www.redwindowscapital.com.au
Open in
urlscan Pro
198.185.159.141
Public Scan
Submission Tags: @phishunt_io
Submission: On November 22 via api from ES
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 21st 2020. Valid for: 3 months.
This is the only time www.redwindowscapital.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-42.deploy.static.akamaitechnologies.com
images.squarespace-cdn.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-90-174.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
squarespace.com
1 redirects
assets.squarespace.com static1.squarespace.com |
830 KB |
3 |
linkedin.com
2 redirects
px.ads.linkedin.com www.linkedin.com |
3 KB |
3 |
gstatic.com
fonts.gstatic.com |
23 KB |
3 |
serving-sys.com
secure-ds.serving-sys.com bs.serving-sys.com |
17 KB |
3 |
squarespace-cdn.com
images.squarespace-cdn.com |
266 KB |
3 |
redwindowscapital.com.au
www.redwindowscapital.com.au |
29 KB |
2 |
facebook.com
www.facebook.com |
524 B |
2 |
licdn.com
snap.licdn.com |
3 KB |
2 |
facebook.net
connect.facebook.net |
93 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
googleapis.com
fonts.googleapis.com |
624 B |
31 | 11 |
Domain | Requested by | |
---|---|---|
6 | assets.squarespace.com |
www.redwindowscapital.com.au
|
4 | static1.squarespace.com |
1 redirects
www.redwindowscapital.com.au
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | images.squarespace-cdn.com |
www.redwindowscapital.com.au
|
3 | www.redwindowscapital.com.au |
assets.squarespace.com
|
2 | www.facebook.com |
www.redwindowscapital.com.au
|
2 | px.ads.linkedin.com |
1 redirects
www.redwindowscapital.com.au
|
2 | snap.licdn.com |
www.redwindowscapital.com.au
snap.licdn.com |
2 | connect.facebook.net |
www.redwindowscapital.com.au
connect.facebook.net |
2 | www.google-analytics.com |
www.redwindowscapital.com.au
www.google-analytics.com |
2 | secure-ds.serving-sys.com |
www.redwindowscapital.com.au
assets.squarespace.com |
1 | bs.serving-sys.com |
secure-ds.serving-sys.com
|
1 | www.linkedin.com | 1 redirects |
1 | fonts.googleapis.com |
www.redwindowscapital.com.au
|
31 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.redwindowscapital.com.au Let's Encrypt Authority X3 |
2020-11-21 - 2021-02-19 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.squarespace.com DigiCert SHA2 High Assurance Server CA |
2020-08-18 - 2021-03-30 |
7 months | crt.sh |
images.squarespace-cdn.com Let's Encrypt Authority X3 |
2020-10-29 - 2021-01-27 |
3 months | crt.sh |
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA |
2020-01-03 - 2021-04-03 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2020-08-05 - 2021-02-05 |
6 months | crt.sh |
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2 |
2020-01-07 - 2022-03-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.redwindowscapital.com.au/
Frame ID: B36BB36348A017E9DE24597A5FD59717
Requests: 31 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://static1.squarespace.com/static/5d9744a9255d3b4919c25190/t/5dc8d75680e6ab4d113222d2/1602172377739/?format=1500w HTTP 301
- https://images.squarespace-cdn.com/content/5d9744a9255d3b4919c25190/1573443414778-99T44P9M4LNA5CPE6FTA/RedWindows_Logo.png?content-type=image%2Fpng
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2546724&time=1606014215855&url=https%3A%2F%2Fwww.redwindowscapital.com.au%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2546724%26time%3D1606014215855%26url%3Dhttps%253A%252F%252Fwww.redwindowscapital.com.au%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2546724&time=1606014215855&url=https%3A%2F%2Fwww.redwindowscapital.com.au%2F&liSync=true
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.redwindowscapital.com.au/ |
222 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 624 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cldr-resource-pack-d2b6094e965c882c2de89-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ |
119 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-vendors-f84fa0c5e68f03fbb4463-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ |
648 KB 181 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-eedb878b4b03d71d45c33-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ |
915 KB 234 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commerce-4361ec5d53ac551813446-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ |
590 KB 145 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commerce-c6a9de0bd3119cb26a512448db40c590-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
performance-714358948bd9167e1015f-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ |
115 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.css
static1.squarespace.com/static/sitecss/5d9744a9255d3b4919c25190/73/5c5a519771c10ba3470d8101/5d9744a9255d3b4919c251a6/999-05142015/1600781731364/ |
679 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RedWindows_Logo.png
images.squarespace-cdn.com/content/5d9744a9255d3b4919c25190/1573443414778-99T44P9M4LNA5CPE6FTA/ Redirect Chain
|
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-bundle.js
static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/999/scripts/ |
479 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-common.js
static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/999/scripts/ |
98 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ |
