mail.onlineqnb.com
Open in
urlscan Pro
72.52.251.2
Malicious Activity!
Public Scan
Effective URL: http://mail.onlineqnb.com/en/index.html
Submission: On August 12 via manual from TR
Summary
This is the only time mail.onlineqnb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Finansbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 26 | 72.52.251.2 72.52.251.2 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
3 | 2606:4700:10:... 2606:4700:10::6816:1983 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 62.108.64.36 62.108.64.36 | 8831 (FINANSBAN...) (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad.) | |
3 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a04:4e42:1b:... 2a04:4e42:1b::621 | 54113 (FASTLY) (FASTLY) | |
4 | 2606:4700:10:... 2606:4700:10::ac43:2642 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
42 | 6 |
ASN8831 (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad., TR)
PTR: www.dijitalkopru.org
www.qnbfinansbank.com |
ASN13335 (CLOUDFLARENET, US)
static-v.tawk.to | |
vsa50.tawk.to |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
onlineqnb.com
1 redirects
mail.onlineqnb.com |
1 MB |
7 |
tawk.to
embed.tawk.to static-v.tawk.to va.tawk.to vsa50.tawk.to |
119 KB |
4 |
qnbfinansbank.com
www.qnbfinansbank.com |
75 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net |
54 KB |
3 |
googleapis.com
fonts.googleapis.com |
2 KB |
42 | 5 |
Domain | Requested by | |
---|---|---|
26 | mail.onlineqnb.com |
1 redirects
mail.onlineqnb.com
|
4 | www.qnbfinansbank.com |
mail.onlineqnb.com
|
3 | vsa50.tawk.to |
embed.tawk.to
|
3 | cdn.jsdelivr.net |
embed.tawk.to
|
3 | fonts.googleapis.com |
embed.tawk.to
|
2 | va.tawk.to |
embed.tawk.to
|
1 | static-v.tawk.to |
mail.onlineqnb.com
|
1 | embed.tawk.to |
mail.onlineqnb.com
|
42 | 8 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-29 - 2021-07-29 |
a year | crt.sh |
*.qnbfinansbank.com GlobalSign RSA OV SSL CA 2018 |
2019-09-03 - 2021-09-03 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-07-08 - 2021-04-17 |
9 months | crt.sh |
This page contains 5 frames:
Primary Page:
http://mail.onlineqnb.com/en/index.html
Frame ID: 64846A56D3715E007355B758596E8DE7
Requests: 35 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 291A1EA7993057F4E149003074DDEA1C
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: BA5F68967392F62F9643DB244277EAAA
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 9781C58D003E7EB84C8232BC0BDE19B1
Requests: 4 HTTP requests in this frame
Frame:
https://static-v.tawk.to/a-v3/images/bubbles/168-r-br.svg
Frame ID: 328789D83F2B58572CFDBCF64175BAAF
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mail.onlineqnb.com/
HTTP 302
http://mail.onlineqnb.com/en/index.html Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Egypt**
Search URL Search Domain Scan URL
Title: Libya*
Search URL Search Domain Scan URL
Title: Mauritania
Search URL Search Domain Scan URL
Title: South Sudan (Juba)
Search URL Search Domain Scan URL
Title: Sudan
Search URL Search Domain Scan URL
Title: Togo(Ecobank)**
Search URL Search Domain Scan URL
Title: Tunisia**
Search URL Search Domain Scan URL
Title: China**
Search URL Search Domain Scan URL
Title: Indonesia**
Search URL Search Domain Scan URL
Title: India
Search URL Search Domain Scan URL
Title: Myanmar*
Search URL Search Domain Scan URL
Title: Singapore
Search URL Search Domain Scan URL
Title: Vietnam*
Search URL Search Domain Scan URL
Title: France
Search URL Search Domain Scan URL
Title: Switzerland
Search URL Search Domain Scan URL
Title: United Kingdom
Search URL Search Domain Scan URL
Title: Qatar
Search URL Search Domain Scan URL
Title: KSA
Search URL Search Domain Scan URL
Title: Kuwait
Search URL Search Domain Scan URL
Title: Oman
Search URL Search Domain Scan URL
Title: UAE (CBI)**
Search URL Search Domain Scan URL
Title: Iran*
Search URL Search Domain Scan URL
Title: Iraq (Mansour Bank)**
Search URL Search Domain Scan URL
Title: Lebanon
Search URL Search Domain Scan URL
Title: Syria
Search URL Search Domain Scan URL
Title: Yemen
Search URL Search Domain Scan URL
Title: Download Mobile App
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mail.onlineqnb.com/
HTTP 302
http://mail.onlineqnb.com/en/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
