afrahtools.com
Open in
urlscan Pro
195.191.24.116
Malicious Activity!
Public Scan
Effective URL: https://afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/
Submission: On April 26 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 2nd 2017. Valid for: 3 months.
This is the only time afrahtools.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Huntington Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
26 | 195.191.24.116 195.191.24.116 | 196645 (HOSTPRO-AS) (HOSTPRO-AS) | |
1 | 54.194.240.68 54.194.240.68 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 54.173.20.238 54.173.20.238 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
6 | 192.243.255.54 192.243.255.54 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
5 | 162.252.74.5 162.252.74.5 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
3 | 170.128.48.29 170.128.48.29 | 11685 (HNBCOL-AS) (HNBCOL-AS - Huntington National Bank) | |
43 | 6 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-240-68.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-20-238.compute-1.amazonaws.com
nexus.ensighten.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: huntington.com.ssl.sc.omtrdc.net
smetrics.huntington.com |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
sales.liveperson.net |
ASN11685 (HNBCOL-AS - Huntington National Bank, US)
www.huntington.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
afrahtools.com
afrahtools.com |
561 KB |
9 |
huntington.com
smetrics.huntington.com www.huntington.com |
4 KB |
5 |
liveperson.net
sales.liveperson.net |
87 KB |
2 |
ensighten.com
nexus.ensighten.com |
3 KB |
1 |
demdex.net
dpm.demdex.net |
184 B |
43 | 5 |
Domain | Requested by | |
---|---|---|
26 | afrahtools.com |
afrahtools.com
|
6 | smetrics.huntington.com |
afrahtools.com
|
5 | sales.liveperson.net |
afrahtools.com
|
3 | www.huntington.com |
afrahtools.com
|
2 | nexus.ensighten.com |
afrahtools.com
|
1 | dpm.demdex.net |
afrahtools.com
|
43 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.huntington.com |
selfservice.huntington.com |
www.fdic.gov |
Subject Issuer | Validity | Valid | |
---|---|---|---|
afrahtools.com cPanel, Inc. Certification Authority |
2017-03-02 - 2017-05-31 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2014-11-09 - 2018-01-24 |
3 years | crt.sh |
nexus.ensighten.com Symantec Class 3 Secure Server SHA256 SSL CA |
2014-10-27 - 2018-01-13 |
3 years | crt.sh |
smetrics.huntington.com DigiCert SHA2 High Assurance Server CA |
2016-09-15 - 2017-12-07 |
a year | crt.sh |
*.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2015-01-29 - 2018-01-28 |
3 years | crt.sh |
www.huntington.com GeoTrust EV SSL CA - G4 |
2017-04-18 - 2019-04-18 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/
Frame ID: 31829.1
Requests: 43 HTTP requests in this frame
8 Outgoing links
These are links going to different origins than the main page.
Title: Contact Us
Search URL Search Domain Scan URL
Title: Forgot Password?
Search URL Search Domain Scan URL
Title: Enroll in Online Banking
Search URL Search Domain Scan URL
Title: Identity Protection
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Online Guarantee
Search URL Search Domain Scan URL
Title: FDIC
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ Redirect Chain
|
18 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dbe3e40749e308dae6e34aea7859cf8c.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dbe3e40749e308dae6e34aea7859cf8c_001.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
servercomponent.php
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
483 B 495 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtagent639_23dhjprtx_1006.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
72 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ensightenbootstrap.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
150 KB 150 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
safeready.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
311 B 311 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.autotab.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deploy.asp
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
13 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mtag.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
untitled
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
53 KB 53 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webresource.axd
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
45 KB 45 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webresource_001.axd
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
45 KB 45 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-lg.png
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.gif
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
870 B 870 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.latest.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
house.gif
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
67 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
small-logo.gif
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
282 B 282 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
accessiblemenubar.js
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
id
dpm.demdex.net/ |
194 B 184 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/huntington/olb/ |
334 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-960.jpg
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
smetrics.huntington.com/ |
49 B 49 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s03118670735516
smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-1.7.0/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s07633766734353
smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-1.7.0/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s08234357440553
smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-1.7.0/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s06510079032630
smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-1.7.0/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dbe3e40749e308dae6e34aea7859cf8c.js
nexus.ensighten.com/huntington/olb/code/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dynaTraceMonitor
afrahtools.com/rol/Auth/ |
342 B 342 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
afrahtools.com/authentication/huntingtononline/d6e8f92377deda3f8d09ccb320926f74/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
deploy.asp
sales.liveperson.net/visitor/addons/ |
13 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s06746307093304
smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-1.7.0/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mTag.js
sales.liveperson.net/hcp/html/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
sales.liveperson.net/hc/45343342/ |
53 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
chatonlinev2.png
www.huntington.com/images/chat/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
chatofflinev2.png
www.huntington.com/images/chat/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
chatbusy.png
www.huntington.com/images/chat/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
sales.liveperson.net/hc/45343342/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
sales.liveperson.net/hc/45343342/ |
188 B 188 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dynaTraceMonitor
afrahtools.com/rol/Auth/ |
342 B 342 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Huntington Bank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.afrahtools.com/ | Name: s_pnval Value: auto%3A%20authentication%3A%20huntingtononline%3A%20d6e8f92377deda3f8d09ccb320926f74%3A |
|
.afrahtools.com/ | Name: s_ppvl Value: auto%253A%2520authentication%253A%2520huntingtononline%253A%2520d6e8f92377deda3f8d09ccb320926f74%253A%2C100%2C100%2C1132%2C1598%2C1132%2C1600%2C1200%2C1%2CP |
|
.afrahtools.com/ | Name: s_visit Value: 1 |
|
.afrahtools.com/ | Name: s_ppv Value: auto%253A%2520authentication%253A%2520huntingtononline%253A%2520d6e8f92377deda3f8d09ccb320926f74%253A%2C100%2C100%2C1132%2C1598%2C1132%2C1600%2C1200%2C1%2CP |
|
.afrahtools.com/ | Name: gpv_pn Value: auto%3A%20authentication%3A%20huntingtononline%3A%20d6e8f92377deda3f8d09ccb320926f74%3A |
|
afrahtools.com/ | Name: AMCV_A80C071A551AFEC90A4C98A6%40AdobeOrg Value: -1176276602%7CMCIDTS%7C17283%7CMCMID%7C11433497906257547503166906766885491391%7CMCAAMLH-1493817747%7C6%7CMCAAMB-1493817747%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCOPTOUT-1493220147s%7CNONE%7CMCAID%7CNONE |
|
.afrahtools.com/ | Name: gpv_ch Value: auto |
|
.afrahtools.com/ | Name: s_ch Value: auto |
|
.afrahtools.com/ | Name: s_vs Value: 1 |
|
.afrahtools.com/ | Name: s_cpc Value: 1 |
|
.afrahtools.com/ | Name: s_tps Value: %5B%5BB%5D%5D |
|
afrahtools.com/ | Name: AMCVS_A80C071A551AFEC90A4C98A6%40AdobeOrg Value: 1 |
|
.afrahtools.com/ | Name: s_cc Value: true |
|
.afrahtools.com/ | Name: s_pvs Value: %5B%5BB%5D%5D |
21 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afrahtools.com
dpm.demdex.net
nexus.ensighten.com
sales.liveperson.net
smetrics.huntington.com
www.huntington.com
162.252.74.5
170.128.48.29
192.243.255.54
195.191.24.116
54.173.20.238
54.194.240.68
00936419069d0b58062c852561d1a35a5fadea9029d11af63324dedcfea9f080
09add7eb5596e05440a163225763ed290dc2c02eae9bda24edf44d707817a5b7
1261f0e18cbe799b901e9dfa28b198ea2ddaf4102cb82764f8d5d0d5f6c3f9e5
1ae59c69466847e0fdd5ee1e857f6c1a2d0c624a97de5dbd9ef7a19c08d8995d
21c2bb32e7b834050a75bf901c817fa87e4b91de0dddec9e299afa1153c99cdb
2a472403e0262caf825ff03487875d21e3770b46029c05ea7dcda5d077b1a94e
2f49d7c13812e047a243e09855c92bfec9ac10421ac7d0652aabd1b23e8b1045
393420e2f5c4a700e8087b5c5c03ea6d3975871c9836b6e04d0f2029c020df98
3faef7d9e452bed7c4d165cb79b1f29f46e182964fcff66da8d5e2b777d17e74
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
4db3efe75e3f26cbdeb725ee3a707a95f22b1048674a3fab553e22315d454da6
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
6fcccc67d78692d11238e39a3d660283ac61f6f9ff5dff734c390d43bdd9a589
760fa8f3b6a53a51fce23d438181c2050a5500037c7c00b5218b3543313a69dc
9716533522ddc003d9644db1be40fbe3c025fe22fa8e44a2022eceb629ba1f2e
9e6831938cc28267bf96c7ab4d69415e86d9f31bbd11149d8ad2dc5b4c1519a6
9f76fc7235164e19ff8c9469469b32760cf87d2a97c4e4c0cd7612fa05a03062
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b149f6b09ca2c70b53256d296fb5f556305db0c6712a0ea2c3d3754f7c78a6ee
b7634bf4037e3e6ca9f2a100f913c2a430f95827a5232a95209a121861530941
c012386ef1035352701d7a103c1d372637338668b5af8cef4a0bafd3ed220b25
cb7d3d05aecc61d3b648bb134fb56f572194a3d7000b5498dc11d17020eb1a2f
d9ad9d74f6b359a975740213fb5ae00de21befb678e86cf464a82fce3a3b3571
da1ebf3a2abd9e603ba2841d407ea1c4d96ad2902521fe9cdf86a8a053458ba4
da738b3378e71808f58bdf8fd045835a01336989a72739956b1c472536f07264
e335050b32ffffdeb883c8b8c3f8b9a8ad684bdd60386529514b6a34502a26a6
e82330a3a814f915af53c3ae2940c2fe2e79822767e2d88a72a1ce805e35ddfd
e87c50fb21999249d9cb0f342517d02cc5293b2cf9b700c6c4a77f516bb46894
ea0b77b40a6037e470131577541173b601268bf230409ba00cdf791e325237a7
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200