![](/screenshots/18bf053d-c8a0-4a62-899b-061f45170a00.png)
hinetsecuredataservicesupportconnect.gq
Open in
urlscan Pro
195.20.48.3
Malicious Activity!
Public Scan
Submission: On October 13 via api from GB — Scanned from NL
Summary
This is the only time hinetsecuredataservicesupportconnect.gq was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chunghwa Telecom (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 195.20.48.3 195.20.48.3 | 31624 (VFMNL-AS ...) (VFMNL-AS Amsterdam Location BGP Setup) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::200e | 15169 (GOOGLE) (GOOGLE) | |
26 | 148.163.124.9 148.163.124.9 | 53755 (IOFLOOD) (IOFLOOD) | |
2 | 61.220.15.61 61.220.15.61 | 3462 (HINET Dat...) (HINET Data Communication Business Group) | |
4 | 2a00:1450:400... 2a00:1450:4001:827::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 203.75.213.62 203.75.213.62 | 3462 (HINET Dat...) (HINET Data Communication Business Group) | |
38 | 7 |
ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)
hinetsecuredataservicesupportconnect.gq |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-220-15-61.hinet-ip.hinet.net
webmail.hinet.net |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
sealcocvp.info
sealcocvp.info |
116 KB |
4 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 |
321 KB |
4 |
hinet.net
webmail.hinet.net static.cht.hinet.net |
16 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
17 KB |
1 |
hinetsecuredataservicesupportconnect.gq
hinetsecuredataservicesupportconnect.gq |
1 KB |
38 | 5 |
Domain | Requested by | |
---|---|---|
26 | sealcocvp.info |
hinetsecuredataservicesupportconnect.gq
sealcocvp.info |
4 | securepubads.g.doubleclick.net |
sealcocvp.info
securepubads.g.doubleclick.net static.cht.hinet.net |
2 | static.cht.hinet.net |
sealcocvp.info
static.cht.hinet.net |
2 | webmail.hinet.net |
sealcocvp.info
|
2 | www.google-analytics.com |
hinetsecuredataservicesupportconnect.gq
|
1 | hinetsecuredataservicesupportconnect.gq | |
38 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sealcocvp.info R3 |
2023-09-26 - 2023-12-25 |
3 months | crt.sh |
*.webmail.hinet.net |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
*.cht.hinet.net |
2023-02-15 - 2024-02-15 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
http://hinetsecuredataservicesupportconnect.gq/
Frame ID: DC087EAF35EC285F12FAC93ACD1A7A86
Requests: 3 HTTP requests in this frame
Frame:
https://sealcocvp.info/8iug/poigufyct/d56er76/index.html
Frame ID: A893812D97B3D058438757BE9EC43ABF
Requests: 24 HTTP requests in this frame
Frame:
https://sealcocvp.info/8iug/poigufyct/d56er76/top.html
Frame ID: D94B69C4716E7032AFC533FE19C96FA6
Requests: 5 HTTP requests in this frame
Frame:
https://webmail.hinet.net/notify.html
Frame ID: 6D9F55CEC0A4B84B538653DFCB3F8FA9
Requests: 1 HTTP requests in this frame
Frame:
https://sealcocvp.info/8iug/poigufyct/d56er76/bottom.html
Frame ID: 58F04CB670A3D667D7CD9A32781BF95D
Requests: 3 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 90DDB66E1E8231925107E509128E7F0C
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/18bf053d-c8a0-4a62-899b-061f45170a00.png)
Page Title
hinetsecuredataservicesupportconnect.gqDetected technologies
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
- http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1366615567&utmhn=hinetsecuredataservicesupportconnect.gq&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetsecuredataservicesupportconnect.gq&utmhid=1053771640&utmr=-&utmp=%2F&utmht=1697203586319&utmac=UA-23441223-3&utmcc=__utma%3D1.1434607871.1697203586.1697203586.1697203586.1%3B%2B__utmz%3D1.1697203586.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1740549896&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
- https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1366615567&utmhn=hinetsecuredataservicesupportconnect.gq&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=hinetsecuredataservicesupportconnect.gq&utmhid=1053771640&utmr=-&utmp=%2F&utmht=1697203586319&utmac=UA-23441223-3&utmcc=__utma%3D1.1434607871.1697203586.1697203586.1697203586.1%3B%2B__utmz%3D1.1697203586.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1740549896&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
hinetsecuredataservicesupportconnect.gq/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
sealcocvp.info/8iug/poigufyct/d56er76/ Frame A893 |
20 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
www.google-analytics.com/r/ Redirect Chain
|
35 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
sealcocvp.info/8iug/poigufyct/d56er76/css/ Frame A893 |
2 KB 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keyboardstyle.css
sealcocvp.info/8iug/poigufyct/d56er76/css/ Frame A893 |
3 KB 609 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
sealcocvp.info/8iug/poigufyct/d56er76/css/ Frame A893 |
3 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.10.3.custom.min.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
223 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-fieldselection.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vkeyboard.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
replace_ad.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
2 KB 483 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
replace_ad.2022.js
sealcocvp.info/8iug/poigufyct/d56er76/Scripts/ Frame A893 |
2 KB 365 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JavaScriptServlet.do
sealcocvp.info/ Frame A893 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
w_line.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame A893 |
52 B 69 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keyboard.png
