www.merr.us
Open in
urlscan Pro
64.251.208.30
Malicious Activity!
Public Scan
Submission: On September 24 via automatic, source openphish
Summary
This is the only time www.merr.us was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Navy Federal Credit Union (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 64.251.208.30 64.251.208.30 | 26284 (BADGER-IN...) (BADGER-INTERNET-INC - Badger Internet) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
13 | 23.67.128.237 23.67.128.237 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 104.109.65.60 104.109.65.60 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 178.249.101.23 178.249.101.23 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
1 | 2a03:6400:16:... 2a03:6400:16:0:178:249:101:99 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a03:6400:10:... 2a03:6400:10:0:178:249:97:98 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
1 1 | 2606:b400:881... 2606:b400:8814:f200::8198:5c77 | () () | |
2 | 208.89.12.87 208.89.12.87 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
30 | 12 |
ASN26284 (BADGER-INTERNET-INC - Badger Internet, Inc., US)
PTR: cpanel3
www.merr.us |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-128-237.deploy.static.akamaitechnologies.com
my.navyfederal.org |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-65-60.deploy.static.akamaitechnologies.com
www.navyfederal.org |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
accdn.lpsnmedia.net |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
liveengage.navyfederal.org |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
PTR: va.v.liveperson.net
va.v.liveperson.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
navyfederal.org
1 redirects
my.navyfederal.org www.navyfederal.org analytics.navyfederal.org Failed liveengage.navyfederal.org rnemsg.navyfederal.org |
129 KB |
4 |
liveperson.net
lptag.liveperson.net va.v.liveperson.net |
60 KB |
2 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
91 KB |
2 |
merr.us
www.merr.us |
22 KB |
1 |
lpsnmedia.net
accdn.lpsnmedia.net |
603 B |
1 |
google.com
www.google.com |
540 B |
1 |
googleapis.com
fonts.googleapis.com |
779 B |
30 | 7 |
Domain | Requested by | |
---|---|---|
13 | my.navyfederal.org |
www.merr.us
|
4 | www.navyfederal.org |
www.merr.us
|
2 | va.v.liveperson.net |
lptag.liveperson.net
|
2 | lptag.liveperson.net |
www.navyfederal.org
|
2 | www.merr.us |
my.navyfederal.org
|
1 | rnemsg.navyfederal.org | 1 redirects |
1 | liveengage.navyfederal.org |
lptag.liveperson.net
|
1 | fonts.gstatic.com |
www.merr.us
|
1 | accdn.lpsnmedia.net |
lptag.liveperson.net
|
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
www.merr.us
|
1 | fonts.googleapis.com |
www.merr.us
|
0 | analytics.navyfederal.org Failed |
www.merr.us
|
30 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.navyfederal.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googleapis.com Google Internet Authority G3 |
2018-08-28 - 2018-11-20 |
3 months | crt.sh |
my.navyfederal.org DigiCert SHA2 Extended Validation Server CA |
2018-09-11 - 2019-09-16 |
a year | crt.sh |
www.navyfederal.org DigiCert SHA2 Extended Validation Server CA |
2018-04-04 - 2019-04-09 |
a year | crt.sh |
www.google.com Google Internet Authority G3 |
2018-08-28 - 2018-11-20 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2018-08-28 - 2018-11-20 |
3 months | crt.sh |
*.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2017-12-17 - 2020-12-16 |
3 years | crt.sh |
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA |
2018-02-26 - 2021-02-25 |
3 years | crt.sh |
liveengage.navyfederal.org DigiCert SHA2 Extended Validation Server CA |
2018-04-10 - 2019-04-15 |
a year | crt.sh |
merr.us cPanel, Inc. Certification Authority |
2018-08-10 - 2018-11-08 |
3 months | crt.sh |
*.v.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2018-05-08 - 2020-05-07 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
http://www.merr.us/wp-content/themes/nv/login.php
Frame ID: 0FD569F7AD9BF4152CDD2D8550E872B8
Requests: 27 HTTP requests in this frame
Frame:
https://www.navyfederal.org/nfoaa-navads/signin.html
Frame ID: 2931C94314B97F402861588D33B957DF
Requests: 1 HTTP requests in this frame
Frame:
https://liveengage.navyfederal.org/le_secure_storage/3.5.0.10-release_418/storage.secure.min.html?loc=http%3A%2F%2Fwww.merr.us&site=11478817&env=prod&isCrossDomain=true
Frame ID: C334DEA27818C72F2CF1B48400E446A8
Requests: 1 HTTP requests in this frame
Frame:
https://www.navyfederal.org/images/spacer.gif
Frame ID: ED488CDDEAB76CBE2511F49EFB687EA1
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
UNIX (Operating Systems) Expand
Detected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
