www.li.cmu.ac.th
Open in
urlscan Pro
202.28.244.64
Malicious Activity!
Public Scan
URL:
https://www.li.cmu.ac.th/ai/bt/41160/
Submission: On April 26 via automatic, source phishtank
Submission: On April 26 via automatic, source phishtank
Summary
This website contacted 11 IPs
in 7 countries
across 13 domains to perform 71 HTTP transactions.
The main IP is 202.28.244.64, located in
Thailand and
belongs to CMU-TH-AP Chiang Mai University, TH.
The main domain is www.li.cmu.ac.th.
TLS certificate: Issued by R3 on February 28th 2021. Valid for: 3 months.
This is the only time www.li.cmu.ac.th was scanned on urlscan.io!
TLS certificate: Issued by R3 on February 28th 2021. Valid for: 3 months.
This is the only time www.li.cmu.ac.th was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BT (Telecommunication)Domain & IP information
1
178.79.227.144
(United States)
ASN22822 (LLNW, US)
PTR: https-178-79-227-144.vie.llnw.net
ASN22822 (LLNW, US)
PTR: https-178-79-227-144.vie.llnw.net
| assets.bt.com |
7
68.142.70.29
(United States)
ASN22822 (LLNW, US)
PTR: https-68-142-70-29.any.llnw.net
ASN22822 (LLNW, US)
PTR: https-68-142-70-29.any.llnw.net
| img01.bt.co.uk |
7
54.171.219.200
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
7
2a02:26f0:7100:487::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
1
2600:9000:21f3:1400:9:273e:d940:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d36kespjlw4605.cloudfront.net |
1
52.50.19.208
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-19-208.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-19-208.eu-west-1.compute.amazonaws.com
| britishtelecom.demdex.net |
1
15.237.136.106
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
| smetrics.bt.com |
1
34.255.166.243
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-243.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-243.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
2
185.33.221.88
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| ib.adnxs.com |
3
52.17.151.21
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
| ads.avocet.io | |
| ads.avct.cloud |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 44 |
cmu.ac.th
www.li.cmu.ac.th |
418 KB |
| 8 |
demdex.net
1 redirects
dpm.demdex.net britishtelecom.demdex.net |
10 KB |
| 7 |
adobedtm.com
assets.adobedtm.com |
25 KB |
| 7 |
bt.co.uk
img01.bt.co.uk |
120 KB |
| 3 |
bt.com
assets.bt.com home.bt.com signin1.bt.com Failed smetrics.bt.com |
4 KB |
| 2 |
avct.cloud
2 redirects
ads.avct.cloud |
880 B |
| 2 |
adform.net
2 redirects
c1.adform.net |
962 B |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com |
2 KB |
| 1 |
avocet.io
1 redirects
ads.avocet.io |
194 B |
| 1 |
bing.com
1 redirects
c.bing.com |
391 B |
| 1 |
twitter.com
analytics.twitter.com |
574 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
| 1 |
cloudfront.net
d36kespjlw4605.cloudfront.net |
408 B |
| 71 | 13 |
| Domain | Requested by | |
|---|---|---|
| 44 | www.li.cmu.ac.th |
www.li.cmu.ac.th
|
| 7 | assets.adobedtm.com |
www.li.cmu.ac.th
|
| 7 | dpm.demdex.net |
1 redirects
www.li.cmu.ac.th
|
| 7 | img01.bt.co.uk |
www.li.cmu.ac.th
img01.bt.co.uk |
| 2 | ads.avct.cloud | 2 redirects |
| 2 | c1.adform.net | 2 redirects |
| 2 | ib.adnxs.com | 2 redirects |
| 1 | ads.avocet.io | 1 redirects |
| 1 | c.bing.com | 1 redirects |
| 1 | analytics.twitter.com | |
| 1 | cm.everesttech.net | 1 redirects |
| 1 | smetrics.bt.com |
assets.adobedtm.com
|
| 1 | britishtelecom.demdex.net |
www.li.cmu.ac.th
|
| 1 | d36kespjlw4605.cloudfront.net |
www.li.cmu.ac.th
|
| 1 | home.bt.com |
www.li.cmu.ac.th
|
| 1 | assets.bt.com |
www.li.cmu.ac.th
|
| 0 | signin1.bt.com Failed |
www.li.cmu.ac.th
|
| 71 | 17 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| asiantourismresearch.cmu.ac.th R3 |
2021-02-28 - 2021-05-29 |
3 months | crt.sh |
| www.bt.com GeoTrust EV RSA CA 2018 |
2020-09-30 - 2021-10-05 |
a year | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
| smetrics.bt.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-01 - 2022-03-04 |
a year | crt.sh |
| *.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.li.cmu.ac.th/ai/bt/41160/
Frame ID: 9F414990945F755B9C1495100C7C54AB
Requests: 66 HTTP requests in this frame
Frame:
https://britishtelecom.demdex.net/dest5.html?d_nsid=0
Frame ID: 610668561DA61347A3262C18E0D8394E
Requests: 6 HTTP requests in this frame
38 Outgoing links
These are links going to different origins than the main page.
