www.mistimbas.com
Open in
urlscan Pro
92.204.68.53
Malicious Activity!
Public Scan
Submitted URL: http://www.mistimbas.com/errors/myemail?entity=1073444
Effective URL: http://www.mistimbas.com/errors/myemail/zqke892g8nz8ozq4iwxfl2hq.php?rand=13Comcast=1252899642&fid=1&fav=1
Submission: On June 17 via manual from SG — Scanned from FR
Effective URL: http://www.mistimbas.com/errors/myemail/zqke892g8nz8ozq4iwxfl2hq.php?rand=13Comcast=1252899642&fid=1&fav=1
Submission: On June 17 via manual from SG — Scanned from FR
Summary
This website contacted 17 IPs
in 6 countries
across 13 domains to perform 71 HTTP transactions.
The main IP is 92.204.68.53, located in
Strasbourg, France and
belongs to GODADDY-SXB, DE.
The main domain is www.mistimbas.com.
This is the only time www.mistimbas.com was scanned on urlscan.io!
This is the only time www.mistimbas.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Domain & IP information
6
2a02:26f0:3500:591::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
3
138.201.20.103
(Landshut, Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.103.20.201.138.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.103.20.201.138.clients.your-server.de
| ads.revjet.com |
1
2.20.86.213
(Milan, Italy)
ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-213.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-213.deploy.static.akamaitechnologies.com
| z.moatads.com |
5
95.217.106.24
(Helsinki, Finland)
ASN24940 (HETZNER-AS, DE)
PTR: static.24.106.217.95.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.24.106.217.95.clients.your-server.de
| pix.revjet.com |
2
34.253.148.205
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-148-205.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-148-205.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
92.123.194.100
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-100.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-100.deploy.static.akamaitechnologies.com
| fast.comcast.demdex.net |
1
15.236.176.210
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
| serviceo.comcast.net |
2
34.248.142.13
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-142-13.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-142-13.eu-west-1.compute.amazonaws.com
| comcastathena.demdex.net |
1
2a00:1450:4001:809::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
mistimbas.com
2 redirects
www.mistimbas.com |
262 KB |
| 18 |
revjet.com
ads.revjet.com — Cisco Umbrella Rank: 2349 cdn.revjet.com — Cisco Umbrella Rank: 4128 pix.revjet.com — Cisco Umbrella Rank: 3714 |
199 KB |
| 6 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212 fast.comcast.demdex.net comcastathena.demdex.net — Cisco Umbrella Rank: 34701 |
13 KB |
| 6 |
gstatic.com
fonts.gstatic.com |
137 KB |
| 6 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 432 |
66 KB |
| 5 |
xfinity.com
sdx.xfinity.com — Cisco Umbrella Rank: 26489 oascentral.xfinity.com Failed dl.cws.xfinity.com — Cisco Umbrella Rank: 28069 |
81 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67 |
1 KB |
| 1 |
google.fr
www.google.fr — Cisco Umbrella Rank: 12418 |
548 B |
| 1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 9 |
578 B |
| 1 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 |
653 B |
| 1 |
comcast.net
oascentral.comcast.net Failed serviceo.comcast.net — Cisco Umbrella Rank: 296630 |
4 KB |
| 1 |
moatads.com
z.moatads.com — Cisco Umbrella Rank: 413 |
254 B |
| 1 |
criteo.com
rtax.criteo.com — Cisco Umbrella Rank: 23627 |
141 B |
| 71 | 13 |
| Domain | Requested by | |
|---|---|---|
| 24 | www.mistimbas.com |
2 redirects
www.mistimbas.com
|
| 10 | cdn.revjet.com |
www.mistimbas.com
|
| 6 | fonts.gstatic.com |
fonts.googleapis.com
|
| 6 | assets.adobedtm.com |
www.mistimbas.com
|
| 5 | pix.revjet.com |
www.mistimbas.com
|
| 3 | ads.revjet.com |
www.mistimbas.com
|
| 3 | sdx.xfinity.com |
www.mistimbas.com
|
| 2 | comcastathena.demdex.net |
www.mistimbas.com
assets.adobedtm.com |
| 2 | fast.comcast.demdex.net |
assets.adobedtm.com
|