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame A893 |
345 B 383 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maillogin_07-1.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame A893 |
535 B 573 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dot_arr2_t.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame A893 |
59 B 305 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
himail_logo.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame A893 |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close.jpg
webmail.hinet.net/images/ Frame A893 |
923 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
top.html
sealcocvp.info/8iug/poigufyct/d56er76/ Frame D94B |
2 KB 519 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notify.html
webmail.hinet.net/ Frame 6D9F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bottom.html
sealcocvp.info/8iug/poigufyct/d56er76/ Frame 58F0 |
1 KB 667 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A893 |
99 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chtnw.js
static.cht.hinet.net/sdk/ Frame A893 |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wm2k-style.css
sealcocvp.info/8iug/poigufyct/d56er76/css/ Frame D94B |
5 KB 978 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hinet-logo.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame D94B |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hinet-hd-t01.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame D94B |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hinet-hd-t02.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame D94B |
245 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wm2k-style.css
sealcocvp.info/8iug/poigufyct/d56er76/css/ Frame 58F0 |
5 KB 974 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hinet-logo-small.gif
sealcocvp.info/8iug/poigufyct/d56er76/images/ Frame 58F0 |
500 B 518 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ Frame A893 |
420 KB 132 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad
static.cht.hinet.net/api/v1/request/ Frame A893 |
728 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 90DD |
98 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
third
static.cht.hinet.net/api/v1/trace/ Frame A893 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ Frame 90DD |
420 KB 132 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.cht.hinet.net
- URL
- https://static.cht.hinet.net/api/v1/trace/third?event=impression&token=652945864173fd8b54e2b394&source=148
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chunghwa Telecom (Telecommunication)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| _gaq object| _gat object| gaGlobal6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hinetsecuredataservicesupportconnect.gq/ | Name: JSESSIONID Value: 473BCF71120483B0408655A772A62FDB |
|
hinetsecuredataservicesupportconnect.gq/ | Name: __utma Value: 1.1434607871.1697203586.1697203586.1697203586.1 |
|
hinetsecuredataservicesupportconnect.gq/ | Name: __utmc Value: 1 |
|
hinetsecuredataservicesupportconnect.gq/ | Name: __utmz Value: 1.1697203586.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
hinetsecuredataservicesupportconnect.gq/ | Name: __utmt Value: 1 |
|
hinetsecuredataservicesupportconnect.gq/ | Name: __utmb Value: 1.1.10.1697203586 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hinetsecuredataservicesupportconnect.gq
sealcocvp.info
securepubads.g.doubleclick.net
static.cht.hinet.net
webmail.hinet.net
www.google-analytics.com
static.cht.hinet.net
148.163.124.9
195.20.48.3
203.75.213.62
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
61.220.15.61
08c016f9519475930d00d9a63249ead7d8f574a7ff7543fd0357ed34f695f41a
10eecf80122ad437a3daa21d7f8deff99af7dd47964655b7e4ac0996362ee4cc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b02b554ad86dc3c9514d6d125dc1e46f36b60a3217ebc56533bb828445bbe1
156b810a7a41eaf929200786d5a6d124558079ff8e06f68cd6bab90bbb18e283
2428d33dea4ccd56c96be07f076c2944996a68882b2eea1433e6daae053e9748
2dc23f806c32257cb286b51ae41f75bdeeaaab6cee8682ab03a565d64af463ec
36c4bb08df2e7a6e3238fa19fcb8eb1f9ed9eaf02b46f467e6f59c02c2b22f43
5d68bde7abba329af7ef208e29b78143d956f3e0c0e88907ab934c61c9bc6510
60e5ac333b1ee5bfc1df9d9240d31b7be24882e50137e9b681d96999708427a0
6d28f50be3487f93b449458db38324b56287255c6635a2304da195e8bcf75b19
6dc3197a82366bc497c05c23975cf08666bcdbf4ae9aeab005c3f24037d349f3
775b1ab216005f574a2394fb317d725134e77567bea3c0d61915b5bab47f362f
78b268505e93b556a1f9956245b9bf3034ad3e247884254895f1ce8c77a3a84c
80358ff9be39687d4022346716126defa959bf259dc279e4fa79c5a9e5d6266b
82cc1448d53752d24bb4d5cf39374ef114daf14c7e11bcd0c765708da9a2326f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
98b2afd8a191a381139422276b8107e1b4248e207cc7c23ce90790c9515d5bcc
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
ac0ac943017702ca0934831adffa93cd3e0a21d253f607a0c4ddc570b679828e
afb1ef623fb7cc98d5848f53cb0affeb7822e26c8ff4fe979d1f2491bfffdcc3
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2f6b3681ac26770b3cf8bcca27905ed8bdc69ff64cfe130a4aa220a7e6ed783
bd6845710f8b65925fdb00a1e448f0f7f8ac194cffd391946eb4ee561787eac4
c1168fba44e6e1b2f6eb91daaebaa6700c55feb9acb8306a2634acb3231f0ec0
c1d0040c0948759305880d5fcc3990d4ea25e38bb131679b2927034beea27188
c5cd3ae960d492688c750ca358bc69b3872e599f7ad8f505258a2f5ec4f6ae82
c7615d473078bcc779a9829ef9439094a50683e13bb242affa91852adcb528d3
c77cc65ae84b8566912d38b5669fdfe431d40a9894a7171131fb65c80e72cbe8
d09a4f2a61f63ab0012dceac0ae76a0718363bbd1439eaea4dd37d13f1df02ce
db3d351ec3db69ac6c039d94ee05a2fecb641468759f2a6e45e00b2c1bcd8f9f
f181238f262b5cc5c4b78eb41510fb8102feac7dbcb6513b109ebe5d594c901d
feae5d62e73c1d89cb7506a4c2c47066e2e564b1c3927a06ec7e5a7c3b0d8fa9