URL: https://home.bt.com/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://home.bt.com/login/loginform?TARGET=$SM$https://my.bt.com/s/apps/appsmybt/
Title: Log in
Title: Log in
Search URL Search Domain Scan URL
URL: https://my.bt.com/s/apps/appsselfserve/index.html#/forgotlogindetails?srfd=y&view=default&TARGET=%24SM%24https%3A%2F%2Fmy%2Ebt%2Ecom%2Fs%2Fapps%2Fappsmybt%2F&view=default&TARGET=
Title: Forgotten your login details?
Title: Forgotten your login details?
Search URL Search Domain Scan URL
URL: https://home.bt.com/login/loginform?TARGET=$SM$https://my.bt.com/s/apps/appsmybt/#cxtHelp_portal-logininbox
Title: )
Title: )
Search URL Search Domain Scan URL
URL: https://www.bt.com/btmail/securitylogin
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: http://www.bt.com/help
Title: Help
Title: Help
Search URL Search Domain Scan URL
URL: https://www.bt.com/mybt/signup
Title: Create one
Title: Create one
Search URL Search Domain Scan URL
URL: https://my.bt.com/ordertracking
Title: Track your order >
Title: Track your order >
Search URL Search Domain Scan URL
URL: https://my.bt.com/help/home/faults/
Title: Report or track a fault >
Title: Report or track a fault >
Search URL Search Domain Scan URL
URL: https://my.bt.com/s/apps/appsbills/index.html#/logoutmakepaymentindex
Title: Pay a bill >
Title: Pay a bill >
Search URL Search Domain Scan URL
URL: http://my.bt.com/help/home/
Title: Get help or contact us >
Title: Get help or contact us >
Search URL Search Domain Scan URL
URL: http://my.bt.com/mybtapp/download/
Title: Download the My BT App >
Title: Download the My BT App >
Search URL Search Domain Scan URL
URL: https://signin1.bt.com/login/emailloginform
Title: Go to our email log in page >
Title: Go to our email log in page >
Search URL Search Domain Scan URL
URL: https://business.bt.com/
Title: For business and public sector
Title: For business and public sector
Search URL Search Domain Scan URL
URL: https://www.globalservices.bt.com/uk/en/home
Title: For global business
Title: For global business
Search URL Search Domain Scan URL
URL: https://www.bt.com/about
Title: BT Group
Title: BT Group
Search URL Search Domain Scan URL
URL: https://home.bt.com/login/loginform?TARGET=$SM$https://my.bt.com/s/apps/appsmybt/#bt-footer-footer-top-more
Title: More Sites
Title: More Sites
Search URL Search Domain Scan URL
URL: https://www.btwifi.co.uk/
Title: Wifi
Title: Wifi
Search URL Search Domain Scan URL
URL: https://www.btireland.com/
Title: BT Ireland
Title: BT Ireland
Search URL Search Domain Scan URL
URL: https://www.shop.bt.com/
Title: BT Shop
Title: BT Shop
Search URL Search Domain Scan URL
URL: https://www.businessdirect.bt.com/
Title: Business Direct
Title: Business Direct
Search URL Search Domain Scan URL
URL: https://www.openreach.co.uk/
Title: Openreach
Title: Openreach
Search URL Search Domain Scan URL
URL: https://www.thephonebook.bt.com/
Title: The Phone Book
Title: The Phone Book
Search URL Search Domain Scan URL
URL: https://www.btwholesale.com/
Title: BT Wholesale
Title: BT Wholesale
Search URL Search Domain Scan URL
URL: https://www.redcare.bt.com/
Title: BT Redcare
Title: BT Redcare
Search URL Search Domain Scan URL
URL: https://home.bt.com/pages/static/i/pansegment/contact_us/contactus.html
Title: Contact BT
Title: Contact BT
Search URL Search Domain Scan URL
URL: https://www.bt.com/careers
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://home.bt.com/pages/static/i/pansegment/sitemap/sitemaphome.html
Title: Sitemap
Title: Sitemap
Search URL Search Domain Scan URL
URL: https://www.bt.com/privacy-policy/
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.bt.com/consumer/cookie/about-cookies.html
Title: Cookies
Title: Cookies
Search URL Search Domain Scan URL
URL: https://www.bt.com/products/static/terms/terms-of-use.html
Title: Terms of use
Title: Terms of use
Search URL Search Domain Scan URL
URL: https://www.bt.com/about/bt/policy-and-regulation/our-governance-and-strategy/codes-of-practice
