tecnicoenlineablanca.com
Open in
urlscan Pro
96.127.183.34
Malicious Activity!
Public Scan
Submission: On July 21 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 6th 2020. Valid for: 3 months.
This is the only time tecnicoenlineablanca.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 96.127.183.34 96.127.183.34 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
9 | 45.60.13.52 45.60.13.52 | 19551 (INCAPSULA) (INCAPSULA) | |
1 | 185.67.45.137 185.67.45.137 | 201682 (LIQUID-WE...) (LIQUID-WEB-BV) | |
1 5 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9d | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE) | |
34 | 7 |
ASN32475 (SINGLEHOP-LLC, US)
PTR: garnet.dnsnetservice.com
tecnicoenlineablanca.com |
ASN19551 (INCAPSULA, US)
cdn.clareitysecurity.net | |
collector.clareity.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
tecnicoenlineablanca.com
tecnicoenlineablanca.com |
1 MB |
8 |
clareitysecurity.net
cdn.clareitysecurity.net |
1 MB |
5 |
google-analytics.com
1 redirects
www.google-analytics.com |
19 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
99 B |
1 |
novosco.com
www.novosco.com |
58 KB |
1 |
clareity.net
collector.clareity.net |
5 KB |
34 | 7 |
Domain | Requested by | |
---|---|---|
18 | tecnicoenlineablanca.com |
tecnicoenlineablanca.com
|
8 | cdn.clareitysecurity.net |
tecnicoenlineablanca.com
cdn.clareitysecurity.net |
5 | www.google-analytics.com |
1 redirects
cdn.clareitysecurity.net
tecnicoenlineablanca.com |
1 | fonts.googleapis.com |
tecnicoenlineablanca.com
|
1 | stats.g.doubleclick.net |
tecnicoenlineablanca.com
|
1 | www.novosco.com |
tecnicoenlineablanca.com
|
1 | collector.clareity.net |
tecnicoenlineablanca.com
|
34 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
tecnicoenlineablanca.com cPanel, Inc. Certification Authority |
2020-06-06 - 2020-09-04 |
3 months | crt.sh |
cdn.clareitysecurity.net DigiCert SHA2 High Assurance Server CA |
2020-03-31 - 2022-04-05 |
2 years | crt.sh |
*.clareity.net DigiCert SHA2 High Assurance Server CA |
2020-01-06 - 2022-01-10 |
2 years | crt.sh |
*.novosco.com Go Daddy Secure Certificate Authority - G2 |
2019-01-21 - 2021-02-15 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-06-30 - 2020-09-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-30 - 2020-09-22 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://tecnicoenlineablanca.com/Login/Login.htm
Frame ID: A74801A276ECF21D359C191553A9DE27
Requests: 17 HTTP requests in this frame
Frame:
https://tecnicoenlineablanca.com/idp/server.jsp
Frame ID: CEB599DC807DC451774675F7075E826B
Requests: 18 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: UA-39826640-43
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1519247552&t=pageview&_s=1&dl=https%3A%2F%2Ftecnicoenlineablanca.com%2FLogin%2FLogin.htm&ul=en-us&de=UTF-8&dt=SafeAccess%C2%AE%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=931637303&gjid=1690663955&cid=1111110235.1595360527&tid=UA-45101381-2&_gid=2023478433.1595360527&_r=1&z=1801631899 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1111110235.1595360527&jid=931637303&_gid=2023478433.1595360527&gjid=1690663955&_v=j83&z=1801631899
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login.htm
tecnicoenlineablanca.com/Login/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
cdn.clareitysecurity.net/css/ |
10 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cdn.clareitysecurity.net/js/ |
91 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginxkd-dd-2.9.min.js
cdn.clareitysecurity.net/js/ |
41 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1583937068116
collector.clareity.net/kdl/ |
18 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googletrack.js
cdn.clareitysecurity.net/sys/alberta/ |
651 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Office-365.jpg
www.novosco.com/images/easyblog_articles/37/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
server.jsp
tecnicoenlineablanca.com/idp/ Frame CEB5 |
