paradigmwindows.myparadigmcloud.com
Open in
urlscan Pro
2606:4700:10::6816:250
Public Scan
Submission Tags: @phishunt_io
Submission: On September 13 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by E1 on September 2nd 2022. Valid for: 3 months.
This is the only time paradigmwindows.myparadigmcloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2606:4700:10:... 2606:4700:10::6816:250 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a02:26f0:350... 2a02:26f0:3500:16::215:14a0 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:1495 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.165.136.32 52.165.136.32 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.185.66 142.250.185.66 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::2004 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
30 | 12 |
ASN13335 (CLOUDFLARENET, US)
paradigmwindows.myparadigmcloud.com |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
36qyuzoj7fgnibljtmes.blob.core.windows.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
myparadigmcloud.com
paradigmwindows.myparadigmcloud.com |
594 KB |
5 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 1044 p.typekit.net — Cisco Umbrella Rank: 1273 |
141 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 3469 |
655 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 19 |
655 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 |
2 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94 |
20 KB |
2 |
windows.net
36qyuzoj7fgnibljtmes.blob.core.windows.net |
563 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1202 |
83 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 159 |
16 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141 |
56 KB |
30 | 10 |
Domain | Requested by | |
---|---|---|
11 | paradigmwindows.myparadigmcloud.com |
paradigmwindows.myparadigmcloud.com
|
4 | use.typekit.net |
paradigmwindows.myparadigmcloud.com
use.typekit.net |
2 | www.google.de |
paradigmwindows.myparadigmcloud.com
|
2 | www.google.com |
paradigmwindows.myparadigmcloud.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | 36qyuzoj7fgnibljtmes.blob.core.windows.net |
paradigmwindows.myparadigmcloud.com
|
2 | maxcdn.bootstrapcdn.com |
paradigmwindows.myparadigmcloud.com
maxcdn.bootstrapcdn.com |
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | www.googletagmanager.com |
paradigmwindows.myparadigmcloud.com
|
30 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.myparadigmcloud.com E1 |
2022-09-02 - 2022-12-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-07 - 2023-04-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 01 |
2022-08-11 - 2023-08-11 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://paradigmwindows.myparadigmcloud.com/login
Frame ID: EC2BD31EF5A5577A13622E20383964B4
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Welcome to PWS OpticDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Laravel (Web Frameworks) Expand
Detected patterns
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Typekit (Font Scripts) Expand
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
paradigmwindows.myparadigmcloud.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.f097f399.css
paradigmwindows.myparadigmcloud.com/build/css/ |
336 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pbx7jis.css
use.typekit.net/ |
4 KB 1002 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack.401d7b7d.js
paradigmwindows.myparadigmcloud.com/build/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.9c7d7f3a.js
paradigmwindows.myparadigmcloud.com/build/js/ |
81 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webCP.vendor.003d0b2c.dll.js
paradigmwindows.myparadigmcloud.com/build/js/ |
1 MB 363 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webCP.shared.174a0609.dll.js
paradigmwindows.myparadigmcloud.com/build/js/ |
247 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.828f0b64.js
paradigmwindows.myparadigmcloud.com/build/js/ |
141 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
estimate-plugin.fb459531.js
paradigmwindows.myparadigmcloud.com/build/js/ |
737 B 428 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.77db7866.js
paradigmwindows.myparadigmcloud.com/build/js/ |
29 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
144 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 195 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginScreenCompressedWTS.jpg
