recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
Open in
urlscan Pro
129.211.179.197
Malicious Activity!
Public Scan
Submission: On August 18 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 13th 2023. Valid for: a year.
This is the only time recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BCE-Bell (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 129.211.179.197 129.211.179.197 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
4 | 2404:6800:400... 2404:6800:4004:824::2003 | 15169 (GOOGLE) (GOOGLE) | |
7 | 209.71.212.18 209.71.212.18 | 577 (BACOM) (BACOM) | |
2 | 2404:6800:400... 2404:6800:4004:822::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:4004:824::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:825::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 149.137.137.254 149.137.137.254 | 40401 (BACKBLAZE) (BACKBLAZE) | |
34 | 11 |
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com |
ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com | |
stackpath.bootstrapcdn.com |
ASN40401 (BACKBLAZE, US)
PTR: s3.us-east-005.backblazeb2.com
bellsubscriber.s3.us-east-005.backblazeb2.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
myqcloud.com
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com |
132 KB |
7 |
bell.net
webmail.bell.net — Cisco Umbrella Rank: 886480 |
2 MB |
4 |
gstatic.com
www.gstatic.com |
181 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 424 fonts.googleapis.com — Cisco Umbrella Rank: 73 |
31 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1179 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3131 |
28 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
3 KB |
1 |
backblazeb2.com
bellsubscriber.s3.us-east-005.backblazeb2.com |
8 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277 |
7 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 985 |
24 KB |
34 | 9 |
Domain | Requested by | |
---|---|---|
11 | recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
7 | webmail.bell.net |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
webmail.bell.net bellsubscriber.s3.us-east-005.backblazeb2.com |
4 | www.gstatic.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
www.google.com |
2 | www.google.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | bellsubscriber.s3.us-east-005.backblazeb2.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | fonts.googleapis.com |
webmail.bell.net
|
1 | stackpath.bootstrapcdn.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | ajax.googleapis.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | maxcdn.bootstrapcdn.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | cdnjs.cloudflare.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
1 | code.jquery.com |
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
|
34 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
mybell.bell.ca |
support.bell.ca |
www.bell.ca |
bell.net |
bundles.bell.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cos.ap-nanjing.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-03-13 - 2024-04-13 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
bell.net Entrust Certification Authority - L1K |
2023-06-26 - 2024-07-26 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
backblazeb2.com R3 |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Frame ID: 451C37A9FDBBCA25999BFFF34060726E
Requests: 27 HTTP requests in this frame
Frame:
https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html
Frame ID: DFB654D76B4577AD155E5C4053FAF446
Requests: 7 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Frame ID: 732017E54ACE385937D8BD43E195B6F1
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Bell emailDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Email Address
Search URL Search Domain Scan URL
Title: Create a new email address
Search URL Search Domain Scan URL
Title: Find out more
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Legal & Regulatory
Search URL Search Domain Scan URL
Title: Shop for Bell services
Search URL Search Domain Scan URL
Title: Bell Mobility
Search URL Search Domain Scan URL
Title: Bell TV
Search URL Search Domain Scan URL
Title: Bell Internet
Search URL Search Domain Scan URL
Title: Bell Home phone
Search URL Search Domain Scan URL
Title: Bell Bundles
Search URL Search Domain Scan URL
Title: Support for Bell services
Search URL Search Domain Scan URL
Title: Bell Mobility support
Search URL Search Domain Scan URL
Title: Bell TV support
Search URL Search Domain Scan URL
Title: Bell Internet support
Search URL Search Domain Scan URL
Title: Bell Home phone support
Search URL Search Domain Scan URL
Title: Billing account support
Search URL Search Domain Scan URL
Title: My Services
Search URL Search Domain Scan URL
Title: My bills
Search URL Search Domain Scan URL
Title: My profile
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ |
130 KB 131 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell_common.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/static/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux.css