14 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paragon-login-background.png
cdn.clareitysecurity.net/sys/alberta/ |
860 KB 862 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paragon-login-bg.png
cdn.clareitysecurity.net/sys/alberta/ |
395 KB 396 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.js
cdn.clareitysecurity.net/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.css
cdn.clareitysecurity.net/css/ |
30 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
tecnicoenlineablanca.com/wp-includes/js/ Frame CEB5 |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
tecnicoenlineablanca.com/wp-includes/css/dist/block-library/ Frame CEB5 |
52 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame CEB5 |
26 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
tecnicoenlineablanca.com/wp-content/themes/Divi/ Frame CEB5 |
775 KB 775 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
joinchat.min.css
tecnicoenlineablanca.com/wp-content/plugins/creame-whatsapp-me/public/css/ Frame CEB5 |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dashicons.min.css
tecnicoenlineablanca.com/wp-includes/css/ Frame CEB5 |
46 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
tecnicoenlineablanca.com/wp-includes/js/jquery/ Frame CEB5 |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
tecnicoenlineablanca.com/wp-includes/js/jquery/ Frame CEB5 |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
es6-promise.auto.min.js
tecnicoenlineablanca.com/wp-content/themes/Divi/core/admin/js/ Frame CEB5 |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha.js
tecnicoenlineablanca.com/wp-content/themes/Divi/core/admin/js/ Frame CEB5 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
et-divi-customizer-global-15939923945317.min.css
tecnicoenlineablanca.com/wp-content/et-cache/global/ Frame CEB5 |
726 B 930 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-home.png
tecnicoenlineablanca.com/wp-content/uploads/2020/06/ Frame CEB5 |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.unified.js
tecnicoenlineablanca.com/wp-content/themes/Divi/js/ Frame CEB5 |
395 KB 395 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
joinchat.min.js
tecnicoenlineablanca.com/wp-content/plugins/creame-whatsapp-me/public/js/ Frame CEB5 |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
tecnicoenlineablanca.com/wp-content/themes/Divi/core/admin/js/ Frame CEB5 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
tecnicoenlineablanca.com/wp-includes/js/ Frame CEB5 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-home.png
tecnicoenlineablanca.com/wp-content/uploads/2020/06/ Frame CEB5 |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)153 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery string| url boolean| isOnQA boolean| alertMe undefined| debugit boolean| ie8 function| isIE string| requiredKd string| idpurl string| cdnUrl string| jQueryUiUrl string| jQueryUiCssUrl string| ie8CssUrl string| inputs string| pleasewait string| loginTypeVal string| loginTypeMsg string| failureMsgId string| failMsg string| logincssMsg string| logoMsg string| loginbtnMsg string| loginXkdMsg string| loginformMsg string| warnalert number| keyedChars boolean| isChrome object| loginXkdId string| loginXkdUrl undefined| oldbrowserWarnData undefined| oldbrowserUrlData undefined| setFocus undefined| inputAutoData undefined| disablePageData undefined| backSpaceClearData undefined| savePwdData undefined| fakeSafariPwdData undefined| fakeChromePwdData undefined| fontIconsData undefined| redirectUrlData undefined| idpTimeoutData undefined| secondsLeftData undefined| sessionWarnData undefined| loadingData undefined| collectorIcon undefined| kdIconData boolean| oldie function| cdnCheck string| googleTrackMsg string| googleJsUrlMsg string| googleJsUrlCdnMsg string| mlsgooglecode boolean| trackit function| googleCheck string| forgotPwdUrlMsg string| changePwdUrlMsg function| passLinks string| setFocusMsg object| usernameInput