microsoft6477.fun
Open in
urlscan Pro
123.57.8.164
Public Scan
Submitted URL: https://microsoft6477.moe/
Effective URL: https://microsoft6477.fun/
Submission: On July 15 via api from ES
Effective URL: https://microsoft6477.fun/
Submission: On July 15 via api from ES
Summary
This website contacted 19 IPs
in 6 countries
across 18 domains to perform 61 HTTP transactions.
The main IP is 123.57.8.164, located in
Hangzhou, China and
belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN.
The main domain is microsoft6477.fun.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 11th 2020. Valid for: a year.
This is the only time microsoft6477.fun was scanned on urlscan.io!
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 11th 2020. Valid for: a year.
This is the only time microsoft6477.fun was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
25
123.57.8.164
(Hangzhou, China)
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
| microsoft6477.fun |
1
47.246.43.251
(San Mateo, United States)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
| at.alicdn.com |
1
2a00:1450:4001:80b::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
104.193.88.77
(United States)
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
| msite.baidu.com | |
| xiongzhang.baidu.com |
9
2a00:1450:4001:824::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com | |
| adservice.google.de | |
| adservice.google.com | |
| www.googletagservices.com |
1
163.172.6.164
(France)
ASN12876 (Online SAS, FR)
PTR: 163-172-6-164.rev.poneytelecom.eu
ASN12876 (Online SAS, FR)
PTR: 163-172-6-164.rev.poneytelecom.eu
| s2.ax1x.com |
1
2600:9000:2156:7600:0:e2b1:a380:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| jspassport.ssl.qhimg.com |
1
124.238.234.48
(Langfang, China)
ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
| ae.bdstatic.com |
2
2a00:1450:4001:816::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
7
2a00:1450:4001:820::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
4
47.246.43.229
(San Mateo, United States)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
| js.t.sinajs.cn | |
| timg.sjs.sinajs.cn |
1
180.149.138.56
(China)
ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
| widget.weibo.com |
2
2a00:1450:4001:800::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
microsoft6477.fun
microsoft6477.fun |
412 KB |
| 8 |
doubleclick.net
stats.g.doubleclick.net googleads.g.doubleclick.net |
110 B |
| 8 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
135 KB |
| 5 |
sinajs.cn
tjs.sjs.sinajs.cn js.t.sinajs.cn timg.sjs.sinajs.cn |
57 KB |
| 2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
| 2 |
baidu.com
msite.baidu.com xiongzhang.baidu.com |
6 KB |
| 1 |
weibo.com
widget.weibo.com |
|
| 1 |
googletagservices.com
www.googletagservices.com |
27 KB |
| 1 |
google.com
adservice.google.com |
168 B |
| 1 |
google.de
adservice.google.de |
168 B |
| 1 |
bdstatic.com
ae.bdstatic.com |
8 KB |
| 1 |
360.cn
s.360.cn |
234 B |
| 1 |
qhres.com
s.ssl.qhres.com |
928 B |
| 1 |
qhimg.com
jspassport.ssl.qhimg.com |
462 B |
| 1 |
ax1x.com
s2.ax1x.com |
6 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
| 1 |
alicdn.com
at.alicdn.com |
4 KB |
| 1 |
microsoft6477.moe
microsoft6477.moe |
383 B |
| 61 | 18 |
| Domain | Requested by | |
|---|---|---|
| 25 | microsoft6477.fun |
microsoft6477.moe
microsoft6477.fun pagead2.googlesyndication.com |
| 7 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
microsoft6477.fun |
| 6 | pagead2.googlesyndication.com |
microsoft6477.fun
pagead2.googlesyndication.com |
| 3 | js.t.sinajs.cn |
tjs.sjs.sinajs.cn
js.t.sinajs.cn |
| 2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
| 1 | widget.weibo.com |
js.t.sinajs.cn
|
| 1 | timg.sjs.sinajs.cn |
microsoft6477.fun
|
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | xiongzhang.baidu.com |
microsoft6477.fun
|
| 1 | stats.g.doubleclick.net |
microsoft6477.fun
|
| 1 | ae.bdstatic.com |
msite.baidu.com
|
| 1 | s.360.cn |
microsoft6477.fun
|
| 1 | s.ssl.qhres.com |
jspassport.ssl.qhimg.com
|
| 1 | jspassport.ssl.qhimg.com |
microsoft6477.fun
|
| 1 | tjs.sjs.sinajs.cn |
microsoft6477.fun
|
| 1 | s2.ax1x.com |
microsoft6477.fun
|
| 1 | msite.baidu.com |
microsoft6477.fun
|
| 1 | www.googletagmanager.com |
microsoft6477.fun
|
| 1 | at.alicdn.com |
microsoft6477.fun
|
| 1 | microsoft6477.moe | |
