Submitted URL: https://hotel-alert.com/
Effective URL: https://msshift.com/
Submission: On November 25 via automatic, source certstream-suspicious

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 13.89.32.83, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is msshift.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 9th 2020. Valid for: a year.
This is the only time msshift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 40.69.191.90 8075 (MICROSOFT...)
1 19 13.89.32.83 8075 (MICROSOFT...)
3 152.199.19.160 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 6
Domain Requested by
19 msshift.com 1 redirects msshift.com
3 fonts.gstatic.com fonts.googleapis.com
3 ajax.aspnetcdn.com msshift.com
2 www.google-analytics.com msshift.com
www.google-analytics.com
2 fonts.googleapis.com msshift.com
1 stats.g.doubleclick.net www.google-analytics.com
1 hotel-alert.com 1 redirects
29 7

This site contains links to these domains. Also see Links.

Domain
lossprevention.msshift.com
concierge.msshift.com
msvisitors.com
ms-concierge.com
Subject Issuer Validity Valid
msshift.com
Go Daddy Secure Certificate Authority - G2
2020-09-09 -
2021-09-09
a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2020-03-18 -
2022-03-18
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://msshift.com/
Frame ID: 6DB8239B695D4398596E4DE5F86062AD
Requests: 29 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://hotel-alert.com/ HTTP 302
    http://msshift.com/ HTTP 301
    https://msshift.com/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i

Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i

Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

29
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

1080 kB
Transfer

24328 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hotel-alert.com/ HTTP 302
    http://msshift.com/ HTTP 301
    https://msshift.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
msshift.com/
Redirect Chain
  • https://hotel-alert.com/
  • http://msshift.com/
  • https://msshift.com/
27 KB
27 KB
Document
General
Full URL
https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
ff3c648a3148b687109d0221336df640dfee9f9ce6227667a2a55ac1f4e715bd

Request headers

Host
msshift.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Server
Kestrel
X-Powered-By
ASP.NET
Date
Wed, 25 Nov 2020 23:34:17 GMT

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://msshift.com/
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Wed, 25 Nov 2020 23:34:17 GMT
Content-Length
143
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/
120 KB
120 KB
Stylesheet
General
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AEB) /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 23:34:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Oct 2016 23:10:15 GMT
server
ECAcc (ama/8AEB)
age
9594077
etag
"cab57ff0cb33d21:0"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
122540
x-xss-protection
1; mode=block
site.min.css
msshift.com/css/
45 KB
45 KB
Stylesheet
General
Full URL
https://msshift.com/css/site.min.css?v=vAiCDa6WGlfGhc28FRygNgbk3gGScrAuz9U12xiVyEs
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
bc08820dae961a57c685cdbc151ca03606e4de019272b02ecfd535db1895c84b

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Mon, 16 Nov 2020 16:41:28 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6bc3754729835"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
46133
css
fonts.googleapis.com/
4 KB
753 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e24c7ee6a3bc9d509b1df2473a8159607df169b7c18d0dd5ed154ff084e6ba5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 22:32:34 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Wed, 25 Nov 2020 23:34:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 25 Nov 2020 23:34:19 GMT
css
fonts.googleapis.com/
996 B
497 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Khand
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0dbd74170a634a7734de40853e38ad907589c50dd864d4e2f403a999cbe6ce19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 23:34:19 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Wed, 25 Nov 2020 23:34:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 25 Nov 2020 23:34:19 GMT
msLogo.png
msshift.com/images/header/
3 KB
4 KB
Image
General
Full URL
https://msshift.com/images/header/msLogo.png
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
0a20bcb49ea12994461b829cb56984dbfe7ca7294d9fca240ad57c691823bb13

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Mon, 11 Sep 2017 12:44:04 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d32afba65acf57"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3415
ms_home_555.mp4
msshift.com/images/home/
23 MB
0
Media
General
Full URL
https://msshift.com/images/home/ms_home_555.mp4
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash

Request headers

Referer
https://msshift.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Thu, 05 Nov 2020 16:08:16 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b38ddf6faa66"
Content-Type
video/mp4
Content-Range
bytes 0-33321573/33321574
Accept-Ranges
bytes
Content-Length
33321574
jquery-2.1.4.min.js
ajax.aspnetcdn.com/ajax/jquery/
82 KB
29 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jquery/jquery-2.1.4.min.js
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B1A) /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 23:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5594809
x-cache
HIT
content-length
29619
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:11:05 GMT
server
ECAcc (ama/8B1A)
etag
"808a18ecc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/
36 KB
36 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/bootstrap.min.js
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AFB) /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 23:34:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Oct 2016 23:09:59 GMT
server
ECAcc (ama/8AFB)
age
10188672
etag
"dadc11e7cb33d21:0"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
36816
x-xss-protection
1; mode=block
site.min.js
msshift.com/js/
345 B
593 B
Script
General
Full URL
https://msshift.com/js/site.min.js?CB=02398403285&v=kE34k8jZX8pgD566C4DBf7aGwtbeSLSMQutW2fivKQA
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
904df893c8d95fca600f9eba0b80c17fb686c2d6de48b48c42eb56d9f8af2900