mail.onlineqnb.com/en/ Redirect Chain
|
52 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.core.min7d9d.css
mail.onlineqnb.com/ |
204 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.min20a9.css
mail.onlineqnb.com/ |
323 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notify-icon.png
mail.onlineqnb.com/_assets/img/ |
662 B 919 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
mail.onlineqnb.com/_assets/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-first-en.png
mail.onlineqnb.com/_assets/img/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-ar-en.png
mail.onlineqnb.com/_assets/img/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-724-en.png
mail.onlineqnb.com/_assets/img/ |
187 KB 188 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-cashloans-en.png
mail.onlineqnb.com/_assets/img/ |
172 KB 173 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qnb-contact-us.png
mail.onlineqnb.com/_assets/img/ |
204 KB 204 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transparent.png
mail.onlineqnb.com/_assets/img/ |
95 B 428 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.core.minbdbd.js
mail.onlineqnb.com/ |
677 KB 202 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
magiclick.en.mind7ef.js
mail.onlineqnb.com/ |
170 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loanpayment.min.js
mail.onlineqnb.com/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm5445.html
mail.onlineqnb.com/www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
mail.onlineqnb.com/_assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_belt.png
mail.onlineqnb.com/_assets/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dotted-border.png
mail.onlineqnb.com/_assets/img/ |
103 B 436 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-1-en.png
mail.onlineqnb.com/_assets/img/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5-2-en.png
mail.onlineqnb.com/_assets/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
355865_2_0.woff2
mail.onlineqnb.com/_assets/fonts/ |
55 KB 55 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoonf0c4.woff2
mail.onlineqnb.com/_assets/css/plugins/fonts/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
355865_1_0.woff2
mail.onlineqnb.com/_assets/fonts/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default
embed.tawk.to/5f3104745c885a1b7fb7b954/ |
504 KB 111 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-SecondImage-333-webp.vsf
www.qnbfinansbank.com/medium/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifications
mail.onlineqnb.com/api/ |
315 B 516 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GetBistEndexDataResponse
mail.onlineqnb.com/api/LoanCalculators/ |
315 B 516 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 291A |
8 KB 792 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame BA5F |
8 KB 771 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 9781 |
8 KB 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 9781 |
192 B 275 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 9781 |
295 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
168-r-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame 3287 |
22 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1597191707914
va.tawk.to/register/ |
687 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa50.tawk.to/s/ |
101 B 382 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 9781 |
413 B 568 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa50.tawk.to/s/ |
498 B 607 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v3
va.tawk.to/log-performance/ |
5 B 267 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa50.tawk.to/s/ |
4 B 213 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-SecondImage-281-webp.vsf
www.qnbfinansbank.com/medium/ |
4 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-FirstImage-281-webp.vsf
www.qnbfinansbank.com/medium/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Banner-SecondImage-258-webp.vsf
www.qnbfinansbank.com/medium/ |
