centralseedandchem.co.nz
Open in
urlscan Pro
2405:3f00:a222:bbbb:bba1:4f:ffff:ffff
Malicious Activity!
Public Scan
Submission: On February 09 via api from FR — Scanned from NZ
Summary
TLS certificate: Issued by R3 on December 14th 2023. Valid for: 3 months.
This is the only time centralseedandchem.co.nz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Massachusetts (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2405:3f00:a22... 2405:3f00:a222:bbbb:bba1:4f:ffff:ffff | 38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited) | |
2 | 2404:6800:400... 2404:6800:4006:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4006:804::200e | 15169 (GOOGLE) (GOOGLE) | |
6 | 20.72.203.87 20.72.203.87 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2404:6800:400... 2404:6800:4003:c1a::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
1 | 162.247.241.128 162.247.241.128 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
32 | 8 |
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
centralseedandchem.co.nz |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dfp.uionline.detma.org | |
fpt.dfp.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
centralseedandchem.co.nz
centralseedandchem.co.nz |
227 KB |
3 |
microsoft.com
fpt.dfp.microsoft.com — Cisco Umbrella Rank: 6935 |
3 KB |
3 |
detma.org
dfp.uionline.detma.org |
12 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
171 KB |
1 |
nr-data.net
gov-bam.nr-data.net — Cisco Umbrella Rank: 10268 |
659 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 602 |
14 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80 |
352 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
32 | 9 |
Domain | Requested by | |
---|---|---|
18 | centralseedandchem.co.nz |
centralseedandchem.co.nz
|
3 | fpt.dfp.microsoft.com |
centralseedandchem.co.nz
dfp.uionline.detma.org fpt.dfp.microsoft.com |
3 | dfp.uionline.detma.org |
centralseedandchem.co.nz
dfp.uionline.detma.org |
2 | www.google-analytics.com |
centralseedandchem.co.nz
|
2 | www.googletagmanager.com |
centralseedandchem.co.nz
www.google-analytics.com |
1 | gov-bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
centralseedandchem.co.nz
|
1 | stats.g.doubleclick.net |
centralseedandchem.co.nz
|
0 | efbjojhplkelaegfbieplglfidafgoka Failed |
centralseedandchem.co.nz
|
32 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
uionline.detma.org |
mass.gov |
get.adobe.com |
www.virustotal.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.centralseedandchem.co.nz R3 |
2023-12-14 - 2024-03-13 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
dfp.uionline.detma.org DigiCert TLS RSA SHA256 2020 CA1 |
2024-01-02 - 2025-01-31 |
a year | crt.sh |
fpt.microsoft.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-01-24 - 2025-01-18 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-01-15 - 2025-02-15 |
a year | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://centralseedandchem.co.nz/coreonline.ui/
Frame ID: A80DA44F5BECE89B117796B286B24AFF
Requests: 24 HTTP requests in this frame
Frame:
https://centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/saved_resource.html
Frame ID: 264A424BD016C46EBFCA6B299C32C5EE
Requests: 2 HTTP requests in this frame
Frame:
https://centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/Clear.html
Frame ID: E2EBB4D753D9FC6B556AF0190F256B6A
Requests: 3 HTTP requests in this frame
Frame:
https://fpt.dfp.microsoft.com/Clear.HTML?ctx=Ls1.0&session_id=qyqdt5mha2xvkmjngb5utuwp&id=5fb0e4aa-63e6-435d-8735-cc9e5fb77669&w=8D9D04313905AF5&tkt=taBcrIH61PuCVH7eNCyH0GPnigpvS3TNWI3vZtj6sSOVqIk0p4ikn6UZltQYdzdgZbLCMS1aww2PRk%252fmXfC%252fZ8Eyaed8gUbI3kfOnoYwq2X2RhHxBwlu5b6%252bELZ5W8jozaA%252b5TBXb%252bi9PjWnwRWUb%252fSeQzLzgxXRXPcAkrNcYc7mb3BCmeY6THoa%252bdMw6SBDGRUztmtOTjqa7AJnP1dYqZ%252bvW9iuhCcfD96Hy8Tx6Um%252bH5V29YDMdQFo0u%252bk3VooDVRMCjw8Qax22%252bVDWUEwYd%252b9ZEG6lqAjmqwxiYGgLG0%253d&CustomerId=0a8eb098-f3d8-43db-9283-01a9d5192882
