urlscan.io logo urlscan.io
SecurityTrails logo

www.topoffersus.com Open in urlscan Pro
2606:4700:20::681a:4a6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hookupchicksop.com/wbgskxlibxhg?mmid=2317&type=20&pti=27
Effective URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkq...
Submission: On December 10 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2606:4700:20::681a:4a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.topoffersus.com. The Cisco Umbrella rank of the primary domain is 819165.
TLS certificate: Issued by GTS CA 1P5 on October 19th 2022. Valid for: 3 months.
This is the only time www.topoffersus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 35.244.130.28 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
14 18.161.30.190 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 20.50.64.3 8075 (MICROSOFT...)
20 6
2    2606:4700:3037::6815:4188 (United States)

ASN13335 (CLOUDFLARENET, US)
hookupchicksop.com
1    35.244.130.28 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 28.130.244.35.bc.googleusercontent.com
www.hoa44trk.com
2    2606:4700:20::681a:4a6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.topoffersus.com
14    18.161.30.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-30-190.bos50.r.cloudfront.net
d2rv3np9wrkgl5.cloudfront.net
1    2606:4700:3037::6815:3950 (United States)

ASN13335 (CLOUDFLARENET, US)
pushnotice.xyz
1    20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pushserve.xyz
Apex Domain
Subdomains		 Transfer
14 cloudfront.net
d2rv3np9wrkgl5.cloudfront.net
709 KB
2 topoffersus.com
www.topoffersus.com — Cisco Umbrella Rank: 819165
4 KB
2 hookupchicksop.com
hookupchicksop.com
3 KB
1 pushserve.xyz
pushserve.xyz — Cisco Umbrella Rank: 249861 Failed
1 pushnotice.xyz
pushnotice.xyz
4 KB
1 hoa44trk.com
www.hoa44trk.com — Cisco Umbrella Rank: 753003
511 B
20 6
Domain Requested by
14 d2rv3np9wrkgl5.cloudfront.net www.topoffersus.com
2 www.topoffersus.com hookupchicksop.com
d2rv3np9wrkgl5.cloudfront.net
2 hookupchicksop.com 1 redirects
1 pushserve.xyz pushnotice.xyz
1 pushnotice.xyz d2rv3np9wrkgl5.cloudfront.net
1 www.hoa44trk.com 1 redirects
20 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-05 -
2023-07-05		 a year crt.sh
*.topoffersus.com
GTS CA 1P5		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
pushserve.xyz
Sectigo RSA Domain Validation Secure Server CA		 2022-08-01 -
2023-08-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Frame ID: 150781CB9A0AD26B3129FB45676584F2
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Top Offers

Page URL History Show full URLs

  1. https://hookupchicksop.com/wbgskxlibxhg?mmid=2317&type=20&pti=27 Page URL
  2. https://hookupchicksop.com/go/?a=608119&cr=50726&lid=68&mh=QWdVZXNya3FVb3JOTWhXTHJJcW9aT0V3WHZrWGxRSXlr... HTTP 302
    https://www.hoa44trk.com/3GWLPS/BP658/?sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119 HTTP 302
    https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offe... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

