www.mike-gualtieri.com
Open in
urlscan Pro
52.5.81.224
Public Scan
Submission: On January 09 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 4th 2022. Valid for: 3 months.
This is the only time www.mike-gualtieri.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 52.5.81.224 52.5.81.224 | 14618 (AMAZON-AES) (AMAZON-AES) | |
5 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400d:802::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-81-224.compute-1.amazonaws.com
www.mike-gualtieri.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
mike-gualtieri.com
www.mike-gualtieri.com |
3 MB |
5 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1204 |
116 KB |
4 |
gstatic.com
fonts.gstatic.com |
63 KB |
2 |
google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 424 |
17 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127 |
1 KB |
34 | 5 |
Domain | Requested by | |
---|---|---|
22 | www.mike-gualtieri.com |
www.mike-gualtieri.com
|
5 | maxcdn.bootstrapcdn.com |
www.mike-gualtieri.com
maxcdn.bootstrapcdn.com |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | ssl.google-analytics.com |
www.mike-gualtieri.com
|
1 | fonts.googleapis.com |
www.mike-gualtieri.com
|
34 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.mike-gualtieri.com R3 |
2022-12-04 - 2023-03-04 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.mike-gualtieri.com/posts/live-off-the-land-and-crack-the-ntlmssp-protocol
Frame ID: BB43AB16624BB273F0E926730C911BD0
Requests: 41 HTTP requests in this frame
Screenshot
Page Title
Live off the Land and Crack the NTLMSSP Protocol :: Mike GualtieriDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Bleeping Computer published an article about PKTMON.EXE
Search URL Search Domain Scan URL
Title: Python3 script called NTLMRawUnHide
Search URL Search Domain Scan URL
Title: NTLMv2
Search URL Search Domain Scan URL
Title: Kerberos
Search URL Search Domain Scan URL
Title: Responder
Search URL Search Domain Scan URL
Title: Microsoft's etl2pcapng
Search URL Search Domain Scan URL
Title: Microsoft Network Monitor 3.4
Search URL Search Domain Scan URL
Title: editcap utility
Search URL Search Domain Scan URL
Title: The NTLM Authentication Protocol and Security Support Provider
Search URL Search Domain Scan URL
Title: NTLMSSP
Search URL Search Domain Scan URL
Title: WSL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
live-off-the-land-and-crack-the-ntlmssp-protocol
www.mike-gualtieri.com/posts/ |
32 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
www.mike-gualtieri.com/js/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
23 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
www.mike-gualtieri.com/js/ |
2 KB 887 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.mike-gualtieri.com/js/ |
593 B 433 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
min.css
www.mike-gualtieri.com/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NTLMRawUnHide-card.png
www.mike-gualtieri.com/images/posts/ |
197 KB 199 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp1.png
www.mike-gualtieri.com/images/posts/ |
197 KB 199 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp2.png
www.mike-gualtieri.com/images/posts/ |
186 KB 188 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp2-server-challenge.png
www.mike-gualtieri.com/images/posts/ |
188 KB 189 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp3.png
www.mike-gualtieri.com/images/posts/ |
192 KB 193 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp3-domain.png
www.mike-gualtieri.com/images/posts/ |
197 KB 198 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp3-username.png
www.mike-gualtieri.com/images/posts/ |
196 KB 196 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp3-hostname.png
www.mike-gualtieri.com/images/posts/ |
196 KB 196 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp3-ntlmv2response.png
www.mike-gualtieri.com/images/posts/ |
191 KB 191 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntlmssp3-ntproofstr.png
www.mike-gualtieri.com/images/posts/ |
194 KB 194 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carbon-ntlmv2-hash-structure.png
www.mike-gualtieri.com/images/posts/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NTLMRawUnHide-thumb.png
