buy.norton.com
Open in
urlscan Pro
23.100.48.86
Public Scan
Effective URL: https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=12TzCmyQoxyLULywUx0Mo3EJUkETG2ytm3EjUs0&adid=761885&IRID=19...
Submission: On February 20 via manual from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 9th 2020. Valid for: 10 months.
This is the only time buy.norton.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.189.182.187 5.189.182.187 | 51167 (CONTABO) (CONTABO) | |
1 2 | 185.136.85.182 185.136.85.182 | 203393 (ONETRA) (ONETRA) | |
2 2 | 35.227.247.224 35.227.247.224 | 15169 (GOOGLE) (GOOGLE) | |
2 2 | 52.17.198.3 52.17.198.3 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 34.95.127.121 34.95.127.121 | 15169 (GOOGLE) (GOOGLE) | |
1 | 23.100.48.86 23.100.48.86 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 18.195.42.228 18.195.42.228 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a02:26f0:710... 2a02:26f0:7100:493::1015 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2.17.176.226 2.17.176.226 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 34.249.66.13 34.249.66.13 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.31.176.223 52.31.176.223 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 54.171.42.33 54.171.42.33 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 15.237.76.117 15.237.76.117 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 10 |
ASN51167 (CONTABO, DE)
PTR: vmi503385.contaboserver.net
overlaylink.com |
ASN15169 (GOOGLE, US)
PTR: 224.247.227.35.bc.googleusercontent.com
www.trkppc.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-198-3.eu-west-1.compute.amazonaws.com
norton.ow5a.net |
ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN20940 (AKAMAI-ASN1, NL)
now.symassets.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-17-176-226.deploy.static.akamaitechnologies.com
buy-static.norton.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com
symantec.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
oms.norton.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
ensighten.com
nexus.ensighten.com |
175 KB |
3 |
demdex.net
dpm.demdex.net symantec.demdex.net |
5 KB |
3 |
norton.com
buy.norton.com buy-static.norton.com oms.norton.com |
22 KB |
2 |
ow5a.net
2 redirects
norton.ow5a.net |
2 KB |
2 |
trkppc.com
2 redirects
www.trkppc.com |
796 B |
2 |
xhuauto.com
1 redirects
xhuauto.com |
815 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
1 |
symassets.com
now.symassets.com |
3 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
18 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
1 |
ojrq.net
1 redirects
www.ojrq.net |
552 B |
1 |
overlaylink.com
1 redirects
overlaylink.com |
573 B |
16 | 12 |
Domain | Requested by | |
---|---|---|
6 | nexus.ensighten.com |
buy.norton.com
nexus.ensighten.com |
2 | dpm.demdex.net |
nexus.ensighten.com
|
2 | norton.ow5a.net | 2 redirects |
2 | www.trkppc.com | 2 redirects |
2 | xhuauto.com | 1 redirects |
1 | oms.norton.com | |
1 | cm.everesttech.net | 1 redirects |
1 | symantec.demdex.net |
nexus.ensighten.com
|
1 | buy-static.norton.com |
buy.norton.com
|
1 | now.symassets.com |
buy.norton.com
|
1 | maxcdn.bootstrapcdn.com |
buy.norton.com
|
1 | ajax.googleapis.com |
buy.norton.com
|
1 | buy.norton.com |
xhuauto.com
|
1 | www.ojrq.net | 1 redirects |
1 | overlaylink.com | 1 redirects |
16 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.norton.com |
us.norton.com |
be-nl.norton.com |
www.nortonlifelock.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
buy.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-07-09 - 2021-04-28 |
10 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
www.norton.com DigiCert SHA2 Extended Validation Server CA |
2021-01-21 - 2021-05-11 |
4 months | crt.sh |
store.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-09-23 - 2021-04-28 |
7 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
oms.norton.com DigiCert SHA2 High Assurance Server CA |
2020-08-28 - 2021-09-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=12TzCmyQoxyLULywUx0Mo3EJUkETG2ytm3EjUs0&adid=761885&IRID=19264&source=ir
Frame ID: 54FD160520F7EF27DB4059C0469DA71D
Requests: 15 HTTP requests in this frame
Frame:
https://symantec.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 290886F988CC0812FDF4146B2D769150
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://overlaylink.com/Bhsd1
HTTP 301
http://xhuauto.com/sh Page URL
-
http://xhuauto.com/sh?inf=1817755LG3292909AD506577324Kh2299kd38skr104112dP
HTTP 302
https://www.trkppc.com/TMJLKB47/XCSCDPL1/?sub1=1817755&sub2=8b-1817755-3292909-104112-2299-506577324 HTTP 302
https://www.trkppc.com/TMJLKB47/XD1GFPDJ/?__rpt=0&__po=417116&__ptid=6b781d36533547fb8a5d2e384596c1... HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=bcb37addab7c4dae9fe76e87682844c0&subId2=8b-181775... HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F19264%2F761885%2F4405%3FsubId1... HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=bcb37addab7c4dae9fe76e87682844c0&subId2=8b-181775... HTTP 301
https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=12TzCmyQoxyLULywUx0Mo3EJUkETG2ytm3EjUs0... Page URL
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Hulp krijgen
Search URL Search Domain Scan URL
Title: productenpagina.
