mswindowsuser.com
Open in
urlscan Pro
2606:4700:3031::681f:5711
Public Scan
Submission Tags: @phishunt_io
Submission: On November 14 via api from ES
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 28th 2020. Valid for: a year.
This is the only time mswindowsuser.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 2606:4700:303... 2606:4700:3031::681f:5711 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 9 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
34 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
mswindowsuser.com
mswindowsuser.com |
624 KB |
7 |
yandex.ru
2 redirects
mc.yandex.ru |
96 KB |
5 |
gstatic.com
fonts.gstatic.com |
49 KB |
2 |
yandex.com
1 redirects
mc.yandex.com |
364 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
3 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
34 | 6 |
Domain | Requested by | |
---|---|---|
21 | mswindowsuser.com |
mswindowsuser.com
|
7 | mc.yandex.ru |
2 redirects
mswindowsuser.com
mc.yandex.ru |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | mc.yandex.com |
1 redirects
mswindowsuser.com
|
1 | cdnjs.cloudflare.com |
mswindowsuser.com
|
1 | fonts.googleapis.com |
mswindowsuser.com
|
34 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
wordpress.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-28 - 2021-10-27 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-10-28 - 2021-01-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-28 - 2021-01-20 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2020-09-29 - 2021-03-11 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mswindowsuser.com/
Frame ID: 29F62F46545100A3B4EB298AEFD36035
Requests: 34 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Yoast SEO (SEO) Expand
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Wordpress
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9091.VFBi8S0yp34g-dF-EWtvxGLGt8902FLLUIbh-hA0TRy2ScOAFpj5aVcxoSxFfXys.pjBCMpbq_07U1af7jTiim5UhDIs%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9091.BTpTkarOROO-dTlybCdJ51ambqqqGCleAxPdRhoy1IPRrqipPpEWF7L-GHPbwbLzGiRyYa3G6nfB4P5yjcGYGg%2C%2C.EyO_1cmZSU08ymiwxLHASle53Mg%2C
- https://mc.yandex.ru/watch/68830726?wmode=7&page-url=https%3A%2F%2Fmswindowsuser.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605320949642%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201114032912%3Aet%3A1605320953%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A277269004495%3Arqn%3A1%3Arn%3A787572039%3Ahid%3A879661281%3Ads%3A21%2C17%2C873%2C1%2C0%2C0%2C0%2C950%2C18%2C%2C%2C%2C2961%3Afp%3A1889%3Awn%3A48863%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605320953%3Au%3A1605320953767188305%3App%3A3629563401%3At%3AMSWINDOWSUSER%20- HTTP 302
- https://mc.yandex.ru/watch/68830726/1?wmode=7&page-url=https%3A%2F%2Fmswindowsuser.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605320949642%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201114032912%3Aet%3A1605320953%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A277269004495%3Arqn%3A1%3Arn%3A787572039%3Ahid%3A879661281%3Ads%3A21%2C17%2C873%2C1%2C0%2C0%2C0%2C950%2C18%2C%2C%2C%2C2961%3Afp%3A1889%3Awn%3A48863%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605320953%3Au%3A1605320953767188305%3App%3A3629563401%3At%3AMSWINDOWSUSER%20-
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mswindowsuser.com/ |
62 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d55109860145693c98f5b15f6e905a46.css
mswindowsuser.com/wp-content/cache/min/1/ |
288 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
mswindowsuser.com/wp-includes/js/jquery/ |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
windows-10-logo-png-22.png
mswindowsuser.com/wp-content/uploads/2020/10/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top-arrow.svg
mswindowsuser.com/wp-content/themes/reco/assets/images/ |
1 KB 856 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a54133ddd4abd26f51da8f1a31f1a9b7.js
mswindowsuser.com/wp-content/cache/min/1/ |
214 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1575227550_peazip-691x450.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1523620234_taskmanager_deluxe-700x436.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
