wandmidia.com
Open in
urlscan Pro
162.241.60.229
Malicious Activity!
Public Scan
Effective URL: https://wandmidia.com/bell/bell/index.php
Submission: On April 18 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 13th 2022. Valid for: 3 months.
This is the only time wandmidia.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BCE-Bell (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:20:... 2606:4700:20::ac43:5384 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 162.241.60.229 162.241.60.229 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
5 | 178.79.243.128 178.79.243.128 | 22822 (LLNW) (LLNW) | |
29 | 2 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-60-229.unifiedlayer.com
wandmidia.com |
ASN22822 (LLNW, US)
PTR: https-178-79-243-128.fra.llnw.net
prdbellweb.hs.llnwd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
wandmidia.com
wandmidia.com |
442 KB |
5 |
llnwd.net
prdbellweb.hs.llnwd.net — Cisco Umbrella Rank: 940762 |
348 KB |
1 |
is.gd
1 redirects
is.gd — Cisco Umbrella Rank: 55099 |
477 B |
29 | 3 |
Domain | Requested by | |
---|---|---|
24 | wandmidia.com |
wandmidia.com
|
5 | prdbellweb.hs.llnwd.net |
wandmidia.com
|
1 | is.gd | 1 redirects |
29 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bell.ca |
support.bell.ca |
business.bell.ca |
bell.ca |
www.bell.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.wandmidia.com R3 |
2022-04-13 - 2022-07-12 |
3 months | crt.sh |
*.hs.llnwd.net Sectigo RSA Organization Validation Secure Server CA |
2021-04-07 - 2022-05-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wandmidia.com/bell/bell/index.php
Frame ID: 4F11823793D474EC949C3CA6F96276A7
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Log in to MyBellPage URL History Show full URLs
-
https://is.gd/kwe3n9u9i
HTTP 301
https://wandmidia.com/bell/ Page URL
- https://wandmidia.com/bell/bell/index.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
83 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Title: Why Bell
Search URL Search Domain Scan URL
Title: Devices
Search URL Search Domain Scan URL
Title: Rate plans
Search URL Search Domain Scan URL
Title: Our network
Search URL Search Domain Scan URL
Title: Connected things
Search URL Search Domain Scan URL
Title: Travel
Search URL Search Domain Scan URL
Title: Prepaid
Search URL Search Domain Scan URL
Title: Connected car
Search URL Search Domain Scan URL
Title: Accessories
Search URL Search Domain Scan URL
Title: Promotions
Search URL Search Domain Scan URL
Title: TV + Internet
Search URL Search Domain Scan URL
Title: TV + Internet + Home phone
Search URL Search Domain Scan URL
Title: Build your own
Search URL Search Domain Scan URL
Title: Promotions
Search URL Search Domain Scan URL
Title: Why Bell
Search URL Search Domain Scan URL
Title: Packages
Search URL Search Domain Scan URL
Title: Hardware
Search URL Search Domain Scan URL
Title: Fibe TV app
Search URL Search Domain Scan URL
Title: 4K
Search URL Search Domain Scan URL
Title: Promotions
Search URL Search Domain Scan URL
Title: Alt TV
Search URL Search Domain Scan URL
Title: Bell Satellite TV
Search URL Search Domain Scan URL
Title: Packages
Search URL Search Domain Scan URL
Title: Hardware
Search URL Search Domain Scan URL
Title: Why Bell
Search URL Search Domain Scan URL
Title: Packages
Search URL Search Domain Scan URL
Title: Features
Search URL Search Domain Scan URL
Title: Fibre
Search URL Search Domain Scan URL
Title: Wi-Fi
Search URL Search Domain Scan URL
Title: Mobile Internet
Search URL Search Domain Scan URL
Title: Promotions
Search URL Search Domain Scan URL
Title: Packages
Search URL Search Domain Scan URL
Title: Long distance
Search URL Search Domain Scan URL
Title: Features
Search URL Search Domain Scan URL
Title: Phones and accessories
Search URL Search Domain Scan URL
Title: Smart Home
Search URL Search Domain Scan URL
Title: Packages
Search URL Search Domain Scan URL
Title: Devices
Search URL Search Domain Scan URL
Title: Medical Alert
Search URL Search Domain Scan URL
Title: Support overview
Search URL Search Domain Scan URL
Title: Bell
Search URL Search Domain Scan URL
Title: MyBell support
Search URL Search Domain Scan URL
Title: Billing
Search URL Search Domain Scan URL
Title: Sales & refund policy
Search URL Search Domain Scan URL
Title: Security and privacy
Search URL Search Domain Scan URL
Title: Glossary
Search URL Search Domain Scan URL
Title: Overview
Search URL Search Domain Scan URL
Title: Using my device
Search URL Search Domain Scan URL
Title: Rate plans, add-ons and entertainment
Search URL Search Domain Scan URL
Title: Network, coverage and travel
Search URL Search Domain Scan URL
Title: Repairs & warranties
Search URL Search Domain Scan URL
