ncscblog.co.uk
Open in
urlscan Pro
80.249.131.31
Malicious Activity!
Public Scan
Submission: On August 04 via automatic, source openphish
Summary
This is the only time ncscblog.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Gumtree (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 80.249.131.31 80.249.131.31 | 49505 (SELECTEL) (SELECTEL) | |
9 | 35.244.140.166 35.244.140.166 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.184.226 142.250.184.226 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:10:... 2606:4700:10::6814:b944 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6810:9540 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY) | |
4 | 178.21.8.220 178.21.8.220 | 197695 (AS-REG) (AS-REG) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::10 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.29.69.114 52.29.69.114 | 16509 (AMAZON-02) (AMAZON-02) | |
34 | 14 |
ASN15169 (GOOGLE, US)
PTR: 166.140.244.35.bc.googleusercontent.com
www.gumtree.com |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-69-114.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
gumtree.com
www.gumtree.com |
144 KB |
4 |
replain.cc
widget.replain.cc |
149 KB |
3 |
imgur.com
i.imgur.com |
49 KB |
3 |
ncscblog.co.uk
ncscblog.co.uk |
869 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com bootstrap.smartsuppchat.com |
8 KB |
2 |
cookielaw.org
cdn.cookielaw.org |
86 KB |
2 |
doubleclick.net
securepubads.g.doubleclick.net googleads.g.doubleclick.net |
99 KB |
1 |
gstatic.com
fonts.gstatic.com |
36 KB |
1 |
google.de
www.google.de |
569 B |
1 |
google.com
www.google.com |
108 B |
1 |
onetrust.com
geolocation.onetrust.com |
228 B |
0 |
cloudflare.com
Failed
v3cq2.cloudflare.com Failed |
|
0 |
tgpbf.xyz
Failed
v3cq2.tgpbf.xyz Failed |
|
34 | 13 |
Domain | Requested by | |
---|---|---|
9 | www.gumtree.com |
ncscblog.co.uk
www.gumtree.com |
4 | widget.replain.cc |
ncscblog.co.uk
widget.replain.cc |
3 | i.imgur.com |
ncscblog.co.uk
|
3 | ncscblog.co.uk |
ncscblog.co.uk
|
2 | cdn.cookielaw.org |
ncscblog.co.uk
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | fonts.gstatic.com |
www.gumtree.com
|
1 | www.google.de |
ncscblog.co.uk
|
1 | www.google.com |
ncscblog.co.uk
|
1 | www.smartsuppchat.com |
ncscblog.co.uk
|
1 | googleads.g.doubleclick.net |
ncscblog.co.uk
|
1 | geolocation.onetrust.com |
ncscblog.co.uk
|
1 | securepubads.g.doubleclick.net |
ncscblog.co.uk
|
0 | v3cq2.cloudflare.com Failed |
ncscblog.co.uk
|
0 | v3cq2.tgpbf.xyz Failed |
ncscblog.co.uk
|
34 | 15 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.gumtree.com GlobalSign RSA OV SSL CA 2018 |
2021-07-23 - 2022-08-24 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2021-02-12 - 2022-02-11 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2021-06-01 - 2022-05-31 |
a year | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
widget.replain.cc R3 |
2021-06-26 - 2021-09-24 |
3 months | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-12-02 - 2021-12-30 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://ncscblog.co.uk/uk/buy50707667
Frame ID: C52CCC4BC055BDF16F1954790CD93D31
Requests: 32 HTTP requests in this frame
Frame:
https://widget.replain.cc/dist/css/app.98c478fa.css
Frame ID: F47D9C100B6CA157907F3B8DE5C77529
Requests: 3 HTTP requests in this frame
45 Outgoing links
These are links going to different origins than the main page.
