mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
Open in
urlscan Pro
198.245.82.43
Public Scan
Effective URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/vp2entcmp32?qs=c9bf6cd28c8f9394935781f919c0adbf1d3da3326ecea5dbf5bf424d7d9e300b522ac9887b257faad...
Submission Tags: phishing
Submission: On July 07 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 1st 2023. Valid for: a year.
This is the only time mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 128.17.96.172 128.17.96.172 | 14340 (SALESFORCE) (SALESFORCE) | |
2 | 198.245.82.43 198.245.82.43 | 22606 (EXACT-7) (EXACT-7) | |
1 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:821::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.127.78.100 104.127.78.100 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
10 | 2600:141b:e80... 2600:141b:e800:30::172f:9084 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:822::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.128.114 151.101.128.114 | 54113 (FASTLY) (FASTLY) | |
1 | 23.54.68.141 23.54.68.141 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80e::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::181 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c08::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:822::2003 | 15169 (GOOGLE) (GOOGLE) | |
25 | 12 |
ASN14340 (SALESFORCE, US)
PTR: click.enews.thesource.ca
click.enews.thesource.ca |
ASN22606 (EXACT-7, US)
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-127-78-100.deploy.static.akamaitechnologies.com
image.s6.exacttarget.com |
ASN20940 (AKAMAI-ASN1, NL)
image.enews.thesource.ca |
ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-141.deploy.static.akamaitechnologies.com
a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
thesource.ca
1 redirects
click.enews.thesource.ca image.enews.thesource.ca |
238 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130 |
418 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79 |
152 KB |
2 |
sfmc-content.com
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com |
28 KB |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 8361 |
408 B |
1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 235 |
279 B |
1 |
rackcdn.com
a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com |
29 KB |
1 |
evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3987 |
48 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433 |
33 KB |
1 |
exacttarget.com
image.s6.exacttarget.com — Cisco Umbrella Rank: 142748 |
7 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368 |
3 KB |
25 | 12 |
Domain | Requested by | |
---|---|---|
10 | image.enews.thesource.ca |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googletagmanager.com |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
www.googletagmanager.com |
2 | mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
1 | www.google.ca |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
1 | cdn.evgnet.com |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
1 | ajax.googleapis.com |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
1 | image.s6.exacttarget.com |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
1 | cdn.jsdelivr.net |
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
|
1 | click.enews.thesource.ca | 1 redirects |
25 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.thesource.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.pub.sfmc-content.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-01 - 2024-05-01 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
akamai-san1.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-24 - 2024-02-13 |
a year | crt.sh |
san-6-s6.tlsprovisioning.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-17 - 2023-12-08 |
10 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-06 - 2024-03-04 |
a year | crt.sh |
*.ssl.cf2.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-23 - 2024-01-22 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/vp2entcmp32?qs=c9bf6cd28c8f9394935781f919c0adbf1d3da3326ecea5dbf5bf424d7d9e300b522ac9887b257faad3025053a98509f9e020b0496bce22632b6358a9d101c8668cab99bcb5e4ccac06025db7d8b68ca6186c5dfc3b79fdd16673cacce25f97bcd13f02b7919bacc34e1bc25ce50a963fe6f65a6c3b6d8976f868be0b89e67f512352e941f374790ae43ea3826041ed18ca5c19b42ff78ecdf8b129ad7d009887aa7d345f9bfad1f45d2093dd4febc9811f3a55e9eb32c7795994fa03e651fff63fb282705216ded9491ebc9c734de3d1d28dc7970c91d2f53dcc5af1ff16861122f5d1729ad5e902d82ba45a951ff5c3b4210914d85dbfff
Frame ID: 15E4ED566B930D627B70E40CC680E3BE
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
The Source - Contest 2023Page URL History Show full URLs
-
https://click.enews.thesource.ca/?qs=fcac662dcda8ee5123da461c7b1aae8d7effeaef24bd46e55e0cb844d9e6b37fb5ec99ab...
