win.ma
Open in
urlscan Pro
105.73.3.20
Public Scan
Effective URL: https://win.ma/
Submission: On August 07 via manual from MA — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 4th 2024. Valid for: a year.
This is the only time win.ma was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 105.73.3.20 105.73.3.20 | 36884 (MAROCCONNECT) (MAROCCONNECT) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::18 | 60068 (CDN77 _) (CDN77 _) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE) | |
7 | 85.222.146.21 85.222.146.21 | 14340 (SALESFORCE) (SALESFORCE) | |
3 | 95.100.146.9 95.100.146.9 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 160.8.244.120 160.8.244.120 | 14340 (SALESFORCE) (SALESFORCE) | |
2 | 13.51.236.196 13.51.236.196 | 16509 (AMAZON-02) (AMAZON-02) | |
33 | 10 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-cdg3.eu26-cdg.force.com
service.force.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-9.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN14340 (SALESFORCE, US)
PTR: dcl13-ncg0-cdg3.la2-c1-cdg.salesforceliveagent.com
d.la2-c1-cdg.salesforceliveagent.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-51-236-196.eu-north-1.compute.amazonaws.com
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
win.ma
1 redirects
win.ma |
914 KB |
7 |
force.com
service.force.com — Cisco Umbrella Rank: 6720 |
29 KB |
4 |
salesforceliveagent.com
d.la2-c1-cdg.salesforceliveagent.com — Cisco Umbrella Rank: 605589 d.la1-core1.sfdc-cehfhs.salesforceliveagent.com — Cisco Umbrella Rank: 50887 |
5 KB |
3 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963 |
139 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236 |
73 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
110 KB |
1 |
webpushs.com
web.webpushs.com — Cisco Umbrella Rank: 73428 |
37 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
775 B |
0 |
polyfill.io
Failed
polyfill.io Failed |
|
33 | 9 |
Domain | Requested by | |
---|---|---|
13 | win.ma |
1 redirects
win.ma
|
7 | service.force.com |
win.ma
service.force.com |
3 | analytics.tiktok.com |
www.googletagmanager.com
analytics.tiktok.com |
2 | d.la1-core1.sfdc-cehfhs.salesforceliveagent.com |
service.force.com
|
2 | d.la2-c1-cdg.salesforceliveagent.com |
service.force.com
|
2 | connect.facebook.net |
www.googletagmanager.com
connect.facebook.net |
1 | www.googletagmanager.com |
win.ma
|
1 | web.webpushs.com |
win.ma
|
1 | fonts.googleapis.com |
win.ma
|
0 | polyfill.io Failed |
win.ma
|
33 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.win.ma Sectigo RSA Domain Validation Secure Server CA |
2024-03-04 - 2025-03-04 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA |
2024-01-09 - 2025-01-16 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.eu26.force.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-01-03 - 2024-12-31 |
a year | crt.sh |
*.tiktok.com RapidSSL TLS ECC CA G1 |
2024-07-15 - 2025-07-15 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-05-17 - 2024-08-15 |
3 months | crt.sh |
la2-c1-cdg.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-01 - 2024-10-29 |
a year | crt.sh |
la1-core1.sfdc-cehfhs.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-06-04 - 2025-06-03 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://win.ma/
Frame ID: FA59C5A1640CD7E354E39FE368AFD092
Requests: 33 HTTP requests in this frame
Frame:
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Frame ID: 67CECFE268A5351C5953903ABC4FA51C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
win | Premier Opérateur Mobile 100% Digital au MarocPage URL History Show full URLs
-
http://win.ma/
HTTP 307
https://win.ma/ HTTP 307
http://win.ma/ HTTP 301
https://win.ma/ Page URL
Detected technologies
Salesforce Service Cloud (Live chat) ExpandDetected patterns
- service\.force\.com
Nuxt.js (JavaScript Frameworks) Expand
Detected patterns
- /_nuxt/
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://win.ma/
HTTP 307
https://win.ma/ HTTP 307
http://win.ma/ HTTP 301
https://win.ma/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
win.ma/ Redirect Chain
|
376 KB 66 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1510ab3.js
win.ma/_nuxt/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ac5be21.js
win.ma/_nuxt/ |
226 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e79182c.js
win.ma/_nuxt/ |
3 MB 514 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
312c913.js
win.ma/_nuxt/ |
1 MB 185 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca618ca695daff172389373ddf8129e6_1.js
web.webpushs.com/js/push/ |
116 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
344 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartbanner.min.css
win.ma/smartbanner/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esw.min.js
service.force.com/embeddedservice/5.0/ |
30 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
polyfill.min.js
polyfill.io/v2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartbanner.min.js
win.ma/smartbanner/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.min.js
service.force.com/embeddedservice/5.0/utils/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esw.min.css
service.force.com/embeddedservice/5.0/ |
9 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ |
20 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
225 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