Title: Post an ad
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Manage my Ads
Search URL Search Domain Scan URL
Title: Favourites
Search URL Search Domain Scan URL
Title: My Alerts
Search URL Search Domain Scan URL
Title: Messages
Search URL Search Domain Scan URL
Title: My Details
Search URL Search Domain Scan URL
Title: Manage my Job Ads
Search URL Search Domain Scan URL
Title: Help & Contact
Search URL Search Domain Scan URL
Title: Create Account
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: posting rules
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: Share this ad on Facebook
Search URL Search Domain Scan URL
Title: Share this ad on Twitter
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: iOS App
Search URL Search Domain Scan URL
Title: Android App
Search URL Search Domain Scan URL
Title: About Gumtree
Search URL Search Domain Scan URL
Title: Gumtree for Business
Search URL Search Domain Scan URL
Title: Our Partners
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Safety
Search URL Search Domain Scan URL
Title: Policies
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Car Price Index
Search URL Search Domain Scan URL
Title: Sell My Car
Search URL Search Domain Scan URL
Title: Upcycle Revolution
Search URL Search Domain Scan URL
Title: Popular Searches
Search URL Search Domain Scan URL
Title: iOS App
Search URL Search Domain Scan URL
Title: Android App
Search URL Search Domain Scan URL
Title: More About Our Apps
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Pin It
Search URL Search Domain Scan URL
Title: Marktplaats
Search URL Search Domain Scan URL
Title: 2dehands
Search URL Search Domain Scan URL
Title: 2ememain
Search URL Search Domain Scan URL
Title: Motors
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Modern Slavery Statement
Search URL Search Domain Scan URL
Title: Cookies Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
buy50707667
ncscblog.co.uk/uk/ |
869 KB 869 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
06c275cbb35e43b4247a80d0.buyer.css
www.gumtree.com/static/1/resources/assets/rwd/style/framework/css/ |
281 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.d1c48d10.css
v3cq2.tgpbf.xyz/chat/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
normalize.css
v3cq2.tgpbf.xyz/chat/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
all.min.css
v3cq2.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
chat.css
v3cq2.tgpbf.xyz/chat/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
np_chat.js
v3cq2.tgpbf.xyz/chat/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertising.js
www.gumtree.com/static/1/resources/assets/rwd/js/ |
70 B 257 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020120801.js
securepubads.g.doubleclick.net/gpt/ |
274 KB 97 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
164 B 228 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004041890/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.8.0/ |
332 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otTCF.js
cdn.cookielaw.org/scripttemplates/6.8.0/ |
67 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5E5Q67b.png
i.imgur.com/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UOm50vK.png
i.imgur.com/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d0558d91063038236b60e3ef.App_Store_Badge.svg
www.gumtree.com/static/1/resources/assets/rwd/images/svg/ |
12 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2961d6a9fb7950bd9b994027.google-play-badge.svg
www.gumtree.com/static/1/resources/assets/rwd/images/svg/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email-decode.min.js
ncscblog.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
widget.replain.cc/dist/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1004041890/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1004041890/ |
42 B 569 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gumtree_logo.svg
www.gumtree.com/static/1/resources/assets/rwd/images/svg/ |
2 KB 935 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gumtree_logo_text.svg
www.gumtree.com/static/1/resources/assets/rwd/images/svg/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.svg
www.gumtree.com/static/1/resources/assets/rwd/images/svg/ |
456 B 537 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BC1r9tO.jpg
