www.myforexfunds.com
Open in
urlscan Pro
206.188.192.14
Public Scan
Submission: On October 08 via manual from SG — Scanned from SG
Summary
This is the only time www.myforexfunds.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 206.188.192.14 206.188.192.14 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 | 2606:4700:10:... 2606:4700:10::6816:29ad | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:10:... 2606:4700:10::6816:28ad | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 20.125.62.241 20.125.62.241 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:46::70 2620:1ec:46::70 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 20.50.73.13 20.50.73.13 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
45 | 7 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: vux.netsolhost.com
www.myforexfunds.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
office.com
1 redirects
forms.office.com — Cisco Umbrella Rank: 3487 c.office.com — Cisco Umbrella Rank: 21917 |
625 KB |
11 |
myforexfunds.com
www.myforexfunds.com |
1 MB |
7 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 162 |
1 KB |
4 |
edit.site
static-cdn.edit.site — Cisco Umbrella Rank: 253672 rest.edit.site — Cisco Umbrella Rank: 217570 |
2 KB |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1852 |
78 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 257 |
763 B |
45 | 6 |
Domain | Requested by | |
---|---|---|
21 | forms.office.com |
www.myforexfunds.com
forms.office.com |
11 | www.myforexfunds.com |
www.myforexfunds.com
|
7 | browser.events.data.microsoft.com |
js.monitor.azure.com
forms.office.com |
3 | rest.edit.site |
www.myforexfunds.com
|
2 | c.office.com |
1 redirects
forms.office.com
|
1 | js.monitor.azure.com |
forms.office.com
|
1 | c.bing.com | 1 redirects |
1 | static-cdn.edit.site |
www.myforexfunds.com
|
45 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-26 - 2024-04-25 |
a year | crt.sh |
forms.cloud.microsoft Microsoft Azure TLS Issuing CA 02 |
2023-08-16 - 2024-06-27 |
10 months | crt.sh |
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-20 - 2024-09-14 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05 |
2023-09-12 - 2024-06-27 |
10 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://www.myforexfunds.com/
Frame ID: 2C9411D0D8903FABBE90FD0A6754462B
Requests: 14 HTTP requests in this frame
Frame:
https://forms.office.com/Pages/ResponsePage.aspx?id=bitiWd2b2UaX5oFQseO5VaPRDMCgEnpPmBHVeBvbRFZUOFdGWTUxWkUxN0NEVUc2QUNBWjJTOEFHRSQlQCN0PWcu
Frame ID: 734967E829ACFF28FFA80C59A1909B48
Requests: 26 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=64A32E27E4AD45728475534DC4FE75D7&RedC=c.office.com&MXFR=1C5E39ED9165693430242A49956562AB HTTP 302
- https://c.office.com/c.gif?ctsa=mr&CtsSyncId=64A32E27E4AD45728475534DC4FE75D7&MUID=1C5E39ED9165693430242A49956562AB
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.myforexfunds.com/ |
54 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
publish.css
www.myforexfunds.com/bundle/publish/0.37.8/ |
545 KB 97 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
35ee80e8-3cb6-4328-bdf3-45392d0fd7a3.css
www.myforexfunds.com/styles/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors.js
www.myforexfunds.com/bundle/publish/0.37.8/ |
461 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
www.myforexfunds.com/bundle/publish/0.37.8/ |
492 KB 152 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bai-jamjuree-normal-700.woff2
www.myforexfunds.com/__fonts/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signika-normal-400.woff2
www.myforexfunds.com/__fonts/ |
21 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.svg
www.myforexfunds.com/bundle/publish/0.37.8/svg/ |
66 KB 66 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
templates.svg
www.myforexfunds.com/bundle/publish/0.37.8/svg/ |
