u339511gj5.ha002.t.justns.ru
Open in
urlscan Pro
2a00:b700::6:b
Malicious Activity!
Public Scan
Effective URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Submission: On February 26 via manual from FR
Summary
This is the only time u339511gj5.ha002.t.justns.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 203.119.112.228 203.119.112.228 | 56088 (PANDI-ID ...) (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia) | |
1 | 77.222.56.187 77.222.56.187 | 44112 (SWEB-AS) (SWEB-AS) | |
1 1 | 2606:4700:31:... 2606:4700:31::681f:ab2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2606:4700:31:... 2606:4700:31::681f:bb2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2606:4700::68... 2606:4700::6813:c597 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
6 28 | 2a00:b700::6:b 2a00:b700::6:b | 51659 (ASBAXET) (ASBAXET) | |
5 | 151.139.241.23 151.139.241.23 | 12989 (HWNG) (HWNG) | |
1 | 74.214.194.131 74.214.194.131 | 59940 (PULSEPOIN...) (PULSEPOINT-EU) | |
1 | 13.35.253.10 13.35.253.10 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 13.35.254.18 13.35.254.18 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 185.86.137.17 185.86.137.17 | 201081 (SMARTADSE...) (SMARTADSERVER) | |
4 | 68.232.35.16 68.232.35.16 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 2a02:2638::1c 2a02:2638::1c | 44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE) | |
2 | 147.135.143.43 147.135.143.43 | 16276 (OVH) (OVH) | |
1 | 18.184.103.21 18.184.103.21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 5.179.192.20 5.179.192.20 | 34235 (ASPSERVEU...) (ASPSERVEUR-AS) | |
1 | 94.23.196.203 94.23.196.203 | 16276 (OVH) (OVH) | |
5 | 63.33.91.112 63.33.91.112 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 37.252.172.70 37.252.172.70 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
2 | 213.19.162.51 213.19.162.51 | 26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project) | |
1 | 2.23.106.5 2.23.106.5 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 54.75.225.184 54.75.225.184 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 2600:9000:20b... 2600:9000:20bb:ba00:6:44e3:f8c0:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2600:9000:20b... 2600:9000:20bb:8800:6:44e3:f8c0:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 2 | 185.64.189.110 185.64.189.110 | 62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic) | |
1 1 | 46.228.164.13 46.228.164.13 | 56396 (TURN) (TURN) | |
2 2 | 172.217.18.98 172.217.18.98 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 185.33.223.197 185.33.223.197 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2.16.186.115 2.16.186.115 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 158.191.172.76 158.191.172.76 | 9159 () () | |
1 | 54.38.64.100 54.38.64.100 | 16276 (OVH) (OVH) | |
70 | 29 |
ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa
s.id |
ASN44112 (SWEB-AS, RU)
PTR: vh228.sweb.ru
mauriciolo.temp.swtest.ru |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-10.fra6.r.cloudfront.net
p.cpx.to |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-18.fra6.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ced-ns.sascdn.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-103-21.eu-central-1.compute.amazonaws.com
edge.quantserve.com |
ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-33-91-112.eu-west-1.compute.amazonaws.com
s.cpx.to |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 154.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-23-106-5.deploy.static.akamaitechnologies.com
ads.stickyadstv.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-75-225-184.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-115.deploy.static.akamaitechnologies.com
api.dmcdn.net |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com |
Domain | Requested by | |
---|---|---|
28 | u339511gj5.ha002.t.justns.ru |
6 redirects
urlz.fr
s.id u339511gj5.ha002.t.justns.ru |
5 | s.cpx.to |
p.cpx.to
|
5 | ads.themoneytizer.com |
ajax.cloudflare.com
ads.themoneytizer.com |
4 | ced-ns.sascdn.com |
ads.themoneytizer.com
|
3 | player.pepsia.com |
s.id
player.pepsia.com |
2 | cm.g.doubleclick.net | 2 redirects |
2 | image2.pubmatic.com | 2 redirects |
2 | rules.quantcount.com | 1 redirects |
2 | fastlane.rubiconproject.com |
ads.themoneytizer.com
|
2 | tag.leadplace.fr |
