3y53p8g.glitch.me
Open in
urlscan Pro
3.210.215.181
Malicious Activity!
Public Scan
Effective URL: https://3y53p8g.glitch.me/2pz679z.html?e=digitalcommons%40usu.edu
Submission Tags: falconsandbox
Submission: On August 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.
This is the only time 3y53p8g.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 3.210.215.181 3.210.215.181 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 23.227.60.200 23.227.60.200 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3036::ac43:cc0b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 17 | 129.123.54.211 129.123.54.211 | 26046 (USU-EDU) (USU-EDU) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:801::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | () () | |
1 | 2606:4700::68... 2606:4700::6812:1734 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2008 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2003 | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200e | () () | |
2 | 2606:4700:e2:... 2606:4700:e2::ac40:8309 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::200e | () () | |
37 | 14 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-215-181.compute-1.amazonaws.com
x536hv.glitch.me | |
3y53p8g.glitch.me |
ASN26046 (USU-EDU, US)
PTR: web35.it.usu.edu
usu.edu | |
www.usu.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
usu.edu
1 redirects
usu.edu — Cisco Umbrella Rank: 133892 www.usu.edu |
901 KB |
3 |
fontawesome.com
kit.fontawesome.com ka-f.fontawesome.com |
435 KB |
3 |
gstatic.com
t2.gstatic.com fonts.gstatic.com |
33 KB |
3 |
glitch.me
x536hv.glitch.me 3y53p8g.glitch.me |
96 KB |
2 |
youtube.com
www.youtube.com |
67 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
154 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
32 KB |
2 |
icongr.am
icongr.am — Cisco Umbrella Rank: 907980 |
1 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374 |
55 KB |
1 |
google-analytics.com
www.google-analytics.com |
21 KB |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 3 |
285 B |
1 |
shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2411 |
11 KB |
37 | 12 |
Domain | Requested by | |
---|---|---|
16 | www.usu.edu |
cdn.jsdelivr.net
www.usu.edu |
2 | www.youtube.com |
www.usu.edu
www.youtube.com |
2 | ka-f.fontawesome.com |
kit.fontawesome.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.googletagmanager.com |
www.usu.edu
www.googletagmanager.com |
2 | icongr.am |
3y53p8g.glitch.me
|
2 | cdn.jsdelivr.net |
3y53p8g.glitch.me
www.usu.edu |
2 | x536hv.glitch.me |
x536hv.glitch.me
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | kit.fontawesome.com |
www.usu.edu
|
1 | ajax.googleapis.com |
www.usu.edu
|
1 | fonts.googleapis.com |
www.usu.edu
|
1 | t2.gstatic.com | |
1 | www.google.com | 1 redirects |
1 | usu.edu | 1 redirects |
1 | cdn.shopify.com |
3y53p8g.glitch.me
|
1 | 3y53p8g.glitch.me |
x536hv.glitch.me
|
37 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-02-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
cdn.shopify.com R3 |
2023-07-13 - 2023-10-11 |
3 months | crt.sh |
web21.usu.edu InCommon RSA Server CA |
2023-03-02 - 2024-03-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
ka-f.fontawesome.com GTS CA 1P5 |
2023-07-13 - 2023-10-11 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://3y53p8g.glitch.me/2pz679z.html?e=digitalcommons%40usu.edu
Frame ID: 636E97C41CBB8255253A2F23B1DE26E1
Requests: 8 HTTP requests in this frame
Frame:
https://www.usu.edu/
Frame ID: 868DE57868967FDCBFD90CA45F3EBABD
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Webmail Login Portal -USUPage URL History Show full URLs
- https://x536hv.glitch.me/?e=digitalcommons%40usu.edu Page URL
- https://3y53p8g.glitch.me/2pz679z.html?e=digitalcommons%40usu.edu Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://x536hv.glitch.me/?e=digitalcommons%40usu.edu Page URL
- https://3y53p8g.glitch.me/2pz679z.html?e=digitalcommons%40usu.edu Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://usu.edu/ HTTP 301
- https://www.usu.edu/
- https://www.google.com/s2/favicons?domain=usu.edu HTTP 301
- https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://usu.edu&size=16
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
x536hv.glitch.me/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
x536hv.glitch.me/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
2pz679z.html
3y53p8g.glitch.me/ |
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.6.4/dist/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AVG-Anti-Virus-2016-and-Internet-Security-2016-Free-Download-With-Genuine-License-Key-Code_508cb132-b02f-4c26-935a-8b44bdf57c73_grande.jpg
cdn.shopify.com/s/files/1/1647/4517/products/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.svg
icongr.am/feather/ |
299 B 503 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.svg
icongr.am/feather/ |
309 B 684 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.usu.edu/ Frame 868D Redirect Chain
|
56 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faviconV2
t2.gstatic.com/ Redirect Chain
|
766 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.usu.edu/assets/bs4/css/ Frame 868D |
141 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.usu.edu/assets/bs4/css/ Frame 868D |