function| setInputFocus string| inputAutoMsg boolean| autocomp function| autoComplete string| disablePageMsg string| disablePageDiv boolean| disablepage string| backSpaceClearMsg boolean| backspace function| backspaceClear string| savePwdMsg boolean| savepassword string| fakeSafariPwdMsg boolean| fakepwdadded boolean| fakepwd function| fakeSafariPwd string| fakeChromePwdMsg function| fakeChromePwd string| fontIconsUrl string| fontIconsMsg boolean| fontawesome function| iconsFonts string| redirectUrl string| redirectUrlMsg number| idpTimeout string| idpTimeoutMsg number| secondsLeft string| secondsLeftMsg string| sessionWarnMsg boolean| sessionWarnMe string| sessionDialogHtml function| sessionPop function| runSessionDialog object| assocDropdownId object| assocDropdownRememberJsId undefined| assocDropdownRememberJsUrl string| assocDropdownRememberJsMsg string| assocDropdownMsg string| assocDropdownCookieMsg boolean| assocDrop object| assocDropdownCookie function| checkDropDown function| setDropDown function| saveDropdown function| inputCheck object| loadingId string| loadingMsg object| loginFormId string| loginFormMsg function| showInputs string| checkBootStrapMsg boolean| useboostrap function| checkBootStrap string| ssoTypeMsg function| ssoType function| basicLogin function| doLogin function| keyPress function| submitLoginForm object| collectIframe string| collectorMsg string| collectorIconMsg boolean| collectorchecker function| checkCollector function| collecterSet boolean| docollect function| collectObjectCheck object| kdCollecterId string| kdCollecterMsg string| kdIconMsg boolean| didkdload function| loginKd string| qaDialogHtml function| runQaDialog function| qaDialog boolean| fakechromepwdadded boolean| fakechromepwd function| initCallback_3xkd function| validCallback_3xkd function| kdFailed_3xkd object| CLAREITY object| _0x6bf2 function| CLAREITY_KD function| madKD_getVersion function| xkd object| _0xb3d3 object| b64 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.clareitysecurity.net
collector.clareity.net
fonts.googleapis.com
stats.g.doubleclick.net
tecnicoenlineablanca.com
www.google-analytics.com
www.novosco.com
185.67.45.137
2a00:1450:4001:816::200e
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9d
45.60.13.52
96.127.183.34
00f973f96f9fcebd037f59485a24ac1f3f073d0fb20879ddf445265c7ef77d87
02324fbade97fbc223834e6afa838dc1e01185bd0393f8e26e084834b512ae69
0a27dc147ed1d0048a35f49ae3977452fd2050a59a569f790954afdf7f170c33
15cc6fc3f739fa8573e2785f1f6af0cff8cebd1118a4b4f11df63d0f51c3bb64
17cecc18ee875908251a0ab107cc1ec9dd5fe73af2b759caa69316f5793c85b9
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dcab816ca5ee2317f01c1822391bcf8d8f9fdfaa3e5d776592d6c3ce6e559af
22822a0f20083336c7bbb0777e6eea2c363ab897066a233878cf652ef77aaa72
22dbdf3eca679acaf7f30f8cb56df0f16992755350cefd66c4f26c8750f97744
3a2294bf3b32e9fc0e57e540ee92fb6ec4a3c7c989310403731f8b658085d1c7
3df1de309469c68612e9c000fb4ededc8850fa727fc68ce415fbd12dcd71a80f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4fc33f5129759d7dd6a1f3865ec8d57c95032f658f45faaf667f89d57811f09e
5265f71403a318cdbeb0c4ec01dbba2f00fbc8f046b0a79e40e8abe675b398ce
64907bac65b3d6080557dbc26e2cc1ec94433cce8a4b7ad63dcf7ba4b959f948
6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7b3a7e4265228a39bea0d22ac1aedb86219a7b521a831827f7f4579ca5ae4156
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9de5950e705f78d02ae70cc5ee55ee333562d8ec083384f64e8d4a401a809e7a
b7e5367878f252a70a3eaecd650b0613a9bf53439c6a73fc76213fab103baad9
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
d4c1acdde2d8dc96d4347a5da9c0a7198dfb1985fc6b863511f6eaa7bde4cc99
d6fde7dab864548dcc28f42ae78961592f936527659310d508eb074d0b864250
d8d0c1ec764dabb9624f2293643ee5117bc4f2b0442bf2622c03ed42e8443a5b
e4a55a33b953fd5546e2cb2033539f897c8f59829948a71ef7bb834d24bc6f40
f656290bd5356ea65357b3ec88ca3cab68e314c13d33870fb2ec4e01184a380f
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955