Title: Codes of practice
Title: Codes of practice
Search URL Search Domain Scan URL
URL: https://www.bt.com/broadband/USO
Title: Broadband Universal Service
Title: Broadband Universal Service
Search URL Search Domain Scan URL
URL: https://www.bt.com/help/complaints
Title: Make a complaint
Title: Make a complaint
Search URL Search Domain Scan URL
URL: https://www.bt.com/terms
Title: T&Cs
Title: T&Cs
Search URL Search Domain Scan URL
URL: https://www.bt.com/about/digital-impact-and-sustainability/championing-human-rights/fighting-modern-slavery
Title: Modern Slavery Statement
Title: Modern Slavery Statement
Search URL Search Domain Scan URL
URL: https://www.bt.com/help/including-you/
Title: BT Including You - helping you communicate
Title: BT Including You - helping you communicate
Search URL Search Domain Scan URL
URL: https://www.bt.com/about/accessibility
Title: Accessibility
Title: Accessibility
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 52- https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1619433231249 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AA54673527831890A490D45%40AdobeOrg&d_nsid=0&ts=1619433231249
- https://cm.everesttech.net/cm/dd?d_uuid=24096593286947340060220910998103772226 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIaXDwAAALXBjCKu
- https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
- https://dpm.demdex.net/ibs:dpid=358&dpuuid=8524486552452756658
- https://c.bing.com/c.gif?uid=24096593286947340060220910998103772226&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=395F1B33E7BE678D2ADB0B16E6D56635
- https://c1.adform.net/serving/cookie/match?party=1007&cid=24096593286947340060220910998103772226&noredirect=v2 HTTP 302
- https://c1.adform.net/serving/cookie/match?CC=1&party=1007&cid=24096593286947340060220910998103772226&noredirect=v2 HTTP 302
- https://dpm.demdex.net/ibs:dpid=1586&dpuuid=7007111710650488891
- https://ads.avocet.io/getuid?url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 301
- https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 302
- https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D183896%26dpuuid%3D%7B%7BUUID%7D%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=183896&dpuuid=73f62f04-f309-425a-8e02-ffac8cdcc84c
71 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.li.cmu.ac.th/ai/bt/41160/ |
63 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s44351730928965
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
117 B 343 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
override.css
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-datalayer.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
710 B 735 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-reset.css
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
65 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.css
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
181 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.css
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
125 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bts-common.css
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
88 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aref.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
460 B 641 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
launch-ENfdadf1bb09d848de85923e05be32e7d1.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
494 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr_jquery_cookies.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
107 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dantegh.api-1.1.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
47 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sportnav.api.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
62 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-index.css
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