52 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
89 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
965 B 761 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
www.redwindowscapital.com.au/api/1/performance/ |
3 KB 540 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RedWindows_Winery.jpg
images.squarespace-cdn.com/content/v1/5d9744a9255d3b4919c25190/1573470351191-9IJXLROBYIVBERNP5FF6/ke17ZwdGBToddI8pDm48kPx25wW2-RVvoRgxIT6HShBZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dM... |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RecordHit
www.redwindowscapital.com.au/api/census/ |
17 B 380 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
757453925087495
connect.facebook.net/signals/config/ |
239 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 397 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1073745084
secure-ds.serving-sys.com/adServingData/PROD/TMClient/4/ |
122 B 475 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Home-Animation-REVISION-%E2%80%94-Red-Windows-Capital---.gif
images.squarespace-cdn.com/content/v1/5d9744a9255d3b4919c25190/1599783571737-VG2RCUES6R59MR6HF6BK/ke17ZwdGBToddI8pDm48kPTrHXgsMrSIMwe6YW3w1AZ7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCL... |
144 KB 145 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 80 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 378 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Serving
bs.serving-sys.com/ |
326 B 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| SQUARESPACE_ROLLUPS object| Static object| versaTagObj string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids object| SQUARESPACE_I18N object| wpJsonpStyleLoader object| YUI_CONFIG function| YUI function| Common boolean| COMMON_ALREADY_RAN function| noop object| Singleton object| Class object| SquarespaceFonts object| Squarespace object| StaticActions object| regeneratorRuntime object| wpJsonpTemplateSections function| applyFocusVisiblePolyfill object| sectionControllerInstance object| core object| __sqsWebGL object| Y object| YUIStats string| _YUI_HISTORY_HASH_ENVIRONMENT_ID string| _yuid object| ESC_MANAGER object| Modernizr object| ImageLoader object| JSTween string| id object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __tti object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData function| lintrk boolean| _already_called_lintrk string| ptclString undefined| oneTagObj object| bsResponseObj10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.redwindowscapital.com.au/ | Name: ss_cvisit Value: 1606014215861 |
|
www.redwindowscapital.com.au/ | Name: ss_cpvisit Value: 1606014215861 |
|
www.redwindowscapital.com.au/ | Name: ss_cid Value: 4b3d0012-488c-414f-8fb0-2d0206c5380a |
|
.redwindowscapital.com.au/ | Name: _fbp Value: fb.2.1606014215895.1404385951 |
|
.redwindowscapital.com.au/ | Name: _gat Value: 1 |
|
.redwindowscapital.com.au/ | Name: _gid Value: GA1.3.1468632134.1606014216 |
|
.redwindowscapital.com.au/ | Name: _ga Value: GA1.3.179549169.1606014216 |
|
www.redwindowscapital.com.au/ | Name: ss_cvt Value: 1606014215781 |
|
www.redwindowscapital.com.au/ | Name: ss_cvr Value: 718efc2e-cb93-4206-8a1e-87ae934287c0|1606014215781|1606014215781|1606014215781|1 |
|
www.redwindowscapital.com.au/ | Name: crumb Value: BcvOqpFIa2NNNzg1NTE2YWU2NGYyNWVhODdkM2U5NzZmMzhjMmEy |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.squarespace.com
bs.serving-sys.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
px.ads.linkedin.com
secure-ds.serving-sys.com
snap.licdn.com
static1.squarespace.com
www.facebook.com
www.google-analytics.com
www.linkedin.com
www.redwindowscapital.com.au
151.101.112.238
151.101.12.237
184.31.90.174
198.185.159.141
2.16.177.42
2620:1ec:21::14
2a00:1450:4001:814::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
80.252.91.53
0377b04db3b348d4a70068206a3fc227c44392912c4f6a124ee65fad2b14d582
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a
3ef050c73bb33f3637b6a62a0aab24cc6d41980728c75d8356365dd14e7bc4ec
4765d4a9d60f5680b903c214f2d33837c71357d07944689f3a8d4f50886e764b
508f7c626b1756e0d6fa8024d1db52d010ba731badb9950292367eb09b5c2aa1
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
62a86dd41e0c766c2c4ddcecee566f95c53006edf1469a7fbaf2ff83e04808fe
62dc117cc5f1191fe06dd84532e04fdc9d47a88ff8509bcd5e543f31dd3c2add
63cb127852800ac9126dcc3dc886940095d007ecc1a5212e7f7b08f4330a4587
65ecbbd7da13cf015f204eb703a4c8e7e682d9ce24b626955efda59806f0d8c4
957e18d10b6366691bba62c55e84ff19cf5298e9ad5ee0f4e6910b28d8497475
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
aeebff4ffaa942149a639f2f6223b9699b53cc979dee1d92f8d949b6e640371d
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
c467e299382e63bcecbf9393b5476b7c8edea6b9b20660408a5a410ab968e609
d4311a09fa776ada6e03ad1d14a5f13dcec993b0063d67f1e4780c4a31072997
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
e0918908846c5bedd7954c3603731d820aab877190d1a908e3d2feb0783af3eb
e12f9160328623e620a6a370974c602aaa7ad80522ab69aab9833e96c0b68f7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e961b803ef89760349aa8e8767d939a5f90773546ae52db2459898819cded4f2
ebbe887219e32147189f155be96df9d94892e52e0c7d1c67692aa9effdcefc7d
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
fe0dc029e44c51dec0d7a9a5fb64e2229c474ef6a4a09e7f199ce46857f6d985