Search URL Search Domain Scan URL
Title: Verleng of upgrade hier.
Search URL Search Domain Scan URL
Title: Directe hulp.
Search URL Search Domain Scan URL
Title: Juridische informatie
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://overlaylink.com/Bhsd1
HTTP 301
http://xhuauto.com/sh Page URL
-
http://xhuauto.com/sh?inf=1817755LG3292909AD506577324Kh2299kd38skr104112dP
HTTP 302
https://www.trkppc.com/TMJLKB47/XCSCDPL1/?sub1=1817755&sub2=8b-1817755-3292909-104112-2299-506577324 HTTP 302
https://www.trkppc.com/TMJLKB47/XD1GFPDJ/?__rpt=0&__po=417116&__ptid=6b781d36533547fb8a5d2e384596c18f&__rpa=1&__rc=1&sub1=1817755&sub2=8b-1817755-3292909-104112-2299-506577324&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=bcb37addab7c4dae9fe76e87682844c0&subId2=8b-1817755-3292909-104112-2299-506577324&sharedid=425898_1817755 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F19264%2F761885%2F4405%3FsubId1%3Dbcb37addab7c4dae9fe76e87682844c0%26subId2%3D8b-1817755-3292909-104112-2299-506577324%26sharedid%3D425898_1817755%26level%3D1%26srcref%3Dhttp%253A%252F%252Fxhuauto.com%252Fsh&cid=4405&tpsync=yes HTTP 302
https://norton.ow5a.net/c/19264/761885/4405?subId1=bcb37addab7c4dae9fe76e87682844c0&subId2=8b-1817755-3292909-104112-2299-506577324&sharedid=425898_1817755&level=1&srcref=http%3A%2F%2Fxhuauto.com%2Fsh&brwsr=508b37d2-7324-11eb-8ac7-42010a246629&brwsrsig=USn3OqUVdwwvVPS3zxVjrzcDQVfTEW HTTP 301
https://buy.norton.com/aff_norton360premium?irgwc=1&clickid=12TzCmyQoxyLULywUx0Mo3EJUkETG2ytm3EjUs0&adid=761885&IRID=19264&source=ir Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://overlaylink.com/Bhsd1 HTTP 301
- http://xhuauto.com/sh
- https://cm.everesttech.net/cm/dd?d_uuid=66449795623585228552357291826949960399 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YDB1ewAAAHXiyTnQ
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
sh
xhuauto.com/ Redirect Chain
|
214 B 462 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
aff_norton360premium
buy.norton.com/ Redirect Chain
|
12 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.2/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/symantec/ |
725 KB 151 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ |
107 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_nlok_estore_cart.svg
now.symassets.com/content/dam/norton/global/images/non-product/logos/dark/ |
11 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_symc_gs_97x27.svg
buy-static.norton.com/estore/images/Non-Product/Logo/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code_min.js
nexus.ensighten.com/symantec/scode/ |
52 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
om_code_estore_min.js
nexus.ensighten.com/symantec/scode/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/symantec/prod/ |
384 B 526 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d20451cfa16fc745f4b2354fd6d27af5.js
nexus.ensighten.com/symantec/prod/code/ |
1 KB 854 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4d81d08fd689a5f89ee7ea303695396b.js
nexus.ensighten.com/symantec/prod/code/ |
347 B 530 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
367 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
symantec.demdex.net/ Frame 2908 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YDB1ewAAAHXiyTnQ
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s41796187375112
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ |
43 B 422 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
107 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| ensBootstraps object| Bootstrapper object| adobe function| Visitor object| ensClientConfig boolean| ensBrowserSupported object| gateway string| trueURL object| v function| $data string| _siteCode object| tms function| ttHideInter string| k string| TLT_SN string| TLT_UV string| TLT_FTV string| TLT_NC string| TLT_UID string| error string| referrer string| incomingURL string| store_locale string| partner string| cart_flow_id string| userflow string| site_id string| site_name string| store_id string| store_name string| om_affiliate_id_param string| om_program_id_param string| om_program_type_param string| original_subchannel string| current_subchannel string| traffic_source string| country string| region string| language string| TLTSID string| media_type_or_version_id string| error_page string| pagename string| channel string| hier1 string| hier2 string| reportsuite_id