LivePerson (Live Chat) Expand
Detected patterns
- script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
SiteCatalyst (Analytics) Expand
Detected patterns
- script /\/s[_-]code.*\.js/i
- env /^s_(?:account|objectID|code|INST)$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
reCAPTCHA (Captchas) Expand
Detected patterns
- env /^Recaptcha$/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Branches & ATMs
Search URL Search Domain Scan URL
Title: Questions & Support
Search URL Search Domain Scan URL
Title: Become a Member »
Search URL Search Domain Scan URL
Title: Need More Information? »
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Federally Insured by NCUA
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://rnemsg.navyfederal.org/ci/pta/logout HTTP 302
- https://www.navyfederal.org/images/spacer.gif
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
www.merr.us/wp-content/themes/nv/ |
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
5 KB 779 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-81c4011762afac3569f942d4fb8bf43f.css
my.navyfederal.org/NFOAA_Auth/resources/css/ |
80 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nauth-81c4011762afac3569f942d4fb8bf43f.css
my.navyfederal.org/NFOAA_Auth/resources/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s_code.js
www.navyfederal.org/js/ |
47 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min.js
my.navyfederal.org/NFOAA_Auth/resources/js/dist/ |
139 KB 46 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookieGenerator-f3c7ff68bced30b6bd7a7a5b62aa7ff4.js
my.navyfederal.org/NFOAA_Auth/resources/js/dev/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-f3c7ff68bced30b6bd7a7a5b62aa7ff4.js
my.navyfederal.org/NFOAA_Auth/resources/js/dev/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
api.js
www.google.com/recaptcha/ |
762 B 540 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
le2-mtagconfig.js
www.navyfederal.org/js/ |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s05968905963418
analytics.navyfederal.org/b/ss/nfcuprod/1/JS-1.6.3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1537165899310/ |
237 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
tag.js
lptag.liveperson.net/tag/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
.jsonp
lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/ |
142 KB 52 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
zones
accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/ |
2 KB 603 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_logo-14091710c18c4576bb05b77eae62912e.png
my.navyfederal.org/NFOAA_Auth/resources/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
toolTip-14091710c18c4576bb05b77eae62912e.png
my.navyfederal.org/NFOAA_Auth/resources/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tooltip-arrow-left-14091710c18c4576bb05b77eae62912e.png
my.navyfederal.org/NFOAA_Auth/resources/images/ |
366 B 564 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_footer_logo-14091710c18c4576bb05b77eae62912e.png
my.navyfederal.org/NFOAA_Auth/resources/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bd-1-30
my.navyfederal.org/_bm/ |
55 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_footer.png
my.navyfederal.org/NFOAA_Auth/resources/images/css/ |
188 B 386 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.png
my.navyfederal.org/NFOAA_Auth/resources/images/css/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_globe.png
my.navyfederal.org/NFOAA_Auth/resources/images/css/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin.html
www.navyfederal.org/nfoaa-navads/ Frame 2931 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.secure.min.html
liveengage.navyfederal.org/le_secure_storage/3.5.0.10-release_418/ Frame C334 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
www.navyfederal.org/images/ Frame ED48 Redirect Chain
|
0 0 |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
_data
www.merr.us/_bm/ |
0 8 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
11478817
va.v.liveperson.net/api/js/ |
232 B 701 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
11478817
va.v.liveperson.net/api/js/ |
110 B 471 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- analytics.navyfederal.org
- URL