45 KB 44 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Finansbank (Banking)110 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer string| languegeRedirectionUrl object| Browser object| ieBrowser object| touchBrowser undefined| Form object| ajaxForm undefined| dataForm boolean| validForm object| fakewaffle boolean| isMobile boolean| isMobileRecourse object| McUtils function| $ function| jQuery function| _ function| moment function| Waypoint function| Inputmask object| lazySizesConfig object| lazySizes function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| FooTable function| RateYo object| langChart object| jsResources object| QNB object| McDataLayer object| site object| Modules object| Calculator object| CalculatorLoanPayment object| Tawk_API object| Tawk_LoadStart object| $button object| $list object| $item object| $header object| $navigation object| $searchIcon object| $searchContainer object| $searchText object| $searchButton object| $searchcloseButton object| $overlay object| $Network object| $langItem object| $headerNavMain object| $headerNavMainItem object| $headerNavMenuItem object| $headerNavMenuItemLink object| $headerNavMainItemLink object| $headerNavMainSubmenu object| languegeRedirectionLink object| $menuButton object| $mobileMenu object| $mobileMenuItem object| $mobileMenuItemLink object| $cepSubeButton object| $finansSifreButton object| mobileSearchContainer object| mobilQnbNetwork object| $accordion object| $content object| $banner object| $cost_button object| $costClose_button object| opt string| currentTabIndex string| storedTabIndex object| el object| $reference_center object| $reference_center2 object| $big_dreams object| $campaigns object| $market_data_notice object| $market_data object| $owlCarousel object| $playpauseButton object| realtyBanner object| $pagenote object| $pagenotecontent object| $landing object| $landingItem object| $title object| _parent object| _self string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mail.onlineqnb.com/ | Name: TawkConnectionTime Value: 1597191708114 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
mail.onlineqnb.com
static-v.tawk.to
va.tawk.to
vsa50.tawk.to
www.qnbfinansbank.com
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2a00:1450:4001:819::200a
2a04:4e42:1b::621
62.108.64.36
72.52.251.2
04b118736754d544158e863b0e1a0fe4cc9a1899500111db4bfa4cbebb32b988
0a88dfccd371b667dba8ad94444cd4c5768d580b105735ce3fe6d2477b9fcf6f
0af7a445cb88d6e310e2d28075a0fbb5b449c8bb9226496e467dc594b5e1bd39
1036061ed0e7be99cfeb92ab14074696cffeb4ccf115c68d59c0c177e65d293f
12b24628c516a6d519a99141c00623455c4cb1df4a1f20cae8a28371143bd772
15acfa9cba65eada4d346043869d1e3c8e4b8a27adef04421a13da1cb76c4e02
1f79b77c59f93188451b759871002e414f6cf062e388b99ce2d2394a064a6a52
20a061a76e48e70305d8e59267dd73cd27d1f0322f7058273c12b52c0b9992c3
26ad2d01d0fb0fde0fb637fe930da758e75a83515adc009af8684b3c5edab0c5
2c01fcf4c587cd936cbb0d4349b9fc88dd585023f7059ccc8264a4f10622cf7d
39657d8581b3a98c67209ca13a94571529589ffbe9988d11d2357406f3ff801f
3c3955916e9fbe2929186cc939b9231ede8500be0a5cf45c5efda89e6e0f428c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
48db7f93cd7756f65f362de9a2bae13a404d86bca3f6c12f5274e44cd4fa6d07
49047429760049f71d97555d6a046d3316131060ca490ad3d7ef51c82efe439d
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
52154d8dd73368f63acf94c71e9604c9acef54ee297dcfa28eb927aa8dc96705
5897f283da71a62ae693733c33ba7382e1ba1c38fb45f7529c9fab7b6e24bd55
5c10a6e80346bb1faa990f68af3267b122398dc1ba3cd16523a2a951c81e9842
5ef0f4edaca62af880b59afd709162491cad859b9b39d707624808d25a182849
67023d8386467781d9e2dd7c936cc24c8379770555fd472a4ea742bab75e0052
764260de1f63e63e1ca6a1c4cc0849985fc75dfb1393776fda9fecf514ad7916
7c6f118535c5bbca36246754dacad64fdbd01a7ce156f43a5438c63227cc1a32
93108ffdf52bbc641a93882818715b5d0a7391f0d8051bcfa926c10d9561d762
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a2925c43259ca23dc1481d95a848df510656f27e34c8099f1b87af1a558bb9cf
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
bd7373bf622701e84594c5d816c15d27473ac2f9e01421a7c74921870536d3d6
be195649067631c77b0afcc223840ab3959f54e6a634ae4a39dfdfcc2d355cd1
d2b0c46dd50e00edbe5d8825ca78f812793b7bf2d9ad6d20e8d485c0a72100dc
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7ea1864dee6a3b78ff0ac8e4839a4b314216cc24a94b5d748b815a9e133b63a
e1d94035b1e4852ae3a0889323e643a114127b5c9829d69cff86b2d95eb5b22b
e9c0ab3f9fbc4e00692193ed590463b6ee191247b901e445dcbd396f2d2f5b95
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f9acde326cc0a3c8ee7b2a05a31b4635eb1507b4919c6d9ebc506f38c6f20f37