calibre_ebooks-700x276.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Task-Manager-performance-696x365-1.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Android-apps-for-desktop-700x448.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Microsoft-Teams-engaging-meeting-696x365-1.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Windows-Insider-program-700x360.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1480006034_teracopy_rc.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft-confirms-undeletable-lsquowindowsold-folder-bug-on-windows-10-a9ab8b7.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edrawmax-1015-build-821-da2f342-694x450.jpg
mswindowsuser.com/wp-content/uploads/2020/11/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b65fecbc89ed7e396a037b4b8ba4a073-150x150.jpg
mswindowsuser.com/wp-content/uploads/2020/10/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unnamed-file-20-1-150x150.png
mswindowsuser.com/wp-content/uploads/2020/06/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL3d3dy5sYXB0b3BtYWcuY29tL2ltYWdlcy93cC9wdXJjaC1hcGkvaW5jb250ZW50LzIwMTYvMDUvZnA2XzI5MDkxNDE0NjI1NTI0NDItMzMxeDQwMC5wbmc-150x150.jpg
mswindowsuser.com/wp-content/uploads/2020/06/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL3d3dy5sYXB0b3BtYWcuY29tL2ltYWdlcy93cC9wdXJjaC1hcGkvaW5jb250ZW50LzIwMTYvMDEvcmVnZWRpdC11c2VybmFtZS02NzB4Mjg2LnBuZw-150x150.png
mswindowsuser.com/wp-content/uploads/2020/06/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
mswindowsuser.com/wp-content/themes/reco/assets/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
368 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 136 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/68830726/ Redirect Chain
|
167 B 249 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
68830726
mc.yandex.ru/webvisor/ |
43 B 145 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
68830726
mc.yandex.ru/webvisor/ |
43 B 73 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes undefined| $ function| jQuery function| loadCSS function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| ajax_var function| wprRemoveCPCSS object| wpcf7 object| _self object| Prism function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar function| ym object| jQuery11240012624061077923798 object| AOS object| StickySidebar object| Pace object| wp function| ClipboardJS object| Ya object| yaCounter688307264 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mswindowsuser.com/ | Name: _ym_isad Value: 2 |
|
.mswindowsuser.com/ | Name: _ym_d Value: 1605320953 |
|
.mswindowsuser.com/ | Name: _ym_uid Value: 1605320953767188305 |
|
.mswindowsuser.com/ | Name: __cfduid Value: d57b5950e9305a7b4fee7f04d95bfa6061605320949 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
mswindowsuser.com
2606:4700:3031::681f:5711
2606:4700::6810:125e
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200a
2a02:6b8::1:119
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be7fdfa445f0fe6891ff3ac653a5e06ae62ee7c7b129ec3d054b451355c3af6
3bb553fc3264249d9784217f5f04f432ca1800a480e524411bf6b75ab6049e09
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4f7cb0be9c4f7c0410f94eb8205697969e0e22c0f4ba795c48bc9ae327af5285
4fe846c0fc9277307e5ce9777ab78fff9d4480703c8f4739366bf3f8ac733d3e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57f2f7cc422d93d1c8519ffb7f242155c41ad773d2c03db3d75f0fd094694b5f
5c4895f7820d7448039b34f351ca237185a421cdef2d85601269ec8812ea732d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6212837fe3574b33f03333566911696ea46a469523bef8aa85ca9d5da09a3da1
62384608e4776509bb47eb89d5532596af802ec377426bdc5457bb801fc84e64
63a7c073b2d53c0b4e6d7b49e790f09fc638092b429cceaf52b9a070d633bf5f
677769726ebcb3b0dddf94719696a91081e99b3bd0106d1f24992d0af5491e95
70b37ef3201f2da3b327942e68a84a564aaaf4d34f6a03b107f0c02db3a61399
7209ab5113c2deabd6d5f0eed7196d5349a7e20b7c8e6a488e070ab367b7bf5d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
ab7de0f7734f67cc0d1204eb2840ada143553a8c2fd2f94bc46bcea5a269d572
b0584e9c50baf840495661eba2d3eae47e58865289431a4decf15fb80d40256a
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bc2e086056b0f80054382d9d7bf07d753ba5437c68540103123ef5497e23d879
c8dfa06535f128f5b6395aaa92951cf5e925d9243b0823f273193448328eed98
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d4cc996bf32086b8f796713278d490a424d28afa53d28ed2f9dd8821cfd39b37
d5514e8e429ea4b361de654cf5f235ced04143b95ce37cb17132d9c65a4540e0
deec90c520b3a5c512bb5dd014b805f7f86466a21f59b5fae586b4ac17953a7f
e136d7445e5867882f439c12796922511789f69d58625a8c99a6574efbccb7e2
f223c62f779152ef538d540ef7ae8c65ee0000e3c4b889001582e94bfaf6c4bc