compte-application-credit-agricole-procompte.ce51926.tmweb.ru
Open in
urlscan Pro
92.53.96.150
Malicious Activity!
Public Scan
Effective URL: http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/
Submission: On June 06 via automatic, source openphish
Summary
This is the only time compte-application-credit-agricole-procompte.ce51926.tmweb.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:10:... 2606:4700:10::6814:8a41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 195.30.84.210 195.30.84.210 | 5539 (SPACENET ...) (SPACENET SpaceNET AG) | |
2 7 | 92.53.96.150 92.53.96.150 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
2 | 2a04:4e42:3::485 2a04:4e42:3::485 | 54113 (FASTLY) (FASTLY) | |
11 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 158.191.172.47 158.191.172.47 | 9159 (Credit Ag...) (Credit Agricole) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2016 | 15169 (GOOGLE) (GOOGLE) | |
1 | 158.191.172.78 158.191.172.78 | 9159 (Credit Ag...) (Credit Agricole) | |
1 | 161.35.253.229 161.35.253.229 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
9 | 2606:4700:10:... 2606:4700:10::6816:1983 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 10 |
ASN5539 (SPACENET SpaceNET AG, DE)
PTR: cp210.sp-server.net
redirections.fabrikfabrik.de |
ASN9123 (TIMEWEB-AS, RU)
PTR: vh300.timeweb.ru
compte-application-credit-agricole-procompte.ce51926.tmweb.ru |
ASN9159 (Credit Agricole, FR)
PTR: www.credit-agricole.fr
www.credit-agricole.fr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
cloudflare.com
cdnjs.cloudflare.com |
603 KB |
9 |
tawk.to
embed.tawk.to va.tawk.to |
120 KB |
7 |
tmweb.ru
2 redirects
compte-application-credit-agricole-procompte.ce51926.tmweb.ru |
259 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net |
36 KB |
2 |
tinyurl.com
2 redirects
www.tinyurl.com tinyurl.com |
871 B |
1 |
googleapis.com
fonts.googleapis.com |
926 B |
1 |
openode.io
keys0.openode.io |
854 B |
1 |
ca-atlantique-vendee.fr
www.ca-atlantique-vendee.fr |
154 KB |
1 |
ytimg.com
i.ytimg.com |
93 KB |
1 |
credit-agricole.fr
www.credit-agricole.fr |
9 KB |
1 |
fabrikfabrik.de
1 redirects
redirections.fabrikfabrik.de |
254 B |
34 | 12 |
Domain | Requested by | |
---|---|---|
11 | cdnjs.cloudflare.com |
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
cdnjs.cloudflare.com |
8 | embed.tawk.to |
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
embed.tawk.to |
7 | compte-application-credit-agricole-procompte.ce51926.tmweb.ru |
2 redirects
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdn.jsdelivr.net |
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
|
1 | va.tawk.to |
embed.tawk.to
|
1 | fonts.googleapis.com |
cdnjs.cloudflare.com
|
1 | keys0.openode.io |
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
|
1 | www.ca-atlantique-vendee.fr |
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
|
1 | i.ytimg.com |
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
|
1 | www.credit-agricole.fr |
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
|
1 | redirections.fabrikfabrik.de | 1 redirects |
1 | tinyurl.com | 1 redirects |
1 | www.tinyurl.com | 1 redirects |
34 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-30 - 2022-06-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
www.credit-agricole.fr Sectigo RSA Organization Validation Secure Server CA |
2020-09-28 - 2021-09-28 |
a year | crt.sh |
edgestatic.com GTS CA 1C3 |
2021-05-10 - 2021-08-02 |
3 months | crt.sh |
www.ca-atlantique-vendee.fr Sectigo RSA Organization Validation Secure Server CA |
2021-02-01 - 2022-02-01 |
a year | crt.sh |
*.openode.io AlphaSSL CA - SHA256 - G2 |
2020-03-05 - 2022-04-11 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-05-10 - 2021-08-02 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-05-10 - 2021-08-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/
Frame ID: 4222236B7D1632F57A42F50A1AB88DBE
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.tinyurl.com/xwxhy2xj/
HTTP 307
https://www.tinyurl.com/xwxhy2xj/ HTTP 301
http://tinyurl.com/xwxhy2xj/ HTTP 307
https://tinyurl.com/xwxhy2xj/ HTTP 301
http://redirections.fabrikfabrik.de/ HTTP 301
http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/ HTTP 302
http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978 HTTP 301
http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/ Page URL
Detected technologies
Node.js (Programming Languages) ExpandDetected patterns
- script /socket\.io.*\.js/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Semantic-ui (Web Frameworks) Expand
Detected patterns
- script /\/semantic(?:-([\d.]+))?(?:\.min)?\.js/i
UIKit (Web Frameworks) Expand
Detected patterns
- script /uikit.*\.js/i
Socket.io (JavaScript Frameworks) Expand
Detected patterns
- script /socket\.io.*\.js/i
Tawk.to (Live Chat) Expand
Detected patterns
- script /\/\/embed\.tawk\.to/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.tinyurl.com/xwxhy2xj/
HTTP 307
https://www.tinyurl.com/xwxhy2xj/ HTTP 301
http://tinyurl.com/xwxhy2xj/ HTTP 307
https://tinyurl.com/xwxhy2xj/ HTTP 301
http://redirections.fabrikfabrik.de/ HTTP 301
http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/ HTTP 302
http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978 HTTP 301
http://compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/ Redirect Chain
|
30 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue
cdn.jsdelivr.net/npm/ |
92 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
274 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iview.js
cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/ |
2 MB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iview.css