www.mike-gualtieri.com/images/posts/ |
553 KB 553 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
makerf.png
www.mike-gualtieri.com/images/posts/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-violation-report-endpoint
www.mike-gualtieri.com/ |
0 29 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6NUO8FuJNQ2MbkrZ5-J8lKFrp7pRef2r.woff2
fonts.gstatic.com/s/droidsansmono/v20/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
P5sdzZCDf9_T_10c3i9MeUcyat4iJY-ERCrDfQY.woff2
fonts.gstatic.com/s/arimo/v27/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NTLMRawUnHide.mp4
www.mike-gualtieri.com/images/posts/ |
80 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
P5sMzZCDf9_T_10axCF8jA.woff2
fonts.gstatic.com/s/arimo/v27/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
351 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 54 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NTLMRawUnHide.mp4
www.mike-gualtieri.com/images/posts/ |
72 KB 72 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NTLMRawUnHide.mp4
www.mike-gualtieri.com/images/posts/ |
672 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| jQuery1124028992226731747595 function| validateForm function| goToURL object| _gaq object| _gat object| gaGlobal6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.mike-gualtieri.com/ | Name: PHPSESSID Value: 8qmifjajk0m94ljm47jg7a54ju |
|
.mike-gualtieri.com/ | Name: __utma Value: 56526391.637983006.1673276643.1673276643.1673276643.1 |
|
.mike-gualtieri.com/ | Name: __utmc Value: 56526391 |
|
.mike-gualtieri.com/ | Name: __utmz Value: 56526391.1673276643.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.mike-gualtieri.com/ | Name: __utmt Value: 1 |
|
.mike-gualtieri.com/ | Name: __utmb Value: 56526391.1.10.1673276643 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com ssl.google-analytics.com ajax.googleapis.com maxcdn.bootstrapcdn.com code.jquery.com; connect-src 'self' ssl.google-analytics.com; img-src 'self' makerf.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' goeris.com maxcdn.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com maxcdn.bootstrapcdn.com; frame-src 'self' www.youtube.com; report-uri /csp-violation-report-endpoint |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
ssl.google-analytics.com
www.mike-gualtieri.com
2606:4700::6812:acf
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a00:1450:400d:802::2008
52.5.81.224
0454a824b96ca5f6d86b263d326ff42b28d701d736c20e6fe73e1c634e079d59
0984bc86149860a2a68b67d5ce514f5b9f479f5024c994b91d8b089ebfbc84d1
0a60dc52422270e32a0ad2e2892e2fcb362c1de3d1d8575988131cdf3e93a8d3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1a8e7108949ee83e8eeadd9cd0ed0f98bd8870f2afa75c26ccdc9e795fb58e30
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2216c124929463f1c09ba6403534501c9f1b42a985480ad5c67593d8c01ba1ca
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3b5801a8b46b6c50070d19c17550f51d2ea4b2863d09f376f62a54b09b44a3b7
4311056b420beb7e06527e3710666aa248692cc12e1fb2baf4a2cc6119776ae9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
757d720232843b13c806f384c82e625ce134d39f03014110270daf027af13411
76c8888b2e2785ee9a25c1c589ea5b8274efbbf30acf823bcbff40d56721169e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b675e8064e4c0d54ad48fcc2706130cb52d2325d590a4042fda55d6ffe0b8fa
acd19151910c59d2778486c3b23417ee747e5a0330faa320ed2aef7986e6fa9b
b510960c50e92ee63dc1f51cc049009ac86edc09bdba11806b153b92db951b95
b7229041bc89bccc4d200052f3cae128976c7727b9ba7fdccfc4d0d35cc07a97
b73390b93ee2a7ce10c0dc6e0186cb0b50d501dd38dec8580d50b5d152c88062
b8c2278ca1dd73380f2b840394ed93a6243fd9337314eb8fcc4ef6cbe1b30a2c
c67980224c170e0d52bb94f4e97d6ca7bd5a2d2d04bb5ff3589506dbffa663b7
cabfec46986f4208202e59fdaf6e85145f7539c01721073ff16b7cb361218bd2
d27b42427a42a840da70b50ae7fe56b6738ad0d4998b3e62e3bfe75c498ac61b
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
daec7e364a8c3675880788541bf66bc7537376c275aae7bf970b542eaebb2173
df51da43a602d38e36e7fca6bcd55c0a54973ad4f4cca1c92aa8d70044edead8
e03553092f8d7ac127d12ed91bf4ed89e5fd85a3faea526180d2afddcfdd00af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
efb5881d50dd3e63ea12419b5188490c0a19fede54bfadf98c5729e9d676ccc4
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c