Frame ID: 57E943BD9DBC6DD0EFFAC50BBB3CAF48
Requests: 1 HTTP requests in this frame
Frame:
https://dfp.uionline.detma.org/?session_id=qyqdt5mha2xvkmjngb5utuwp&CustomerId=0a8eb098-f3d8-43db-9283-01a9d5192882&PageId=&w=8D9D043135BE68E&mdt=1707498314797&rticks=1641384075581
Frame ID: B6C7BFEA25FE88FCC2818E9326370B4F
Requests: 2 HTTP requests in this frame
Frame:
https://fpt.dfp.microsoft.com/Clear.HTML?ctx=Ls1.0&wl=False&session_id=qyqdt5mha2xvkmjngb5utuwp&id=1df4a565-96c1-4b5c-a291-f5ba319fb5ba&w=8DC299149402D46&tkt=taBcrIH61PuCVH7eNCyH0GPnigpvS3TNWI3vZtj6sSOVqIk0p4ikn6UZltQYdzdgZbLCMS1aww2PRk%252fmXfC%252fZ8Eyaed8gUbI3kfOnoYwq2X2RhHxBwlu5b6%252bELZ5W8jowXhR4eKRx4r3bYeur33APAn%252fbMnrMd6AILLtbVooCBUBsTDHUZ3s4e%252basLLUUgeLoS7M99L5pnZ9DEsSSoKImSN2ichzS53CfRlTXCDWt2nDSutEKidSYA%252fVG772xQS6krx22V8bQ1dBS6zddWorQrACUjj4Y8sjZJXm2ZHpsDICJZjwC6AAqCHQd8psZVT1&CustomerId=0a8eb098-f3d8-43db-9283-01a9d5192882
Frame ID: 47DAC6D37CDCBCE9523078FDA32A447E
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
UI OnlineDetected technologies
RequireJS (JavaScript Frameworks) ExpandDetected patterns
- require.*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Skip to Content
Search URL Search Domain Scan URL
Title: Logon
Search URL Search Domain Scan URL
Title: mass.gov/jobquest
Search URL Search Domain Scan URL
Title: here.
Search URL Search Domain Scan URL
Title: Download Adobe .PDF Reader (Free)
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Title: Viewing Tips
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
centralseedandchem.co.nz/coreonline.ui/ |
40 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1212.min.js.download
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
34 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js.download
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
109 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ControlLibrary.css
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
1 KB 608 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui.css
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js.download
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.2.min.js.download
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
94 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Print.js.download
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
1 KB 540 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_logo.gif
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IconRequired.gif
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
73 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IconRequired(1).gif
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
73 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufacts.js.download
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mdt.js.download
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ |
785 B 467 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vt-32.png
efbjojhplkelaegfbieplglfidafgoka/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
210 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
priorityMed.png
centralseedandchem.co.nz/images/core/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
priorityLow.png
centralseedandchem.co.nz/images/core/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
closeButton.png
centralseedandchem.co.nz/images/core/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource.html
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ Frame 264A |
22 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Clear.html
centralseedandchem.co.nz/coreonline.ui/UI%20Online_files/ Frame E2EB |
201 KB 77 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 228 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E2EB |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E2EB |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Clear.PNG
dfp.uionline.detma.org/Images/ Frame 264A |
0 540 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Clear.HTML