76 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AppMeasurement.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
33 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AppMeasurement_Module_ActivityMap.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AppMeasurement_Module_AudienceManagement.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
responsive-footer.css
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RC40cca4ea109f4450beaf5b24603569c0-source.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
350 B 535 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RC3da945be776b4d63ae18c8f45b725eef-source.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
1 KB 920 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RC488e232c9d0543d58b2215a05c11ca7b-source.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
438 B 592 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RCabd3150ca9f241c7bbac2e3e4e90fe9a-source.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
623 B 656 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RC30b5b9cabd95438180b8f32c166f7d3e-source.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RC2328cb86bf9848a9a82ee9b121e3e8ae-source.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RC8ce59ee2ede642d59cbdce6198cd080b-source.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.cookie.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
819 B 734 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rebrand-bt-logo-login-page-136440342141502601-200609022505.png
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ArcotAdapterIntegration.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dantegf.api-1.0.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-footer2018.svg
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
responsive-footer.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
970 B 851 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
core.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.9.2.custom.min.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
171 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bt.cookies.js
www.li.cmu.ac.th/ai/bt/41160/index_files/ |
0 261 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bttv_rg-webfont.woff
www.li.cmu.ac.th/ai/bt/41160/index_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
override.css
assets.bt.com/v1/btcomd/assets/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
42 KB 42 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logintextboxbg.png
www.li.cmu.ac.th/ai/bt/41160/images/ |
436 B 436 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icons-sprite-8bit.png
www.li.cmu.ac.th/ai/bt/41160/images/ |
439 B 439 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LoginButtonBg.png
www.li.cmu.ac.th/ai/bt/41160/images/ |
435 B 435 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-back.png
www.li.cmu.ac.th/ai/bt/41160/images/ |
432 B 432 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bttv_rg-webfont.ttf
www.li.cmu.ac.th/ai/bt/41160/index_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajaxapic
home.bt.com/ |
4 KB 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
responsive-footer.css
img01.bt.co.uk/s/assets/290321/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BTFont_Rg.woff
www.li.cmu.ac.th/ai/bt/41160/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bttvicons.woff
www.li.cmu.ac.th/ai/bt/41160/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
get2faStatus
signin1.bt.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BTFont_Rg.woff
img01.bt.co.uk/s/assets/290321/fonts/bt/ |
58 KB 58 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bttvicons.woff
img01.bt.co.uk/s/assets/290321/fonts/bt/ |
8 KB 8 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
responsive-footer.min.js
img01.bt.co.uk/s/assets/290321/js/ |
970 B 863 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-footer2018.svg
img01.bt.co.uk/s/assets/290321/images/logo/ |