| 61 | 23 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.beian.miit.gov.cn |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| microsoft6477.moe Let's Encrypt Authority X3 |
2020-07-13 - 2020-10-11 |
3 months | crt.sh |
| microsoft6477.fun Encryption Everywhere DV TLS CA - G1 |
2020-02-11 - 2021-02-10 |
a year | crt.sh |
| *.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2 |
2019-09-03 - 2020-09-03 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
| baidu.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-04-02 - 2021-07-26 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
| *.ax1x.com AlphaSSL CA - SHA256 - G2 |
2019-08-26 - 2020-08-26 |
a year | crt.sh |
| www.sina.com.cn DigiCert SHA2 Secure Server CA |
2019-10-23 - 2021-01-21 |
a year | crt.sh |
| *.ssl.qhimg.com WoTrus OV SSL CA |
2020-02-11 - 2022-05-11 |
2 years | crt.sh |
| *.ssl.qhres.com WoTrus OV SSL CA |
2020-02-11 - 2022-05-11 |
2 years | crt.sh |
| *.s.360.cn WoSign OV SSL CA |
2019-10-25 - 2022-01-25 |
2 years | crt.sh |
| *.google.de GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
| sina.cn GeoTrust CN RSA CA G1 |
2020-02-18 - 2020-12-10 |
10 months | crt.sh |
| *.weibo.com GlobalSign ECC OV SSL CA 2018 |
2019-08-16 - 2021-10-07 |
2 years | crt.sh |
| tpc.googlesyndication.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
This page contains 10 frames:
Primary Page:
https://microsoft6477.fun/
Frame ID: 1249FDE76FCCF9C65A8C12DB3C7C0840
Requests: 53 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20200709/r20190131/zrt_lookup.html
Frame ID: 019C041EDAFE2C5C5D8C1EC6E6FB3085
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3408286081250352&output=html&adk=1812271804&adf=3025194257&lmt=1594795915&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmicrosoft6477.fun%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1594795914835&bpp=12&bdt=3364&idt=167&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7960667821796&frm=20&pv=2&ga_vid=1625980771.1594795914&ga_sid=1594795915&ga_hid=1040144171&ga_fc=0&iag=0&icsg=602937898&dssz=21&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066124&oid=3&pvsid=1746176565566393&pem=278&ref=https%3A%2F%2Fmicrosoft6477.moe%2F&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=186
Frame ID: F83562355D9C5A8E98913E946144E947
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3408286081250352&output=html&h=250&slotname=3027572802&adk=78381015&adf=2896080155&w=300&lmt=1594795915&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fmicrosoft6477.fun%2F&flash=0&wgl=1&adsid=NT&dt=1594795915031&bpp=1&bdt=3561&idt=1&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7960667821796&frm=20&pv=1&ga_vid=1625980771.1594795914&ga_sid=1594795915&ga_hid=1040144171&ga_fc=0&iag=0&icsg=11001686186&dssz=24&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1044&ady=1565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066124&oid=3&pvsid=1746176565566393&pem=278&ref=https%3A%2F%2Fmicrosoft6477.moe%2F&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Da0qVrmUwm&p=https%3A//microsoft6477.fun&dtd=7
Frame ID: 31EF87B2B71AAA9C6168F496F56AA6CC
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3408286081250352&output=html&h=247&slotname=4782429608&adk=1551591306&adf=1806450940&w=790&lmt=1594795915&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=790x247&url=https%3A%2F%2Fmicrosoft6477.fun%2F&flash=0&wgl=1&adsid=NT&dt=1594795914946&bpp=3&bdt=3476&idt=96&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7960667821796&frm=20&pv=1&ga_vid=1625980771.1594795914&ga_sid=1594795915&ga_hid=1040144171&ga_fc=0&iag=0&icsg=11001686186&dssz=24&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=239&ady=958&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066124&oid=3&pvsid=1746176565566393&pem=278&ref=https%3A%2F%2Fmicrosoft6477.moe%2F&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2tHSzkZeDK&p=https%3A//microsoft6477.fun&dtd=108
Frame ID: 413313203ECCBD6365F11946D69A906A
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3408286081250352&output=html&h=250&slotname=3027572802&adk=2748835215&adf=3742373706&w=300&lmt=1594795915&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fmicrosoft6477.fun%2F&flash=0&wgl=1&adsid=NT&dt=1594795914991&bpp=4&bdt=3521&idt=75&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C790x247&nras=1&correlator=7960667821796&frm=20&pv=1&ga_vid=1625980771.1594795914&ga_sid=1594795915&ga_hid=1040144171&ga_fc=0&iag=0&icsg=704107915919&dssz=29&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1044&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066124&oid=3&pvsid=1746176565566393&pem=278&ref=https%3A%2F%2Fmicrosoft6477.moe%2F&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrY1AW0eoo&p=https%3A//microsoft6477.fun&dtd=77
