![](/screenshots/1890669b-d16e-4241-afcb-29875f440207.png)
a383njs.glitch.me
Open in
urlscan Pro
54.144.28.217
Malicious Activity!
Public Scan
Effective URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu
Submission Tags: falconsandbox
Submission: On July 28 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.
This is the only time a383njs.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 54.144.28.217 54.144.28.217 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2606:4700::68... 2606:4700::6810:5614 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 23.227.60.200 23.227.60.200 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3030::6815:3a7d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 12 | 129.123.54.211 129.123.54.211 | 26046 (USU-EDU) (USU-EDU) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:80b::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | () () | |
1 | 2606:4700::68... 2606:4700::6812:1634 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2008 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:810::2003 | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200e | () () | |
2 | 2606:4700:e2:... 2606:4700:e2::ac40:8209 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:830::200e | () () | |
36 | 15 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-28-217.compute-1.amazonaws.com
x536hv.glitch.me | |
a383njs.glitch.me |
ASN26046 (USU-EDU, US)
PTR: web35.it.usu.edu
usu.edu | |
www.usu.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
usu.edu
1 redirects
usu.edu — Cisco Umbrella Rank: 178086 www.usu.edu |
409 KB |
3 |
fontawesome.com
kit.fontawesome.com ka-f.fontawesome.com |
435 KB |
3 |
gstatic.com
t1.gstatic.com fonts.gstatic.com |
33 KB |
3 |
glitch.me
x536hv.glitch.me a383njs.glitch.me |
96 KB |
2 |
youtube.com
www.youtube.com |
65 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
140 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
32 KB |
2 |
icongr.am
icongr.am — Cisco Umbrella Rank: 465406 |
1 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 372 |
55 KB |
1 |
google-analytics.com
www.google-analytics.com |
21 KB |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 3 |
285 B |
1 |
shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2255 |
11 KB |
36 | 12 |
Domain | Requested by | |
---|---|---|
11 | www.usu.edu |
cdn.jsdelivr.net
www.usu.edu |
2 | www.youtube.com |
www.usu.edu
www.youtube.com |
2 | ka-f.fontawesome.com |
kit.fontawesome.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.googletagmanager.com |
www.usu.edu
www.googletagmanager.com |
2 | icongr.am |
a383njs.glitch.me
|
2 | cdn.jsdelivr.net |
a383njs.glitch.me
www.usu.edu |
2 | x536hv.glitch.me |
x536hv.glitch.me
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | kit.fontawesome.com |
www.usu.edu
|
1 | ajax.googleapis.com |
www.usu.edu
|
1 | fonts.googleapis.com |
www.usu.edu
|
1 | t1.gstatic.com |
a383njs.glitch.me
|
1 | www.google.com | 1 redirects |
1 | usu.edu | 1 redirects |
1 | cdn.shopify.com |
a383njs.glitch.me
|
1 | a383njs.glitch.me |
x536hv.glitch.me
|
36 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-02-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
cdn.shopify.com R3 |
2023-07-13 - 2023-10-11 |
3 months | crt.sh |
web21.usu.edu InCommon RSA Server CA |
2023-03-02 - 2024-03-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
ka-f.fontawesome.com GTS CA 1P5 |
2023-07-13 - 2023-10-11 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu
Frame ID: FDDE09C6E43F52F1ECBC2FA54DCC3E9D
Requests: 8 HTTP requests in this frame
Frame:
https://www.usu.edu/
Frame ID: 18718A6489453CAE8689F1AD3F57FE9F
Requests: 28 HTTP requests in this frame
Screenshot
![](/screenshots/1890669b-d16e-4241-afcb-29875f440207.png)
Page Title
Webmail Login Portal -USUPage URL History Show full URLs
- https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu Page URL
- https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu Page URL
Detected technologies
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu Page URL
- https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://usu.edu/ HTTP 301
- https://www.usu.edu/
- https://www.google.com/s2/favicons?domain=usu.edu HTTP 301
- https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://usu.edu&size=16
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
x536hv.glitch.me/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
x536hv.glitch.me/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
2pz679z.html
a383njs.glitch.me/ |
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.6.4/dist/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AVG-Anti-Virus-2016-and-Internet-Security-2016-Free-Download-With-Genuine-License-Key-Code_508cb132-b02f-4c26-935a-8b44bdf57c73_grande.jpg
cdn.shopify.com/s/files/1/1647/4517/products/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.svg
icongr.am/feather/ |
299 B 687 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.svg
icongr.am/feather/ |
309 B 507 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.usu.edu/ Frame 1871 Redirect Chain
|
56 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faviconV2
