40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
Open in
urlscan Pro
129.211.179.197
Malicious Activity!
Public Scan
Submission: On August 14 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 13th 2023. Valid for: a year.
This is the only time 40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BCE-Bell (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 129.211.179.197 129.211.179.197 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
4 | 142.250.207.99 142.250.207.99 | 15169 (GOOGLE) (GOOGLE) | |
7 | 209.71.212.18 209.71.212.18 | 577 (BACOM) (BACOM) | |
2 | 172.217.175.68 172.217.175.68 | 15169 (GOOGLE) (GOOGLE) | |
1 | 69.16.175.10 69.16.175.10 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.251.222.42 142.251.222.42 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.42.170 142.251.42.170 | 15169 (GOOGLE) (GOOGLE) | |
1 | 149.137.137.254 149.137.137.254 | 40401 (BACKBLAZE) (BACKBLAZE) | |
34 | 11 |
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com |
ASN15169 (GOOGLE, US)
PTR: kix06s11-in-f3.1e100.net
www.gstatic.com |
ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com | |
stackpath.bootstrapcdn.com |
ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f10.1e100.net
ajax.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f10.1e100.net
fonts.googleapis.com |
ASN40401 (BACKBLAZE, US)
PTR: s3.us-east-005.backblazeb2.com
bellsubscriber.s3.us-east-005.backblazeb2.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
myqcloud.com
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com |
132 KB |
7 |
bell.net
webmail.bell.net — Cisco Umbrella Rank: 565123 |
2 MB |
4 |
gstatic.com
www.gstatic.com |
176 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 392 fonts.googleapis.com — Cisco Umbrella Rank: 67 |
31 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 986 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2763 |
28 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
2 KB |
1 |
backblazeb2.com
bellsubscriber.s3.us-east-005.backblazeb2.com |
8 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 245 |
7 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 752 |
24 KB |
34 | 9 |
Domain | Requested by | |
---|---|---|
11 | 40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
7 | webmail.bell.net |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
webmail.bell.net bellsubscriber.s3.us-east-005.backblazeb2.com |
4 | www.gstatic.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
www.google.com |
2 | www.google.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | bellsubscriber.s3.us-east-005.backblazeb2.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | fonts.googleapis.com |
webmail.bell.net
|
1 | stackpath.bootstrapcdn.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | ajax.googleapis.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | maxcdn.bootstrapcdn.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | cdnjs.cloudflare.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | code.jquery.com |
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
34 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
mybell.bell.ca |
support.bell.ca |
www.bell.ca |
bell.net |
bundles.bell.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cos.ap-nanjing.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-03-13 - 2024-04-13 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
bell.net Entrust Certification Authority - L1K |
2023-06-26 - 2024-07-26 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
backblazeb2.com R3 |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Frame ID: 5CE1E34B1EDAB37EB9866990E5D164BD
Requests: 27 HTTP requests in this frame
Frame:
https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html
Frame ID: 549BE4ADCE0F7928093DE1BBE68B94BE
Requests: 6 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Frame ID: 25504206E6B5F8F14C7EE862C4DFD887
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Bell emailDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Email Address
Search URL Search Domain Scan URL
Title: Create a new email address
Search URL Search Domain Scan URL
Title: Find out more
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Legal & Regulatory
Search URL Search Domain Scan URL
Title: Shop for Bell services
Search URL Search Domain Scan URL
Title: Bell Mobility
Search URL Search Domain Scan URL
Title: Bell TV
Search URL Search Domain Scan URL
Title: Bell Internet
Search URL Search Domain Scan URL
Title: Bell Home phone
Search URL Search Domain Scan URL
Title: Bell Bundles
Search URL Search Domain Scan URL
Title: Support for Bell services
Search URL Search Domain Scan URL
Title: Bell Mobility support
Search URL Search Domain Scan URL
Title: Bell TV support
Search URL Search Domain Scan URL
Title: Bell Internet support
Search URL Search Domain Scan URL
Title: Bell Home phone support
Search URL Search Domain Scan URL
Title: Billing account support
Search URL Search Domain Scan URL
Title: My Services
Search URL Search Domain Scan URL
Title: My bills
Search URL Search Domain Scan URL