36qyuzoj7fgnibljtmes.blob.core.windows.net/marketingimages/paradigmwindows/ |
546 KB 546 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ParadigmLogo_Horizontal.png
36qyuzoj7fgnibljtmes.blob.core.windows.net/marketingimages/paradigmwindows/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ |
50 KB 51 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ |
46 KB 46 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common
paradigmwindows.myparadigmcloud.com/locales/en/ |
49 KB 16 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/309dfe/000000000000000000010091/27/ |
42 KB 42 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
powered-by-paradigm_1x.png
paradigmwindows.myparadigmcloud.com/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 456 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070199983/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1070199983/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1070199983/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| LOGIN_CONFIG object| I18N_CONFIG object| webpackJsonp function| webCP_dll_vendor function| webCP_dll_shared function| jQuery function| $ function| Mousetrap object| $header object| $nav object| $navbar function| nativeConfirm function| currentCsrfToken object| __paradigm function| _ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.myparadigmcloud.com/ | Name: _gcl_au Value: 1.1.74116230.1663073327 |
|
.myparadigmcloud.com/ | Name: _ga Value: GA1.2.708648128.1663073327 |
|
.myparadigmcloud.com/ | Name: _gid Value: GA1.2.1279216241.1663073327 |
|
.myparadigmcloud.com/ | Name: _gat_UA-125116-29 Value: 1 |
|
paradigmwindows.myparadigmcloud.com/ | Name: XSRF-TOKEN Value: eyJpdiI6ImRQaVlUMlMwUU5sWkdCTmtVU0w2OFE9PSIsInZhbHVlIjoiZE9LOFB4aGV1SGRXRERoZW9ZZWN3eHdBMGVTaGRXVzI1OVl3MnJVSWsveU94ckdVWldOK1YwT1FVeUx3SkpCMkQwWTZSMk54ZVBOdUtMajRtMkV4d2dPQ2x3T1gwekFQZmRxQzljZWNyMWpnSXg3VmJ2L0dNTzYwTC9wKzRqeE8iLCJtYWMiOiJjODQ5Yzg5MDlmODMyZmIyNWM4MDU1ZWNhMzBiZjQ0ZTQ3YjgzNzNkN2Q5NDA0ZGI1YWM4OTlkYWNiYWQ3NjExIn0%3D |
|
paradigmwindows.myparadigmcloud.com/ | Name: laravel_session Value: eyJpdiI6IkIzOTIwTlVKZEp6bGlyTE1NRXkvb3c9PSIsInZhbHVlIjoiYnVnSUJLL1BFWEMzb05CbFpHZUVCSmhMZkFUaklCMWRpOWU3K2hlR2dFYzRBTnlUeVNtbWdZaVREa1QvRXM4eVNHaWlWQ1FaS2Y5anlvOElJS1QvYzdGT3I2MTZxZjgva0dFM3V6UlQxM2ludUk3cVdtaUdWN2xJU0M2dXJXaGoiLCJtYWMiOiJhNWI0MjMzMTM5MWNhYzhjMGJhNTU3MDgzYzNiNjM5ZjRjZmUwOTg0ZDU1Nzk2MjRlYmZmMGY0MmM2ZmJlYWEzIn0%3D |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
36qyuzoj7fgnibljtmes.blob.core.windows.net
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
p.typekit.net
paradigmwindows.myparadigmcloud.com
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.66
2606:4700:10::6816:250
2606:4700::6812:bcf
2a00:1450:4001:801::2008
2a00:1450:4001:811::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
52.165.136.32
03165b76002236f6e1327577eec5fa1f331e13bd70852fdbd8729a791f748466
04dd88ec3632bfd618a21c8657d6faf685a33fde9d3bf3c7e0e43ce9f517c55d
10a8301c575f944c7fb4ad372bd664eedb3a690cefc6d4847e9891f1784a522c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
39e268327b0a7ca167fd450f22e5a11f3d3b3ee87a114a9bec6b7d194b8bba31
4fcac056d864625ccd81cd746cbee8e7c2eaa947f9826d3912b3b21a97cdfd45
51495b630744b6e3b97569f4883db17119e394a37a42691515776b06b8d2d49f
63d509d29f083ff11b58dbb6910f036eea5960671752407ddc614483f3e10eda
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8da6c797c4fc6dd680b119bf17d9ded7a5d15cb9a7853dafba73c7f2b30a7973
9109437382857c1ddaba57bec210a22d2b815bc9e0223b2ede810494cdd3b40f
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb
a12536fb78facfe50478abe7310370c7cfd10a566036a61b7058fbd2155d1558
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a83f55b77e1377ccf37ad287d2ad975d7a46b44cfa76b2d59703a659b61ba191
b950b8306e00e4955c6f615d9a8f22a31089528f71049f348f73bae36f49e809
bd59eac0ddf71e5dd30101747cea1d55544339bd310c68a86aa133877f385213
c391cdfb1f8a8c62813bbbffb6ab8f022e045599a9a2ae7f55606a7c72e2b4cf
d94862b3e22898b9b5a4f5cbcf026ddc487d3d7457f01cd9d2bff2ccd1397417
daa9098ccca880198400858f61e0ac5414abce1d1346a6ff6d13214ba3182987
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df1ce32395abb5885b9197e26714d77b42e91e635aaecf0b6f43244c4bfeef8f
e979c2de292d8245468e77c6a540e942d6135de260194869120691161470ae97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11