i.imgur.com/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gumshield.svg
www.gumtree.com/static/1/resources/assets/rwd/images/svg/ |
1 KB 807 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v2/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b7ace698b862c8521f8ec2f3.Phone_mockup_min.png
www.gumtree.com/static/1/resources/assets/rwd/images/orphans/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email-decode.min.js
ncscblog.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
97da4424642a9ee23325b423046ff18aa5621f25.json
bootstrap.smartsuppchat.com/widget/ |
824 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.98c478fa.css
widget.replain.cc/dist/css/ Frame F47D |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.eb018d46.js
widget.replain.cc/dist/js/ Frame F47D |
313 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notification.ac905963.mp3
widget.replain.cc/dist/media/ Frame F47D |
24 KB 24 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- v3cq2.tgpbf.xyz
- URL
- https://v3cq2.tgpbf.xyz/chat/css/app.d1c48d10.css?ver=112
- Domain
- v3cq2.tgpbf.xyz
- URL
- https://v3cq2.tgpbf.xyz/chat/css/normalize.css
- Domain
- v3cq2.cloudflare.com
- URL
- https://v3cq2.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
- Domain
- v3cq2.tgpbf.xyz
- URL
- https://v3cq2.tgpbf.xyz/chat/css/chat.css?ver=1.0.5
- Domain
- v3cq2.tgpbf.xyz
- URL
- https://v3cq2.tgpbf.xyz/chat/js/np_chat.js?ver=1.0.16
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Gumtree (E-commerce)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| id_chat string| token_chat string| product_chat object| replainSettings object| _plsUBTTQ boolean| bc_s object| _smartsupp function| smartsupp function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp object| otIabModule boolean| replainInitialized object| googletag object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ggeac undefined| google_measure_js_timing object| ReplainWidget1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ncscblog.co.uk/ | Name: 0800fc577294c34e0b28ad2839435945 Value: ZWQyNjcwOTY1ODBlYTdiODA2ZDgyNzc4ZjIwZThhMTQ%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bootstrap.smartsuppchat.com
cdn.cookielaw.org
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.imgur.com
ncscblog.co.uk
securepubads.g.doubleclick.net
v3cq2.cloudflare.com
v3cq2.tgpbf.xyz
widget.replain.cc
www.google.com
www.google.de
www.gumtree.com
www.smartsuppchat.com
v3cq2.cloudflare.com
v3cq2.tgpbf.xyz
142.250.184.226
151.101.12.193
178.21.8.220
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:800::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a02:6ea0:c700::10
35.244.140.166
52.29.69.114
80.249.131.31
0829b2e0bf8165c33a61ae18ba1252575d98215071ecae86f65e4b3ff32c1922
12340bc62cba474d7e8e43e6e7bae9aea6b7f076a5e4fb26aaceb0c10d4c05c4
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
3a48823416a3b411c607be5540697807b433d141e4987cf610904c52a07f700d
468600ff5723243fe246c3e2824772366176aa98c170dd57b06afc06a20e5d90
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
758fb174a9cc0d7ef0085e27252c790177250092ef1dd87e7c629bf22597c212
777328ad721f5404fd3d71a82ef58de50daee611bfcbe7356a5739b4db9411d7
80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb
92503ae6d601463bf5bc01beeac4bc1befc93c54ee1cc8ca9dbe51b54d6eeabf
925fe3a3bcc9acbe0591df6a5827f78f1693db6d2d7f283647febe880d56b3cd
9852cc79baadeaf5c4b211541183dfa873619573d6f78c7ee51caa7faa86d3c1
998abfa7306e3fe360f7b733628a8e029593e740d8bf956d23e8407a8e0074c9
a0aa7e0275e1e0093e52dc6b098c69e5cf63273cb1efafcb0550e88539c14129
b4bfeb1be6e77a5be771c7f615d36199e05607a8d10e4d188c994a05948bd39e
c05402ff1ac81bddbda8404a50ef267533c74478ae8aded98cfe6803b69cffeb
c2af04f93ca8cc9a28419c6dc2297509ca3446efb6bc21cb623483f454468d8e
cb9aebbf350579407c71d959aa2ca2f3d07606c27ed77c5552b870a6c3208c7e
ce48ccf69d2de8ab23244a9d5af16d03242447a1b40d527f4a80b0d2f2ea1ade
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e
dd61aaa3843f40f8932a11ec146128d54b2862eeac780c4c01754b520815eea2
e310673ef98d1a4a73ba6aeab6501f4808d101fce6f28fea2695f13ccc4c1041
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f500df002ea40e6348efa2ef6da1dd95db595d63eae56a9747cfdbd9b59b9a06
f9bba27460b9836abf81fb74f66ce01b11aeebe183706bbc116ed2fdcb04433d