can-radio-tele-com-ref.com
Open in
urlscan Pro
185.178.208.184
Malicious Activity!
Public Scan
Submission: On September 08 via automatic, source openphish
Summary
This is the only time can-radio-tele-com-ref.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: National Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 39 | 185.178.208.184 185.178.208.184 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
1 1 | 185.129.100.99 185.129.100.99 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
1 | 104.108.44.89 104.108.44.89 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
38 | 2 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
can-radio-tele-com-ref.com |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
ddgu.ddos-guard.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-44-89.deploy.static.akamaitechnologies.com
bvi.bnc.ca |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
can-radio-tele-com-ref.com
2 redirects
can-radio-tele-com-ref.com |
824 KB |
1 |
bnc.ca
bvi.bnc.ca |
506 B |
1 |
ddos-guard.net
1 redirects
ddgu.ddos-guard.net |
783 B |
38 | 3 |
Domain | Requested by | |
---|---|---|
39 | can-radio-tele-com-ref.com |
2 redirects
can-radio-tele-com-ref.com
|
1 | bvi.bnc.ca |
can-radio-tele-com-ref.com
|
1 | ddgu.ddos-guard.net | 1 redirects |
38 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bnc.ca |
www.nbc.ca |
bvi.bnc.ca |
www.cba.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bvi.bnc.ca Entrust Certification Authority - L1M |
2018-01-04 - 2020-01-04 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://can-radio-tele-com-ref.com/banks/National/?&sessionid=5e639134cbdf89db4243214a433b2426&securessl=true
Frame ID: BA8A9F3F6C1F1DBAA3F2A4582719D623
Requests: 38 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: E-Mail
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: www.nbc.ca
Search URL Search Domain Scan URL
Title: ABCs of Security
Search URL Search Domain Scan URL
Title: Confidentiality Policy
Search URL Search Domain Scan URL
Title: cba.ca
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- http://can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/top_end.gif HTTP 302
- http://ddgu.ddos-guard.net/ddgu/?h=aHR0cDovL2Nhbi1yYWRpby10ZWxlLWNvbS1yZWYuY29t&u=L2JhbmtzL05hdGlvbmFsL05hdGlvbmFsJTIwQmFuayUyME9ubGluZV9maWxlcy90b3BfZW5kLmdpZg== HTTP 301
- http://can-radio-tele-com-ref.com/ddgu_JQ9Xi8A/?u=L2JhbmtzL05hdGlvbmFsL05hdGlvbmFsJTIwQmFuayUyME9ubGluZV9maWxlcy90b3BfZW5kLmdpZg==&i=OGMyN2E4ZjhhZDE1NTRkMWJkN2QxNWYwMGM1NGJkYmUuNDI3ODk5NTI1Mw&s=MroMwzXEj8Arsp7Nb+jLe6YYByk HTTP 301
- http://can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/top_end.gif
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
can-radio-tele-com-ref.com/banks/National/ |
97 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AC_OETags.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
8 KB 8 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pm_fp.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
25 KB 25 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pm_fso_set.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bvi.css
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
46 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
selfRegistration.css
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IsPaswValid.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
1 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ValidIdnat.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
7 KB 7 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IsEmailValid.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
4 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Trim.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
591 B 826 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
promotion.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
displayChequier.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
196 B 430 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
2 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_002.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
276 KB 277 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