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Mon, 11 Sep 2017 12:44:06 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d32afba78bee59"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
345
jquery.min.js
msshift.com/lib/jquery/dist/
84 KB
84 KB
Script
General
Full URL
https://msshift.com/lib/jquery/dist/jquery.min.js
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Mon, 11 Sep 2017 12:44:08 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d32afba8bc5259"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
85593
jquery.validate.min.js
msshift.com/lib/jquery-validation/dist/
21 KB
21 KB
Script
General
Full URL
https://msshift.com/lib/jquery-validation/dist/jquery.validate.min.js
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
a1a4b0d05489daed2aa466b2df92fb6ae5749a7f13db41a75c87991bed2fa30d

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Mon, 11 Sep 2017 12:44:10 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d32afba9ee1b65"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
21093
jquery.validate.unobtrusive.min.js
msshift.com/lib/jquery-validation-unobtrusive/
5 KB
6 KB
Script
General
Full URL
https://msshift.com/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
c024803818ed2e9648b596577dfc5b0debe6ec7aa13030b38544cbcab3ca9e3b

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Mon, 11 Sep 2017 12:44:10 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d32afba9ee5c23"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5411
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1112
date
Wed, 25 Nov 2020 23:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 26 Nov 2020 01:15:48 GMT
packages_prod.jpg
msshift.com/images/home/prod/
67 KB
68 KB
Image
General
Full URL
https://msshift.com/images/home/prod/packages_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
8a423cc43e06953959e189e4887ff66708f3fee93095a4b3f416bb9e30d0ae18

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Tue, 03 Nov 2020 15:25:26 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b1f58de87a55"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
68949
lossprevention_prod.jpg
msshift.com/images/home/prod/
66 KB
66 KB
Image
General
Full URL
https://msshift.com/images/home/prod/lossprevention_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
79e45ed8b71c2c721704f728e12e037855052ff9b547ccbce8acb3791da7a39f

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Tue, 03 Nov 2020 16:22:30 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b1fd86c760cd"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
67533
healthscreen_prod.jpg
msshift.com/images/home/prod/
37 KB
37 KB
Image
General
Full URL
https://msshift.com/images/home/prod/healthscreen_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
354863878237894daaa155df5da25cd2754e6feb6beee55b8f8713062b73b498

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Tue, 03 Nov 2020 16:31:34 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b1fecb06a373"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
38003
concierge_prod.jpg
msshift.com/images/home/prod/
46 KB
46 KB
Image
General
Full URL
https://msshift.com/images/home/prod/concierge_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
6aeed5ca9c12be571a86924c0600c578e664b8059ff894dec70b97654ef464b7

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Tue, 03 Nov 2020 16:36:06 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b1ff6d26a9af"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
46767
bell_prod.jpg
msshift.com/images/home/prod/
74 KB
74 KB
Image
General
Full URL
https://msshift.com/images/home/prod/bell_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
d47c2c132a2451e0cc3551c5c7bbb557a3041f77b211173403eaff5651ac8b33

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Tue, 03 Nov 2020 18:42:40 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b2111b87b71d"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
75549
employeeid_prod.jpg
msshift.com/images/home/prod/
45 KB
45 KB
Image
General
Full URL
https://msshift.com/images/home/prod/employeeid_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
090e99afb61a5c946f034ab5e17889c8c89202a9066f6c7aa96ab47b4151ac92

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Thu, 19 Nov 2020 13:48:20 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6be7aa3f4de97"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
46231
lostfound_prod.jpg
msshift.com/images/home/prod/
60 KB
60 KB
Image
General
Full URL
https://msshift.com/images/home/prod/lostfound_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
f82b8bba3e5644749bc01283f0a78b46500d1cc56d28a44fab5dac5be6d3db3c

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Wed, 04 Nov 2020 17:46:40 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b2d27339efc6"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
61382
assettrack_prod.jpg
msshift.com/images/home/prod/
39 KB
39 KB
Image
General
Full URL
https://msshift.com/images/home/prod/assettrack_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
12977bb4d9fc640f3cb9a5b6f5aca0571997b1180a6046e432e61ae16e8df083

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Tue, 03 Nov 2020 18:51:38 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b2125c324545"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
40005
hans_prod.jpg
msshift.com/images/home/prod/
122 KB
122 KB
Image
General
Full URL
https://msshift.com/images/home/prod/hans_prod.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
869047ad55c20e277518a671f4bc65e184ac7b0f1aa05127a1d6b812d49ea5dc

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:18 GMT
Last-Modified
Wed, 04 Nov 2020 17:49:18 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d6b2d2d164040c"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
124684
mapBG_1.jpg
msshift.com/images/
97 KB
97 KB
Image
General
Full URL
https://msshift.com/images/mapBG_1.jpg
Requested by
Host: msshift.com
URL: https://msshift.com/css/site.min.css?v=vAiCDa6WGlfGhc28FRygNgbk3gGScrAuz9U12xiVyEs
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
13.89.32.83 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
78b4721e7846ff40d51926737c79e202a793d89f67ceabca160f409e2abd77e6