ads.themoneytizer.com
tag.leadplace.fr |
2 | ww1097.smartadserver.com |
1 redirects
ads.themoneytizer.com
|
2 | urlz.fr | 1 redirects |
1 | c.tmyzer.com |
ads.themoneytizer.com
|
1 | www.ca-aquitaine.fr |
urlz.fr
|
1 | maxcdn.bootstrapcdn.com |
player.pepsia.com
|
1 | api.dmcdn.net |
player.pepsia.com
|
1 | www.google-analytics.com |
s.id
|
1 | secure.adnxs.com | 1 redirects |
1 | d.turn.com | 1 redirects |
1 | adtrack.adleadevent.com |
ajax.googleapis.com
|
1 | ads.stickyadstv.com |
ads.themoneytizer.com
|
1 | ib.adnxs.com |
ads.themoneytizer.com
|
1 | ajax.googleapis.com |
d2zur9cc2gf1tx.cloudfront.net
|
1 | www.noowho.com | |
1 | edge.quantserve.com |
ads.themoneytizer.com
|
1 | gum.criteo.com |
ads.themoneytizer.com
|
1 | d2zur9cc2gf1tx.cloudfront.net |
ads.themoneytizer.com
|
1 | p.cpx.to |
ads.themoneytizer.com
|
1 | tag.contextweb.com |
ads.themoneytizer.com
|
1 | ajax.cloudflare.com |
urlz.fr
|
1 | mauriciolo.temp.swtest.ru |
s.id
|
1 | s.id | |
0 | banners.webmasterplan.com Failed |
ced-ns.sascdn.com
|
0 | www.dailymotion.com Failed |
api.dmcdn.net
|
0 | pixel.tapad.com Failed | |
0 | g.tmyzer.com Failed |
ads.themoneytizer.com
|
0 | analytics.s.id Failed |
s.id
|
70 | 37 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ca-normandie-seine.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s.id COMODO RSA Domain Validation Secure Server CA |
2018-12-03 - 2020-12-02 |
2 years | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-09-22 - 2019-03-31 |
6 months | crt.sh |
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA |
2019-02-15 - 2021-02-14 |
2 years | crt.sh |
www.noowho.com Gandi Standard SSL CA 2 |
2017-02-07 - 2020-02-07 |
3 years | crt.sh |
s.cpx.to COMODO RSA Domain Validation Secure Server CA |
2015-02-10 - 2020-02-09 |
5 years | crt.sh |
adtrack.adleadevent.com Amazon |
2018-07-28 - 2019-08-28 |
a year | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2018-10-16 - 2019-10-21 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-01-29 - 2019-04-23 |
3 months | crt.sh |
api.dmcdn.net Let's Encrypt Authority X3 |
2019-02-14 - 2019-05-15 |
3 months | crt.sh |
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
www.ca-aquitaine.fr COMODO RSA Organization Validation Secure Server CA |
2018-12-12 - 2019-12-12 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
http://u339511gj5.ha002.t.justns.ru/refer/index.html
Frame ID: 1BA37EA5B85FBE6A8403FA647B4822C3
Requests: 61 HTTP requests in this frame
Frame:
http://u339511gj5.ha002.t.justns.ru/refer/index.html
Frame ID: 143BA3EEA4F3C123ED421CB9F4339F3E
Requests: 1 HTTP requests in this frame
Frame:
http://u339511gj5.ha002.t.justns.ru/refer/index.html
Frame ID: C93042C3C6912907780F91E97C677740
Requests: 1 HTTP requests in this frame
Frame:
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 0D19FA4A69776CB399276A18C6216D0F
Requests: 1 HTTP requests in this frame
Frame:
https://www.google-analytics.com/analytics.js
Frame ID: C114095D66D41D452BD589E7E0529E33
Requests: 5 HTTP requests in this frame
Frame:
http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: 0BE5AA617B984AD20C44D0D6ADDB0448
Requests: 1 HTTP requests in this frame
Frame:
http://banners.webmasterplan.com/view.asp?ref=794613&site=9192&type=html&hnb=1&js=1&subid=205724
Frame ID: 57EBAA1F5D9C697AC7B1DFF981305931
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://s.id/3yAOu Page URL
- http://mauriciolo.temp.swtest.ru/ Page URL
-
https://urlz.fr/90JN
HTTP 301
http://urlz.fr/90JN Page URL
-
http://u339511gj5.ha002.t.justns.ru/refer
HTTP 301
http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
http://u339511gj5.ha002.t.justns.ru/refer/index.html Page URL
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Foire Aux Questions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s.id/3yAOu Page URL
- http://mauriciolo.temp.swtest.ru/ Page URL
-
https://urlz.fr/90JN
HTTP 301
http://urlz.fr/90JN Page URL
-
http://u339511gj5.ha002.t.justns.ru/refer
HTTP 301
http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
http://u339511gj5.ha002.t.justns.ru/refer/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://urlz.fr/90JN HTTP 301
- http://urlz.fr/90JN
- http://u339511gj5.ha002.t.justns.ru/refer HTTP 301
- http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
- http://u339511gj5.ha002.t.justns.ru/refer/index.html