1 KB 953 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bttvicons.woff2
www.li.cmu.ac.th/ai/bt/41160/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ip.php
d36kespjlw4605.cloudfront.net/ |
45 B 408 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC40cca4ea109f4450beaf5b24603569c0-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/829d3720a85f/ |
350 B 483 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC3da945be776b4d63ae18c8f45b725eef-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/829d3720a85f/ |
1 KB 869 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC488e232c9d0543d58b2215a05c11ca7b-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/829d3720a85f/ |
438 B 541 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.9.2.custom.min.js
img01.bt.co.uk/s/assets/290321/js/ |
171 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bt.cookies.js
img01.bt.co.uk/s/assets/290321/globalheader/ |
0 259 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCabd3150ca9f241c7bbac2e3e4e90fe9a-source.min.js
assets.adobedtm.com/468fd5a0b220/5e2a7b1f96d2/829d3720a85f/ |
623 B 605 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
britishtelecom.demdex.net/ Frame 6106 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s75603378414194
smetrics.bt.com/b/ss/btcomdev/10/JS-2.22.0-LBRU/ |
117 B 507 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=YIaXDwAAALXBjCKu
dpm.demdex.net/ Redirect Chain
|
42 B 975 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=358&dpuuid=8524486552452756658
dpm.demdex.net/ Frame 6106 Redirect Chain
|
42 B 975 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ Frame 6106 |
43 B 574 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=1957&dpuuid=395F1B33E7BE678D2ADB0B16E6D56635
dpm.demdex.net/ Frame 6106 Redirect Chain
|
42 B 975 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=1586&dpuuid=7007111710650488891
dpm.demdex.net/ Frame 6106 Redirect Chain
|
42 B 975 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=183896&dpuuid=73f62f04-f309-425a-8e02-ffac8cdcc84c
dpm.demdex.net/ Frame 6106 Redirect Chain
|
42 B 981 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- signin1.bt.com
- URL
- https://signin1.bt.com/get2faStatus?_=1619433230042
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BT (Telecommunication)114 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| analyticsPageName object| tar string| formTarget object| digitalData object| _exhaust_init_queue function| emitToExhaust object| cookieutilities object| btCookiesAPI object| Modernizr object| html5 function| yepnope function| $ function| jQuery function| getInternetExplorerVersion boolean| jQueryScriptOutputted undefined| searchStatusVal object| DanteGH object| Encoder object| user function| jqdgh object| SportNav string| static_root object| omni object| funccmd boolean| sportpage object| ads function| mobileSearchBTS string| loginpagetype function| reportErrors function| expireCookie function| getUserStatus function| logDetails string| customView undefined| e undefined| loggedinCustomer undefined| xloginExists undefined| elbcExists object| authFailureReasonCookie undefined| usrName undefined| owmhash undefined| mxhash undefined| xloginArr undefined| target undefined| targetParts undefined| redirectUrl undefined| samltkns object| settings string| pageType function| hexDecode function| restorePlusSymbols function| ArcotExtractUserMsg function| hexEncode string| frgtdetail string| bghexcolor string| ua function| getAndriodBanner object| DanteGF object| FooterEncoder object| portalcookie function| jqdgf object| footerconfig undefined| loadgf function| displayerrors function| setUsernameFromCookie function| checkPwdEnc number| submitcount function| validEmail function| setRememberMeCookiees object| bt object| lbi function| downloadJSAtOnload string| rebrandLogo string| oldlogo string| newlogo function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL function| DP_jQuery_1619433230985 function| Syringe function| SyringeEvent function| SyringeEvent_Click function| SyringeInjection function| SyringeInjection_Pixel function| SyringeInjection_Script object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| h object| _exhaust object| expiry object| flags object| s object| s_i_btcomdev function| DP_jQuery_16194332315012 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .cmu.ac.th/ | Name: AMCV_0AA54673527831890A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18744%7CvVersion%7C5.2.0 |
