creditscore.virginmoney.co.za
Open in
urlscan Pro
2600:9000:26da:7000:1c:5b59:6dc0:93a1
Public Scan
Submission Tags: phishingrod
Submission: On April 23 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on May 24th 2023. Valid for: a year.
This is the only time creditscore.virginmoney.co.za was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
creditscore.virginmoney.co.za |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-99.muc50.r.cloudfront.net
creditscore.virginmoney.co.za |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net
5238348.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
virginmoney.co.za
creditscore.virginmoney.co.za |
280 KB |
4 |
doubleclick.net
1 redirects
5238348.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
1 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
78 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
396 B |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
255 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 7278 |
126 B |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941 www.google.com — Cisco Umbrella Rank: 2 |
326 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
21 KB |
1 |
gstatic.com
fonts.gstatic.com |
15 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
968 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
28 | 11 |
Domain | Requested by | |
---|---|---|
6 | creditscore.virginmoney.co.za |
creditscore.virginmoney.co.za
|
4 | connect.facebook.net |
creditscore.virginmoney.co.za
connect.facebook.net |
3 | www.facebook.com |
creditscore.virginmoney.co.za
|
3 | www.googletagmanager.com |
creditscore.virginmoney.co.za
www.googletagmanager.com www.google-analytics.com |
2 | www.google.de |
creditscore.virginmoney.co.za
|
2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
2 | 5238348.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | www.google.com |
creditscore.virginmoney.co.za
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
creditscore.virginmoney.co.za
|
0 | 13.126.43.144 Failed | |
28 | 13 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.creditscore.virginmoney.co.za Amazon RSA 2048 M01 |
2023-05-24 - 2024-06-21 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-31 - 2024-04-30 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://creditscore.virginmoney.co.za/
Frame ID: AF14A668F1FAFCF0B3346F56A1D25486
Requests: 33 HTTP requests in this frame
Frame:
https://5238348.fls.doubleclick.net/activityi;dc_pre=CJHAlOyP2IUDFShLkQUdDggHBw;src=5238348;type=retar0;cat=vmcoz0;ord=1234689015454;npa=1;auiddc=1952493498.1713868002;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44h0za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fcreditscore.virginmoney.co.za%2F
Frame ID: 6511F5BD617AD300EDAB9FE85DFE571C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Virgin Money Credit ScoreDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
30 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: blog
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: home
Search URL Search Domain Scan URL
Title: personal loans
Search URL Search Domain Scan URL
Title: insurance
Search URL Search Domain Scan URL
Title: credit card
Search URL Search Domain Scan URL
Title: spot
Search URL Search Domain Scan URL
Title: contact
Search URL Search Domain Scan URL
Title: apply for a loan
Search URL Search Domain Scan URL
Title: online banking login
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Virgin.com
Search URL Search Domain Scan URL
Title: Virgin Money United Kingdom
Search URL Search Domain Scan URL
Title: Virgin Money Australia
Search URL Search Domain Scan URL
Title: Rewards
Search URL Search Domain Scan URL
Title: Newsletter
Search URL Search Domain Scan URL
Title: Monthly E-zine
Search URL Search Domain Scan URL
Title: About Virgin Money SA
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Legal Stuff
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://5238348.fls.doubleclick.net/activityi;src=5238348;type=retar0;cat=vmcoz0;ord=1234689015454;npa=1;auiddc=1952493498.1713868002;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44h0za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fcreditscore.virginmoney.co.za%2F HTTP 302
- https://5238348.fls.doubleclick.net/activityi;dc_pre=CJHAlOyP2IUDFShLkQUdDggHBw;src=5238348;type=retar0;cat=vmcoz0;ord=1234689015454;npa=1;auiddc=1952493498.1713868002;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44h0za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fcreditscore.virginmoney.co.za%2F
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
creditscore.virginmoney.co.za/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.296e69f7deaeeabda65bd6b23285c259.css
creditscore.virginmoney.co.za/static/css/ |
186 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.7123deaaa7c6fb4e1138.js
creditscore.virginmoney.co.za/static/js/ |
877 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.e7c9e5f117c66cb93dd1.js
creditscore.virginmoney.co.za/static/js/ |
451 KB 143 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.08f7cb2b117fd28019f9.js
creditscore.virginmoney.co.za/static/js/ |
95 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 968 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
115058972508879
connect.facebook.net/signals/config/ |
56 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.af7ae50.woff2
creditscore.virginmoney.co.za/static/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
260 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
194 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
331970767296769
connect.facebook.net/signals/config/ |
28 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CJHAlOyP2IUDFShLkQUdDggHBw;src=5238348;type=retar0;cat=vmcoz0;ord=1234689015454;npa=1;auiddc=1952493498.1713868002;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome...