- http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
- http://ced-ns.sascdn.com/diff/js/smart.js
- http://id5-sync.com/i/12/9.gif HTTP 302
- http://id5-sync.com/c/12/0/9/1.gif HTTP 302
- http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
- http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID HTTP 302
- http://id5-sync.com/c/12/2/8/2.gif?puid=4479100661768519048 HTTP 302
- http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
- http://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
- http://id5-sync.com/c/12/10/7/3.gif?puid=2094191279726221527 HTTP 302
- http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
- http://ads.creative-serving.com/ul_cb/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
- http://id5-sync.com/c/12/101/6/4.gif?puid=da3428a1-f1d4-4d0d-b721-1dbcfd3ff54e HTTP 302
- http://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe6Wsvd7WleROtO97-4frzTQdfSEHAoLXiHBDFwgQ&redirurl=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID HTTP 302
- http://id5-sync.com/c/12/102/5/5.gif?puid=739035173878121993 HTTP 302
- http://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D
- http://u339511gj5.ha002.t.justns.ru/refer HTTP 301
- http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
- http://u339511gj5.ha002.t.justns.ru/refer/index.html
- http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
- https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
- https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
- https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
- https://s.cpx.to/sync?dsp=avocet&dsp_uid=a8376583-21fd-47be-a800-5d8411e4fee9&fid=b569355d-0320-47bc-8349-5979576c8289
- https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
- https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
- https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF3AE8DA-4186-47AC-B2F7-AA3207603FD8&fid=b569355d-0320-47bc-8349-5979576c8289
- https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
- https://s.cpx.to/sync?dsp=amobee&dsp_uid=3938752816429736857&fid=b569355d-0320-47bc-8349-5979576c8289
- https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_tc= HTTP 302
- https://s.cpx.to/ca.png?dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_gid=CAESEA7n78MQCCnjv9CDYnJWW_U&google_cver=1
- https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fmauriciolo.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
- https://s.cpx.to/an_fire?app_nexus_uid=4479100661768519048&pid=11528&ref=http%3A%2F%2Fmauriciolo.temp.swtest.ru%2F&hn_ver=10&fid=b569355d-0320-47bc-8349-5979576c8289
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
3yAOu
s.id/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
analytics.s.id/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
mauriciolo.temp.swtest.ru/ |
64 B 336 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
90JN
urlz.fr/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
u339511gj5.ha002.t.justns.ru/refer/ Frame 143B Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
requestform.js
ads.themoneytizer.com/s/ |
43 KB 9 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gen.js
ads.themoneytizer.com/s/ |
6 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
g.tmyzer.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moneyvisibility.js
ads.themoneytizer.com/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moneybile.js
ads.themoneytizer.com/ |
37 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getjs.static.js
tag.contextweb.com/ |
32 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.js
p.cpx.to/p/11528/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ |
25 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smart.js
ced-ns.sascdn.com/diff/js/ Redirect Chain
|
23 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
gum.criteo.com/ |
49 B 305 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
libJsLP.js
tag.leadplace.fr/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
push
pixel.tapad.com/idsync/ex/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quant.js
edge.quantserve.com/ |
12 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid.js
ads.themoneytizer.com/moneybid1_39/build/dist/ |
271 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sdk.js
player.pepsia.com/ |