|
| www.li.cmu.ac.th/ai/bt/41160 | Name: btVisitedCookie Value: 0 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.avct.cloud
ads.avocet.io
analytics.twitter.com
assets.adobedtm.com
assets.bt.com
britishtelecom.demdex.net
c.bing.com
c1.adform.net
cm.everesttech.net
d36kespjlw4605.cloudfront.net
dpm.demdex.net
home.bt.com
ib.adnxs.com
img01.bt.co.uk
signin1.bt.com
smetrics.bt.com
www.li.cmu.ac.th
signin1.bt.com
104.244.42.67
15.237.136.106
178.79.227.144
185.33.221.88
202.28.244.64
2600:9000:21f3:1400:9:273e:d940:21
2620:1ec:c11::200
2a02:26f0:7100:487::1e80
34.255.166.243
37.157.2.239
52.17.151.21
52.50.19.208
54.171.219.200
68.142.68.29
68.142.70.29
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
07e9d4d6a617d90407a0041a950912ba8f85bcb61be41deec67fc95aa16062a1
111c3173308482ea38c5bcc40291906cc49b8eea0674d3de119e41280154d0f7
1377d1117ed253cbd2efb57e5d0567fb4bffdfa48fd258d241670b516e174d00
20a63cc80467e7b93edc218631069dd081de6f53cb99fd07c156902790c72847
32f9b445cdf66b5aa8fc260f589ec18984fbe2042fd319c5693c8054c6378de8
330c54b74b453f6d086933cce146ead03e561fc20321119e5551657f0a1c433f
3a02e3952b63d0981e3020955b24d6182dd15f0ea8d6f07b41279b517a206b90
3ab188d6cbe03d181c10ede40d6292456677fd5fa6be9edd2b2f86649a223732
3b08992554ee957c4fa7e6f2a2a743bf222c14e3b641dbd36cb7a8998741a55d
54903d74341bc4c5bb9d675d29cff16a9c2fd3ad1922e1d2036aec429cd50bc7
5fec331e4a79b49d22b0c9dc7ea1db7f7b9daac7b405a1465b764d563a24b0c0
670d9073ccec70934db12cf5580205e55d8e2613e7b51a632736abb72bf8eb42
6ac0f2c3ce15715fcbaef156b29c2dd94b25e47b8326c261c56006a36efcf67b
76fb7bf7179f6f96422d148f0fdc3e29254a4c3d0695614925cb931724c750ef
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
85835249305c964609de1193dfa6d4347e161870089570526f652a8d20dfded8
8b0fcbd21754d34f959ffaf576fd82bb7c11a85e36fa655e99be101004dc6b87
91ab87367190ffb80c9876c22dd7c5a67391c691243d4f2eca97952071a83f71
97427311cddbc960bb8d06f89478b386a4a1fb943dadb78355100693ebf5d7fb
a2c87d56ff0851d36058581a99f3f868fb72d01a3f459b98f1ad280dad0c8676
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b76606c16a7de0ba7f42ead2840555f84ab70f6009540898d1f92bbf9eaf434e
b8baa616a431a87ec6b918db40a6fd5f6da5dd465e473d5768f61487d36d128f
c0c87e61f05fe6422b1a513a249339f617475fe8cfd53b8e85f3b151a0b073bf
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
c5f82b0a249afe838c24e127133a8706da913f49cd63a6e58629b7aabda6c3d6
c8f47c528c93a4dc7104388ee8d7e5fd2e67efd2cc641116825f4d539198cd2a
cd19e4e81e80e217241f92c8a68afd0cefc63f98d48a914e8ee1a188488b02d8
ce95c932e5d841dbb46a0fb91055daca768745316fe3178b45d31d9a96a766da
d122acf9d6cf790c24e52e953357147c059db920989b50fb8f0a1a68cc1893a7
d1a596f14425ca6825185ffefef827af5e7958ef109eeb0bcc66dafbcd19131f
d44cc1001112df7de126f3d6944158e21caaeee4b50831468b0eb1ca276f4dc2
d4a986c22ae001e743c50f59d647eabba306e35899b7aec56992e37833bd7015
d5dcd9d2f531437e35bf2f10ef3dfe14e2b1943017f533079738be63430077d5
d68009559c2405a20697e16a1640b61484d438cb65e453cd65222f18203326a5
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f7a58fe67b04d01e049ca1cd6604b939cd660eb2df6a2d7fa3fca4c01676b0
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e8d9422e2bd896778fcdc3421900bc4e83f90ddd812c4ad464d9f18754002b0a
ef13b1beb926423fa1ebfafe45c5cba44fc2194e237b00e4f9509696fdd1a202
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4
f7ef527233b278087e176c1c88256e2111b794567652d4583f92bccf43ae3387
fad8a9eeaf61fe81f492b7b534442dfcb0ed21e690b797e85e20a64255dfe0de
fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e