Frame ID: 9FCF1D019A48872523F78545FF3B120A
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3408286081250352&output=html&h=250&slotname=3027572802&adk=2748835215&adf=3742373706&w=300&lmt=1594795915&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fmicrosoft6477.fun%2F&flash=0&wgl=1&adsid=NT&dt=1594795914991&bpp=4&bdt=3521&idt=75&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C790x247&nras=1&correlator=7960667821796&frm=20&pv=1&ga_vid=1625980771.1594795914&ga_sid=1594795915&ga_hid=1040144171&ga_fc=0&iag=0&icsg=704107915919&dssz=29&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1044&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066124&oid=3&pvsid=1746176565566393&pem=278&ref=https%3A%2F%2Fmicrosoft6477.moe%2F&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrY1AW0eoo&p=https%3A//microsoft6477.fun&dtd=77
Frame ID: 20F71D133D89C0D191E7EB4D4DAEC29B
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3408286081250352&output=html&h=250&slotname=3027572802&adk=78381015&adf=2896080155&w=300&lmt=1594795915&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fmicrosoft6477.fun%2F&flash=0&wgl=1&adsid=NT&dt=1594795915031&bpp=1&bdt=3561&idt=1&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7960667821796&frm=20&pv=1&ga_vid=1625980771.1594795914&ga_sid=1594795915&ga_hid=1040144171&ga_fc=0&iag=0&icsg=11001686186&dssz=24&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1044&ady=1565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066124&oid=3&pvsid=1746176565566393&pem=278&ref=https%3A%2F%2Fmicrosoft6477.moe%2F&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Da0qVrmUwm&p=https%3A//microsoft6477.fun&dtd=7
Frame ID: 7343C945417B2211188D45FB48AD80A9
Requests: 1 HTTP requests in this frame
Frame:
https://js.t.sinajs.cn/open/api/js/api/client.js?version=20150130.02
Frame ID: B9CC6807A2EE23F4EEF412A2BDFE5E20
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A13DC86FF5AF1CDB735CE3238901CF97
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://microsoft6477.moe/ Page URL
- https://microsoft6477.fun/ Page URL
Detected technologies
Lua
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://www.beian.miit.gov.cn/
Title: 京ICP备20003945号
Title: 京ICP备20003945号
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://microsoft6477.moe/ Page URL
- https://microsoft6477.fun/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1040144171&t=pageview&_s=1&dl=https%3A%2F%2Fmicrosoft6477.fun%2F&dr=https%3A%2F%2Fmicrosoft6477.moe%2F&ul=en-us&de=UTF-8&dt=Microsoft6477%20-%20%E6%97%A0%E5%90%8D%E5%B0%8F%E7%AB%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=104659703&gjid=332634448&cid=1625980771.1594795914&tid=UA-155324495-1&_gid=1218248970.1594795914&_r=1>m=2ou783&z=1928356127 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-155324495-1&cid=1625980771.1594795914&jid=104659703&_gid=1218248970.1594795914&gjid=332634448&_v=j83&z=1928356127
61 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
microsoft6477.moe/ |
169 B 383 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
 Cookie set
/
microsoft6477.fun/ |
86 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
microsoft6477.fun/wp-content/themes/begin/ |
183 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fonts.css
microsoft6477.fun/wp-content/themes/begin/css/fonts/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font_1381722_962mg1ztk6w.css
at.alicdn.com/t/ |
5 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
microsoft6477.fun/wp-content/themes/begin/js/ |
93 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
owl.carousel.min.js
microsoft6477.fun/wp-content/themes/begin/js/ |
37 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wow.js
microsoft6477.fun/wp-content/themes/begin/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
85 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
c.js
msite.baidu.com/sdk/ |
5 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
116 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
%E5%A4%B4%E5%83%8F.jpg