37 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
u339511gj5.ha002.t.justns.ru/refer/ Frame C930 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.php
www.noowho.com/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fire.js
s.cpx.to/ |
946 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wckr.php
tag.leadplace.fr/ Frame 0D19 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ |
372 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fastlane.json
fastlane.rubiconproject.com/a/api/ |
255 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fastlane.json
fastlane.rubiconproject.com/a/api/ |
255 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfIndex.php
ads.stickyadstv.com/www/delivery/ |
67 B 548 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifyme.php
adtrack.adleadevent.com/ |
0 517 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Redirect Chain
|
1 KB 952 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
player.pepsia.com/V2/ |
42 KB 15 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
algo.php
player.pepsia.com/V2/ |
1 KB 679 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sync
s.cpx.to/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
s.cpx.to/ Redirect Chain
|
95 B 649 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
s.cpx.to/ Redirect Chain
|
95 B 630 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ca.png
s.cpx.to/ Redirect Chain
|
95 B 492 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
an_fire
s.cpx.to/ Redirect Chain
|
95 B 633 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame C114 |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
api.dmcdn.net/ Frame C114 |
27 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame C114 |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame C114 |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.ca-aquitaine.fr/ Frame C114 |
766 B 783 B |
Image
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
u339511gj5.ha002.t.justns.ru/refer/ Redirect Chain
|
21 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ac
ww1097.smartadserver.com/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
c.tmyzer.com/c/ |
0 200 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
embed
www.dailymotion.com/ Frame 0BE5 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sas-browser.js
ced-ns.sascdn.com/diff/templates/js/sas/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sas-dom.js
ced-ns.sascdn.com/diff/templates/js/sas/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sas-banner-2.4.js
ced-ns.sascdn.com/diff/templates/js/banner/ |
5 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
view.asp
banners.webmasterplan.com/ Frame 57EB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
antiquus_002.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
26 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
antiquus.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
26 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles_002.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
78 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
78 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-mod_002.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-mod.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stb.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
infosbulle.js
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
siteon0.gif
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.jpeg
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
point_transp.gif
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
87 B 437 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit.gif
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
43 B 393 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_repeat.png
u339511gj5.ha002.t.justns.ru/refer/img/ |
661 B 661 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
entete_light.png
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
411 B 763 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_haut.png
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ |
143 B 494 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bloc_arrond_bas.png
u339511gj5.ha002.t.justns.ru/refer/img/ |
665 B 665 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bloc_arrond_haut.png
