noveltydollar.com
Open in
urlscan Pro
62.171.178.140
Malicious Activity!
Public Scan
Effective URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Submission: On July 26 via manual from US
Summary
This is the only time noveltydollar.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SECU Credit Union (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.134.122.130 5.134.122.130 | 3242 (ASN-ITNET) (ASN-ITNET) | |
4 | 62.171.178.140 62.171.178.140 | 51167 (CONTABO) (CONTABO) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:215... 2600:9000:2156:3600:4:819e:800:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
21 | 104.17.189.18 104.17.189.18 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 13.224.111.69 13.224.111.69 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:215... 2600:9000:2156:9400:0:99b9:cd80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
2 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
40 | 13 |
ASN51167 (CONTABO, DE)
PTR: vmi455206.contaboserver.net
noveltydollar.com |
ASN16509 (AMAZON-02, US)
assets.orb.alkamitech.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-69.mad50.r.cloudfront.net
iris.alkamitech.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
secumd.org
myaccounts.secumd.org |
2 MB |
5 |
alkamitech.com
assets.orb.alkamitech.com iris.alkamitech.com |
243 KB |
4 |
noveltydollar.com
noveltydollar.com |
78 KB |
2 |
gstatic.com
fonts.gstatic.com |
31 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
12 KB |
2 |
jquery.com
code.jquery.com |
53 KB |
1 |
aspnetcdn.com
ajax.aspnetcdn.com |
30 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
14 KB |
1 |
salemove.com
libs.salemove.com |
117 KB |
1 |
googleapis.com
fonts.googleapis.com |
778 B |
1 |
camecom.it
1 redirects
camecom.it |
457 B |
40 | 11 |
Domain | Requested by | |
---|---|---|
21 | myaccounts.secumd.org |
noveltydollar.com
myaccounts.secumd.org |
4 | noveltydollar.com |
noveltydollar.com
|
3 | iris.alkamitech.com |
noveltydollar.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdnjs.cloudflare.com |
noveltydollar.com
|
2 | code.jquery.com |
noveltydollar.com
|
2 | assets.orb.alkamitech.com |
noveltydollar.com
assets.orb.alkamitech.com |
1 | ajax.aspnetcdn.com |
noveltydollar.com
|
1 | stackpath.bootstrapcdn.com |
noveltydollar.com
|
1 | libs.salemove.com |
noveltydollar.com
|
1 | fonts.googleapis.com |
noveltydollar.com
|
1 | camecom.it | 1 redirects |
40 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.secumd.org |
www.apple.com |
play.google.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.linkedin.com |
www.youtube.com |
itunes.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1O1 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.orb.alkamitech.com Entrust Certification Authority - L1K |
2020-01-27 - 2022-01-27 |
2 years | crt.sh |
myaccounts.secumd.org Entrust Certification Authority - L1M |
2019-10-24 - 2021-10-24 |
2 years | crt.sh |
iris.alkamitech.com Amazon |
2021-07-23 - 2022-08-21 |
a year | crt.sh |
*.glia.com Amazon |
2021-06-26 - 2022-07-25 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2020-11-16 - 2021-11-10 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Frame ID: 391F967EAB169F7058B7B0EE4FCE4654
Requests: 41 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://camecom.it/css/secure.php
HTTP 302
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
UNIX (Operating Systems) Expand
Detected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+foundation[^>"]+css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
Title: Contact Us
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Checking
Search URL Search Domain Scan URL
Title: Savings
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Auto
Search URL Search Domain Scan URL
Title: Personal
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Rates
Search URL Search Domain Scan URL
Title: Calculators
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://camecom.it/css/secure.php
HTTP 302
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/ Redirect Chain
|
37 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 778 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-icons.css
assets.orb.alkamitech.com/production/icons/SECU/font/ |
111 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yui-reset.min.css
myaccounts.secumd.org/stylesheets/ |
793 B 971 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.css
myaccounts.secumd.org/stylesheets/vendor/jquery/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.daterangepicker.min.css
myaccounts.secumd.org/stylesheets/vendor/jquery/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ext-all.min.css
myaccounts.secumd.org/stylesheets/vendor/extjs/ |
110 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.min.css
myaccounts.secumd.org/stylesheets/ |
193 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grid.min.css
myaccounts.secumd.org/stylesheets/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar.min.css
