su.gov.mn
Open in
urlscan Pro
103.87.69.136
Malicious Activity!
Public Scan
Submission: On December 20 via api from NL — Scanned from IT
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 4th 2023. Valid for: 3 months.
This is the only time su.gov.mn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aruba (Online)Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-81.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com |
ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-182-232.eu-west-1.compute.amazonaws.com
w.usabilla.com |
ASN15169 (GOOGLE, US)
region1.analytics.google.com | |
region1.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-227-211-28.ams54.r.cloudfront.net
d6tizftlrpuof.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
45 |
su.gov.mn
1 redirects
su.gov.mn |
669 KB |
10 |
cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4340 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4841 |
40 KB |
5 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199 |
101 KB |
2 |
cloudfront.net
d6tizftlrpuof.cloudfront.net |
10 KB |
2 |
usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 4494 |
21 KB |
2 |
gstatic.com
fonts.gstatic.com |
28 KB |
2 |
aruba.it
wa.aruba.it — Cisco Umbrella Rank: 849638 Failed |
22 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
160 KB |
1 |
google-analytics.com
region1.google-analytics.com |
54 B |
1 |
google.it
www.google.it — Cisco Umbrella Rank: 24562 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75 |
250 B |
1 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693 |
250 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
734 B |
1 |
serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2632 |
495 B |
87 | 14 |
Domain | Requested by | |
---|---|---|
45 | su.gov.mn |
1 redirects
su.gov.mn
|
7 | consentcdn.cookiebot.com |
su.gov.mn
consent.cookiebot.com |
5 | script.crazyegg.com |
su.gov.mn
script.crazyegg.com |
3 | consent.cookiebot.com |
su.gov.mn
consent.cookiebot.com |
2 | d6tizftlrpuof.cloudfront.net |
su.gov.mn
w.usabilla.com |
2 | w.usabilla.com |
su.gov.mn
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | wa.aruba.it |
su.gov.mn
wa.aruba.it |
2 | www.googletagmanager.com |
su.gov.mn
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.google.it |
su.gov.mn
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
su.gov.mn
|
1 | secure-ds.serving-sys.com |
su.gov.mn
|
87 | 15 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
su.gov.mn cPanel, Inc. Certification Authority |
2023-12-04 - 2024-03-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-09 - 2024-03-08 |
a year | crt.sh |
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-06 - 2024-04-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
secure-ds.serving-sys.com R3 |
2023-11-28 - 2024-02-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-17 - 2024-04-17 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
w.usabilla.com Amazon RSA 2048 M02 |
2023-12-12 - 2025-01-09 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.google.it GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
wa.aruba.it Actalis Organization Validated Server CA G3 |
2023-03-15 - 2024-03-15 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 17 frames:
Primary Page:
https://su.gov.mn/.well-known/aruba/auth/
Frame ID: F3273CAD990B2841252FAC3FC0F2EB55
Requests: 68 HTTP requests in this frame
Frame:
https://su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/saved_resource.html
Frame ID: 9639AB2E0741DC7BEC52D9FCFE338DFE
Requests: 3 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: FEC3BF743768D2B546CACFB80A00C6CB
Requests: 1 HTTP requests in this frame
Frame:
https://w.usabilla.com/7ef2af7441b5.js?lv=1
Frame ID: B19AC9A4BE63F737B5533FDD39ABC4D3
Requests: 1 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 496AE25F8B87F883B18692CF177CD7F9
Requests: 1 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: F96BE4CA062DDC522DFEC8E23E7DE394
Requests: 1 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 537CCAE8F380D8B261110ED88ABCB84C
Requests: 1 HTTP requests in this frame
Frame:
https://su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/saved_resource(1).html
Frame ID: 10171F982B87E2D24A645E264DE63938
Requests: 1 HTTP requests in this frame
Frame:
https://su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/bc-v4.min.html
Frame ID: 245EB9DA225565AE4F7281F9C5EDCDF6
Requests: 1 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 703D688CD956E1819127DBC6ECBCE6D2
Requests: 1 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: F613C1B0201A5CE46771354670597091
Requests: 1 HTTP requests in this frame
Frame:
https://su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/saved_resource(2).html
Frame ID: 5A1D0B626FD42A4DDA4FB2180055C6B8
Requests: 2 HTTP requests in this frame
Frame:
https://su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/saved_resource(3).html
Frame ID: E1CC70A6A009107C6B8E18726BF49D65
Requests: 1 HTTP requests in this frame
Frame:
https://su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/saved_resource(4).html
Frame ID: 87F24FE0F7C181C7F2B9E08D1D19CE84
Requests: 1 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: C1742DBD2BFED2C7DD79AF6924EA800D