357379934942021
connect.facebook.net/signals/config/ |
64 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MWFhNzU2YTY5MQ.js
analytics.tiktok.com/i18n/pixel/static/ |
336 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_c2008b8c.js
analytics.tiktok.com/i18n/pixel/static/ |
146 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3c8fcea.js
win.ma/_nuxt/ |
24 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
737aa68.js
win.ma/_nuxt/ |
79 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eff7019.js
win.ma/_nuxt/ |
58 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7f1a987.js
win.ma/_nuxt/ |
222 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
707edf1.js
win.ma/_nuxt/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esw.html
service.force.com/embeddedservice/5.0/ Frame 67CE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EmbeddedServiceConfig.jsonp
d.la2-c1-cdg.salesforceliveagent.com/chat/rest/EmbeddedService/ |
174 B 564 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ |
19 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 3 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Settings.jsonp
d.la2-c1-cdg.salesforceliveagent.com/chat/rest/Visitor/ |
177 B 564 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inert.min.js
service.force.com/embeddedservice/5.0/utils/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EmbeddedServiceConfig.jsonp
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com/chat/rest/EmbeddedService/ |
16 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Settings.jsonp
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com/chat/rest/Visitor/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
04e67b2.js
win.ma/_nuxt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- polyfill.io
- URL
- https://polyfill.io/v2/polyfill.min.js?features=default,IntersectionObserver,Array.prototype.find,EventSource,Array.prototype.includes
- Domain
- win.ma
- URL
- https://win.ma/_nuxt/04e67b2.js
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| include string| path string| lang object| __NUXT__ object| embedded_svc function| initESW object| webpackJsonp object| oSpPOptions function| oPromptPush object| oSpP object| core object| __core-js_shared__ object| firebase function| UAParser object| google_tag_manager object| google_tag_data object| dataLayer string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| regeneratorRuntime function| setImmediate function| clearImmediate function| _ object| onNuxtReadyCbs function| onNuxtReady function| Hammer5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
win.ma/ | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: DFMHCELNFKDJLIBAMCIADNJGGFHNABOIBKMNLNBGKDFGJOHBNEGDEDLEJBEDOPFOIEBDPLFFBHNGIGCHFBIANEAEKLKNIEIAJNOEKAKEDAKMOBDMEJJJNFNHGCKEBAOI |
|
.win.ma/ | Name: TS010594ad Value: 018e1322ef2b6e3fa9b995f80a4ecd49c9e7cdecc4941f12d67084d7b276d0e0edd33cfe1778eb5c11505357cc25d4ea6f913272d1a639baf515dd921b348f1be29ec4b733 |
|
.tiktok.com/ | Name: _ttp Value: 2kLDeygkY76LvgXGWFiw8nD02D5 |
|
.win.ma/ | Name: _tt_enable_cookie Value: 1 |
|
.win.ma/ | Name: _ttp Value: F9v0CTNOZtDqw9OFReImP-3oubW |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=16070400; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
connect.facebook.net
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com
d.la2-c1-cdg.salesforceliveagent.com
fonts.googleapis.com
polyfill.io
service.force.com
web.webpushs.com
win.ma
www.googletagmanager.com
polyfill.io
win.ma
105.73.3.20
13.51.236.196
160.8.244.120
2a00:1450:4001:81d::2008
2a00:1450:4001:82a::200a
2a02:6ea0:c700::18
2a03:2880:f084:105:face:b00c:0:3
85.222.146.21
95.100.146.9
00f993fa8da962e101c466681a2a88164bc3e6531bd854d6dddabae661bf3c38
099450c5031ea664ef3594fa25b0a68cd550e6c9c58b061dc33c707b450bad20
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1918a6aeae5b87a6681366a518203050ddc6b9f6be547d79b18d6a507d073989
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
2ee6a6dd3182ece9d33539055fb53ea1e005444d4cdf6996f93b1555dc78d62b
318458b2f6bd1b8ecb04ca266081150b55e7917a223d3fb679db9eccc19c70d8
3220afe424971c84d14fb3fa3baa36793efb5af404c9d07d804e06401c01af98
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3ed818aad31677b4b4e62b8e5be76e029c861dced68991867b2348767eb1ea1e
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5329620df82cb9e1f3334b659d1fa11789e05ae3105dfc2c691fff5797d6c95f
5425f24fe5b76fa7d0ae344d0f184a843a7a3fb314bf6063787fe6ad35ce1ffb
63da4324978a61770eae7b760e0e6cf39f0fed0d54e523c0d7822dd05c84d531
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
77a6d49850096ec68d2813a91f8b1908017d26aaed430e3a2e17943a870ee567
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
90ee0ccf6d335dcf9e4e65b163d938d71574d6804a9d99325abfc4967b57273f
a5fabc8494f83fe9a7932cdb4fbb7be8bb00d0c6a519431f4e399aad85b90d22
ad981f0d083d45ecc8480bb4b59d5815a82c5a396cb83c1ef6936c3da0e00110
ae0fba6f6111df81b535ca9503101b46a6ac08eb75412e92d389632ac6129e9b
b63516967bf4bee283ba01b4b1e94e176114ed2b0a87a4678e0b4b704e1fcb08
c573762502b8ed09b552f86159d3afcf2c9c82697da070373468e7960d51a3f0
cc7a83482caae00cdc31ace1a59c01e340b149c0fa67ad1d62d38ffffbfcac15
d48ab8d60cee7ebae74ce89eecd7b4eef9e066cab216c9cfafd2f5dfeff76867
df9b93084165ee07dcba97feaaecd7a37c1ca899bc8b1875bf3473053c716a3e
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e