cdnjs.cloudflare.com/ajax/libs/iview/3.5.1/styles/ |
308 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v-mask.min.js
cdn.jsdelivr.net/npm/v-mask/dist/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ |
44 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socket.io.js
cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/ |
67 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uikit.js
cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/js/ |
334 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ |
809 KB 90 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.js
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ |
719 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uikit.css
cdnjs.cloudflare.com/ajax/libs/uikit/3.2.0/css/ |
364 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/css/ |
2 KB 1004 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ilogo.svg
compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/img/ |
25 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CA_Toute-une-banque-pour-vous_V.svg
www.credit-agricole.fr/content/dam/assetsca/npc/logos/ |
26 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
i.ytimg.com/vi/vV_tpC9MuP4/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Avantage_9443012_tcm_124_518558.png
www.ca-atlantique-vendee.fr/Vitrine/Obj/ |
154 KB 154 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ |
23 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/js/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip
keys0.openode.io/ |
471 B 854 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 926 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default
embed.tawk.to/5dc29b31e4c2fa4b6bda4277/ |
1 KB 878 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
icons.woff2
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/themes/default/assets/fonts/ |
39 KB 40 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
access.jpg
compte-application-credit-agricole-procompte.ce51926.tmweb.ru/oluwa/compte/bb364e68702a4232f5c1fa82cbbd8978/img/ |
238 KB 239 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-main.js
embed.tawk.to/_s/v4/app/60b739727c0/js/ |
121 B 502 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-vendor.js
embed.tawk.to/_s/v4/app/60b739727c0/js/ |
76 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/60b739727c0/js/ |
190 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/60b739727c0/js/ |
135 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-runtime.js
embed.tawk.to/_s/v4/app/60b739727c0/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
twk-app.js
embed.tawk.to/_s/v4/app/60b739727c0/js/ |
151 B 526 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-settings
va.tawk.to/v1/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fr.js
embed.tawk.to/_s/v4/app/60b739727c0/languages/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| Vue function| $ function| jQuery object| __core-js_shared__ object| iview object| VueMask function| axios object| locIp string| iPfull function| io function| UIkit object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
compte-application-credit-agricole-procompte.ce51926.tmweb.ru
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
keys0.openode.io
redirections.fabrikfabrik.de
tinyurl.com
va.tawk.to
www.ca-atlantique-vendee.fr
www.credit-agricole.fr
www.tinyurl.com
158.191.172.47
158.191.172.78
161.35.253.229
195.30.84.210
2606:4700:10::6814:8a41
2606:4700:10::6816:1983
2606:4700::6810:135e
2a00:1450:4001:803::200a
2a00:1450:4001:80f::2016
2a00:1450:4001:829::2003
2a04:4e42:3::485
92.53.96.150
01b48dfa84ce6e9590922333e7287272a6ce9aaaac68ae2ced239996e1ae7efb
03b5861a76d3d1fd0e6075905645aa5fa1907591d90e2f08b1b0ffbbe1506957
03da25fe333dd18f2d82ea466b3c0365fc0f93bac59033dcc8756ab547e72e62
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1bc29d017961ab6cdab5e37d7f71cf782e64bc2e88c17dee110766ea790e2d6b
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
27471e9346191e2bcd2f165a4451c997438bb17023b7d06abf1f582513168339
3ac3b112dc416b89d12b505290f307073b16defab4c143a539d58c07d2a83f7c
41504dd284fbe148690ad128e0aa3e937b0da3eca4245041b4676ec35dd5f6fc
4a7132c2d8faa2636f5e10c861307f3f0579b97ec85508195eb8a09811cb2a3b
51ae4877f6d16c8f9c99b873edf4f6d2f87f672002371a1deaa9905b11d0fb04
53f910544f18f6a58636de3b52810cc58ee094599fd151b4de7d5255bb402c54
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5e377ae95a219f11b2597a3ab7b8f2e897696b831aa5b8561a0cd135cb279f36
5e67516d3adeff746e961624fdc38150ca5895a029d91a68fece79eaed0e20a9
6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
83b846062d17ba9d66d526b5d17a34f51e9879f058eb3a702ff2e8bd8b2e9a21
89711b78ea0ccd075683e15b73d78dad4dc9cfa134f231e801b173a241ad9c46
8b188ade180261a2ce97701a31f4c94ad1516cef80226594b10ef95c88736511
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
a9848415b4aae656aa039ecf358e3e2de2e9e585c2c87853f9fa73ec645b6685
a99c9a6303b8489c54a015f753b614bbceddb4c7a9f1516f32b39cf79653562f
aace69d01152a92bebb2d0713ef7b1fb3772af373219d1cd78d9808ab3b6cdcd
c2b9b39addf8080409dc28611be64764d8705530eb94b1a12c04bbb656e07d93
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
c509fff6e6bce546c6c9124c9757969555249a8b73e5615e7d19a6ac5307435a
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
c9b546ee0e1cb8fe8402bf3418edcf187d0a7bb8f797205cd34100d3489b7b52
cd770fd2df4b00a3268bc0eb69651a149575aaf1a4c3581810705b7fe22c1d2a
dedb5d04e2c87b78daff04491209d864d8c87e073a8a651be6d3c2a0024b4e02
e3578d7ffa0db786b21d6986546759976a82764baada977547d38ef918b791f4
fbc38063a68dacae3f154fed7a19ba7d9d809b5aab87a6dcd052c34aaf50912a