t1.gstatic.com/ Redirect Chain
|
766 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.usu.edu/assets/bs4/css/ Frame 1871 |
141 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.usu.edu/assets/bs4/css/ Frame 1871 |
72 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utah-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
USU_Best_College_Town.jpg
www.usu.edu/modules/images/banners/1600/ Frame 1871 |
308 KB 308 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logan-campus-view-1600.jpg
www.usu.edu/about/images/ Frame 1871 |
67 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 1871 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modular.css
www.usu.edu/assets/bs4/css/ Frame 1871 |
40 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 1871 |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.min-2.29.3.js
www.usu.edu/assets/bs4/lib/moment/ Frame 1871 |
58 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ Frame 1871 |
81 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.min.js
www.usu.edu/assets/bs4/lib/lazysizes/ Frame 1871 |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60ddd04f2e.js
kit.fontawesome.com/ Frame 1871 |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.1.2.js
www.usu.edu/assets/bs4/js/ Frame 1871 |
58 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame 1871 |
154 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
u-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
utah-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 1871 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 1871 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
header.m4v
www.usu.edu/impact/assets/ Frame 1871 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
blur.png
www.usu.edu/assets/bs4/images/ Frame 1871 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 1871 |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 1871 |
240 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.js
ka-f.fontawesome.com/releases/v5.15.4/js/ Frame 1871 |
14 KB 5 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.js
ka-f.fontawesome.com/releases/v5.15.4/js/ Frame 1871 |
1 MB 426 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ Frame 1871 |
1006 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/0e6aaa83/www-widgetapi.vflset/ Frame 1871 |
203 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.usu.edu
- URL
- https://www.usu.edu/assets/bs4/images/logos/u-state-logo.svg
- Domain
- www.usu.edu
- URL
- https://www.usu.edu/assets/bs4/images/logos/utah-state-logo.svg
- Domain
- www.usu.edu
- URL
- https://www.usu.edu/impact/assets/header.m4v
- Domain
- www.usu.edu
- URL
- https://www.usu.edu/assets/bs4/images/blur.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| h object| a object| j function| m object| k number| g number| f string| c string| b function| n function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a383njs.glitch.me
ajax.googleapis.com
cdn.jsdelivr.net
cdn.shopify.com
fonts.googleapis.com
fonts.gstatic.com
icongr.am
ka-f.fontawesome.com
kit.fontawesome.com
t1.gstatic.com
usu.edu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.usu.edu
www.youtube.com
x536hv.glitch.me
www.usu.edu
129.123.54.211
23.227.60.200
2606:4700:3030::6815:3a7d
2606:4700::6810:5614
2606:4700::6812:1634
2606:4700:e2::ac40:8209
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
54.144.28.217
0061be178b2730291a7f6416f3604682abc160dc5e7dff1863ca67a09bb05b84
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
1ed41c62d07829467b5c7f64f6b3611e02dfea9e154f245739a1d6b9d8d3f46f
25de09ccfa2c8dd064ea6eafd956c5bfc6ad228f0808efc5520377b57b491f0e
25edb563157e940ff917e2b904379ca01aa3820092695325651807bf93f046d3
268dfc219eb739eb3d3f8363d269ffee614c86413d4815cfa26d3e31d1e658ec
2b81272a700492a8e0a3d24ef9a53640739414e182af7e62a8ebc0e1027dc631
3bb0df3866f1cf214a21c39e85528c8584aca1257b6c933c60f18c80697f1135
550b2edb27bbe4bb79b74b464f26770dabec71527c4508676f67ec1ca981bef6
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
798df0b103bfe05fe2905145f525381b1f87c88afd3625fed698187c627082cf
80ffef6cdf89fad7f3c96274bd0fe21f80371cb2524270cdcd9a3eb83ca39242
8ec3c3a0eda54b46cae82aabbca946e398a63d76e9cecd03e0de6bf2d85db7a4
94d9591f94bc5400e8e39207d499292bc31d41007a32c60b22328ad610645113
95b2862c528501dfd59340092c5708e98d0e7c4d61bc7ecbd3e93081595dbe16
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aa86f69ce9347b3e57d75b59267733c91edd31e175305d37f0f55c2633bb5a07
c05f608bd1c8a590c75dd3f37e92d799bafc2e081f650e46a0507544f37b27da
d58e5d35d04de706f712d29658bb96e12b3678d84ff558dcc22500b8af873983
dc30e71a78861bd29b058e17bae54528703914ccdb7b258b30f5c0e52baa10c5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df113ba9db510a35d55a35ef117e2ff25974959d04279bf9799842f2e0efea72
e041f24fd5089bcac4578d8ebfca2f0e0ec914b71135ac2beb739e0480b5ea57
e2d7e7b94c41b26d6f298b697929ab490fa022b5011c509533a11d3b0261be4b
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ec1217100dbf844f59e6cd80e46fae7878a2a853c625e847742bb6a9c031bf80
f34dc8c357ce39d01db9550ee695bd1f60135d0ad849e4509bf1868d4bf17e7d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d