HTTP 302
https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/vp2entcmp32?qs=c9bf6cd28c8f9394935781f919c0adbf1d3da3326ecea5dbf5bf424d7d9e3... Page URL
Detected technologies
SAP Commerce Cloud (Ecommerce) ExpandDetected patterns
- <[^>]+/(?:sys_master|hybr|_ui/(?:.*responsive/)?(?:desktop|common(?:/images|/img|/css|ico)?))/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Contest Rules
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.enews.thesource.ca/?qs=fcac662dcda8ee5123da461c7b1aae8d7effeaef24bd46e55e0cb844d9e6b37fb5ec99ab7620e8a0dc68b770b0a681dba820222ccc97c0e1da05640f352bf10c
HTTP 302
https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/vp2entcmp32?qs=c9bf6cd28c8f9394935781f919c0adbf1d3da3326ecea5dbf5bf424d7d9e300b522ac9887b257faad3025053a98509f9e020b0496bce22632b6358a9d101c8668cab99bcb5e4ccac06025db7d8b68ca6186c5dfc3b79fdd16673cacce25f97bcd13f02b7919bacc34e1bc25ce50a963fe6f65a6c3b6d8976f868be0b89e67f512352e941f374790ae43ea3826041ed18ca5c19b42ff78ecdf8b129ad7d009887aa7d345f9bfad1f45d2093dd4febc9811f3a55e9eb32c7795994fa03e651fff63fb282705216ded9491ebc9c734de3d1d28dc7970c91d2f53dcc5af1ff16861122f5d1729ad5e902d82ba45a951ff5c3b4210914d85dbfff Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
vp2entcmp32
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/ Redirect Chain
|
36 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
cdn.jsdelivr.net/normalize/7.0.0/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
178 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
26287371-0d76-4dcd-9e05-5618c1e8ba49.png
image.s6.exacttarget.com/lib/fe9713707567057b72/m/41/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-Hero_1200x650_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
69 KB 69 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-Heading_1120x50_en.gif
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P01_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P02_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P03_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P04_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P05_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P06_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P07_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wo21680_Cloud-P08_250x400_en.jpg
image.enews.thesource.ca/lib/fe9713707567057b72/m/1/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
evergage.min.js
cdn.evgnet.com/beacon/thesource/a98db973kw/scripts/ |
185 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vp2entcmp32
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/ |
21 KB 21 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clanot-book-webfont.woff
a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com/fonts/ |
28 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
258 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 232 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 279 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 47 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 371 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| gtag object| dataLayer undefined| response undefined| data undefined| errormessage undefined| error undefined| cnt undefined| str function| formval function| $ function| jQuery object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render number| evergagePageMatchTimeout object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sfmc-content.com/ | Name: _gid Value: GA1.2.1388784642.1688746522 |
|
.sfmc-content.com/ | Name: _gat_gtag_UA_150272588_1 Value: 1 |
|
.sfmc-content.com/ | Name: _ga Value: GA1.1.1425816969.1688746522 |
|
.sfmc-content.com/ | Name: _ga_725FFRK6DV Value: GS1.1.1688746521.1.0.1688746521.60.0.0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com
ajax.googleapis.com
analytics.google.com
cdn.evgnet.com
cdn.jsdelivr.net
click.enews.thesource.ca
image.enews.thesource.ca
image.s6.exacttarget.com
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.googletagmanager.com
104.127.78.100
128.17.96.172
151.101.128.114
198.245.82.43
2001:4860:4802:34::181
23.54.68.141
2600:141b:e800:30::172f:9084
2607:f8b0:4004:c08::9c
2607:f8b0:4006:80e::200e
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200a
2a04:4e42:200::485
065f932798b92888008e96042cbdfd29fdd83c428b845954f92e92850ccbffc3
19a9a0222979d91a048ca3d6367ac0ace10cae32a7e68d1f50732d18d014505a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3423fecac379409439d908f16787f5f0cbd44bef84a0c1be858d1fd337fc4bb4
346c8a8cd4144c4c1b44a3c77086cbcd1a0b298aa954f859b64ff46e9f507dae
3a075f0edda0e96824eaecf7151629426ea15ec42ea86466c44689672b76015c
3f3db02df565392ce889a12cf337b91e45643bd9414c524768b6d465dd9d43c8
5e34bc6556a918f0c9debdb91e1ac140508a344e99cd51a1e457521421328de7
695e699db07b3649754a258b2546f7ceae35ef76f8549c2821ad0fbadfd65796
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76925b011f6f416137d58ba11e43626fe3932602ff552cda2d2c874d17c50354
956d37585023130920d6b70524079737f8a68f3c9168162ab79aa928b488363b
a5b552053239dac2a834eb4bd24f7087b808fb1197700eb05d4fa8d13bd47af6
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036
c24f00840d1f914712729ad04e30a69838b6b08336320dbfc18c8c1fa0dd2d9b
d9682541326a7953301d279b8ac1d18d4b828c019860788da474ee0309bd8b84
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1b72460263b43fd2c2d0b7ed494d3c56317b674ab2cd0dd2b9d567c015070fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1bdc20626a0d44ba236b13eb3411163fcb717b49e92798d4614b9ea1126fab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe943fa8dc9425e567fa15136c9d0828eb11d04c20b3895bd141c26d14444e74