| 2 | dpm.demdex.net |
www.mistimbas.com
|
| 2 | dl.cws.xfinity.com |
www.mistimbas.com
|
| 2 | fonts.googleapis.com |
www.mistimbas.com
|
| 1 | www.google.fr | |
| 1 | www.google.com | 1 redirects |
| 1 | googleads.g.doubleclick.net | 1 redirects |
| 1 | serviceo.comcast.net |
assets.adobedtm.com
|
| 1 | z.moatads.com |
www.mistimbas.com
|
| 1 | rtax.criteo.com |
www.mistimbas.com
|
| 0 | oascentral.comcast.net Failed |
www.mistimbas.com
|
| 0 | oascentral.xfinity.com Failed |
www.mistimbas.com
|
| 71 | 20 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.comcast.net |
| www.surveymonkey.com |
| idm.xfinity.com |
| customer.xfinity.com |
| my.xfinity.com |
| xfinity.comcast.net |
| customer.comcast.com |
| privacy.truste.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.xfinity.comcast.net COMODO RSA Organization Validation Secure Server CA |
2022-04-21 - 2023-04-21 |
a year | crt.sh |
| *.revjet.com Sectigo RSA Domain Validation Secure Server CA |
2022-03-14 - 2023-04-11 |
a year | crt.sh |
| moatads.com DigiCert SHA2 Secure Server CA |
2021-11-27 - 2022-11-29 |
a year | crt.sh |
| s1.wac.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-20 - 2022-12-26 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-05-30 - 2022-08-22 |
3 months | crt.sh |
| *.cws.xfinity.com COMODO RSA Organization Validation Secure Server CA |
2022-04-21 - 2023-04-21 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-05-30 - 2022-08-22 |
3 months | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
http://www.mistimbas.com/errors/myemail/zqke892g8nz8ozq4iwxfl2hq.php?rand=13Comcast=1252899642&fid=1&fav=1
Frame ID: 9C17C18B267F7B294816FA52F10CAEC6
Requests: 45 HTTP requests in this frame
Frame:
https://cdn.revjet.com/~cdn/JS/03/elements-2.7.0.js
Frame ID: D2479CBD5F6F6440485C0A1EABB7E4B9
Requests: 12 HTTP requests in this frame
Frame:
https://cdn.revjet.com/~cdn/JS/03/elements-2.7.0.js
Frame ID: F5FD2C3144A20BC96289B03BF7E2879D
Requests: 11 HTTP requests in this frame
Frame:
http://fast.comcast.demdex.net/dest5.html?d_nsid=undefined
Frame ID: FFF3B6527403962831366F406B098292
Requests: 1 HTTP requests in this frame
Frame:
https://comcastathena.demdex.net/dest5.html?d_nsid=1
Frame ID: B1783D28929F0957E0DE81E0C8A477C5
Requests: 1 HTTP requests in this frame
Frame:
http://fast.comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: C479E799E1F5AC8F1FE5F9545C2AC1D4
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Sign in to XFINITYPage URL History Show full URLs
-
http://www.mistimbas.com/errors/myemail?entity=1073444
HTTP 301
http://www.mistimbas.com/errors/myemail/?entity=1073444 HTTP 302
http://www.mistimbas.com/errors/myemail/zqke892g8nz8ozq4iwxfl2hq.php?rand=13Comcast=1252899642&fid=1&... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
GSAP
(JavaScript frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- TweenMax(?:\.min)?\.js
Lodash
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- lodash.*\.js
Moat
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- moatads\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
URL: http://www.comcast.net/adinformation
Title: Ad Info
Title: Ad Info
Search URL Search Domain Scan URL
URL: https://www.surveymonkey.com/s.aspx?sm=FyNNVDhj_2f2FNc2KVOHQ4eg_3d_3d
Title: Ad Feedback
Title: Ad Feedback
Search URL Search Domain Scan URL
URL: https://idm.xfinity.com/myaccount/lookup?continue=https%3A%2F%2Flogin.comcast.net%2Flogin%3FipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3D5df899d8-3031-4a89-89c8-d52680f91c24%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%253Fcid%253Dxfinityconnecttocomcastnet%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: username
Title: username
Search URL Search Domain Scan URL
URL: https://idm.xfinity.com/myaccount/reset?continue=https%3A%2F%2Flogin.comcast.net%2Flogin%3FipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3D5df899d8-3031-4a89-89c8-d52680f91c24%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%253Fcid%253Dxfinityconnecttocomcastnet%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: password
