-borlight.shoppinmove.com/files/boruit_2/img/ |
90 KB 91 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u285-170.png
a-borlight.shoppinmove.com/files/boruit_2/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
152 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ |
135 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/22765945/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/22765945/ |
133 B 695 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery string| domain object| already object| feed function| getDayEnd function| getTimeRemaining function| getCookie function| initializeClock object| myClock object| deadline number| timeInMinutes number| currentTime object| dayEndTimestamp function| lastpack object| $jsonData object| landing_notifiers number| price string| currency number| delivery_price string| key object| LANDING boolean| formIsSubmitted object| UnloadSubmit object| jQuery110204774319926187709 function| detectMobile object| mtrkmtrk object| Ya object| yaCounter2276594510 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
a-borlight.shoppinmove.com/ | Name: lastpack Value: 59 |
|
.shoppinmove.com/ | Name: _ym_uid Value: 1579756751310079241 |
|
a-borlight.shoppinmove.com/ | Name: Value: 60 |
|
a-borlight.shoppinmove.com/ | Name: myClock Value: Thu Jan 23 2020 07:04:10 GMT+0100 (Central European Standard Time) |
|
a-borlight.shoppinmove.com/ | Name: affiliate_2 Value: 2163713 |
|
.shoppinmove.com/ | Name: _ym_d Value: 1579756751 |
|
a-borlight.shoppinmove.com/ | Name: affiliate_1 Value: 1012_1899599746 |
|
a-borlight.shoppinmove.com/ | Name: affiliate_3 Value: 1012_393783 |
|
a-borlight.shoppinmove.com/ | Name: afCookie Value: cpa |
|
a-borlight.shoppinmove.com/ | Name: PHPSESSID Value: q6t7u7n6hq91s1ldqum3phrne1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a-borlight.shoppinmove.com
clickpzk.com
mc.yandex.ru
mtrkmtrk.com
www.cocoban.ru
185.146.1.65
185.26.99.159
185.26.99.76
212.224.124.95
2a02:6b8::1:119
0aefc7978f49f3f64494ee2ce65578370327de2b7a04ddde8904ca02a3c1e6a3
1766fe144a02cc58e95547d992582d04ac21b77064d340da42bb7882a2948348
1c4e7d2e7aca32fe22bc5d58010fb41d2fd1269d6e1d281bdaac8c9bbae2884b
3dd2522e62ae00bec475654eec0f1b8efb9601d9e34a5b8c118b298cc40c5341
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bffda9dc1b018540ea1063c54543fb7cf7fe2dc966ebde41d245a8d7776e70b
5e14bd70b5fe628ca5df67e5c23ec42dd055e3b32c5193955f3ca76fa0b986e1
6a65d9f937c6373ddd278258225995b38f62606f12c00d4f60cf576f6ba05846
6cd2fe1a22182e6041d759e45ddebd6879f4bebfe8001233d610df2cb37b2873
73dd0f0fcef204a52e7d3869634259cceca08a204d3c2880341365de3693bc11
78e4edd1058e1613a8085625cccc25f6fd106b7258fbabeb1a6e0dd1a025f22b
828fe45b49cbd173dcd31f2c6ce6ba07a8281d4cbca71b4eac97c9202f5b2286
857cab03c8853fb693dda7c53d39f72dd10c8c979d0af4775edc98910f7ad008
8613adc744795ef5ba6b4b06f0772796136eb823309df8babf1e61e9e84dd971
8e48639bc4250667805f6ca5c56ec57f6342961c113ac8471cd3b10fb9270472
9e2d3c3c608cd827f7defb452a341e3a30a71f3bf39f38d74adfdfa3f5eaaebd
aa97c0e58a8415ecb5bfa75957a3c236d0cab89332ade3a964ebc1ec9973b5e3
af6741abe3fd9e323a5e2545ccc6681ffa35abdeb981731774cc6fc1e99d97b4
b9a6bd8f1c6467d4e364cd4eadb4ed74ecd24e4a8a0acd03b16db7cea9416f40
bec16f9bfc964525619e3c05d72d149d4d040828a8a3d042a87331f88e8a039b
c0ac83d7171e9d566cd88f7f48906dc9219b23cca2a63bace17df4386886487b
c6d3e300ec2a436aa898a6f76ef14c2d19040cadf2f95c4e374ff2cfe017bc55
cec4261fd37d534ecb4c414d459168dde70502b460da60ac216890c63b04b8b9
d67dfd06b6950846622d736475a39d9477a7a540d2bb6834a9caa2dc7aefdb03
d79b3e23ea617ebc405ae55eed203885a3ba2d56a5a0d600bd016f5446c1d357
d90297f7206c44060000e483de3115cd9d88ec67105d9686d7bc85076b39dd40
dbc0f27339e47bf2752b607b47c1b2066b9c2a0b6839d480c10a116a3e8309df
deaec785ab21b678b3f7d4746ae3b9382620c162929f5e2b1c9387f1139151ca
e2c0c797a5b808caabe210c912414742170a4b44ab453d8d664b91d86d4036a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f09f85393b3192347251ca7fc15e093fa7f5728b440ee00e9782bcc44381647e
f273e42596f5df62c9b3ce18c6e26bee5477c28882ccbd5604f36d82e537978f