clashforwindows.org
Open in
urlscan Pro
2606:4700:3032::ac43:c83a
Public Scan
Submission Tags: @phishunt_io
Submission: On September 18 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on September 18th 2022. Valid for: 3 months.
This is the only time clashforwindows.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2606:4700:303... 2606:4700:3032::ac43:c83a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:10:... 2606:4700:10::ac43:2794 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:829::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2620:1ec:27::... 2620:1ec:27::cafe:2066 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:400c:c07::9d | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 20.234.93.27 20.234.93.27 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.96.88.162 20.96.88.162 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
38 | 10 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
clashforwindows.org
clashforwindows.org |
245 KB |
5 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 557 c.clarity.ms — Cisco Umbrella Rank: 998 k.clarity.ms — Cisco Umbrella Rank: 5452 |
26 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
263 KB |
4 |
addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3939 |
61 KB |
3 |
google.de
www.google.de — Cisco Umbrella Rank: 6352 |
715 B |
3 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79 |
458 B |
3 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5636 |
421 B |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 220 |
555 B |
38 | 8 |
Domain | Requested by | |
---|---|---|
17 | clashforwindows.org |
clashforwindows.org
|
4 | www.googletagmanager.com |
clashforwindows.org
www.googletagmanager.com |
4 | static.addtoany.com |
clashforwindows.org
static.addtoany.com |
3 | www.google.de |
clashforwindows.org
|
3 | stats.g.doubleclick.net |
www.googletagmanager.com
|
3 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | c.clarity.ms | 1 redirects |
2 | www.clarity.ms |
clashforwindows.org
www.clarity.ms |
1 | k.clarity.ms |
www.clarity.ms
|
1 | c.bing.com | 1 redirects |
38 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.linuxsss.com |
www.linuxssr.com |
www.linuxtrojan.com |
www.linuxv2ray.com |
www.linuxxray.com |
www.addtoany.com |
jmsnode.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.clashforwindows.org GTS CA 1P5 |
2022-09-18 - 2022-12-17 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-04 - 2023-06-03 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-27 - 2023-02-27 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 02 |
2022-06-07 - 2023-06-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://clashforwindows.org/
Frame ID: 76FD2C10E5BB973CDFA9E3E146E08843
Requests: 39 HTTP requests in this frame
Frame:
https://static.addtoany.com/menu/sm.23.html
Frame ID: 7658AF7359314C2CF1EF11C81A785A48
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
2022最新Clash for Windows使用教程配置从入门到精通Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
AddToAny (Widgets) Expand
Detected patterns
- addtoany\.com/menu/page\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: Shadowsocks 搭建
Search URL Search Domain Scan URL
Title: SSR 搭建
Search URL Search Domain Scan URL
Title: Trojan 搭建
Search URL Search Domain Scan URL
Title: V2Ray 搭建
Search URL Search Domain Scan URL
Title: Xray 搭建
Search URL Search Domain Scan URL
Title: 分享
Search URL Search Domain Scan URL
Title: Shadowsocks 搭建
Search URL Search Domain Scan URL
Title: ShadowsocksR 搭建
Search URL Search Domain Scan URL
Title: Trojan 搭建
Search URL Search Domain Scan URL
Title: V2Ray 搭建
Search URL Search Domain Scan URL
Title: Xray 搭建
Search URL Search Domain Scan URL
Title: 搬瓦工机场
Search URL Search Domain Scan URL
Title: AddToAny
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=6C1D8C97362B4B3DB459EF5A5495DC31&RedC=c.clarity.ms&MXFR=1ADDE35446016A6A1E9DF177420164BE HTTP 302
- https://c.clarity.ms/c.gif?CtsSyncId=6C1D8C97362B4B3DB459EF5A5495DC31&MUID=0CA3814B72BF6AFD313F936873136B32
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
clashforwindows.org/ |
68 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_18e2bcbc47352391f8a869f47616caac.css
clashforwindows.org/wp-content/cache/autoptimize/css/ |
427 KB 66 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_974238d2533de6480e61037bbfa57049.css
clashforwindows.org/wp-content/cache/autoptimize/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_71ed141f4e5c3b3c079b8e0f2490b364.css
clashforwindows.org/wp-content/cache/autoptimize/css/ |
1 KB 651 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_be5bb542948d536f03a06b6e2a86f39e.css
clashforwindows.org/wp-content/cache/autoptimize/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.js
static.addtoany.com/menu/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
clashforwindows.org/wp-includes/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-polyfill.min.js
clashforwindows.org/wp-includes/js/dist/vendor/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hooks.min.js
clashforwindows.org/wp-includes/js/dist/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n.min.js
clashforwindows.org/wp-includes/js/dist/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lazyload.min.js
clashforwindows.org/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1948b6f0653251ea869c338e4686deb6.js
clashforwindows.org/wp-content/cache/min/1/ |
206 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core.e18d3993.js
static.addtoany.com/menu/modules/ |
70 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
110 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
66 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