Title: password
Search URL Search Domain Scan URL
URL: https://idm.xfinity.com/myaccount/create-uid?continue=https%3A%2F%2Flogin.comcast.net%2Flogin%3FipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3D5df899d8-3031-4a89-89c8-d52680f91c24%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%253Fcid%253Dxfinityconnecttocomcastnet%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: Create one
Title: Create one
Search URL Search Domain Scan URL
URL: https://customer.xfinity.com/lite
Title: Pay any balance
Title: Pay any balance
Search URL Search Domain Scan URL
URL: http://my.xfinity.com/terms/web/
Title: Terms of Service
Title: Terms of Service
Search URL Search Domain Scan URL
URL: http://xfinity.comcast.net/privacy/
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://xfinity.comcast.net/siteindex/
Title: Site Map
Title: Site Map
Search URL Search Domain Scan URL
URL: https://customer.comcast.com/contact-us/
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://privacy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/validation?rid=bf9d4d6f-2b32-4201-a167-5b55a4451508
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.mistimbas.com/errors/myemail?entity=1073444
HTTP 301
http://www.mistimbas.com/errors/myemail/?entity=1073444 HTTP 302
http://www.mistimbas.com/errors/myemail/zqke892g8nz8ozq4iwxfl2hq.php?rand=13Comcast=1252899642&fid=1&fav=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 68- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0 HTTP 302
- https://www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=1491575937 HTTP 302
- https://www.google.fr/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=1491575937&ipr=y
71 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
zqke892g8nz8ozq4iwxfl2hq.php
www.mistimbas.com/errors/myemail/ Redirect Chain
|
24 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tag4460
www.mistimbas.com/tmp/sys/xxf/ |
57 KB 58 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner.js
www.mistimbas.com/tmp/sys/xxf/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg
www.mistimbas.com/tmp/sys/xxf/ |
19 KB 19 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lodash-slim.js
www.mistimbas.com/tmp/sys/xxf/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracking-aws.js
www.mistimbas.com/tmp/sys/xxf/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracking-DTM.js
www.mistimbas.com/tmp/sys/xxf/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracking.js
www.mistimbas.com/tmp/sys/xxf/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
www.mistimbas.com/tmp/sys/xxf/ |
83 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles-light.css
www.mistimbas.com/tmp/sys/xxf/ |
45 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rta.js
www.mistimbas.com/tmp/sys/xxf/ |
148 B 477 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vm-login-form-ad.js
www.mistimbas.com/tmp/sys/xxf/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
data.json
www.mistimbas.com/tmp/sys/xxf/ |
125 B 422 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1634690195x32.js
www.mistimbas.com/tmp/sys/xxf/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7265716f4c467141696e6741417a4455.gif
www.mistimbas.com/tmp/sys/xxf/ |
43 B 309 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
moatad.js
www.mistimbas.com/tmp/sys/xxf/ |
247 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
u.gif
www.mistimbas.com/tmp/sys/xxf/ |
42 B 308 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event.gif
www.mistimbas.com/tmp/sys/xxf/ |
42 B 308 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
asc.txt
www.mistimbas.com/tmp/sys/xxf/ |
17 B 307 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
seal.png
www.mistimbas.com/tmp/sys/xxf/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.js
www.mistimbas.com/tmp/sys/xxf/ |
92 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts-responsive.js
www.mistimbas.com/tmp/sys/xxf/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-598004c364746d54d6009617.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ |
42 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rta.js
rtax.criteo.com/delivery/rta/ |
0 141 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
XfinityStandard-Regular.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
1452822030@x32
oascentral.xfinity.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/notve/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag4460
ads.revjet.com/ |
29 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg
ads.revjet.com/ |
43 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moatad.js
z.moatads.com/comcastapn56341864860/ |
0 254 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
7265716f4c467141696e6741417a4455
oascentral.comcast.net/RealMedia/ads/adstream_lx.ads/comcast.net/login_secure/notve/L30/1584446540/x32/Comcast/1291647-1_249008_LendingTree_201802_SIG_300x600_NATL/8512223.html/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
elements-2.7.0.js
cdn.revjet.com/~cdn/JS/03/ Frame D247 |
135 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
999
pix.revjet.com/interaction/ Frame D247 |
43 B 170 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ Frame D247 |
2 KB 917 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
TweenMax.min.js
cdn.revjet.com/~cdn/Ads/ad_shared/js/GreenSock/ Frame D247 |
105 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag4460
ads.revjet.com/ |
29 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
XfinityStandard-Medium.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
XfinityStandard-Light.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ |
97 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
dl.cws.xfinity.com/event/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
PUT H2 |
/
dl.cws.xfinity.com/event/ |
110 B 489 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-596fc62264746d0ba500dd83.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ |
130 B 624 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
elements-2.7.0.js
cdn.revjet.com/~cdn/JS/03/ Frame F5FD |
135 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
999
pix.revjet.com/interaction/ Frame F5FD |
43 B 169 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ Frame F5FD |
2 KB 488 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
TweenMax.min.js
cdn.revjet.com/~cdn/Ads/ad_shared/js/GreenSock/ Frame F5FD |
105 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
cdn.revjet.com/s3/csp/1547692912428/ Frame D247 |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shine.png
cdn.revjet.com/s3/csp/1547692912428/ Frame D247 |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame D247 |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame D247 |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
cdn.revjet.com/s3/csp/1547692912428/ Frame F5FD |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shine.png
cdn.revjet.com/s3/csp/1547692912428/ Frame F5FD |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame F5FD |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame F5FD |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-596fa36064746d7e580013b4.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ |
212 B 677 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-5971021b64746d663b00202b.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ |
43 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
222 B 942 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-596fa34764746d6ae001a760.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
fast.comcast.demdex.net/ Frame FFF3 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s77996830226329
serviceo.comcast.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/ |
4 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
event
comcastathena.demdex.net/ |
96 B 934 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lt-generator.xml
cdn.revjet.com/s3/csp/1547594878488/ Frame D247 |