Title: Self-serve options
Search URL Search Domain Scan URL
Title: Fibe TV
Search URL Search Domain Scan URL
Title: Receivers & remotes
Search URL Search Domain Scan URL
Title: Channels and programming
Search URL Search Domain Scan URL
Title: Pay-per-view
Search URL Search Domain Scan URL
Title: Self-serve options
Search URL Search Domain Scan URL
Title: Alt TV
Search URL Search Domain Scan URL
Title: Devices
Search URL Search Domain Scan URL
Title: Self-serve options
Search URL Search Domain Scan URL
Title: Bell Satellite TV
Search URL Search Domain Scan URL
Title: Receivers & remotes
Search URL Search Domain Scan URL
Title: Channels and programming
Search URL Search Domain Scan URL
Title: Pay-per-view and On Demand
Search URL Search Domain Scan URL
Title: Self-serve options
Search URL Search Domain Scan URL
Title: Overview
Search URL Search Domain Scan URL
Title: Modem and Wi-Fi
Search URL Search Domain Scan URL
Title: Bell email
Search URL Search Domain Scan URL
Title: Internet security
Search URL Search Domain Scan URL
Title: Internet usage
Search URL Search Domain Scan URL
Title: Self-serve options
Search URL Search Domain Scan URL
Title: Overview
Search URL Search Domain Scan URL
Title: Phone line
Search URL Search Domain Scan URL
Title: Long distance and calling cards
Search URL Search Domain Scan URL
Title: Calling features
Search URL Search Domain Scan URL
Title: Self-serve options
Search URL Search Domain Scan URL
Title: Overview
Search URL Search Domain Scan URL
Title: Small business services
Search URL Search Domain Scan URL
Title: Medium & Large Business
Search URL Search Domain Scan URL
Title: Log in / Register
Search URL Search Domain Scan URL
Title: Cart
Search URL Search Domain Scan URL
Title: Bell email
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://is.gd/kwe3n9u9i
HTTP 301
https://wandmidia.com/bell/ Page URL
- https://wandmidia.com/bell/bell/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://is.gd/kwe3n9u9i HTTP 301
- https://wandmidia.com/bell/
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
wandmidia.com/bell/ Redirect Chain
|
126 B 220 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
wandmidia.com/bell/bell/ |
74 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.10.2.min897e.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/ids/js/ |
109 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bell63c5.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/ |
530 KB 116 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
belleddc.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bellf98e.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/ |
100 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
registrationFlow-login8880.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/css/page/ |
26 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
registrationFlow-login65d5.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/mybell/js/ |
1002 B 458 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts8880.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/DCX/css/ |
2 KB 565 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bell_custom_deprecatedbrowser_new8880.css
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/DCX/css/ |
1 KB 500 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bellea71.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/ |
368 KB 136 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mybell8611.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Omniture8384.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_login_MyBell_spring_update5160.jpg
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bell-icon-personb20b.png
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Styles/RSX/shop/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mybell-changing-plans-md5160.jpg
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/rsx/mybell/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entrust_seal4ad2.png
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/pfr/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code_bell14b6.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/resource/web/common/all_languages/all_regions/js/metrics/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieDeprecatedBrowserJS754c.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/MYB/web/DCX/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oo_engine.min36c0.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/ |
37 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oo_conf_inlinead7b.js
wandmidia.com/bell/prdbellweb.hs.llnwd.net/Resource/web/js/opinion_lab/ |
1 KB 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10004127.js