microsoft6477.fun/wp-content/uploads/2019/09/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prune.php
microsoft6477.fun/wp-content/themes/begin/ |
86 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prune.php
microsoft6477.fun/wp-content/themes/begin/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.png
microsoft6477.fun/wp-content/themes/begin/img/ |
1016 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Vlw7B6.jpg
s2.ax1x.com/2019/05/31/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
%E5%A4%B4%E5%83%8F.jpg
microsoft6477.fun/wp-content/uploads/2019/09/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wb.js
tjs.sjs.sinajs.cn/open/api/js/ |
34 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
superfish.js
microsoft6477.fun/wp-content/themes/begin/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
begin-script.js
microsoft6477.fun/wp-content/themes/begin/js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gb2big5.js
microsoft6477.fun/wp-content/themes/begin/js/ |
11 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.share.min.js
microsoft6477.fun/wp-content/themes/begin/js/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sticky.js
microsoft6477.fun/wp-content/themes/begin/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ias.js
microsoft6477.fun/wp-content/themes/begin/js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.lazyload.js
microsoft6477.fun/wp-content/themes/begin/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
infinite-post.js
microsoft6477.fun/wp-content/themes/begin/js/ |
519 B 675 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11.0.1.js
jspassport.ssl.qhimg.com/ |
105 B 462 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ab77b6ea7f3fbf79.js
s.ssl.qhres.com/ssl/ |
478 B 928 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
zz.gif
s.360.cn/so/ |
0 234 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.833c272c.js
ae.bdstatic.com/xz/msite/static/sdk/ |
23 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rp
xiongzhang.baidu.com/xzhstatistics/ |
0 0 |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200709/r20190131/ |
220 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iconfont.woff
microsoft6477.fun/wp-content/themes/begin/css/fonts/ |
16 KB 16 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 3 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200709/r20190131/ Frame 019C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame F835 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
72 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 31EF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4133 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 9FCF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 20F7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 7343 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prune.php
microsoft6477.fun/wp-content/themes/begin/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prune.php
microsoft6477.fun/wp-content/themes/begin/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prune.php
microsoft6477.fun/wp-content/themes/begin/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prune.php
microsoft6477.fun/wp-content/themes/begin/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prune.php
microsoft6477.fun/wp-content/themes/begin/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.js
js.t.sinajs.cn/open/api/js/api/ |
4 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading1.gif
timg.sjs.sinajs.cn/t4/appstyle/widget/images/library/base/ |
796 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
client.js
js.t.sinajs.cn/open/api/js/api/ Frame B9CC |
15 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframeWidget.js
js.t.sinajs.cn/open/api/js/widget/iframeWidget/ |
87 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aj_relationship.php
widget.weibo.com/public/ |