- http://analytics.navyfederal.org/b/ss/nfcuprod/1/JS-1.6.3/s05968905963418?AQB=1&ndh=1&pf=1&t=24%2F8%2F2018%2019%3A59%3A45%201%200&fid=0CEA1D4B88250576-05F352AC4666E94B&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=http%3A%2F%2Fwww.merr.us%2Fwp-content%2Fthemes%2Fnv%2Flogin.php&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=3%3A59PM&v4=3%3A59PM&c5=Monday&v5=Monday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Navy Federal Credit Union (Government)67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| s_account object| s function| s_doPlugins function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq function| manageFrames function| validateDay function| validatePassword function| validateBirthMY function| clear_form_elements function| removeCookie function| setCookie function| checkCapsLock function| validateSSN function| countModal function| resizeParentFrame function| alertUser function| removeAlert function| validateSecurityAnswer function| $ function| jQuery string| j string| k object| s_i_nfcuprod object| jQuery1113020842674336387956 function| getCookie function| createCookie function| setAACookie function| makeRandomValue function| deleteAkamiCookie function| setAkamiCookie function| submitCaptchaForm function| recaptchaWorks object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client boolean| captchaEnabled boolean| isCaptchaSuccess undefined| idtoken object| cnf function| checkForToken function| getParameterByName function| postMsgReceiver object| CustInfo function| sendCtype number| counter boolean| postChat string| closeButton function| piiMask function| lpGetJWT object| lpTag object| recaptcha function| _typeof object| lpMTagConfig number| year object| _cf object| _ac object| bmak string| _sd_trace function| verifyCaptcha11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.navyfederal.org/ | Name: s_cc Value: true |
|
.navyfederal.org/ | Name: s_fid Value: 7DFCF3B3678E5D83-2F3ADE7A8FB0EE22 |
|
.navyfederal.org/ | Name: bm_sz Value: 20DDF940DE0545DF9ADE5C0BCBCB2057~QAAQ9IQUAmFONuplAQAA4ZcqDYaLO1w7oOZs/XYiVPT4W/SQWYBqjTVr2DhgBi3lC5DvdpGX/C/XNudvJtBbtg1rrfWPB9iz4vu77yDPZJ1OUj/sI7MtRg9+zpFFRJnNYjBbnktGlXUrgC6A/2gD6FibLmXTIsQnCyfiXFLs7FdoStmK+M+TE8usffFRy1euOM37 |
|
.navyfederal.org/ | Name: s_vi Value: [CS]v1|2DD4A11985316493-6000010DE000006D[CE] |
|
www.merr.us/ | Name: PHPSESSID Value: 4c249c15049fcba65872a656c4d09b72 |
|
.merr.us/ | Name: s_cc Value: true |
|
.navyfederal.org/ | Name: gpv_page Value: nfo%3Anfoaa-navads%3Asignin.html |
|
.merr.us/ | Name: s_fid Value: 0CEA1D4B88250576-05F352AC4666E94B |
|
.navyfederal.org/ | Name: dc Value: v |
|
.navyfederal.org/ | Name: _abck Value: 32E0DE963492B2FF11CDB25157C09A15021484F40F3600003342A95B1FE64603~-1~Uv/DK4opBVkYp7iwnG7ntp/4nDHaQuUBSbufpX/xTwg=~-1~-1 |
|
.merr.us/ | Name: gpv_page Value: nfo%3Alogin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accdn.lpsnmedia.net
analytics.navyfederal.org
fonts.googleapis.com
fonts.gstatic.com
liveengage.navyfederal.org
lptag.liveperson.net
my.navyfederal.org
rnemsg.navyfederal.org
va.v.liveperson.net
www.google.com
www.gstatic.com
www.merr.us
www.navyfederal.org
analytics.navyfederal.org
104.109.65.60
178.249.101.23
208.89.12.87
23.67.128.237
2606:b400:8814:f200::8198:5c77
2a00:1450:4001:812::2003
2a00:1450:4001:817::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::2004
2a03:6400:10:0:178:249:97:98
2a03:6400:16:0:178:249:101:99
64.251.208.30
0080c6f378efa908db1ea1d04f0a2391c9321a2d2232d703749b39956148a083
01be295d9648229a5eed43b6c27836a569362324ceee92e99a4f40e23ee0c464
03058abfea81a3942d4bdee9a00e1227cea77f3bee681f7e2c75fde2988ac76f
0f456a735c025355ff4d0037c0a304228829a9663cef562482542b540714491a
26aa1e5d382461643776161453f29771a528577f5a831f0bb2036e4357513c1e
26e0b406fb2610ba6e2d2e1aff2fd26fecc8c96a52ce64641c7d7aaa5965d34b
2dd42af252b85be303db754dd37c9f145dd655d8e8714cf2fd1ec068f625ab38
3670fcf586de237600ff4455decdf7ba61a9701f0f1884786ae18f1204fa2d03
470d3ba35a54ee6fe8605f1c2ab718f86742f6d407d4a841aa8c28bb77a6c370
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
5819744a85e9e7b750ed21addcb6cdbef9b609dcf454e79341b2942944a74ec1
70a025cdb7a54c73bb380ab5498c1af204f64ff985f1252e7f6aef423a853cd2
73ed4957753f475d502c2ee4e56fc072150f9b323be22652c868ef7cb82a926c
9d544e86ba76cf0862763c44521e7d08798a7c7a69a963913b01d1cbe618be01
a1262f72895c86e6e90753f9852fe1126f2be734bd0c7b02855f70615b9611f9
aa00e07dba6cb64bf1167ff7a523028f64dc648f2e58382488feeb7689abedfb
b6aa519de2e03a59ba46b40aa06dd2d0613b5c77b9af94dcaafba0dea3b4a68b
bfd0527fd2725ac551051f5efeb3c0a79dc815fc727e311706840907134db819
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d27c34d729a5ecd6e06a8f129aa9204554bee5f9ccd9305e3aacc8ec976ada68
d2860cf4cc49d5ec7dd1dab34f52c9d581125bf44808b437939a9f682e115e0c
e07f2fb0014dbce90e269cc01c54d59ddb723c4c8b93380d4abc38563eab6d67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76e572bf7255078607310a6341777f3c28dfabc2a3946a1d91ac941a57c5bb7
eac7a5450fce00715e381e02b2359fa4bd7ddd5a30f52e15ca9c342ce24d3b37
fe63c84509133d0aa0265c63a2e18e6c52129bc227b1e2394d8f7c4393193ca7