72 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 868D |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utah-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 868D |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
USU_Best_College_Town.jpg
www.usu.edu/modules/images/banners/1600/ Frame 868D |
308 KB 308 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logan-campus-view-1600.jpg
www.usu.edu/about/images/ Frame 868D |
292 KB 293 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 868D |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modular.css
www.usu.edu/assets/bs4/css/ Frame 868D |
40 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 868D |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.min-2.29.3.js
www.usu.edu/assets/bs4/lib/moment/ Frame 868D |
58 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ Frame 868D |
81 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.min.js
www.usu.edu/assets/bs4/lib/lazysizes/ Frame 868D |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60ddd04f2e.js
kit.fontawesome.com/ Frame 868D |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.1.2.js
www.usu.edu/assets/bs4/js/ Frame 868D |
58 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame 868D |
195 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 868D |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 868D |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.m4v
www.usu.edu/impact/assets/ Frame 868D |
720 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 868D |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 868D |
243 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blur.png
www.usu.edu/assets/bs4/images/ Frame 868D |
931 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.js
ka-f.fontawesome.com/releases/v5.15.4/js/ Frame 868D |
14 KB 5 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.js
ka-f.fontawesome.com/releases/v5.15.4/js/ Frame 868D |
1 MB 426 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ Frame 868D |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/da7c2a60/www-widgetapi.vflset/ Frame 868D |
209 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.m4v
www.usu.edu/impact/assets/ Frame 868D |
30 KB 31 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usu-students.jpg
www.usu.edu/modules/images/grid/ Frame 868D |
162 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.m4v
www.usu.edu/impact/assets/ Frame 868D |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture string| h object| a object| j function| m object| k number| g number| f string| c string| b function| n function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3y53p8g.glitch.me
ajax.googleapis.com
cdn.jsdelivr.net
cdn.shopify.com
fonts.googleapis.com
fonts.gstatic.com
icongr.am
ka-f.fontawesome.com
kit.fontawesome.com
t2.gstatic.com
usu.edu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.usu.edu
www.youtube.com
x536hv.glitch.me
129.123.54.211
23.227.60.200
2606:4700:3036::ac43:cc0b
2606:4700::6810:5714
2606:4700::6812:1734
2606:4700:e2::ac40:8309
2a00:1450:4001:801::2004
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
3.210.215.181
0061be178b2730291a7f6416f3604682abc160dc5e7dff1863ca67a09bb05b84
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
25de09ccfa2c8dd064ea6eafd956c5bfc6ad228f0808efc5520377b57b491f0e
3539253db446e8404bb12d0875a63681ea947f18ff7f0c5b3cb8c74fb7a0c7b8
35698031bacc0c65171925d2f07572d7297dbc624db883575523f2d689be47e0
3bb0df3866f1cf214a21c39e85528c8584aca1257b6c933c60f18c80697f1135
4c47bf569aa0a8063905c12120b743829ade295c4caf9f4bbd28316fb2d5d6d9
53c4236711f6fba47299bc3bede5a5eb89c53646a1ae4c3e1bd1eccb7bf75e0a
550b2edb27bbe4bb79b74b464f26770dabec71527c4508676f67ec1ca981bef6
5bb324b2f3f171314ed9515935c118e5e397ecce35e1f29ab066f325d5445f20
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
798df0b103bfe05fe2905145f525381b1f87c88afd3625fed698187c627082cf
7ba4f97a92199fb7aeecacc916d01ad40a41a848b5baa0e806f08da6ed839449
80ffef6cdf89fad7f3c96274bd0fe21f80371cb2524270cdcd9a3eb83ca39242
841cb186695fd6770ae03515ff901c36229fef18250440487964fd89030d257f
8ec3c3a0eda54b46cae82aabbca946e398a63d76e9cecd03e0de6bf2d85db7a4
94d9591f94bc5400e8e39207d499292bc31d41007a32c60b22328ad610645113
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aa86f69ce9347b3e57d75b59267733c91edd31e175305d37f0f55c2633bb5a07
bd08e1bffc1ac717c749d94e5abd80a30950f04deadafb34ae4d6facc0171491
c05f608bd1c8a590c75dd3f37e92d799bafc2e081f650e46a0507544f37b27da
d58e5d35d04de706f712d29658bb96e12b3678d84ff558dcc22500b8af873983
dc30e71a78861bd29b058e17bae54528703914ccdb7b258b30f5c0e52baa10c5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df113ba9db510a35d55a35ef117e2ff25974959d04279bf9799842f2e0efea72
e041f24fd5089bcac4578d8ebfca2f0e0ec914b71135ac2beb739e0480b5ea57
e0f99e041891ac0bb96ad721fee115b8fb9d00cff0a956c22ec3a2e5780c5f82
e2d7e7b94c41b26d6f298b697929ab490fa022b5011c509533a11d3b0261be4b
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ec1217100dbf844f59e6cd80e46fae7878a2a853c625e847742bb6a9c031bf80
ecb763c2b989f14573c40f063cab3aa2419312874d16327a0dee835a319e60d0
eedcd01f627a75bf41806af1c6872f79d5d0f3007e06371a4b18d1573b82d02c
f34dc8c357ce39d01db9550ee695bd1f60135d0ad849e4509bf1868d4bf17e7d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d