string| sso string| session_guid string| promoid string| autodowngrade string| postenrollment string| inclient string| hostname string| CatalogCode string| SymSession string| SubChannel string| MawareRenewalFlag object| WinCSPEB function| returnBashboard undefined| assistContent function| s_getLoadTime function| removeTxt function| internalSearchLinkClick_Natural function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s number| s_loadT object| _numeric_ object| s_c_il number| s_c_in string| PageN object| expiration_date function| trackCustomDownload number| s_objectID number| s_giq object| val function| isEmpty function| removeTrailingComma string| qsVal object| promoid_arr undefined| removed_products undefined| tproducts undefined| random_numbers undefined| cookieRemovedProduct undefined| s_code object| ruleMETA string| s_tnt string| tmp object| s_i_symanteccom20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.norton.com/ | Name: criteo_mm Value: Criteo |
|
.norton.com/ | Name: ttControl Value: 5443473d37 |
|
buy.norton.com/ | Name: ESID Value: 02c2c74f54-6981-42EQyJujRj-zyD2tOf1Y5fxTUBWeulJaozqV4XJNxuzzKEGn4YtcRhEaXFdTeDPo8sUZM |
|
.norton.com/ | Name: ae Value: 687474703a2f2f6275792e6e6f72746f6e2e636f6d2f72656469726563746f722f6166665f6e6f72746f6e3336307072656d69756d3f69726777633d3126636c69636b69643d3132547a436d79516f78794c554c79775578304d6f33454a556b4554473279746d33456a55733026616469643d37363138383526495249443d313932363426736f757263653d6972 |
|
.norton.com/ | Name: SSE Value: 4245236e6c2353796d616e7465635f73796d457056656e646f72 |
|
.norton.com/ | Name: TLID Value: 4D6C647A6C7DB40C4F0EB9D6DE8EB440 |
|
.norton.com/ | Name: PROGRAMID Value: 19264 |
|
.norton.com/ | Name: pr Value: 5043443d30322d32302d323032317c5049443d31393236347c5349443d7c5054593d496d70616374526164697573 |
|
.norton.com/ | Name: COUNTRY Value: BE |
|
.norton.com/ | Name: storetimeoutpopup Value: 3 |
|
.norton.com/ | Name: SHOPPERID Value: "" |
|
.norton.com/ | Name: PROGRAM_TYPE Value: ImpactRadius |
|
.norton.com/ | Name: LANGUAGE Value: nl |
|
.buy.norton.com/ | Name: X-CSRF-TOKEN Value: bgZf/Xcp4vlq7e8dtJT8KD9h6RkJ5jJuRHKZaedR768_ |
|
.norton.com/ | Name: tp Value: 4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30322f32302f323032317c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d6e6c7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d616666696c696174657c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d |
|
.norton.com/ | Name: es Value: 4e56533d317c5353473d33334138463032372d313232332d383341342d443733452d4443303142353634434530437c4643443d4665622d31392d323032312031383a33353a33377c4c43443d4665622d31392d323032312031383a33353a33377c4e4c563d73796d616e746563696e7465726e616c6572726f72 |
|
.norton.com/ | Name: cv Value: exist |
|
buy.norton.com/ | Name: 53038 Value: Criteo |
|
.norton.com/ | Name: storetimeout Value: 30 |
|
buy.norton.com/ | Name: JSESSIONID Value: 4D6C647A6C7DB40C4F0EB9D6DE8EB440 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
buy-static.norton.com
buy.norton.com
cm.everesttech.net
dpm.demdex.net
maxcdn.bootstrapcdn.com
nexus.ensighten.com
norton.ow5a.net
now.symassets.com
oms.norton.com
overlaylink.com
symantec.demdex.net
www.ojrq.net
www.trkppc.com
xhuauto.com
15.237.76.117
18.195.42.228
185.136.85.182
2.17.176.226
2001:4de0:ac19::1:b:1b
23.100.48.86
2a00:1450:4001:811::200a
2a02:26f0:7100:493::1015
34.249.66.13
34.95.127.121
35.227.247.224
5.189.182.187
52.17.198.3
52.31.176.223
54.171.42.33
2cd6045dfcd75c0f7301e4cf151f0d5b9999382919bb2eff4043c340122f50d0
532ac5212597742e1d5d141a7500fdafe96edaa9449c8f3fbe0519fd954aef34
536c3ccdc7dedd7df39f255f79dbc59aaf459be9a426a7a9127fb08cdd79f393
5f00057911a84f5a999dc0ce3c96093b2fc923f61830c63c1e9bffe449b92969
77b8e1ace51eef658dad260dfab1ca4e4e47fbac2659527c289b6becf954a547
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
85f6be4213b9c70b55b5c6c58b0abc6069c4e9f1bd3c768ecd76619739935585
8c9afd841838aafc9e1f024537bccca982d19cfd121c673086c88132b271018b
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b57111ed80613c3c24b8f4c2a9bd2797821ad3cf24faed49e00149e9126f4b25
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
ce31fdbef9e86d4ce0a64f54608643eea148c621fa1930c2b4d2ee8eba972e25
d34af7811b19e812d9b4690ef47d6cd523f1bc186dfefdcd08fd853dd5442aa6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff00829f14027a3911df6d70ee12bb6fc5674bb7a28cb3475211c602abf5133