12 KB 2 KB |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame D247 |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lt-generator.xml
cdn.revjet.com/s3/csp/1547594878488/ Frame F5FD |
12 KB 2 KB |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame F5FD |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
comcastathena.demdex.net/ Frame B178 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
fast.comcast.demdex.net/ Frame C479 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.fr/pagead/1p-user-list/1023869955/ Frame C479 Redirect Chain
|
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1004
pix.revjet.com/interaction/ Frame D247 |
43 B 276 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
900
pix.revjet.com/interaction/ Frame D247 |
43 B 276 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1004
pix.revjet.com/interaction/ Frame F5FD |
43 B 276 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- oascentral.xfinity.com
- URL
- http://oascentral.xfinity.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/notve/1452822030@x32?target=normal&_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&undefined&undefined&u=undefined&theme=light&max-size=fullpage
- Domain
- oascentral.comcast.net
- URL
- https://oascentral.comcast.net/RealMedia/ads/adstream_lx.ads/comcast.net/login_secure/notve/L30/1584446540/x32/Comcast/1291647-1_249008_LendingTree_201802_SIG_300x600_NATL/8512223.html/7265716f4c467141696e6741417a4455?_RM_EMPTY_&target=normal&_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&undefined&undefined&u=undefined&theme=light&max-size=fullpage
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)76 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| a function| REVJET_Tag object| revjet function| _ object| _satellite undefined| visitor function| Visitor object| digitalData object| runtimeData object| adInfo boolean| isMobile string| OAS_rns string| OAS_query string| crtg_content object| REVJET_TagObj_1 string| x32adtag string| adtag_x32 object| REVJET_TagObj_2 undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA function| tds function| $ function| jQuery object| login object| shared object| jQuery17047592925329628843 string| upDate string| s_account object| s function| s_doPlugins function| c_rspers function| c_r function| c_w function| s_getLoadTime function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq object| AdobeTeamUtils object| DILComcastA object| _scDilObj function| AppMeasurement_Module_DIL function| AnalyticsPageTrack string| j string| s_tnt string| f0 number| s_loadT object| s_i_comcastdotcomprod16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.mistimbas.com/ | Name: PHPSESSID Value: 37rusvaurigu41tov3ns5f7916 |
|
| .revjet.com/ | Name: ads Value: 444eaae4f6d551ea0fe1b616a5f65b36 |
|
| .mistimbas.com/ | Name: AMCVS_723C39F756ABCD0B7F000101%40AdobeOrg Value: 1 |
|
| .mistimbas.com/ | Name: AMCV_723C39F756ABCD0B7F000101%40AdobeOrg Value: -894706358%7CMCIDTS%7C19161%7CMCMID%7C46881003719317380593625046888189494128%7CMCAAMLH-1656114643%7C6%7CMCAAMB-1656114643%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1655517043s%7CNONE%7CvVersion%7C2.3.0 |
|
| .mistimbas.com/ | Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg Value: 1 |
|
| .mistimbas.com/ | Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg Value: -894706358%7CMCMID%7C46223020500429365313049833510786499770%7CMCAAMLH-1656114643%7C6%7CMCAAMB-1656114643%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1655517043s%7CNONE%7CvVersion%7C2.3.0 |
|
| .mistimbas.com/ | Name: s_pers Value: %20s_lv%3D1655509843092%7C1750117843092%3B%20s_lv_s%3DFirst%2520Visit%7C1655511643092%3B%20gpv_Page%3Dresi%257Cselfservice%257Clogin%257Csign%2520in%7C1655511643102%3B |
|
| .mistimbas.com/ | Name: s_sess Value: %20s_cc%3Dtrue%3B |
|
| .demdex.net/ | Name: demdex Value: 47213340972569921183658109114107879885 |
|
| .mistimbas.com/ | Name: AAMC_comcastathena_1 Value: REGION%7C6 |
|
| .mistimbas.com/ | Name: AAMC_comcast_0 Value: REGION%7C6 |
|
| .mistimbas.com/ | Name: aam_sitecore Value: 2450016%3Dy |
|