webmail.bell.net/bell/ux/ |
2 MB 2 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UXConfig.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
localization.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
webmail.bell.net/bell/login/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flush.css
webmail.bell.net/bell/login/css/ |
82 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
688 B 773 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
465 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
465 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
bellsubscriber.s3.us-east-005.backblazeb2.com/ Frame DFB6 |
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_transparent.gif
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
440 B 440 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_gradRibbon.gif
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
439 B 439 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bellslim_semibold-webfont.woff
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 7320 |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ |
450 KB 181 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_cBoxExtra.png
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
438 B 438 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_mainExtra.gif
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ |
438 B 438 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontello.woff
webmail.bell.net/bell/ux/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 7320 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 7320 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bellslim_semibold-webfont.ttf
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.css
webmail.bell.net/bell/header/css/ Frame DFB6 |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.js
webmail.bell.net/bell/header/js/ Frame DFB6 |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flush.css
webmail.bell.net/bell/header/css/ Frame DFB6 |
81 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bell.myBell.core.css
webmail.bell.net/bell/header/css/ Frame DFB6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell.connector.css
webmail.bell.net/bell/header/css/ Frame DFB6 |
139 KB 140 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontello.ttf
webmail.bell.net/bell/ux/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame DFB6 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webmail.bell.net
- URL
- https://webmail.bell.net/bell/ux/font/fontello.woff?v=3.1.3.42.0-6
- Domain
- webmail.bell.net
- URL
- https://webmail.bell.net/bell/header/css/bell.myBell.core.css
- Domain
- webmail.bell.net
- URL
- https://webmail.bell.net/bell/ux/font/fontello.ttf?v=3.1.3.42.0-6
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BCE-Bell (Telecommunication)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| documentPictureInPicture function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| Popper object| bootstrap object| recaptcha0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bellsubscriber.s3.us-east-005.backblazeb2.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
stackpath.bootstrapcdn.com
webmail.bell.net
www.google.com
www.gstatic.com
webmail.bell.net
129.211.179.197
149.137.137.254
2001:4de0:ac18::1:a:1a
209.71.212.18
2404:6800:4004:822::2004
2404:6800:4004:824::2003
2404:6800:4004:824::200a
2404:6800:4004:825::200a
2606:4700::6811:180e
2606:4700::6812:bcf
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0bbecc21cca446c905902af0936c9c06c3db45801c625c57221a96eee6db36f8
0f5d0f81e36d70ea35e6d8340b1aac212e0b327d2e0445b6950e233195e08039
14e72a142eec1c65433ecb350e38c51798b6e01a37f237c023e5e5bff168f0c1
2c7e81fc045dc1f57aa937e78561df432578ce10dff9b245cb9ca6ee668468b5
416782e76f89fd063cc951f505075e2668b7c3652293031c10607defbf7c7fb4
4cc0e51431f59835990a95e931e3961e4a04fa98b59b0c5a8ffe165ee7e0b781
56164731ad7400a20187cc221dd05919717e46497c8dd246d7337ecdc1457972
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
65bd3fb04d2415c7c3a4ff35894d86c88e7dfc11e1d258a87d7c177b010a1820
752a2fd980c99dcabae0aa552cd99fe9794cdf49febea1ee1c90319990b6566c
7e5465fea0c74f1a06e035893dfd0fe6c16a0c734c764f775e669682ae4fca4a
832bbbcdc99ec79e2413dfff697c9b0c704ca2c649c5ff913ff99973ddeaf9dd
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9774448250478c8bd325f5e491b896f0a47c376af56dec00342fe988bd762d76
9a7b9f391ddbe87d136b1a154567eb12a23c801ec87899d9c48408104cbfb85b
9f747902aa3a7461bcf9ca12068da7ddd36600afa66ddf9c2ab1a8838c34e0ae
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
bc559fd89eab6aed4933acb8ae5a9c9585225d06ea84b9c9dff249ecae06d3c2
beb19ccd981b1b2219adf7a8b5c0108825dc1222b33e8fdadcaa7ef68b0d6a3c
c24babe0e6b4d0cd452b7dc0cf59186acb0fa6c5c634980ca3ffe74b562c74e7
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f20f1deea159d245f00bcc89df9ca7290a92465a044728c0f21f6ebf8e38cba6
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b