wandmidia.com/bell/bell.inq.com/chatskins/launch/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell-icon.woff
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ |
23 KB 24 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bellslim_semibold-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ |
19 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bellslim_medium-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ |
19 KB 20 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_login_MyBell_spring_update.jpg
wandmidia.com/bell/bell/Styles/images/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bellslim_regular-webfont5e66.woff2
wandmidia.com/bell/prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell-icon-outline.woff
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ |
270 KB 272 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bellslim_black-webfont.woff2
prdbellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ |
11 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BCE-Bell (Telecommunication)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| jQRSX object| html5 object| Modernizr function| yepnope function| maskUnmaskPws object| DeviceAtlas object| BELL function| Waypoint function| Hammer object| Placeholders function| PassValuesToOmnitureVariables function| TrackVariables function| SendJSVariablesToOmniture function| PassValuesToOmnitureVariablesNew function| TrackVariablesNew function| SendJSVariablesToOmnitureNew function| SetUsagePageNames function| RemoveHtmlTags function| RemoveSepecialCharacters function| SetePostMobilityUsagePageNames function| getErrorVariablesFromJsonErrors function| getMessagesVariablesFromJson function| ParseErrorsJsonFromResponse function| ParseMessagesJsonFromResponse function| getAPTValue function| getClientDate function| getClientTime function| formatMsg function| formatMsgFirst100 function| queryJson function| queryJsonErrors function| FormatLightBoxContent function| Formatted_Omniture_LBContent function| Omniture_LBContent function| Omniture_LBTitleAndContent function| Omniture_LBContent_ErrorTracking function| PassAjaxErrorsToOmniture function| addOmnitureValidationError object| MessageCatgEnumJS function| IsBrowserMessageClosedByUser function| IsNonIEBrowserMessageClosedByUser function| IsBrowserUpgradedByUser function| IsLearnMoreClickedByUser function| IsCompatibilityBrowserMessageClosedByUser function| setCookie function| getCookieValue function| addListener function| handleOldBrowserDetection number| safeInqReinitchatCount function| safeInqReinitchat function| success2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wandmidia.com/ | Name: PHPSESSID Value: 1def802640875a46416969be43f84af0 |
|
wandmidia.com/ | Name: DAPROPS Value: "sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdeviceAspectRatio:1600/1200|sscreenWidthHeight:1600/1200|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0|srendererRef:01859640861|bE:0" |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
is.gd
prdbellweb.hs.llnwd.net
wandmidia.com
162.241.60.229
178.79.243.128
2606:4700:20::ac43:5384
19f6fb196888d9c007dfd35a30ea9b5e572b11e3311296960c9183383e4a143b
1cad0c5bb505917be38547574af247d619547d81fe3a3497f8f2837258c2310f
3c7ca4acae314142bb67354282d6b55332cb79e1c3a27cd5b6d9125f1d69ff60
3c9ceb0468696f0712257c2609f7bec382a0e2d08b07fa5d21a51e9fe2638870
3e4d8f00673f6a80b26a8565f9931374e1e9171553b078261a67772af7511629
407302e428fbdad65c7b34999f9b51aa918afb561950ff2b0ba5463ab60e5adc
41407c31a0d44bb952744a390decccd0a4ba5918e4ff89c860f2495d5ee7a7fe
42f7a1af2bb884eef79470b860d7bff1e117f1e5f33d2fb155e69d5fc66a1938
4dc13e50e249b3654a85738c945beee2e7160b2210e31df9f5f26b2c089837c9
5da903d2ebd9e44462301dcaed36d2f255fbb59ff8838193feb7a56d8aa1eca6
85a01ecaf6de72e9eec841b78fe6ff100f9f8ebb5babde0f90426dffbc26ab3d
885d7ff1a9665e87b7be7322e23f41d27b75263f8b2c68dde45c5ec22aab7480
988ed47bd2feed583b05222cb8ffb3a5d23a544798daba2ac60226487851bd93
990b97cae1816d8493aa0eac62bbd35b6aee07565fc98cb5a0df8bcc36258525
9b99b747bb3a0b0d62ee203263fbffee81a7524169a927c10b0318d511563559
af03614d99771e0f3786fda656e7020a7bb83ea098f7a29f78f8f3f0b10bd049
b3e63c4ec315ed13e0b37dc2f610f5ecbc0bacffd0b087218acc759a8f280c19
c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5
cef697a926119ed2e9328e84e88e3a42b1987a64256c55066b37dc3f36883515
d00ef5f5ff992049bb675d419366257eff8560eae05178aa6d047dc9f56bfc6a
e162f1f58dbf406684f9a865dd6b82a00cb6c36fd089d2be6897d6320b96b771
e36f3860d6fe12df58872c55cf1fb78b7a3fe86d9a27591bfda5d8ceb34a31f3
e46a15ab15e3f7ef51a26465665b5123eddfb398dfeb0d208e77ce2280261c65
fe9e041b5ae5802ca35044060f054fe65ff2371f02ffaf1d897ec59152f7c2b0
ffb81b066403ae723f4298630e392faded58b4998335991a0de6274fa75818c2