502 KB 502 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
publish.svg
www.myforexfunds.com/bundle/publish/0.37.8/svg/ |
22 KB 22 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.svg
www.myforexfunds.com/__static/ |
46 B 328 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
970.json
static-cdn.edit.site/resellers-settings/ |
456 B 949 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip
rest.edit.site/geoip-service/ |
263 B 579 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ResponsePage.aspx
forms.office.com/Pages/ Frame 7349 |
60 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.en-us.04d426e00.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dll-dompurify.min.3c32c70.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.61301b8.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
420 KB 126 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('bitiWd2b2UaX5oFQseO5VaPRDMCgEnpPmBHVeBvbRFZUOFdGWTUxWkUxN0NEVUc2QUNBWjJTOEFHRSQlQCN0PWcu')
forms.office.com/formapi/api/59622b6e-9bdd-46d9-97e6-8150b1e3b955/groups/c00cd1a3-12a0-4f7a-9811-d5781bdb4456/light/ Frame 7349 |
7 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.default.04d426e00.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.7afeec9.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
0 104 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_saveresponse.f3d567d.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
0 7 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_cover.52771c8.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
0 18 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.c5d8dad.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
0 6 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.7afeec9.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
320 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_saveresponse.f3d567d.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.c5d8dad.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wave-pattern-v1.svg
forms.office.com/cdn/images/aio/ Frame 7349 |
2 KB 963 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.31d3b50.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
1 KB 830 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.officebrowserfeedback.39bdf71.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
0 117 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.try_dv.d33b8a6.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.1ds.37175a1.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
104 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.utel.416b286.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Frame 7349 Redirect Chain
|
42 B 334 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
'zh-sg'
forms.office.com/formapi/api/59622b6e-9bdd-46d9-97e6-8150b1e3b955/groups/c00cd1a3-12a0-4f7a-9811-d5781bdb4456/forms('bitiWd2b2UaX5oFQseO5VaPRDMCgEnpPmBHVeBvbRFZUOFdGWTUxWkUxN0NEVUc2QUNBWjJTOEFHRSQl... Frame 7349 |
2 B 605 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ Frame 7349 |
181 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
api
rest.edit.site/member-analytics-service/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
api
rest.edit.site/member-analytics-service/ |
522 B 445 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telemetry-worker.1.js
forms.office.com/cdn/scripts/dists/ Frame 7349 |
94 KB 32 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 7349 |
153 B 759 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 7349 |
153 B 426 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 7349 |
153 B 197 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| __PRELOADED_STATE__ object| webpackChunkpage_render_service function| __VERSION__ function| onloadRecaptchaCallback17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
