m-p-s-v-gov.info
Open in
urlscan Pro
185.104.45.154
Malicious Activity!
Public Scan
Submission: On January 30 via manual from CZ — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 29th 2023. Valid for: 3 months.
This is the only time m-p-s-v-gov.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 185.104.45.154 185.104.45.154 | 200000 (UKRAINE-AS) (UKRAINE-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2606:4700:303... 2606:4700:3034::ac43:d8ed | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 20.47.118.183 20.47.118.183 | 8069 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 194.50.205.18 194.50.205.18 | 25093 (CSAS-) (CSAS-) | |
39 | 6 |
ASN200000 (UKRAINE-AS, UA)
PTR: web377.default-host.net
m-p-s-v-gov.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
m-p-s-v-gov.info
m-p-s-v-gov.info |
947 KB |
6 |
csas.cz
chat.csas.cz bezpecnost.csas.cz — Cisco Umbrella Rank: 863262 |
4 KB |
4 |
rsms.me
rsms.me — Cisco Umbrella Rank: 12151 |
307 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295 |
84 KB |
39 | 4 |
Domain | Requested by | |
---|---|---|
27 | m-p-s-v-gov.info |
m-p-s-v-gov.info
|
4 | rsms.me |
client
rsms.me |
3 | bezpecnost.csas.cz |
m-p-s-v-gov.info
|
3 | chat.csas.cz |
m-p-s-v-gov.info
|
1 | ajax.googleapis.com |
m-p-s-v-gov.info
|
39 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.csas.cz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.m-p-s-v-gov.info R3 |
2023-01-29 - 2023-04-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-07 - 2023-06-06 |
a year | crt.sh |
chat.csas.cz Thawte EV RSA CA 2018 |
2022-02-21 - 2023-02-21 |
a year | crt.sh |
bezpecnost.csas.cz DigiCert SHA2 Extended Validation Server CA |
2022-03-01 - 2023-03-27 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://m-p-s-v-gov.info/ceska/index.php?id=176
Frame ID: 65BF8ADC88394415C83A70D398B97742
Requests: 30 HTTP requests in this frame
Frame:
https://m-p-s-v-gov.info/ceska/web_css_icon/index_1.html
Frame ID: 60F337A0943BF86FF0AB53F8D7F0EAAC
Requests: 3 HTTP requests in this frame
Frame:
https://m-p-s-v-gov.info/ceska/web_css_icon/index_2.html
Frame ID: AD2193BE5BE2845B5562CFBF750DC291
Requests: 4 HTTP requests in this frame
Frame:
https://m-p-s-v-gov.info/ceska/web_css_icon/index_3.html
Frame ID: 187E6D488D30401B1E9F1C353C980382
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Přihlášení | Česká spořitelnaDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
m-p-s-v-gov.info/ceska/ |
63 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter.css
m-p-s-v-gov.info/ceska/web_css_icon/ |
7 KB 735 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.ef8f14f024131d18c7e2.js
m-p-s-v-gov.info/ceska/web_css_icon/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors-main.318bdbc78f9c084f0908.js
m-p-s-v-gov.info/ceska/web_css_icon/ |
1 MB 333 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.2a9f3cafa3319f0e8d2f.js
m-p-s-v-gov.info/ceska/web_css_icon/ |
280 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_.css
m-p-s-v-gov.info/ceska/web_css_icon/ |
1001 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2LZmtHYusKrGRpLNyTmR.js
m-p-s-v-gov.info/ceska/web_css_icon/ |
198 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20.63f54d13d6ae8261ba34.chunk.js
m-p-s-v-gov.info/ceska/web_css_icon/ |
30 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter-1.css
m-p-s-v-gov.info/ceska/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.png
m-p-s-v-gov.info/ceska/web_css_icon/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
44ff6a9edd32df91b2480e2d35e3bf57d1e0293f.svg
m-p-s-v-gov.info/ceska/web_css_icon/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flp.bundle.js
m-p-s-v-gov.info/ceska/web_css_icon/ |
1 MB 281 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
m-p-s-v-gov.info/ceska/ |
196 B 318 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
m-p-s-v-gov.info/ceska/ |
63 KB 63 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1cacd187cc65486f6d5aadf65974f8728830de7e.svg
m-p-s-v-gov.info/ceska/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
m-p-s-v-gov.info/ceska/web_css_icon/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
m-p-s-v-gov.info/ceska/web_css_icon/ |
57 KB 57 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_1.html
m-p-s-v-gov.info/ceska/web_css_icon/ Frame 60F3 |