719 kB
Transfer

2378 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hookupchicksop.com/wbgskxlibxhg?mmid=2317&type=20&pti=27 Page URL
  2. https://hookupchicksop.com/go/?a=608119&cr=50726&lid=68&mh=QWdVZXNya3FVb3JOTWhXTHJJcW9aT0V3WHZrWGxRSXlrdExFLTI3ODkz&mmid=1572&p=0&pti=27&rf=u&rn=x19KAxjLy3rSAw5Rl3H4&t=notrack HTTP 302
    https://www.hoa44trk.com/3GWLPS/BP658/?sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119 HTTP 302
    https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
wbgskxlibxhg
hookupchicksop.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hookupchicksop.com/wbgskxlibxhg?mmid=2317&type=20&pti=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db0748265adb26c2d514fb27eb73b18b0284715862e201a0311a973b214d2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
777412a4cd062a75-ORD
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Sat, 10 Dec 2022 06:55:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ6KsgSznbi1Rxcj8y1mpPSI4w1wwS1y3jqK1vwRgOQxxm%2FEp%2BbyMworxIxptMiOR3N5B%2BYAYMrAzNULinQz7iptstx3mW7F7I9QA8OIDTUv0Lv3oQn%2BMDrPXwaIwrhade1sO5nKyRDyyZorsMmG0lQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
Primary Request sgo-1-ph-sso
www.topoffersus.com/offer/
Redirect Chain
  • https://hookupchicksop.com/go/?a=608119&cr=50726&lid=68&mh=QWdVZXNya3FVb3JOTWhXTHJJcW9aT0V3WHZrWGxRSXlrdExFLTI3ODkz&mmid=1572&p=0&pti=27&rf=u&rn=x19KAxjLy3rSAw5Rl3H4&t=notrack
  • https://www.hoa44trk.com/3GWLPS/BP658/?sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119
  • https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Requested by
Host: hookupchicksop.com
URL: https://hookupchicksop.com/wbgskxlibxhg?mmid=2317&type=20&pti=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9c0b51582d023c7830171292822d29d723f36ebef5f963e809d2dca75c206c

Request headers

Referer
https://hookupchicksop.com/wbgskxlibxhg?mmid=2317&type=20&pti=27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
777412ac988722c4-ORD
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 10 Dec 2022 06:55:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1jr8v70own8LEOuNGV1uUH%2BPRJ7rrsRD5VjQMiWbqzxLjuj7JF4OL0UaBJkNb%2Bke%2BMHxLnXZbv2qAKlFeufuZwTP4YseumKnTiudxTQM%2BFEWhpJHh7a2zoM2NozHmMhSudX7LmK9dMJDvdJpzNVQ3w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
243
content-type
text/html; charset=utf-8
date
Sat, 10 Dec 2022 06:55:05 GMT
location
https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
5ae69543-1227-43e0-bbc0-5f4b9fc76616
c01f230.js
d2rv3np9wrkgl5.cloudfront.net/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/c01f230.js
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ea23d6517cf57f825235a824619356b2c4bb3a01fb591632844b30898013703

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:30:05 GMT
content-encoding
br
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 09:28:56 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
77102
etag
W/"43fcd45c9e45220bd89d43b9b772c66e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
I-8YiRNLQuGRHPERr6gOdmsAFqQYZ3NABNAEpLAdHVNm6puYFjcExQ==
dcc4a20.js
d2rv3np9wrkgl5.cloudfront.net/ 		205 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/dcc4a20.js
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d47b92276746762c9eda8c64c1bb91eab494a4cb186113ebca2ba89016b82593