427 KB 427 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
4 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
placeholder.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
766 B 1001 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capsWarning.download
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
984 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
top_logo.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
title_adhesion.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
786 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tel_number_v2_bnc.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_end.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ Redirect Chain
|
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quit.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
noline.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
529 B 797 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quit_sub.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_close.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
110 B 380 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ligne_sub_rose.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
49 B 315 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
triangle2.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
63 B 321 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Spacer.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
43 B 309 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
printDefault.css
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
204 B 429 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
promotion.gif
bvi.bnc.ca/images/bnc/bvi/track/img/ |
43 B 506 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quit-over.gif
can-radio-tele-com-ref.com/images/bnc/bvi/common/img/en/ |
332 B 332 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quit.gif
can-radio-tele-com-ref.com/images/bnc/bvi/common/img/en/ |
327 B 327 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_cadre_right.gif
can-radio-tele-com-ref.com/images/bnc/bvi/admin/selfregistration/img/ |
350 B 350 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_cadre_center.gif
can-radio-tele-com-ref.com/images/bnc/bvi/admin/selfregistration/img/ |
351 B 351 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_cadre_left.gif
can-radio-tele-com-ref.com/images/bnc/bvi/admin/selfregistration/img/ |
349 B 349 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_back.gif
can-radio-tele-com-ref.com/banks/National/National%20Bank%20Online_files/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: National Bank (Banking)151 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| isIE boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| fso_deleteCookie function| fso_getCookie number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| hasReqestedVersion string| pmfsoFlash string| pmfsoCOOKIE_NAME object| pmfso undefined| d undefined| out number| versionStr function| trimAll function| Pwd_Verif function| Pwd2_Verif function| validateNumeric function| Eml_Verif function| EmlValid_Verif function| CClt_Verif function| MClt_Verif function| CC_MClt_Verif function| Val_Transit function| Val_Compte function| Val_Compte_Placement function| isEmailLengthValid function| isSingleEmailValid function| isEmailValid function| alertEmailError function| isEmailValidRegex function| isEmailValid2 function| noCTRL function| trimInput function| trim function| promo function| sendPictures function| decompile function| compile function| displayNocompteSur function| open_comment function| close_comment function| getCookie function| deleteCookie function| setCookie function| $ function| jQuery function| getResolution function| getJava number| accountType boolean| initRadioButton function| initAccounTypeRadioChoice function| displayFundStatement function| checkAndChange function| openConvention function| openPopupWindow function| openPopupWindowNoResizeNoOptions function| openEngagementPolitiqueConf function| openAvantages function| openFooterConvention function| openEStatementConvention