0 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A13D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| WOW function| gtag object| dataLayer object| cambrian object| cambrianbdf4b4bd object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| cambrianChunkJsonp object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| g boolean| _gfp_p_ number| google_lpabyc number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| $Import object| WB2 boolean| debug object| ajax_login_object function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests function| switchMode function| embedImage function| grin string| global_Html function| printme function| Headroom number| Default_isFT number| StranIt_Delay function| StranText function| StranBody function| JTPYStr function| FTPYStr function| Traditionalized function| Simplized function| setCookie function| getCookie object| gb2big5_Obj string| JF_cn number| BodyIsFt function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension object| jQuery1101016978331667329338 string| present object| box_width number| len object| $LANG function| STK_159479591963212 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnlf4XJ9rwqZkT7t78x450JC6rXzb2s7NQmyPskgtDHy0es_79Mfplhwo6s |
|
| .doubleclick.net/ | Name: FLC Value: CLuQmAIQqPmKhAEYs93U4AEgn6fFLiilkf0DMJvPuvgF |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
ae.bdstatic.com
at.alicdn.com
googleads.g.doubleclick.net
js.t.sinajs.cn
jspassport.ssl.qhimg.com
microsoft6477.fun
microsoft6477.moe
msite.baidu.com
pagead2.googlesyndication.com
s.360.cn
s.ssl.qhres.com
s2.ax1x.com
stats.g.doubleclick.net
timg.sjs.sinajs.cn
tjs.sjs.sinajs.cn
tpc.googlesyndication.com
widget.weibo.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
xiongzhang.baidu.com
104.193.88.77
123.57.8.164
124.238.234.48
163.172.6.164
171.13.14.66
180.149.138.56
23.236.68.219
2600:9000:2156:7600:0:e2b1:a380:93a1
2600:9000:21f3:ea00:11:1b7a:9b00:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a00:1450:400c:c04::9d
2a02:26f0:eb:192::102d
47.246.43.229
47.246.43.251
01f8f5a8d25746cc02e670b8766b8faf84529bbcdf9b2799615d58ed58011984
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0ac401ce6ff7fb3ed272b4efef050bf8581b10a5843f1dc7be41e0703508e74c
0d59b4b78bed58255e0990ef57d73a1ee16d178e2a3549013160730eb0c42f05
0de727114d737ee758242ced394ae51d121692a0e1eb788f726a6ab4909f1fe9
2203dd87445b5b3ea1861e92e32874c50374b60b1a1f54585391fb1cfc453d20
45c42e64228f5732deb2663a7df7bcb9190f6d0b2832a2bac2071f779f219f03
488fb0472924da78fb8349da8fecb6083c7ef3f778201f13d3e2e3fc9e89a075
4d5bab40203b9a8dedf36f0f67b1d6adae39b1b8a38d5551c223c5b2092332cc
4ec42ee31d42d87464ca82fa54e14bfc92b4fca71bda5a734e4505d591c06f0d
54694488fead0d3f6c3acb5db8b5fbca41378707c0d0884c2ce5fc82791ac316
5661fdc5e84aad91d8f948b3edaa18eb52f7616ddc8c5f78a65e996654666eea
5cc02fd818124382a1f7af04635942e4ee931900cdbaee1b3434856dc10c2cfc
62cf6ed108f4c644126a159553570f6e84fa0c30df42200bc8bc103e39ea0300
66cfa27b0485df92c636ba2b32e9b5e77f349fc126f19b5390f75c74f1653f29
6ba57b3ef9ca0ea316d1980398a64ff31ed47f7a7b01e4b9a3ccd5ca2a7bbcaa
6c740d6bc6819d16d84184d031e5ddd6d277540ce8c0cbb171d364d067a8f0ca
713abbe7926d125f76bcbf168ba0bda180a13315dc91928b094c5aecc602c90c
741902e922f13bcafdac610dfe972663f6ed88a1fae54897797fdb7d31f4ab5e
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb
790b615a921bdd52d3b54ca4de589bb91d28da58ccb607c818d3d3ea38640e77
7dc6a7e6ebcc595fa857f92a31acef539639c6ff7341ea019a8d1c3f8e8d773e
82caa7d012e8829598f76a58d937f2f0cfe27b84f7f1a17034893c9a695ae401
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8590ddd13dceefe81331fead5b0bf1d7f107c3b49c94641fbe66842cdc0675be
8dee4775422ba153beaee701c5be537480f0a0621c0b96ba09af91572f4bfca1
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
96876eb527c06399b2eabb7bb85d74cf11d759dabf74742a2e5adc36b2a4b2d3
a456d0fbc3068e91a1611fe0306012b1927a0112defede7728c152a69e1971b3
b01e8a7c878711f6b2e5091d9d616cbcd8489110fcb8fa2d19994f4d96e85602
b77e938f36c86b6aca15c53617915e669d3cedafccac08f72789d42473a8fba5
c0025816eff3f40ccdb90a6b0ea65b1a39d8d28ed91bec00fb4b655be3e7804b
ccc413bc7f9c34130334ab8acbad77303ec7b5d4adde74267a2c28f169370df8
ccdd19dbe7f9c983031423813bfa6cb244e0597a7828fe8b3a972b8c87e3dcba
cce53cb17e63ec7e7b40e9b7cd0d52709605e19e82e11e069bc26f1ac081eb9f
cf1cf825137184f033212dc66846a8b8dc74c4eac931cb1c9d308b32ac2cf42a
cfe9c355a3c62997ab9aa1350fadb5fc49fc95678649e43e4ee578b66545f2bd
d959a72ee5cf68b7ba7f331adf154bcc729d5ae6cff38e890f0f3dc7082bcfcd
e04e7ca6cd3a2c8f9e75b560109512b56dc4caf1c0585b830d67ef13a5a2467d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d2df57bce00a60bbee87d517adb51255b770d333c4530d48d99e0add23549
e44b2d5eb54130cec8211a74b550470a12f3e712a0776812898cbb6e2049dda5
ef4b2380b2a7ae8968a714555ee783a362f2ae64affde8ab337b277f506c166c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955