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:30:27 GMT
content-encoding
gzip
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 10:20:26 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
77635
etag
W/"dacb54f603bdbd7532cbf28c5124b801"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
ivYkNV9udfPeJvVB7Zy4JsCI_wxzkV70on12aILdcVOPilcSva0dxQ==
e9825be.js
d2rv3np9wrkgl5.cloudfront.net/ 		1 MB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/e9825be.js
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86518aa76f8aca213a2d477981ab198fcff73baf0c33f671df05273ecc301cdf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:30:05 GMT
content-encoding
br
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 09:28:56 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
77102
etag
W/"6298b30eb1b52ed7f0fc8ae356fee07d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
brZ3jg9pWEND9k1wgYlxRtfSjheD8HEDqD321XIA1flpuZrxKAS3oQ==
33fb520.css
d2rv3np9wrkgl5.cloudfront.net/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/css/33fb520.css
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7b8e8bec6f8c6a408b67b856c4b470ca142af956565c5f8fcfb71a4d027a28e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:56:54 GMT
content-encoding
gzip
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 06:35:46 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
75520
etag
W/"937afbfaabab749edd6717217a2f6d96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
x-amz-cf-id
pTM7rhkqfsB2tewgt-_ENe0o2Hg36wpA_58HWlWwabpuD3_hTtuIqQ==
a1418eb.js
d2rv3np9wrkgl5.cloudfront.net/ 		102 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/a1418eb.js
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59df99eb6d9ab07bd7aa617414b15974debef701503f11fb5eba324a31ba9f54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:30:05 GMT
content-encoding
br
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 09:28:55 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
77102
etag
W/"8805c2af37db4db3e70f235301a9d7a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
SGpcM7-rtuNT3_3O1B2DjtBFICJom3CHGmcdXEIeXlu-tzd9ih_dLw==
1f9530d.css
d2rv3np9wrkgl5.cloudfront.net/css/ 		435 B
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/css/1f9530d.css
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9233bd40e3c612e97c7cb896d350260317ff34ee0c002f70380c004099843fdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:36:37 GMT
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 08:43:17 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
69510
etag
"f8c172607ca035a0d5cad404b65306db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
435
x-amz-cf-id
a7Ygb2MuqSs_dOUYJOQX3XTtIOMS7LsKqn9KiIT1xwDzrJSJgszdkA==
a55485a.js
d2rv3np9wrkgl5.cloudfront.net/ 		529 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/a55485a.js
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaab30e2bb93e99c63545af54feb52cbbaacfd029b0868998ded472320f97c6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:36:37 GMT
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 09:28:55 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
69510
etag
"fe0d8e2377e09786b5587ee9b72de1f4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
529
x-amz-cf-id
05u5l_rhW_q0QSBiwmRSC08NbG4C9rrztyxOddcy5y4GYVXGjWEv4A==
0653ad2.css
d2rv3np9wrkgl5.cloudfront.net/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/css/0653ad2.css
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fff14eb25e49538000f46afb94293f1e1b88099f31c164b1de06bf2e4645ec35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:16:32 GMT
content-encoding
br
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 06:08:43 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
67115
etag
W/"7c56bd4a23259fc88df2b1f5697f7b4d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
x-amz-cf-id
AbCvrsM4-qFIrUgAGt7rmbyO6d8yDLeeRQnYQnZOqfB5eD3AHlKOLA==
cde3ad5.js
d2rv3np9wrkgl5.cloudfront.net/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/cde3ad5.js
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28bfd1672463310fb2254958d3b7872d0a6192e4b9e87f8c999dd9b22da1316b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:36:37 GMT
content-encoding
gzip
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 09:28:56 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
69510
etag
W/"c7755de48875b8de61be16932fe6eab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
UFi8UQ9-GX8bdJWIVMsqoZBuGPOQf26niYN-GjIcH9DRnHgxW-jltQ==
2ca43e3.js
d2rv3np9wrkgl5.cloudfront.net/ 		461 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/2ca43e3.js
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e896955af99d30803f52f66f16f01f7a5d647b9aaa92ebaa943e85a67be428c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:30:05 GMT
content-encoding
br
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 09:28:53 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
77102
etag
W/"d4c063241669706eb571243b85707191"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
750cDhtwnseE80MiSuBbIOXsciv4zUglbJMP6PLsjIKQyzl7k5AdQA==
icon-google-logo.66ae25b.svg
d2rv3np9wrkgl5.cloudfront.net/img/ 		1 KB
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/img/icon-google-logo.66ae25b.svg
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5722617974160d10a2564c051caf679e6686955012aa626f1dcf163e20ebcedd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 04:09:56 GMT
content-encoding
gzip
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Mon, 06 Jun 2022 12:32:29 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
9934
etag
W/"b7727941c0e8a117b6cfd8f06a1cb7ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
OfATIpjPv8DTzst05QWf3gVp88Wd4WDYoxRxQE8X4jmAiGnunqtpPg==
image-model-01.f73ce13.jpeg
d2rv3np9wrkgl5.cloudfront.net/img/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/img/image-model-01.f73ce13.jpeg
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6b1a026e6e842b1250ff3e0fdfcc675decf3f6132bdb2f314c4c88f24bf8c0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 14:06:20 GMT
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 08:43:18 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
60527
etag
"6da90bb6b9b87035448438e70a348de2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
104064
x-amz-cf-id
jc8EtUcbogO5HAzSOdTFJn2mLG6ORrtcYRof8qUJSL6wVV3TqseODw==
image-model-02.53897d9.jpeg
d2rv3np9wrkgl5.cloudfront.net/img/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/img/image-model-02.53897d9.jpeg
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92f4142f52898d2810fbd61cf97df7e5003e1e079057298af223aea2728e7d85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:54:30 GMT
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 08:43:18 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
68437
etag
"746371e20773f755741b51546c6f4163"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
103510
x-amz-cf-id
u2o1B-t2Nh9jJ24HASK5dLgXeNVS3xnEO3OkdmNV-_-LitzTPqeG6g==
icon-secret.80338e6.svg
d2rv3np9wrkgl5.cloudfront.net/img/ 		1 KB
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rv3np9wrkgl5.cloudfront.net/img/icon-secret.80338e6.svg
Requested by
Host: www.topoffersus.com
URL: https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3=&sub4=&sub5=&sub6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.30.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-30-190.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14b797a9c224858227b5e4fe289d6773c9c7b18b2f3c2345a1792023456a0a99