Title: My profile
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ |
130 KB 131 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell_common.js
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/static/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux.css
webmail.bell.net/bell/ux/ |
2 MB 2 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UXConfig.js
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
localization.js
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
webmail.bell.net/bell/login/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flush.css
webmail.bell.net/bell/login/css/ |
82 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux.js
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
909 B 900 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
688 B 773 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
bellsubscriber.s3.us-east-005.backblazeb2.com/ Frame 549B |
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_transparent.gif
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
440 B 440 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_gradRibbon.gif
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
443 B 443 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bellslim_semibold-webfont.woff
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
465 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
465 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 2550 |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ |
438 KB 176 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_cBoxExtra.png
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
442 B 442 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_mainExtra.gif
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
438 B 438 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontello.woff
webmail.bell.net/bell/ux/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 2550 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 2550 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bellslim_semibold-webfont.ttf
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontello.ttf
webmail.bell.net/bell/ux/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.css
webmail.bell.net/bell/header/css/ Frame 549B |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
header.js
webmail.bell.net/bell/header/js/ Frame 549B |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flush.css
webmail.bell.net/bell/header/css/ Frame 549B |
81 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell.myBell.core.css
webmail.bell.net/bell/header/css/ Frame 549B |
31 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell.connector.css
webmail.bell.net/bell/header/css/ Frame 549B |
139 KB 140 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webmail.bell.net
- URL
- https://webmail.bell.net/bell/ux/font/fontello.woff?v=3.1.3.42.0-6
- Domain
- webmail.bell.net
- URL
- https://webmail.bell.net/bell/ux/font/fontello.ttf?v=3.1.3.42.0-6
- Domain
- webmail.bell.net
- URL
- https://webmail.bell.net/bell/header/js/header.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BCE-Bell (Telecommunication)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| $ function| jQuery function| Popper object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
40secondsvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
ajax.googleapis.com
bellsubscriber.s3.us-east-005.backblazeb2.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
webmail.bell.net
www.google.com
www.gstatic.com
webmail.bell.net
104.17.25.14
104.18.11.207
129.211.179.197
142.250.207.99
142.251.222.42
142.251.42.170
149.137.137.254
172.217.175.68
209.71.212.18
69.16.175.10
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0bbecc21cca446c905902af0936c9c06c3db45801c625c57221a96eee6db36f8
0f5d0f81e36d70ea35e6d8340b1aac212e0b327d2e0445b6950e233195e08039
14e72a142eec1c65433ecb350e38c51798b6e01a37f237c023e5e5bff168f0c1
1daef9aa2ed296bec775fdc0c3670f816675195562e7efc82475649b0114f5f1
2c7e81fc045dc1f57aa937e78561df432578ce10dff9b245cb9ca6ee668468b5
3fd6d57e03df33a5ee7f4b3e9b47076a7d4a10da97749fe831d4c58eda06d1c2
4cc0e51431f59835990a95e931e3961e4a04fa98b59b0c5a8ffe165ee7e0b781
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5768d4745eedd1e8cbd772857e111f0f015fa95a4dce08dada501921441e3570
752a2fd980c99dcabae0aa552cd99fe9794cdf49febea1ee1c90319990b6566c
7b65545f1615e7ed4bc6b07605798ac24907367ddeee2744ab5381bf3d5f8185
7e5465fea0c74f1a06e035893dfd0fe6c16a0c734c764f775e669682ae4fca4a
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b481176efea56e19c4ba3877878d1ff78a6705be58a7057cf2b68d676023b5ab
b5a8bdf3533e9600a7e8748463972cc25dc1e8d027573dd8ed0ccba79c478e24
beb19ccd981b1b2219adf7a8b5c0108825dc1222b33e8fdadcaa7ef68b0d6a3c
d3e85b8c519c92d5c82e4e1b89a0e3464c9d5b2d4a82695d8cd8827329d921a1
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec71e859cabf50ec67940fb182b47730aeeb02ff441bc8acda102b934a1d10bd
f20f1deea159d245f00bcc89df9ca7290a92465a044728c0f21f6ebf8e38cba6
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b