fpt.dfp.microsoft.com/ Frame 57E9 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 352 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
292 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1212.min.js
js-agent.newrelic.com/ |
34 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dfp.uionline.detma.org/ Frame B6C7 |
25 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0c7a02d605
gov-bam.nr-data.net/1/ |
56 B 659 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Clear.PNG
dfp.uionline.detma.org/Images/ Frame B6C7 |
0 496 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Clear.HTML
fpt.dfp.microsoft.com/ Frame 47DA |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Clear.PNG
fpt.dfp.microsoft.com/Images/ Frame 47DA |
0 155 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- efbjojhplkelaegfbieplglfidafgoka
- URL
- chrome-extension://efbjojhplkelaegfbieplglfidafgoka/icons/vt-32.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Massachusetts (Government)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| NREUM object| newrelic function| __nr_require object| dataLayer boolean| isNN function| autoTab boolean| IsSubmitting function| OnFormSubmit function| DependencyMatch function| IsChecked function| IsSelected function| EnableSelectList function| ShowRequiredIcon function| HideRequiredIcon function| EnableRBList function| DisableRBList function| EnableControl function| DisableControl function| $ function| jQuery function| WebForm_OnSubmit function| HideControls function| CopyHTML function| getPrint object| google_tag_manager function| ufactsLog object| ufacts object| google_tag_data string| GoogleAnalyticsObject function| ga object| dfp object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.centralseedandchem.co.nz/ | Name: _ga Value: GA1.3.1383150583.1707498314 |
|
.centralseedandchem.co.nz/ | Name: _gid Value: GA1.3.469230265.1707498314 |
|
.centralseedandchem.co.nz/ | Name: _gat_UA-12471675-10 Value: 1 |
|
.nr-data.net/ | Name: JSESSIONID Value: b4d8edb613d892ac |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
centralseedandchem.co.nz
dfp.uionline.detma.org
efbjojhplkelaegfbieplglfidafgoka
fpt.dfp.microsoft.com
gov-bam.nr-data.net
js-agent.newrelic.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
efbjojhplkelaegfbieplglfidafgoka
151.101.194.137
162.247.241.128
20.72.203.87
2404:6800:4003:c1a::9c
2404:6800:4006:804::200e
2404:6800:4006:80f::2008
2405:3f00:a222:bbbb:bba1:4f:ffff:ffff
027aa26a5857c1436fa60ece92492c880bf720cce93b91f189ce686e0feba89c
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0ab5b7dad7743fbe28911f4d57e96a8bd444a718ca6e1442cfde5b5da1475ef9
1102b1d957080a02735dfc3df897c02a255f5e4c5f943612f457b8a6abe402f8
1e86f48abf6d5af4dec3e387a550f9c094d17296961d76bda8d531b0d214520b
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3be9acd7e59832d40c91efe6f24472d834ded213f47d99382c3f6b2eff7a08fc
4b0f7e4d49b9ed9490302581d56e44d40e0d24e3722d4f0bbbbef76478af3407
4ddc754c3f0bf9dcd87b5c1b6bc8b9830b53202e5f76773b1c12c89f498785eb
518753190f0f3c5d6c50591bfb87de6d41e3101a7c1ac534b1ccc2feb9515c50
68f45b2ffadedf53399eadbe3d6cd092dc71ae572f53834af02b72255ad929b3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7f17ebf5e11987f90c92f462d0a8a171b5c43c084946f69d423e6af068ce2995
9613c62bc990294c16590c66e1c9fe29100fd58383cf817fb585f159582a891f
978cb457b9642722b602ab2f8442966b720f56959197ed53553128b628876c99
a9bfb5cf70286ec91287c7d89805c55ce60c19136055ef38ade673b3694662fc
b1a839ab91bc0fbbea378c56a7af16d64f99ebca4a46c5baf1c79c7cb9b1b8d7
cdbf4d0012a1ab0ecc9fb9bcb8a88c3cc884fd247c7860cc0024940ec69da693
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e661aa0fda43626a83d348d5e09eb753e1e784df7e55d827ab7c129206930137
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
f0849458a8f72622f119974ae239f4df2e5d644ae36b28cc15841dd40f04b85d
f6eba26120e498ffe80c0ef47bd27252dadfadd3d6434b597cafeaf404325d36
f8ae2be11c1131334a6c18f6906d0ec4967e645d6d65e1f867577bf7723ff5c4