5238348.fls.doubleclick.net/ Frame 6511 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 231 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1969090559817528
connect.facebook.net/signals/config/ |
20 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 103 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 358 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
271 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 19 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 263 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
VM-LOGO_STACKED_RED_CMYK-269x300.png
13.126.43.144/wp-content/uploads/2017/12/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 13.126.43.144
- URL
- https://13.126.43.144/wp-content/uploads/2017/12/VM-LOGO_STACKED_RED_CMYK-269x300.png
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| fbq function| _fbq function| webpackJsonp function| setImmediate function| clearImmediate function| jQuery function| $ object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.virginmoney.co.za/ | Name: _fbp Value: fb.2.1713868002178.1711396464 |
|
.virginmoney.co.za/ | Name: _gcl_au Value: 1.1.1952493498.1713868002 |
|
.virginmoney.co.za/ | Name: _ga Value: GA1.3.375890969.1713868003 |
|
.virginmoney.co.za/ | Name: _gid Value: GA1.3.651923793.1713868003 |
|
.virginmoney.co.za/ | Name: _gat_UA-23691971-1 Value: 1 |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.virginmoney.co.za/ | Name: _ga_7STECK171D Value: GS1.3.1713868003.1.0.1713868003.60.0.0 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnTZndm91lOPcOtUzYUgQk7qqa1HfJKh-IGd6o-_XrXmm6d5GHTWJbvix89 |
|
.twitter.com/ | Name: personalization_id Value: "v1_BMzNrh4bzwVPfwFQYJKZpA==" |
|
.t.co/ | Name: muc_ads Value: 581bc674-b871-4d24-9021-1446ceb0fbad |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
13.126.43.144
5238348.fls.doubleclick.net
connect.facebook.net
creditscore.virginmoney.co.za
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.126.43.144
142.250.185.196
142.250.186.35
157.240.252.13
157.240.252.35
172.217.16.200
18.173.187.99
2001:4860:4802:34::36
216.58.206.38
2600:9000:26da:7000:1c:5b59:6dc0:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:400c:c07::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
00b86cf49b3ce2cb0b137afa8720bbf8076cf1e6ce0802713b8e33383c0cd194
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
077a42db4c322c64d3de8bbb04f3e69a6062485c393f79481ce111c3b04bf39a
089ee15c88777a4c36a4f1e559adae7a47097251f599935315d04a86b81f075f
0c346657e81a033ae4972a65410f6dfc95ed447b8e120b3c88f3325260623283
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
1a7a969ab6a3a3a563fb0285893a4b0561fe5becc04a655b3ac0e056e38b43d4
1cc01a04740b8db1b9b1fb3d02bb27f8deccef6dc536430f2d3b5950023f1a83
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f9276da9c7fa98ce37a6414fcf147334e69fc3e7458a71e79f3fa095324e3ce
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
5b9730fc87abae2517e0ecf5a29a55cac915b6c349b736f177245a13875311be
6286d52424eec80db3db3c60a7cb176088f7cd4dfcb6ba88c5d2264ebde1826f
67d3fb76976d86b46c2c97bb9225271e76449fe838d8045e29e51cdbc9f3b509
746e229a95f4ec32d3309ca6eb1a341c4cafaef9ec721c194a39fd540779b21c
78161a219cac9e13eb10b7aa1abdac2ae2332f71c9e75efffac3bc2560f00921
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
945ee9fe441adfd283cef9590f111d0518ac05f9adba76e624e037524f83c21f
96a54a6d3143df3e0d1f5c1c64c017d976089daab7202d52e97f4ed04ca2bac0
9e867a0cefb410596771e6c290bd617d7457850c0e15a351db885b4de6098fc2
b2e64e7b65a7978474155fae6bea8037ee10d9d0f4706b7028d53476efcb3c3b
c2cfc58fa932d4138ed153e4570c6c9d93130a99d68afc939ba57479022cbcdd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8280edc8a6793b34807c6a207cab6191693850911a018e2d2275f07729a788d