function| displayJeNaiPasDeCarte function| grayOut function| load_page function| displayNocompteSurCheque function| displayNocompteSurReleve function| hideJeNaiPasDeCarte function| displayChampMastercard function| displayChampClientCard function| pageSwitchCC function| pageSwitchMC function| pageSwitchChgCC function| pageSwitchChgCM string| errMsgExpirDate string| msg13 string| msg14 string| errMsg9 string| errMsg10 string| errMsg311 string| errMsgJ200 string| errMsgJ201 string| errMsg8 string| errMsg11 string| errMsg12 string| errMsg25 string| errMsg31 string| resPfMsgEmail string| resPfMsgFrmEmail string| errMsg312 string| errMsg313 string| msgJ269 string| errMsg309 string| errMsg310 string| errMsg15 string| errMsg16 string| errMsg_J13 string| errMsg_J51 string| errMsg_J56 string| errMsg_J67 string| errMsg_J431 string| errMsg_J167 string| errMsg_J14 string| errMsg_J68 string| errMsg_J57 string| errMsg_J69 string| errMsg_J20 function| setCardClientNumber function| submitPage function| cancelButton function| returnFirstPage function| removeTiret function| removeSpace function| sansTiret function| concatAccountNb function| Empty function| VerifierChampsObligatoire_Vide function| ValidateAccountAndTransit function| setUserConventionValue function| setEStatementAgreementValue function| setNumCarteCookie function| testcookie function| setPassFocus function| showTopBarSecurityLink function| showTranquilliteEspritLink object| btn_quit_on object| btn_quit_off object| jQuery1110051237051114801921 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
can-radio-tele-com-ref.com/ | Name: __ddg_ Value: 97298 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bvi.bnc.ca
can-radio-tele-com-ref.com
ddgu.ddos-guard.net
104.108.44.89
185.129.100.99
185.178.208.184
07c975c2e3d9fba198721ae6442b70a8da14061fb8a11a93f8e1603fc773437d
0a6ac205057400dc400e3fb13aba0126244e0a8abd2049c430a2fa0aebc1d247
1c1869416680c583c536f19c683c4c3246bde9edf3307d6672b57b0dee146cf8
2371cd989d3a70579518980ad64e066fef11733eb1a61d17fa0f8909c45305ca
2b5e188bdc3f927a0920b98d5c3bf7cb35a8d860412f12ebfa109721e2cdea43
2f75186ed75fe98d623ea5aac4889e0c6f2d80129cb03cc2a69b83e192973969
3193808872d57ddb1a8a7d18c99ce4d460fca7d686037325cb647a45aa6725dc
37b2556164c37e4c5bec4459396bb5fb1406ca1fac24e72395f61fa661763c83
4a6d9996f7bb935927a56b046ad11f110d4296d025f52a0df43604017f8972e1
4d7d44befcdbfab2f7b631b5690c3d495522469ef65fb5337107e86856d5f804
4f61d679769aaf44acecea5ac70570a9f1716390bece14e1507b9e9623ebead8
5406f5aabaec031a704a21259d7caa5f970f8b48053f516cd70c4a8fe8cfcee0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e0f533f81e770eb0a79ffbbd9e680751a69e8a47c3c6e6d35fd3c5afa5b534
5d78ea0570e88f8005124f02bf13fc60e75946232af2eb47ab26e489870f88c7
63b78589ca0305eca8f18cdf0e73f17cebfc346b2f0d7cd6824e90cee70a66d9
6bb7a85906c6162090e5eb3854cec06228e248da42f2ccd449ce424749004e8d
6e9c6a87c56a3b171f46be1b3aa6aab7a37e731aa4ac642f989d3db9e38c2c83
6f764c0455be53583bb36cba432db6338c935c47e55832e69169b95996d409d4
7586f4a4da7cbe3ccf03c1c910f20b47ad50ea58d94acb20af0feb99b6ddc77b
8dcd35c016f363689e46bcb1cc7c2d66f00062298f62b6863de78b443c4d9872
8dda0ea73e71cc41a465b9c959c17debc3a0ea4abdb73bea0e88fb8a9eaf849e
901fbf9e0200d68f9a58a013cef67180b8f1408081df21c5bf3194c1c3ef6e9b
ac43c6e0171399ecd3f4fe1e4727155b0d80157e77b840fa50c04fc1c4ed9525
b4c483512d0aa35cb0d8112e9aba61d9e8641eee213261c6070afa89f12ba98b
b60b156fee64a552b423631555ff0766419e4fc577ef4712a536adc39dceab1b
baed3f75f5dda0181ee505de23fecea3bf0958a3bde0a64b96bf9774df606fcf
c8326949d8ac615271f3f6e35d050a410d0335ef78187d1c65fd5cdd8bda1661
ce0343e1d6f489768eeefe022c12181c6a0822e756239851310acf076d23d10c
d2b383756a792b975fd95441549ce7fe6cd57021362dd9f8602c1c343ac42451
d7acd236d7c06dedf0a3893d747c584ab912dc878e6e9eb35fdd9a9137ae4341
d91c786f0a7627afcb4841f169cda0c9f50e29e13cd4d51f351f77d88e0f3990
da2c4560bdbf1fbaa9cb40fa60ed9fe3310065a02d057afe741bf1d3056a099f
dabe5e857df802918ed60d2ac9d0bff485b31651a37738ca6309e6b03241554c
e23bf8f6f4c2a6a0ac2f789ddbde128dc685384d8e8d6a745f160c4e5e214676
ea4765c71a2a86524553667fa58c51413229612fedcfb84f683ee6dc840806e2
faf906e891cbd423ad6478e5a60ad630336251df1abeb95dc86ebd2e245bce1e