| .mistimbas.com/ | Name: fltk Value: segID%3D2450016%2CsegID%3D1662899 |
|
| .mistimbas.com/ | Name: aam_uuid Value: 46431567483981825163033550538565629981 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .revjet.com/ | Name: trx Value: 2206170021655464452 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.revjet.com
assets.adobedtm.com
cdn.revjet.com
comcastathena.demdex.net
dl.cws.xfinity.com
dpm.demdex.net
fast.comcast.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
oascentral.comcast.net
oascentral.xfinity.com
pix.revjet.com
rtax.criteo.com
sdx.xfinity.com
serviceo.comcast.net
www.google.com
www.google.fr
www.mistimbas.com
z.moatads.com
oascentral.comcast.net
oascentral.xfinity.com
138.201.20.103
15.236.176.210
178.250.0.166
2.20.86.213
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a02:26f0:3500:580::1b62
2a02:26f0:3500:591::1e80
2a02:26f0:ef:2ad::2c06
34.248.142.13
34.253.148.205
92.123.194.100
92.204.68.53
93.184.220.41
95.217.106.24
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0b428f63bfcf2d1f4c215d5fc6d0764216e1db6e3a27733fd1fe54f2f4755410
0df906e16d1ed57a686d542ac0e7a620eafb715c12ee0a0c648653b569e72a9b
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11da464f86f5ff9850e1ef53dd13336cfbfd38a8f3808d7826d0c1a2d925563f
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
14d14a623f62b6d7fbbf182ec50118a627518d9a49cab43e76f8f89d4e2310fa
1a42e5d9d0e5f6999e0424e90643511cfdf18d859071e4aea9cd39173e168669
1bdca04f41b797a00f1ac403070d6ea18a459754c41d383ffddf5b0991f04d9d
236b7ce99f4dde0feeb5ba4bd411a55d978fb32a6142912f819cbdf81c5a8e85
2552cae119793fb74cb2f68ddce1503bc924c9fd96c0354490658818fc4ff6a1
25b929df07cf5a58b7ffdb4b4bf3886b79c2e79034510720744cd845f251d003
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
2bb39a5b965a8e034b5c11a6eccc962be2cf2320c27147aa4068812dd3a969f9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46
493c1ae6f44b88724e3a769d16e5b15e316175da872c5dd5d9ccc02b857f64a0
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4
50f4181485331a1d3b936ff7cf2162a5a25d98705fb83fe19228a3f0f8a24a22
536ad63d803df46710e79f337b8a29bc2c553acfdfbbef0e99066b0177106a72
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
64a1959022eac7b947f94940f33e7983df1fce15be5a8386ca4212ddcaf22b52
6c481fdecfb9a3bc7a47327eef79de2c2888d14435866821ad37049b79d2d0da
6dd667c9f0c814598df2b2a4335090f34adbc2008cc7dcb12727aa0540bfc29d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
815d1100b641ac0b65a7db0faff7eebeb050511a12768df2372dba60cc1156ff
8d0f81ba2585906dbfc0f5b0544b12f7f5e118dc081f982bd51388948f68b76b
8f4d777c09e9693f3efa07a30faf9db9cddbdd51a0e8d17e45a47185a3d90ba9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
adf6758f9c4e5d981137b208cc62e652f26b61d9fbf38b6a47f1d01f36c70897
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
b0b6ed2f01dfb9c4cc50a1d2d03bd121ec07d7e3b92a5f6f7cce7e8c68b08ffb
b5439f2201a5409ff05248df13222508874e0f8dbbeff94ed4045dd991368bd9
bb818d8b594a3d5dc87d5c81fdf604181653a6225b7f8d5e8b6f73904880652c
c15705a4af54085e5d012c7c14b773ae0ea6a9704f9da27ed4a75dd08f4083d9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3f7e73b996fdbe7ba438becb7a016566f27ecd790429d02f07e2f48725fe34
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb74a3f5815e7a75e0217c750e3f0e50bc105f5e558f30fc2ebf4b815cc1f85
d1e2dfc4882d3951f8b5ce26f342fdbd83dcfc7c5d53cc455dc3703b706fc7c2
d22a59a638ccb896a6ada3a7902c4fd83ec4aa6b425cbc9dd7554cf578990025
db10aa77d75262dc5f4c3fe99e6221b0d9e4b3fe6be53d40dee230a230e8a1e6
e0a806cb5701c73e6fbb832bba0dcbcaddeb136c29e7c3f7777b902799d6662f
e13cbe1104f7c1389072fee0df56d6bad84000f998fc3f2d06ca26281b5085de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4778da167b3676ab8d9e2d3428ff7bc67f3f7d101d91e16b4a9b7782e99c402
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f80d2da03708c7790d14167b8f04049f5bfd21654e6024d3d9f8089d92d0a01d
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
fccf0b671af9aaa565fb04ab72d41cecd99f5a0cb8cc3dc9d7b1da77a85fa5fa
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce