![](/screenshots/c1ffa903-f32a-4e49-aaed-bfc847497d4f.png)
petroleumplusclientsb2c.b2clogin.com
Open in
urlscan Pro
2603:1027:1:d8::7
Public Scan
Effective URL: https://petroleumplusclientsb2c.b2clogin.com/petroleumplusclientsb2c.onmicrosoft.com/b2c_1_petrolboxclient/oauth2/v2.0/authorize?client_id=b9...
Submission Tags: phishingrod
Submission: On June 25 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 9th 2024. Valid for: a year.
This is the only time petroleumplusclientsb2c.b2clogin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 20.50.2.26 20.50.2.26 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2606:4700:303... 2606:4700:3036::6815:1b98 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2603:1027:1:d... 2603:1027:1:d8::7 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.60.250.75 20.60.250.75 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 8 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
petroleumplus-client.petrolbox.com.ua |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
petroleumplusclientsb2c.b2clogin.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
petrolbox.blob.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
petrolbox.com.ua
petroleumplus-client.petrolbox.com.ua |
497 KB |
3 |
gstatic.com
fonts.gstatic.com |
48 KB |
3 |
b2clogin.com
petroleumplusclientsb2c.b2clogin.com |
68 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
2 KB |
1 |
windows.net
petrolbox.blob.core.windows.net |
135 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286 |
22 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1381 |
12 KB |
16 | 7 |
Domain | Requested by | |
---|---|---|
6 | petroleumplus-client.petrolbox.com.ua |
petroleumplus-client.petrolbox.com.ua
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | petroleumplusclientsb2c.b2clogin.com |
petroleumplus-client.petrolbox.com.ua
petroleumplusclientsb2c.b2clogin.com |
1 | fonts.googleapis.com |
petroleumplusclientsb2c.b2clogin.com
|
1 | petrolbox.blob.core.windows.net |
petroleumplusclientsb2c.b2clogin.com
|
1 | maxcdn.bootstrapcdn.com |
petroleumplus-client.petrolbox.com.ua
|
1 | use.fontawesome.com |
petroleumplus-client.petrolbox.com.ua
|
16 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
petroleumplus-client.petrolbox.com.ua GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2024-06-24 - 2024-12-24 |
6 months | crt.sh |
use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2024-05-09 - 2025-05-09 |
a year | crt.sh |
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-06-20 - 2025-06-15 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://petroleumplusclientsb2c.b2clogin.com/petroleumplusclientsb2c.onmicrosoft.com/b2c_1_petrolboxclient/oauth2/v2.0/authorize?client_id=b978f4a2-f821-4a6b-9c99-3b20744f1558&scope=https%3A%2F%2Fpetroleumplusclientsb2c.onmicrosoft.com%2Fpetrolbox.server%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fpetroleumplus-client.petrolbox.com.ua%2F&client-request-id=fbd8a585-7d42-499f-9993-b3a80e7d12d3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=i4c2oIvuk6VAZcXP6j8yeX02LqUXKVlGRDy2uMpw08o&code_challenge_method=S256&nonce=a086ec14-e56c-439d-87a7-0309452aa698&state=eyJpZCI6IjE3MTE3ODYyLTE3OWQtNGQzZC1iMDM0LTg3NmFiZjA5MGQ4MSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: 370B5887917A334E10AAAD15BA7F573E
Requests: 18 HTTP requests in this frame
Screenshot
![](/screenshots/c1ffa903-f32a-4e49-aaed-bfc847497d4f.png)
Page Title
Sign in to PetrolBox.ClientPage URL History Show full URLs
- https://petroleumplus-client.petrolbox.com.ua/ Page URL
- https://petroleumplusclientsb2c.b2clogin.com/petroleumplusclientsb2c.onmicrosoft.com/b2c_1_petrolboxclient/oauth2/v2.0/au... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://petroleumplus-client.petrolbox.com.ua/ Page URL
- https://petroleumplusclientsb2c.b2clogin.com/petroleumplusclientsb2c.onmicrosoft.com/b2c_1_petrolboxclient/oauth2/v2.0/authorize?client_id=b978f4a2-f821-4a6b-9c99-3b20744f1558&scope=https%3A%2F%2Fpetroleumplusclientsb2c.onmicrosoft.com%2Fpetrolbox.server%2Fuser_impersonation%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fpetroleumplus-client.petrolbox.com.ua%2F&client-request-id=fbd8a585-7d42-499f-9993-b3a80e7d12d3&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=i4c2oIvuk6VAZcXP6j8yeX02LqUXKVlGRDy2uMpw08o&code_challenge_method=S256&nonce=a086ec14-e56c-439d-87a7-0309452aa698&state=eyJpZCI6IjE3MTE3ODYyLTE3OWQtNGQzZC1iMDM0LTg3NmFiZjA5MGQ4MSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
petroleumplus-client.petrolbox.com.ua/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.6.1/css/ |
52 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.c316f88b.chunk.css
petroleumplus-client.petrolbox.com.ua/static/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.ca97035b.chunk.css
petroleumplus-client.petrolbox.com.ua/static/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.26b767e8.chunk.js
petroleumplus-client.petrolbox.com.ua/static/js/ |
1 MB 387 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f3832b3d.chunk.js
petroleumplus-client.petrolbox.com.ua/static/js/ |
161 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
petroleumplusclientsb2c.b2clogin.com/petroleumplusclientsb2c.onmicrosoft.com/b2c_1_petrolboxclient/v2.0/.well-known/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
petroleumplus-client.petrolbox.com.ua/ |
63 KB 64 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
petroleumplusclientsb2c.b2clogin.com/petroleumplusclientsb2c.onmicrosoft.com/b2c_1_petrolboxclient/oauth2/v2.0/ |
151 KB 66 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
petrolbox.client.signin.html
petrolbox.blob.core.windows.net/petrolboxclient/ |
134 KB 135 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
63 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
26 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
28 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
perftrace
petroleumplusclientsb2c.b2clogin.com/petroleumplusclientsb2c.onmicrosoft.com/B2C_1_PetrolBoxClient/client/ |
0 447 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady function| onFocus function| onBlur function| addShowPassword function| app6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.petroleumplus-client.petrolbox.com.ua/ | Name: ARRAffinity Value: 22a1fb85e703bb80f057e72d317698c8c265842c9a418182de5f0b9d3b478d45 |
|
.petroleumplus-client.petrolbox.com.ua/ | Name: ARRAffinitySameSite Value: 22a1fb85e703bb80f057e72d317698c8c265842c9a418182de5f0b9d3b478d45 |
|
.petroleumplusclientsb2c.b2clogin.com/ | Name: x-ms-cpim-sso:petroleumplusclientsb2c.onmicrosoft.com_0 Value: m1.1XFTpOnclIRL0ds5.1SiI8kstg5dkbBwZonzaUw==.0.Cj5rHBPNxqkmgwJFRc6bYwvYtRAUNXFjUBvkDLf+bDu2+BvIVhoLHCzGJg0hxrup+j3JtuoDiueDByFyekbR4wyKGAwzAWttNK/PmMfqyI0epkXzSfkuJ5vxBJtH0uNrC+yYi9Qgi3rXuNKZ6FiyEQMboxOiksDusPJTeVsPwtPPqhbUW3ZMlQPMHnDKtgUnuqFDFLPYU+Zlw7nN+a/Tosfeutcx45hqEw/yy6j3Y1ispNUcBI7eH5Cueo4hPZkFLwJkRGBk3nsNh1l0KpwzzmoIBnI+HM4HAF5Ne43UnvP92ZkDmAdh5NP5jW+xUj7w/qzPbvHH0QNFtPwwYlNNsEXdCrvc8WxBlAGKCsFGFw== |
|
.petroleumplusclientsb2c.b2clogin.com/ | Name: x-ms-cpim-csrf Value: Tmo4YktXdWNvOTB4aUtyWExBZnEyTXQvT3ZMYXVwMzBiZEk0WjNxVjlQS0dRSUdDRXNsWmY5cTJMMGJ2QkQvQ0U0bVVCZ2cremcxS0U4S1hoc0pMQ0E9PTsyMDI0LTA2LTI1VDA0OjI2OjU3LjM0ODgyNTVaO3haZThUbWt6VkVDM2lSRnZtcjdWRUE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ== |
|
.petroleumplusclientsb2c.b2clogin.com/ | Name: x-ms-cpim-cache|lnltg5ouz06dgk_2avataa_0 Value: m1.+A8iCfVMAioK1AGd.9fXllDvdEI3xp3z7UXMeTw==.0.l5JNi6CNmMHK8QS1kLQuDemlbhGvRXoeWlXHQem8nKJIpWQZFzqtguByPtm/4YUZ4kERyccN1aL4IZ2mSE4Vlk8xie0QoO1wrY1rkj7MLkvM5GzobdRIo8j6hh2BBX8N5gsE1qwilAvZ8ZpvBkjjF2UUBJYJge2PmGMHubJZec5bS8uP1BdGbr4DeoVoV+eoSzyGk5gxGb8lyeAqWjS1tiz0Ur4lQ6hAWGOypv6Cm92I9xQEeAEmYNRYzblC7kfMDy8h4G4jUL/1AamZZrLdpDJ/eHRhVwP6Dd8rYofADqvAzoy6qwJAH+wEhUWkEcIER4gjOGxyYVuX4zHhC2wqetIM+mtlq6aZEE5DSjFq3go3vWxBMcsYRwAyDJ1vdX6XGuJ4AH0ZuZwAFoLlDSPBI0uhf8/dsowLDtOt+KDETUfH8EL4M8bXQCUnHzOtrzI182hPB+IsSYZ/DqYSZ0lUWhdOSwJsWYr+cV70CgwCwedmndL32jDnB6MOBQjOynkOhg+pOGIPTIC/OuncEO33jZ+kDyGhd1ofM08DCfLwYgMcHM1xWX9IsNx5EcYEY4SHg7qLE2/lbSYUrSmOwNDEwwEPvs5rOuIRBdcM0jjbdkx2f000iX5B0hnE83wsG+jsuV0UhahD33oUhS3DmQhpjvDPTiv1uEGeDUHeJrjzptVxj19lYCyx2zbx522/AJa3nHcCfxFb+T/L3rw3mX6T0UcxLmW8TRUsWVmYUNFAMCiPMFtpz1MQhcjeQ1luPYTMS7r2fYTK7LlfccEZKsHWMa37qJk6402kr036k7HBbUi0TMaqeZIl/WjQYIwJwJpx65igvtFiYzscKTVe7UoJzuEQVgUbu6yy+wV07Srui5+ryrMjrNk3n5JOnFMSfyuTRsGMutVDJK8nFtNmp6RdtuZisb87NWk8t4HtQe3iQ2uhfRMe/bWR2tlyVQsZf3xcdSLXhvNEQlB+heZovjo3Qiz9iiSfYo+VcLl/Ez4G/a46yURXgrTh9JvKRkYlRb1AlXBRbp54kmId4x9733sPOY2KkvTiWvor/7VbPsDdIJUnzLOkmJxCAhuVN4YYJgqLnPzIZ178gZ6MY+ePriR7No47tFQfjpjlzUPJtryOQyZZUDQpsy65rJeZAJ0YHPTKN3D57dvHrgl35VCU8a19ppSaqUROEBq1a9XQmpg91IaI8iWYE+n2pQwtMKGwJL1zAdx2CTCdcdkoz5WgzeM7UJrXMtkfLYHvi1u54NiT3QG9Fvs7yBoUXnrSWWEIFT4lCkSIIm4af1hkIlVBQoAIbfGKykjVNJwt8/pHGhj3qpM8wyuu+d6aT9Igqv0bB4bCgX+uyk3vAUHN3C9dUmqkhK/6wP1sX7xQMA35KgiQdpDYFu/OR3wv3Yp8owgxsJXh7mF/ZE/N5VGaZ8a8bxDUjCOxjh2lBwgGMSdIG/nibgdoJ1aGdfVRDKiMx7A8eXPzU8olMIJ5cI5eXYvj/Lq9 |
|
.petroleumplusclientsb2c.b2clogin.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjgzNTM3OTJlLTk0OTMtNGU2Ny05ZDFhLTRmZjYwMTU2YWQ2OCIsIlQiOiJwZXRyb2xldW1wbHVzY2xpZW50c2IyYy5vbm1pY3Jvc29mdC5jb20iLCJQIjoiYjJjXzFfcGV0cm9sYm94Y2xpZW50IiwiQyI6ImI5NzhmNGEyLWY4MjEtNGE2Yi05Yzk5LTNiMjA3NDRmMTU1OCIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiODM1Mzc5MmUtOTQ5My00ZTY3LTlkMWEtNGZmNjAxNTZhZDY4In0= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
petrolbox.blob.core.windows.net
petroleumplus-client.petrolbox.com.ua
petroleumplusclientsb2c.b2clogin.com
use.fontawesome.com
104.18.10.207
20.50.2.26
20.60.250.75
2603:1027:1:d8::7
2606:4700:3036::6815:1b98
2a00:1450:4001:800::200a
2a00:1450:4001:829::2003
20fd4696aa495862e940ff7c9b679a6bf4560101ff1f902e1398c594df86ffc5
2f0990f4a3290fef4f18f4cb3c57544ede4d29b3f671f27698a7d77d84888707
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40524c07d4d2a2a757a66d0f4fafcaedc0bdc3511018be6f71933c8722fe314c
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
4cae723686c8b638d9f362e24c6dd478c1803e28bfe0a9f5dddf8eca02a21aee
4eb0c04228dba5578a1eea465369870866c5c604e383ae5470f8ba17d392cde2
5d32d87b188262ac9aba49f767d6a111634394aeb6f49072dbbedd66d074dd4f
6e74e2ebb55286b2fd0b30a8fb66fc919417b285137e9b8c945d2945477bf52a
d8d919c80b0e2a549f8bd9170db7aa16887c849c4a0bafbf3f4329cd8d5d5e68
e11039439c12e052b33a86235f4bad8caadfd436778c76b8a39f29603cdec048
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec11d628cf78ca2690fc5be5144e93a5857d3a3a5785b83001deb10c3e80d307
f678c9f613bf66db7fa0efd0e1cd638bc118d05fe14d5cb8f6505cb02ff41617
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc23c0754b665329ef91a963e63050acbf912d3837b053772859ce7044eabf28