525 B 690 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_2.html
m-p-s-v-gov.info/ceska/web_css_icon/ Frame AD21 |
529 B 693 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_3.html
m-p-s-v-gov.info/ceska/web_css_icon/ Frame 187E |
882 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c169c1360361128da2043506893f7748.svg
m-p-s-v-gov.info/ceska/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9716d7ac9733e950e987ac3624b1500f.svg
m-p-s-v-gov.info/ceska/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.c8f33b0eef05317e119f.js
m-p-s-v-gov.info/ceska/web_css_icon/ Frame 60F3 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.ddcb200acf315404b615.esm.js
m-p-s-v-gov.info/ceska/web_css_icon/ Frame 60F3 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.c8f33b0eef05317e119f-1.js
m-p-s-v-gov.info/ceska/web_css_icon/ Frame AD21 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.113ab5d88af699e60139.esm.js
m-p-s-v-gov.info/ceska/web_css_icon/ Frame AD21 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
m-p-s-v-gov.info/ceska/web_css_icon/ Frame AD21 |
196 B 317 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter.css
rsms.me/inter/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c169c1360361128da2043506893f7748.svg
chat.csas.cz/ |
470 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9716d7ac9733e950e987ac3624b1500f.svg
chat.csas.cz/ |
231 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
e5932cce-0705-4261-9194-3bd482aba287
chat.csas.cz/api/channels/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e5932cce-0705-4261-9194-3bd482aba287
chat.csas.cz/api/channels/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Bold.woff2
rsms.me/inter/font-files/ |
104 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.woff2
rsms.me/inter/font-files/ |
97 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-SemiBold.woff2
rsms.me/inter/font-files/ |
103 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fl
bezpecnost.csas.cz/webdi/ |
192 B 527 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fl
bezpecnost.csas.cz/webdi/ |
60 B 394 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fl
bezpecnost.csas.cz/webdi/ |
132 B 467 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- chat.csas.cz
- URL
- https://chat.csas.cz/api/channels/e5932cce-0705-4261-9194-3bd482aba287
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
January 30th 2023, 5:48:38 pm
UTC —
From Czech Republic
Threats:
Phishing
Comment: Phishing site targeting Ceska sporitelna a.s., does not seem to be geofenced
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
164 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| webpackJsonp function| jQuery function| $ object| angular object| msrCrypto object| Base64 function| b64ToUint6 function| base64DecToArr function| uint6ToB64 function| base64EncArr function| UTF8ArrToStr function| strToUTF8Arr object| nconn_extensionID object| lastCallbackArr object| pluginNativeWrapper object| pluginNPAPIWrapper object| npapiPluginID string| TECH_TYPE_PLUGIN string| TECH_TYPE_CHROME_NATIVE string| TECH_TYPE_NONE string| FAILURE_CAUSE_NONE string| FAILURE_CAUSE_EXTENSION string| FAILURE_CAUSE_BINARIES string| currentTechType string| failureCause number| restartNative function| setExtensionID function| setNPAPIPluginID function| getPluginNativeWrapper function| getPluginNPAPIWrapper function| nm_isChrome function| nm_isFirefox function| nm_isFirefoxEligibleVersion function| nm_supportsNativeMessaging function| getPluginWrapper function| getTechnologyType function| getNMFailureCause function| handleComponentVersion function| encodeValue function| passInitParams function| nativeMethodCallImpl function| toValueType function| registerNativeMethod function| registerNativeMethodS function| registerNPAPIMethod function| registerMethodS function| registerMethod function| registerProtectionFuncs function| registerCommonFuncs function| nm_browserSendMessage function| connectNative function| disconnectNative function| sendInvokeMessage function| removeCallback function| checkSendResult function| doUpdateNative function| doUpdateNativeBase function| doUpdate_DownloadFile function| updateProgress function| nconn_asyncForEach function| nconn_asyncForEach_iter object| locale object| pageDocument function| drawProgressWithScale function| drawProgress function| showProgressBar