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 17:18:57 GMT
content-encoding
br
via
1.1 ec8ddb459882fdc455d204541d0d96d0.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 10:59:43 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
48970
etag
W/"a92a2fa057bc5e252de811ecf8965339"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
SdX-CMsNleVeQRSV7TJYuyKYb1qy4Bc64VJVU3VnZohbYkXpzJotVA==
truncated
/ 		491 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb9239a5005b65190fcc5f27c487d5f4787c2039cf9118501c90739b76284393

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		866 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea592ca112540e7b5bc0fe6f0146e963142574d2d837704984cc060de3180306

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
script-status
www.topoffersus.com/api-node/api/landing/ 		33 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.topoffersus.com/api-node/api/landing/script-status
Requested by
Host: d2rv3np9wrkgl5.cloudfront.net
URL: https://d2rv3np9wrkgl5.cloudfront.net/dcc4a20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b28a869676eedd92c2e33c16a976d55f28830a370421d05b1100bc359581e188

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.topoffersus.com/offer/sgo-1-ph-sso?tid=37a4352bf54a467483a8fbbbba62f03e&affiliate_id=55&offer_id=7&sub1=AgUesrkqUorNMhWLrIqoZOEwXvkXlQIyktLE&sub2=608119&sub3&sub4&sub5&sub6
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Dec 2022 06:55:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"21-H2oAITWczR1P6bvIPyKaQUIdkB4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4STc3zOhBhuU0GWZHEDJr8XmDrXaT4%2BkiEvorLiSTjyqLqQxaXeA5zzqEhUB1%2B6CrMHpYcR9vNpuQiyN7rp6EL7LSKqXkR%2Fin8CQ2a61GDYjB2%2ByF4ZN8hTKwcdVhzsKkFcY5xz6WDeLtjBxVzGRFe8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
777412b30f0422c4-ORD
content-length
33
ace-push.js
pushnotice.xyz/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushnotice.xyz/ace-push.js
Requested by
Host: d2rv3np9wrkgl5.cloudfront.net
URL: https://d2rv3np9wrkgl5.cloudfront.net/a1418eb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf4ac30d9a85286f1b7961d55e68f86b1fcdae3b532afd18d8ba45360a80e70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.topoffersus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:55:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6339
cf-polished
origSize=13474
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 14 Oct 2022 17:53:06 GMT
server
cloudflare
etag
W/"1d8dff5d02c99a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zKQdiSOlaiUUkcKZtiVWosYbY7cplNW0%2FLwTvo95wZlxi3NHXAqJaI6gydFyyn8HNtSAwuz%2FHzuITfdIWU1w97I6NylK7hCk9uayKRovDXSDB1kMTYLyY3eAf9tS38MNrDjqgQg%2FapJClgjLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
777412b46c85631a-ORD
visit
pushserve.xyz/api/v1/ 		0
0
visit
pushserve.xyz/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pushserve.xyz/api/v1/visit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.topoffersus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
*
content-length
0
date
Sat, 10 Dec 2022 06:55:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pushserve.xyz
URL
https://pushserve.xyz/api/v1/visit