Request headers

Referer
https://msshift.com/css/site.min.css?v=vAiCDa6WGlfGhc28FRygNgbk3gGScrAuz9U12xiVyEs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 23:34:19 GMT
Last-Modified
Mon, 11 Sep 2017 12:44:02 GMT
Server
Kestrel
X-Powered-By
ASP.NET
ETag
"1d32afba5281762"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
98914
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://msshift.com
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 11:20:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:14 GMT
server
sffe
age
130420
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
expires
Wed, 24 Nov 2021 11:20:40 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://msshift.com
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 11:20:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:08 GMT
server
sffe
age
130422
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13224
x-xss-protection
0
expires
Wed, 24 Nov 2021 11:20:38 GMT
TwMA-IINQlQQ0bpSUnQdTwqP.woff2
fonts.gstatic.com/s/khand/v9/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/khand/v9/TwMA-IINQlQQ0bpSUnQdTwqP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Khand
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e6d7120d1793883f6a6904def4cd14ff152ed144127391c344ac14a470088a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://msshift.com
Referer
https://fonts.googleapis.com/css?family=Khand
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 11:35:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:56:41 GMT
server
sffe
age
129502
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7772
x-xss-protection
0
expires
Wed, 24 Nov 2021 11:35:58 GMT
collect
www.google-analytics.com/j/
4 B
387 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2031060443&t=pageview&_s=1&dl=https%3A%2F%2Fmsshift.com%2F&ul=en-us&de=UTF-8&dt=MS%20Shift%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1479381320&gjid=1844893593&cid=477575192.1606347260&tid=UA-49738284-1&_gid=189496234.1606347260&_r=1&_slc=1&z=854360461
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 23:34:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://msshift.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
82 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-49738284-1&cid=477575192.1606347260&jid=1479381320&gjid=1844893593&_gid=189496234.1606347260&_u=IEBAAAAAAAAAAC~&z=822875145
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://msshift.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 Nov 2020 23:34:20 GMT
content-type
text/plain
access-control-allow-origin
https://msshift.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| isTtOver number| testSlide boolean| isProductsOverDisabled string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| VideoResize function| positionVideoCnt function| iOS

3 Cookies

Domain/Path Name / Value
.msshift.com/ Name: _gat
Value: 1
.msshift.com/ Name: _gid
Value: GA1.2.189496234.1606347260
.msshift.com/ Name: _ga
Value: GA1.2.477575192.1606347260

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
fonts.googleapis.com
fonts.gstatic.com
hotel-alert.com
msshift.com
stats.g.doubleclick.net
www.google-analytics.com
13.89.32.83
152.199.19.160
2a00:1450:4001:809::200a
2a00:1450:4001:815::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9c
40.69.191.90
090e99afb61a5c946f034ab5e17889c8c89202a9066f6c7aa96ab47b4151ac92
0a20bcb49ea12994461b829cb56984dbfe7ca7294d9fca240ad57c691823bb13
0dbd74170a634a7734de40853e38ad907589c50dd864d4e2f403a999cbe6ce19
12977bb4d9fc640f3cb9a5b6f5aca0571997b1180a6046e432e61ae16e8df083
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
354863878237894daaa155df5da25cd2754e6feb6beee55b8f8713062b73b498
3e6d7120d1793883f6a6904def4cd14ff152ed144127391c344ac14a470088a2
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
6aeed5ca9c12be571a86924c0600c578e664b8059ff894dec70b97654ef464b7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78b4721e7846ff40d51926737c79e202a793d89f67ceabca160f409e2abd77e6
79e45ed8b71c2c721704f728e12e037855052ff9b547ccbce8acb3791da7a39f
7e24c7ee6a3bc9d509b1df2473a8159607df169b7c18d0dd5ed154ff084e6ba5
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
869047ad55c20e277518a671f4bc65e184ac7b0f1aa05127a1d6b812d49ea5dc
8a423cc43e06953959e189e4887ff66708f3fee93095a4b3f416bb9e30d0ae18
8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2
904df893c8d95fca600f9eba0b80c17fb686c2d6de48b48c42eb56d9f8af2900
a1a4b0d05489daed2aa466b2df92fb6ae5749a7f13db41a75c87991bed2fa30d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc08820dae961a57c685cdbc151ca03606e4de019272b02ecfd535db1895c84b
c024803818ed2e9648b596577dfc5b0debe6ec7aa13030b38544cbcab3ca9e3b
d47c2c132a2451e0cc3551c5c7bbb557a3041f77b211173403eaff5651ac8b33
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f82b8bba3e5644749bc01283f0a78b46500d1cc56d28a44fab5dac5be6d3db3c
ff3c648a3148b687109d0221336df640dfee9f9ce6227667a2a55ac1f4e715bd