Requests: 1 HTTP requests in this frame
Frame:
https://d6tizftlrpuof.cloudfront.net/themes/production/aruba-italy-button-893ab594803d182f13c4211cf27ab17a.png
Frame ID: 49EBEE4DB9364AE5BC086155583A935C
Requests: 1 HTTP requests in this frame
Frame:
https://d6tizftlrpuof.cloudfront.net/themes/production/aruba-italy-button-893ab594803d182f13c4211cf27ab17a.png
Frame ID: C62BD88BCCB987A3BBFF4D2E5920E8B9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Servizio Hosting - Aruba.itPage URL History Show full URLs
-
https://su.gov.mn/.well-known/aruba/auth
HTTP 301
https://su.gov.mn/.well-known/aruba/auth/ Page URL
Detected technologies
Cookiebot (Cookie compliance) ExpandDetected patterns
- consent\.cookiebot\.com
Crazy Egg (Analytics) Expand
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Matomo Analytics (Analytics) Expand
Detected patterns
- piwik\.js|piwik\.php
Sizmek (Advertising Networks) Expand
Detected patterns
- serving-sys\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: spagnolo
Search URL Search Domain Scan URL
Title: casa
Search URL Search Domain Scan URL
Title: webmail
Search URL Search Domain Scan URL
Title: rinnovi
Search URL Search Domain Scan URL
Title: pagamenti
Search URL Search Domain Scan URL
Title: area clienti
Search URL Search Domain Scan URL
Title: Supporto 24 ore su 24, 7 giorni su 7
Search URL Search Domain Scan URL
Title: Hai dimenticato il tuo nome utente?
Search URL Search Domain Scan URL
Title: Hai dimenticato la tua password?
Search URL Search Domain Scan URL
Title: Crea il tuo account Aruba Creare un account
Search URL Search Domain Scan URL
Title: Gestire il database MySQL
Search URL Search Domain Scan URL
Title: Gestire il database MSSQL
Search URL Search Domain Scan URL
Title: Pannello di controllo
Search URL Search Domain Scan URL
Title: Politica sui cookie
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://su.gov.mn/.well-known/aruba/auth
HTTP 301
https://su.gov.mn/.well-known/aruba/auth/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
87 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
su.gov.mn/.well-known/aruba/auth/ Redirect Chain
|
70 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
110 KB 110 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top.css
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
219d370add706cffcc1a4f80ada0a455.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ |
137 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uc.js
consent.cookiebot.com/ |
108 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc.js
consent.cookiebot.com/834827f4-da0e-4a10-ae49-68948ce81a7a/ |
381 B 605 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
207 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
276 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb6b2c9922f0fc0cfc17e642c41aafa6.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d9b6b28e3d84db3e4c966a5cf73af402.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
219d370add706cffcc1a4f80ada0a455.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4408.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
piwik.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
state.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
276 KB 276 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uc.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate-3.1.0.min.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.13.2.min.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top.min.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4408.js
script.crazyegg.com/pages/scripts/0060/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
wa.aruba.it/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4408.js
script.crazyegg.com/pages/scripts/0060/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
wa.aruba.it/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4408.js
script.crazyegg.com/pages/scripts/0060/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
wa.aruba.it/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4408.js
script.crazyegg.com/pages/scripts/0060/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
wa.aruba.it/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4408.js
script.crazyegg.com/pages/scripts/0060/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
wa.aruba.it/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
4408.js
script.crazyegg.com/pages/scripts/0060/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
wa.aruba.it/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m=el_main_css
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
22 KB 22 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PasswordScaduta_Include.css
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
areautenti.css
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
digital-assistant.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adServer.bs
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
11 KB 11 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
versionsFR.js
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ |
213 B 495 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
areaclienti-EN-no-promo_67430145580878486.jpg