myaccounts.secumd.org/stylesheets/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris.shim.desktop.min.css
myaccounts.secumd.org/lib/iris/ |
673 B 658 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris.min.css
myaccounts.secumd.org/lib/iris/ |
95 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-foundation.min.css
myaccounts.secumd.org/lib/iris-foundation/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-components.shim.desktop.min.css
iris.alkamitech.com/cdn/iris-vue/latest/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-foundation.min.css
iris.alkamitech.com/cdn/iris-foundation/latest/ |
50 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-components.min.css
iris.alkamitech.com/cdn/iris-vue/latest/ |
142 KB 142 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
isotope.1.3.3.min.css
myaccounts.secumd.org/Isotope/Styles/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Authentication-Isotope.min.css
myaccounts.secumd.org/Areas/Authentication/Styles/ |
2 KB 877 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.desktop.min.css
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Stylesheets/ |
46 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fi.desktop.min.css
myaccounts.secumd.org/Orbital/SECU/Stylesheets/ |
47 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitor-app.69a3edb4.default.css
libs.salemove.com/ |
289 KB 117 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/css/ |
550 B 852 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo
myaccounts.secumd.org/Image/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.min.css
myaccounts.secumd.org/stylesheets/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-store-badge.svg
myaccounts.secumd.org/Isotope/Images/ |
11 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play-badge.svg
myaccounts.secumd.org/Isotope/Images/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_store_badge.png
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play-badge.png
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/img/ |
38 KB 38 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ |
49 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
actions.js
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop_bg.jpg
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Alkami.woff2
assets.orb.alkamitech.com/production/icons/SECU/font/ |
40 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
41 KB 41 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SECU Credit Union (Financial)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
assets.orb.alkamitech.com
camecom.it
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
iris.alkamitech.com
libs.salemove.com
myaccounts.secumd.org
noveltydollar.com
stackpath.bootstrapcdn.com
104.17.189.18
13.224.111.69
152.199.19.160
2001:4de0:ac18::1:a:1a
2600:9000:2156:3600:4:819e:800:93a1
2600:9000:2156:9400:0:99b9:cd80:93a1
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
5.134.122.130
62.171.178.140
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
09d0fb89002a24e260c9d36cae8bc692d14a6e284fa87409b188e482445e5cdc
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1591728c0c25372e4793da66a161948a604c6bff62dd8622972c9f5df8cdb417
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
279c113d5d5ff4bade5214a361cb00d36fb7c0ed9afc2071b46fa7e7da080d49
2b7ba8f492469156cb902ae08aa7f1a4d31cf3cbf59ed9a93990cec7d3f88308
2d7407ce09aa3b4d744645100dbdab1c52785c8c6fef1b08ea64ac6f57bddeba
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434
59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
5e7caaccd8026212f28ef57aa28d1d438bb5463c082cd3f9ac2548785ece5cf0
6a94aac0eaa1cbac733c84622acd33aa1c7a99efa40c59682b5c0b69b7e82d26
6c61590a86ae352f42d85b6bb9937b32c7a2996e1a565c57e068d1aa3978f79c
70e85a009826725354b61dda5e78f14418a117f6d4646550d2c55c499ec64a50
750c3592e1cd90e918a5e459c88f0394851dc4c1812386baeace68e36d65ae54
815838e5848947528ac175d31ba32c7deef87b3f16ecad0dac23e2899eb84db0
836f6553a56086bde88532c63139483d68495d6b0ca33f73d2a2951109a67690
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9
95d4fe92dfd1ad1ec032ff932d37d1088bd2723e34081989899bcd1fa1146da2
9bed34ddf95887f57b42acae2c0604c9780f39f99eca3d5a14133745ab78cfa3
a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe
a283d545359c1ec9fe76681198ebb5cb927937c90e5d5a26b37d530c05e7990d
ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c651a4a9e16b97152909cce1e7ef975d59e477dc21c2196b94804e1e34408da7
c9284b646657de61300244984f97841e022fe858e08ffe51ce2a4d0d9dec98a7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d11fd6eda3768319a87575a5d1e9df4a12e18a511ac9e92329b7e37452f8610b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0
f26973638df377445d53f726e35b802001a262f2f2be8d3cf4a7b999abc46076
f4992fb45a6f31ed224283f31a491cfe23740321dd4cfb7934a1457ff1af3aa4
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ffc47ebce714e39e390a1dbce31549676cf6ecc4d8ba4224d0d2d18f88658473