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| __NUXT__ object| webpackJsonp function| installComponents object| core object| __core-js_shared__ object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker

5 Cookies

Domain/Path Name / Value
hookupchicksop.com/ Name: k
Value: SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABDIzMDNtAAAAClJxV3Jka2xPbUttAAAAA2hpZG0AAAAkQWdVZXNya3FVb3JOTWhXTHJJcW9aT0V3WHZrWGxRSXlrdExFbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8yZAADbmlsbQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADG1FaERicmVQbEx1QQ.SroA5yeyBQF9yNZPKeM2wh_-KP6siSErLLlTenYOm9M
hookupchicksop.com/ Name: qXLAeq
Value: 1
www.hoa44trk.com/ Name: uniqueClick_BP658
Value: 3f837c7f-fb34-4f58-913e-154b505703b3:1670655305
www.hoa44trk.com/ Name: transaction_id
Value: 37a4352bf54a467483a8fbbbba62f03e
www.topoffersus.com/ Name: auth.strategy
Value: local

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2rv3np9wrkgl5.cloudfront.net
hookupchicksop.com
pushnotice.xyz
pushserve.xyz
www.hoa44trk.com
www.topoffersus.com
pushserve.xyz
18.161.30.190
20.50.64.3
2606:4700:20::681a:4a6
2606:4700:3037::6815:3950
2606:4700:3037::6815:4188
35.244.130.28
14b797a9c224858227b5e4fe289d6773c9c7b18b2f3c2345a1792023456a0a99
1e896955af99d30803f52f66f16f01f7a5d647b9aaa92ebaa943e85a67be428c
28bfd1672463310fb2254958d3b7872d0a6192e4b9e87f8c999dd9b22da1316b
2ea23d6517cf57f825235a824619356b2c4bb3a01fb591632844b30898013703
5722617974160d10a2564c051caf679e6686955012aa626f1dcf163e20ebcedd
59df99eb6d9ab07bd7aa617414b15974debef701503f11fb5eba324a31ba9f54
86518aa76f8aca213a2d477981ab198fcff73baf0c33f671df05273ecc301cdf
8db0748265adb26c2d514fb27eb73b18b0284715862e201a0311a973b214d2a3
9233bd40e3c612e97c7cb896d350260317ff34ee0c002f70380c004099843fdd
92f4142f52898d2810fbd61cf97df7e5003e1e079057298af223aea2728e7d85
9b9c0b51582d023c7830171292822d29d723f36ebef5f963e809d2dca75c206c
9cf4ac30d9a85286f1b7961d55e68f86b1fcdae3b532afd18d8ba45360a80e70
b28a869676eedd92c2e33c16a976d55f28830a370421d05b1100bc359581e188
c7b8e8bec6f8c6a408b67b856c4b470ca142af956565c5f8fcfb71a4d027a28e
d47b92276746762c9eda8c64c1bb91eab494a4cb186113ebca2ba89016b82593
d6b1a026e6e842b1250ff3e0fdfcc675decf3f6132bdb2f314c4c88f24bf8c0d
ea592ca112540e7b5bc0fe6f0146e963142574d2d837704984cc060de3180306
eaab30e2bb93e99c63545af54feb52cbbaacfd029b0868998ded472320f97c6c
eb9239a5005b65190fcc5f27c487d5f4787c2039cf9118501c90739b76284393
fff14eb25e49538000f46afb94293f1e1b88099f31c164b1de06bf2e4645ec35