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ebStdBannerEx.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
URLUtil.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
x_icon.png
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
219 B 461 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info-information-circle.svg
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
822 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eye-show.svg
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eye-hide.svg
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkPwd.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_separatore_5_5.gif
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
45 B 286 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.blockUi.2.7.min.js.t
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
32 B 239 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.gif
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
35 B 276 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
24px.svg
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 734 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame 9639 |
398 B 640 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame FEC3 |
627 B 811 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-user.png
su.gov.mn/image_top/ |
32 B 32 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-headset.png
su.gov.mn/image_top/ |
32 B 32 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7ef2af7441b5.js
w.usabilla.com/ Frame B19A |
35 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 496A |
627 B 811 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc.js
consent.cookiebot.com/834827f4-da0e-4a10-ae49-68948ce81a7a/ |
365 B 588 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d3349b0179ab.js.t%C3%A9l%C3%A9chargement
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame 9639 |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame F96B |
627 B 811 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 537C |
627 B 811 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame 1017 |
149 B 391 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bc-v4.min.html
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame 245E |
797 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 703D |
627 B 811 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.it/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame F613 |
627 B 810 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
piwik.js
wa.aruba.it/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(2).html
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame 5A1D |
631 B 873 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(3).html
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame E1CC |
149 B 391 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(4).html
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame 87F2 |
149 B 391 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame C174 |
627 B 810 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4408.js
script.crazyegg.com/pages/scripts/0060/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d3349b0179ab.js
w.usabilla.com/ Frame 9639 |
35 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
su.gov.mn.json
script.crazyegg.com/pages/data-scripts/0060/4408/site/ |
65 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aruba-italy-button-893ab594803d182f13c4211cf27ab17a.png
su.gov.mn/.well-known/aruba/auth/Servizio%20Hosting%20-%20Aruba.it_files/ Frame 5A1D |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
piwik.php
wa.aruba.it/ |
0 253 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
470d23904020258879cef09100c24692.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ |
138 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
su.gov.mn.json
script.crazyegg.com/pages/data-scripts/0060/4408/sampling/ |
2 KB 471 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aruba-italy-button-893ab594803d182f13c4211cf27ab17a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 49EB |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aruba-italy-button-893ab594803d182f13c4211cf27ab17a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame C62B |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- script.crazyegg.com
- URL
- http://script.crazyegg.com/pages/scripts/0060/4408.js
- Domain
- wa.aruba.it
- URL
- http://wa.aruba.it/piwik.js
- Domain
- script.crazyegg.com
- URL
- http://script.crazyegg.com/pages/scripts/0060/4408.js
- Domain
- wa.aruba.it
- URL
- http://wa.aruba.it/piwik.js
- Domain
- script.crazyegg.com
- URL
- http://script.crazyegg.com/pages/scripts/0060/4408.js
- Domain
- wa.aruba.it
- URL
- http://wa.aruba.it/piwik.js
- Domain
- script.crazyegg.com
- URL
- http://script.crazyegg.com/pages/scripts/0060/4408.js
- Domain
- wa.aruba.it
- URL
- http://wa.aruba.it/piwik.js
- Domain
- script.crazyegg.com
- URL
- http://script.crazyegg.com/pages/scripts/0060/4408.js
- Domain
- wa.aruba.it
- URL
- http://wa.aruba.it/piwik.js
- Domain
- script.crazyegg.com
- URL
- http://script.crazyegg.com/pages/scripts/0060/4408.js
- Domain
- wa.aruba.it
- URL