69 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
inactive.svg
clashforwindows.org/wp-content/plugins/kk-star-ratings/src/core/public/svg/ |
238 B 688 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
selected.svg
clashforwindows.org/wp-content/plugins/kk-star-ratings/src/core/public/svg/ |
242 B 692 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-regular-400.woff2
clashforwindows.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpgp1k06qa
www.clarity.ms/tag/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
211 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
211 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
211 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 350 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 350 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sm.23.html
static.addtoany.com/menu/ Frame 7658 |
741 B 691 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
text-editor.2c35aafbe5bf0e127950.bundle.min.js
clashforwindows.org/wp-content/plugins/elementor/assets/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1663501512-favicon-70x70.png
clashforwindows.org/wp-content/uploads/2022/09/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1663502330-ClashforWindows-1024x538.jpg
clashforwindows.org/wp-content/uploads/2022/09/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/eus2-e/s/0.6.40/ |
54 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.30.svg.js
static.addtoany.com/menu/svg/ |
77 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 391 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
k.clarity.ms/ |
0 179 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| a2a object| a2a_config function| a2a_init object| dataLayer object| astra object| kk_star_ratings function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| astraAddon function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorFrontendConfig object| lazyLoadOptions object| google_tag_manager object| google_tag_data function| clarity undefined| $ function| jQuery function| onYouTubeIframeAPIReady object| gaGlobal function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent object| runtime function| lazyLoadThumb function| lazyLoadYoutubeIframe object| a2a_localize function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle function| astraToggleSetupPro function| astraNavMenuTogglePro object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| regeneratorRuntime object| elementorProFrontend function| Waypoint object| elementorFrontend function| Sticky function| astScrollToTop function| LazyLoad function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy number| link number| len function| gtag11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.clashforwindows.org/ | Name: _ga_E8F8SRJM2J Value: GS1.1.1663516814.1.0.1663516814.60.0.0 |
|
.clashforwindows.org/ | Name: _ga Value: GA1.1.1139141935.1663516815 |
|
.clashforwindows.org/ | Name: _ga_DT2ZQ25YEZ Value: GS1.1.1663516814.1.0.1663516814.60.0.0 |
|
.clashforwindows.org/ | Name: _ga_7YTET12SDG Value: GS1.1.1663516814.1.0.1663516814.60.0.0 |
|
www.clarity.ms/ | Name: CLID Value: 17584917a883420ab6c8f11dea16c4c8.20220918.20230918 |
|
.clashforwindows.org/ | Name: _clck Value: 9vul96|1|f4z|0 |
|
.c.bing.com/ | Name: SRM_B Value: 0CA3814B72BF6AFD313F936873136B32 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 0CA3814B72BF6AFD313F936873136B32 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
.clashforwindows.org/ | Name: _clsk Value: 4vd6ou|1663516815669|1|1|k.clarity.ms/collect |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.bing.com
c.clarity.ms
clashforwindows.org
k.clarity.ms
region1.analytics.google.com
static.addtoany.com
stats.g.doubleclick.net
www.clarity.ms
www.google.de
www.googletagmanager.com
20.234.93.27
20.96.88.162
2001:4860:4802:32::36
2606:4700:10::ac43:2794
2606:4700:3032::ac43:c83a
2620:1ec:27::cafe:2066
2620:1ec:c11::200
2a00:1450:4001:810::2003
2a00:1450:4001:829::2008
2a00:1450:400c:c07::9d
1146cc2dd071ac7c143db813a8d1d1ce01165e077073743678f258bccd1e8801
1561a62c237bc25321f3a5c42080d8131e7cffc25e182af37fdaac7f1e774375
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1eb677ff632aae24e700d06662bdc24c74587fe63d27f506666a1d6922ad64f9
2570253ab7111ede26a4ba6c644adc992a2c9dacc5d8cac6fcb4af8617156312
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6
36925e7859abeeb8681d694d702e00b1fbba6f37ac49b11e8f863ed24507ca6a
38dd2c76d92d5cf709605b44e976e9622654abf2bc7d8a70977319929a78fa71
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4e1e1c8a9da2568ca9a920ef91ae0dbda005c61d8ff2bac411ab84f525d4171b
50cca75e125b19b613cd4e1a619185240c9f2f85f9145751436a1e8275bbb4fe
5859cc9f5d2eb982bcfabbc7b020efc84885a91d4f468208d2094a9f8dee5c85
5d2898fd6b4d43a7064af754fc09e6c0d9cb8655a506377db23c6dfd44d3c00e
61bbe6b02a540e45e29f0c5541a59f081d390f74646d71c20cda01e5d8422fe6
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
6fffdb139d1d5f2ea37e8a9d6a3d8ed04103063125e82ae683329c3de687de58
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9263337b47d6f68cf6a4186693b48e6f9529b019e5020f51d2bdaba61566f3a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
a82e55c8c69ba058537b55fdc89b03ca9dbce064d8c963274ca3a3ea1c216215
aa9f4535aa7b4f20e9fd7b6aeebcd18aeae9b06e7a6367b7341a62ca779eeda3
b964f75cb8c613e484743bf4daaac6efc65c74156fca95cd76ca15d742555d1d
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c96f13afcf95a12f066c96709f9455f2efc2533a84ec84e9fea04ca3d10026c6
dda1d7bc254bc8a927f5307ab5a9d54a7752f204d5378a54aa96b9595d75c4fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27c612dabb4ea65aeb9ca7c30264518cadd2509ed984c3a4f6d022e4ce035f9