function| hideProgressBar function| setModalLocale function| initModal function| initModalProgressBar function| createModalProgressBar object| sk object| cz object| en function| json_parse function| DeviceManagerJS function| ULogInstance function| LastAction function| X509Helper function| Params function| SubjectParams function| AltNameParams function| KeyUsageParams function| ExtendedKeyUsageParams function| RepersoStatus function| RootUpdateStatus function| RepersoCardStatus function| RootUpdateCardStatus function| isIE function| trim function| lPad function| isEmpty function| update function| asynchroUpdate function| unloadTestCards function| restoreTestCards function| newXMLHttpRequest function| getReadyStateHandler function| setAjaxTimeout function| ajaxSuccessfull function| ajaxStartError function| ajaxError function| handleFinish function| handleCancel function| getStatusSuccessfull function| getScriptProgress number| AJAX_TIMEOUT function| checkCertRequestCreation function| checkManagerAsyncFileOperation function| isEmailValid function| isUnix function| getLoginAsyncRes function| getSignAsyncRes function| showLightbox function| hideLightbox function| initLightbox function| getPageSize function| retryInit function| CommonDeviceManagerJS function| ManagerDeviceManagerJS object| initialisedKAK object| initialisedComponentType object| lastDeviceManager number| retryCounterDM number| retryMaxCountDM object| storedExtensionID function| dm_checkConsole function| dm_setExtensionID object| storedInstallCallback function| dm_setInstallCallback function| initManager function| initManagerFull string| CARD_NOT_PRESENT string| PROGRESS_FINISHED string| BAD_EMAIL_FORMAT string| INCORRECT_OR_LOCKED_PIN string| OLD_KAK string| CARD_BLOCKED string| PIN_BLOCKED_UNBLOCK string| OPERATION_CANCELED string| DEVICE_REMOVED string| UNBLOCKED_OK object| wpJsonpWebchatWidget boolean| ajax_disabled object| webinject_config string| eventObf function| cls undefined| unload_backup_handler object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| saveAs function| webchat object| w2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
m-p-s-v-gov.info/ | Name: Gfj3EU Value: 2puhsxNXBytmHpecsPB6X7bxPCMhmJJg |
|
m-p-s-v-gov.info/ | Name: 7tzWL9 Value: tUoD1epE4ooCA3PRU0PSIzHpQOVGzb5d |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bezpecnost.csas.cz
chat.csas.cz
m-p-s-v-gov.info
rsms.me
chat.csas.cz
185.104.45.154
194.50.205.18
20.47.118.183
2606:4700:3034::ac43:d8ed
2a00:1450:4001:806::200a
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
26573315e5fc793a4d1d1e623a4054ed8d4517433f8dd6f2a4fa3b053c727c63
3a4f8b17283cfc14662079bd7d6b3e3c3e2918e839a2c07afad17f160bc146ee
3e8a8c506dafe59974e77a60074a6d7a2fe346de0a2a50b168d836161f8208f6
3f2a2d9950edfffb7cd69bab6dd53db2d88fa7d9bf17520a247f60a2a64d9874
4128500f4d86dcb7a377e402f85ba9905472ab0879709a8872a6788d61ce0024
4c4f56a7bc1d31de62c00ae2801f3139b8e7ef3623b0add8e01feccbd6050e67
4d72155967d9a17d9aeaa7644f85f362257372842df094ae7ae9aad643a2ea33
540e62cedd2278d5aa54cc9b4ed43045e0aa3f971b528016acf7667da495871e
5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021
642e3a062ad184ea562867bf86def3e80bbf7bdedc5440d0abdc717bde0f6d9a
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
82814ef5d9fb6cf2b69f469c5254510db5a336113ec94d8097430f8fecbf8bf0
880380c730e3d424df90795ae8313ccec8502d0e30e6743002cf5f0d6f7dbce0
89c53a96eb6ae5b0b753be1b7738025343b97effbc2a05f53b9412cd8ba4bdfa
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
94df16ac2dff0a5cbb7732c956c09f82993d6013b2aa205019a57a3c264fe626
a0a239935b3261932264ae2154ec672799a580ed5dfe97c337d23f7a027bdebe
a9267e927cbb111b078104ba2b76d1a2e14adb273db1e6debd13b8d17f1a0bd7
b53b137887a7dbc97f2acd23537cf27535ddb617813def49b4076b4a61203a9b
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
d06ef4830e3b8241c38194aa3ef859afab736b7bf3829217d5e9efa14b97b110
d096fd606558a1fd5268206fb67c73a081511a91cdd331985d7d2dfc0e677fc2
d22b8764836cba9d4335eb12ad71e4fc354ef2a412457af50fac0bb3d1e6a191
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75298c25df2487aa33d0820264d84d84f91889d540c8b97d5492d6d5b0d0957
f1fb8f53467f5abcaf1a367b8d9e30028b0cf5497822f46c7185ed3902144b08
fba98e5a60a60bfb25ba5617678d176f87227e63b24c8b2b448a55b16f83903c
fbdfae66ba9a8cfc23fb55cfe2eef9b0696ef9a2023a9897ab9336671c72c365