- http://wa.aruba.it/piwik.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aruba (Online)145 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| documentPictureInPicture object| vp3_startSess function| getCookie object| initialPayload object| dataLayer function| lightningjs function| usabilla_live undefined| showPasswordWeb undefined| closeAlertMsg number| timeBS string| ebPtcl string| ebBigS string| ebResourcePath string| ebNSRP string| sHost number| ebPi number| ebNxt boolean| dmg number| placementId boolean| asc number| ebInStrm function| ebAC function| ebTokens function| ebReport object| a undefined| url object| nav string| ua undefined| standalone function| isGlobalDefined object| x string| templateName object| ebDCAry string| ebDCLoc object| ebVScript function| ebLoadVersions number| ebAdID number| ebPli string| ebTN number| ebDSGID string| ebRand function| ebDecode string| gEbUT object| ebO object| AdConfig_1085817671 object| ebOArr object| szmk boolean| ebAdCS boolean| ebIfrm string| s object| vData object| webpackChunkCE2 object| CE2BH object| CE2 function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| CE_API object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent string| cl_chn string| cookiedomainwarning object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _paq object| thirdPartyScripts boolean| CE_USER_SCRIPT string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.su.gov.mn/ | Name: _ga_0RJXG6ST0G Value: GS1.1.1703077487.1.0.1703077487.60.0.0 |
|
.su.gov.mn/ | Name: _ga Value: GA1.1.1820585242.1703077488 |
|
su.gov.mn/ | Name: _pk_id.7.61b5 Value: efec2c57da1d86f5.1703077488. |
|
su.gov.mn/ | Name: _pk_ses.7.61b5 Value: 1 |
|
.su.gov.mn/ | Name: _ce.irv Value: new |
|
.su.gov.mn/ | Name: cebs Value: 1 |
|
.su.gov.mn/ | Name: _ce.s Value: v~a20cf02524d4389268a9900a317f17e18590a534~lcw~1703077488362~lva~1703077488362~vpv~0~lcw~1703077488362 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
consent.cookiebot.com
consentcdn.cookiebot.com
d6tizftlrpuof.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
secure-ds.serving-sys.com
stats.g.doubleclick.net
su.gov.mn
w.usabilla.com
wa.aruba.it
www.google.it
www.googletagmanager.com
script.crazyegg.com
wa.aruba.it
103.87.69.136
13.227.211.28
2001:4860:4802:34::36
23.50.131.81
2606:4700::6813:9308
2a00:1450:4001:803::2003
2a00:1450:4001:808::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:400c:c06::9d
2a02:26f0:3500:18::1724:a29a
2a02:26f0:480:594::f09
54.74.182.232
62.149.188.146
035982c9f2598255d8cf1137c8fd047a5ff3f41932309d0837f60e394b94e3ca
098d0c70f5c83c0b2b02a8b518ebd62560ec999794b3112f79725f193783bba3
0997aa0c7b45dc9d9953c7e18fd302b6d5ac6ccb0c71b5dfed125c3730aedd18
1913e8b5c7c8809e00b132225ec004f313c4b6f3a7fba4f46e5488fe5704c61e
245bfd3a9e8b4179857c4a8ab6a6f950f845ca9a2e9b6d056d7ebfdc98fb90da
27a9a24907f8907c98afcf081684fe8fe95f3381ef49ff0d56c9e8e1eb525b6f
307b220aa73890fb08c1e7f9d033a72238d33f10a9bd6a8de48d355ed3d138cf
31a5d6e49f67c63b69a3bd8fab62dcaa3c40e4784771cf527fe1d91ebf09a454
38daa2fd35f157c4c191575e306422f86778c3b451ea9892b50b4d830e01fce3
3939d7fdbfeb2a03125d63ab20228359d07465c5dd57fbfb1e0d940e348cdeb8
451a93d6c121250f0a7e557b733122492c707100304223705133b61a785ea63f
524be6dbf5db8c40690c775afb6513d574c4be6f2a55e9a29a36091f8f8e497e
57e650fd60ff2fa5a5934920a7bd7771de50539466fb768bb4c89625ca53e3e6
6676b05ef9626756989d9dbc09608830af666a330ad1bfa12438b9775330c474
69f0df58005b6eeb547392fa9a90bf35e0c46f7b3055c517cfdaac9b8a47da3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c46bf722fb11c3066171661ece073b58b6ea6c16b00a9d3cc162a6f215b57f1
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7344538f29cd2a467d006870ab159a2eb68947df1a53df462d60f37dbd13aa72
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
75aecb2c8ec7aec8d573e5b7b64b6b8755b6220823d99b3a7159782abdcf8c90
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
926938a2f941f2dddafeba5416c718abcb1fca6fb19f72c7ad7d2e1f45413a63
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
9f7e768effc5b83650945a3e6c5cfd0b4a9fc3f19e460f20482ca58f02d797d7
aa55d454988233c7965db9c607ded0e755020d06e59c52b9362e143e5d6d686b
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b7fd66e7218e3267d3968a3648c882f33ea39d19d94fc64541efe76fd6385e3d
c0acdbe12914924a2e21fc9ef0c81a8e86deb6af3f6d20cb3baa4aad77bf2c3d
cd49d47183e736e1b3a02e92e72e352b631dc63c56b9cfcbe68a393035188256
d3070a466b840b215ed8bd56484b78317b2e1316caed633bc139af0b8d9170aa
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d6be23b259840017501d181a204104e4920dd08b438e1cdce9f42b05674675b8
d8635906bc089d8bed2ed52e437ba301f1c4311853bb2654e8c02ffe27b5adad
d9ad9ccafbc7696d83a75b36483dc07f3a1465c7d4443047f7d2803045435dcd
e0fc6f98765e585b53a14c4779a80a1336479cf89c04d3aa72bb87ebde15acf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47ff2546ed336aa800b3e749123a0b4d4a1aac6f2219486a04e25597fe4cca5
ea8102aa48e148730886e2055561e40c78f1203291fe59c49cb8ae557fc9291f
edbef6eda92139f7c82642936cbc4b6aa7d5b4ba514acff3334c13ba494d03d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1445e5d6ac3854dcd119ba83155ad53c99fe59a126f4d31bcb4bca7ec85f5ec
f3950a0095e23d53c987e8b87e6a0e19fb4ddf366d17955485d7bc3a0dd31171
ff0bf23543a1ac6a0a99f6952aff92c020e327de60249ce98e469a1891ab8025