forms.office.com/ | Name: FormsWebSessionId Value: 61bf8fe8-a7d3-4559-a440-c785fce55bc7 |
|
.forms.office.com/ | Name: RpsAuthNonce Value: 5c2927f5-f3c8-4d4c-aa97-48a53234033c |
|
forms.office.com/ | Name: __RequestVerificationToken Value: DCHI0l39I5A1yDVYlv-k8ac6ZFndRVqmXkqrUKDVIg-UG2IdX5FLutv_OHEHdhVhDZxZmaZYsWZrcC3t67vm55ERBtwoYJMWM0-22-mMQiw1 |
|
forms.office.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 6682bd99-7196-4527-b3a6-4fff901e6cca |
|
forms.office.com/ | Name: ai_session Value: 4mmcStsV34TUufGnGx+1Zo|1696765713843|1696765713843 |
|
www.myforexfunds.com/ | Name: country Value: SG |
|
.office.com/ | Name: MUID Value: 1C5E39ED9165693430242A49956562AB |
|
.bing.com/ | Name: MUID Value: 1C5E39ED9165693430242A49956562AB |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 1C5E39ED9165693430242A49956562AB |
|
.c.office.com/ | Name: SM Value: C |
|
.c.office.com/ | Name: MR Value: 0 |
|
.c.office.com/ | Name: ANONCHK Value: 0 |
|
.www.myforexfunds.com/ | Name: _spAnalyticsIdF Value: 1945167d-c2bb-4d7d-99e9-e8497d2e319f |
|
.www.myforexfunds.com/ | Name: _spAnalyticsIdFHash Value: $2y$10$PRjcQ9JCyh4LB6BUhF/cj.yGXgKXuOeVCtGaJhSOwznTX1U74EANK |
|
.www.myforexfunds.com/ | Name: _spAnalyticsId Value: f45324c7-c4ef-4d5a-a264-8224de65e0ad |
|
.www.myforexfunds.com/ | Name: _spAnalyticsIdHash Value: $2y$10$l.IrhUBAZz0tWw9Y2tVDKeUEg6YMvh1xschMNCg5v6h76dpUtr29u |
230 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
c.bing.com
c.office.com
forms.office.com
js.monitor.azure.com
rest.edit.site
static-cdn.edit.site
www.myforexfunds.com
20.125.62.241
20.50.73.13
206.188.192.14
2606:4700:10::6816:28ad
2606:4700:10::6816:29ad
2620:1ec:46::70
2620:1ec:a92::194
2620:1ec:c11::200
010e22cf6b3ea7d767e5edbbdb72045d43ae115420475decdf53a8788fd67086
080268a1d2de3240b0a24d8982490c51929262faac499c5bfd1fe41912bac83e
13e78dda448aace0830fc68a27b415ceb3ef51a2acd64c4cf4fa0420005a737c
1437f595bc9f5c5b472732225bb409afe27f6747fea1f3e5b6d80dac3e1b9a0c
27a494ff1e16d7973ce0094e2b87f3207504f9c43ac2211cc010b91da8052cf7
295e2cb66a7b6543ba24e2c37eda08b767e2f78b33bd383610f69cb34121bcb0
3723e0437220ee1c7b9444bf1c9f36ff131f92ae2eafadc8fe2b5e57fb8d7225
47377ca3daad4628aa1fb3ee035868f636adac46018964996ba0ea7b7d3f1a9d
4c7781c8155743134749aed9b36e565b6fa344a86186b1362af3491b6b435a6b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6f65201b40ec2f07bd1bde126f4f38dc26211e77f6acc5914b065e4c819c04
5085396d0d1d26ddbfb420f47958cb5d37e11d0558fb01dd10c50ddd265cf81e
545d96fe0f486da09a4a1ac10f45a63a86c480ab0a6c627df1b626d751605b4e
5e2e0c55adfb4860d06492709bd6153e61561526040ee3fe26c552abf4d99e03
60017e44c57dca7aff279c3f11efe53dd165b3f992dc5ca04f2338a109963a1d
85ed8f512f9c9a0d23eed31481d4df9b66538a0b93930db40ebcbe6d2122ff3b
86f2725f9edb4ee125f4230522a18d22828e589cb647fec26bdaa4f0a2adb819
8d9b4b794affc5daf4eafa12e0c6294ab31aaeed330886145676bd6b832e8b98
8dbf6f62aabb98a3011d99f0e7e34d0af7163cf6fa12ddbe40ce8f3a681fddac
9149bdd5add042d4118ad547886bf869a48cac059e3d0f104dd5fb075af0c0b8
97ef60fe214ade8adc07d5a3b951fc77053d630845ed4df71bc540528bc086cc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a12e651312666a2519bcec5a7699bf94739e8e9b68b17f9619889b1075977288
a4a96e3a443028db3ca7f5ba5bcbd854ce7d8752a75daecd3619d1c9ba4410d6
a6d72bfbb24f8e8a69a41e4f6968f7c02f22c98be41c6cf485d87ff12917d40f
a77ffbc96c2b930dba2ee53fb0bea719fd88cbee4a175d82ec001f83df4e90ce
b892524c3b38e77647f2cb4bffd277d0378cd8e6ba3b5f2e32ebd9ec7f219262
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
cbfb58fa3bcf70c701fc37975bab2e3bc4edbe328d183c345a6830d20d4514f7
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d2c992fe4cd80c06da438b2a5b3c40adce97d3dc8dfb49bc88a18e946fcad2
e7eab04dcf0956e72a687d70cae4263e15a425ed4b4f7766ce8a84fb60edbc48
ed20090ab9eac537cd83a784f70dd61f1ea14da013e0e9c38174bfc691353304