u339511gj5.ha002.t.justns.ru/refer/img/ |
666 B 666 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thead.png
u339511gj5.ha002.t.justns.ru/refer/img/ |
655 B 655 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_form.png
u339511gj5.ha002.t.justns.ru/refer/img/ |
657 B 657 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- analytics.s.id
- URL
- https://analytics.s.id/piwik.js
- Domain
- g.tmyzer.com
- URL
- http://g.tmyzer.com/g/
- Domain
- pixel.tapad.com
- URL
- http://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D
- Domain
- s.cpx.to
- URL
- https://s.cpx.to/sync?dsp=avocet&dsp_uid=a8376583-21fd-47be-a800-5d8411e4fee9&fid=b569355d-0320-47bc-8349-5979576c8289
- Domain
- www.dailymotion.com
- URL
- http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
- Domain
- banners.webmasterplan.com
- URL
- http://banners.webmasterplan.com/view.asp?ref=794613&site=9192&type=html&hnb=1&js=1&subid=205724
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking)83 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| OS string| Version number| posOS number| posOS2 object| d object| na string| nua string| nav string| nan function| dom undefined| ie undefined| ienu boolean| ie4 undefined| ie5 undefined| ie5x undefined| ie6 boolean| moz undefined| moznu undefined| ns62 boolean| mac boolean| win boolean| old boolean| lin undefined| ie5mac boolean| ie5xwin boolean| op undefined| opnu undefined| op4 undefined| op5 undefined| op6 undefined| op7 boolean| konq boolean| saf undefined| saf_num function| Init function| pressKey function| setSize function| clicPosition undefined| code undefined| pos_der_code undefined| affiche_code function| effacer function| cocherCase function| corriger string| path_static string| path_dynamic string| caisse function| raf string| urlappli string| urlapplisecu function| ValidCertif function| ValidCertifSecu string| statusconfirmer string| statusannuler string| statusaide string| statuscondjur string| statusdemo string| statuscompte string| statuscode string| statuscorriger string| statusclavnum string| statusrecom string| App number| Nav_sup boolean| browserOK boolean| browserOK1 boolean| browserOK2 string| nsvers string| ievers undefined| isIE55 number| saf_pos string| saf_nu boolean| ns4 function| ouvrePOPUP function| ouvreassistance function| ouvreFenetre function| ouvrirPopupBntVisible function| validation function| isNumerique function| isAlphaNum0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
api.dmcdn.net
banners.webmasterplan.com
c.tmyzer.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d.turn.com
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
mauriciolo.temp.swtest.ru
maxcdn.bootstrapcdn.com
p.cpx.to
pixel.tapad.com
player.pepsia.com
rules.quantcount.com
s.cpx.to
s.id
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
u339511gj5.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.ca-aquitaine.fr
www.dailymotion.com
www.google-analytics.com
www.noowho.com
analytics.s.id
banners.webmasterplan.com
g.tmyzer.com
pixel.tapad.com
s.cpx.to
www.dailymotion.com
13.35.253.10
13.35.254.18
147.135.143.43
151.139.241.23
158.191.172.76
172.217.18.98
18.184.103.21
185.33.223.197
185.64.189.110
185.86.137.17
2.16.186.115
2.23.106.5
203.119.112.228
209.197.3.15
213.19.162.51
2600:9000:20bb:8800:6:44e3:f8c0:93a1
2600:9000:20bb:ba00:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c597
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:b700::6:b
2a02:2638::1c
37.252.172.70
46.228.164.13
5.179.192.20
54.38.64.100
54.75.225.184
63.33.91.112
68.232.35.16
74.214.194.131
77.222.56.187
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0d2c7627f6fcf59e8249fcea47eee72281980d52535704651a625d719de72449
1617ade5ea3ecc2ae90f24d08b42edb9f46a30730ff606cbbd8ccbcf19a4a16a
203f597381a781c167ae6c5fb151fb8ea91eb6c8c2f3e831ad14256e71a5d10e
26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4400157cffc868a23c307b80c36d8b849473c3a8905661496c6ed3de54470d20
446f054536501c302854ac0385c0a16c7f215eb11786419b68769eefd8665578
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
507f173bd882e8b2be46be53bec61bf98230cde18af89ec0bbe0866ef0497da9
513338f7ad46596ec12a717a06ccff98f54a7f4ffec67085d5b52e9ed9bf7f09
5a812b6d079563d5007a74f2e8a6fb3cb465b65e5199dc8976d9306e664e6fee
5ccf70cd1d1da4e1d97e76747d95a93ef3b78bd1a05f0998069d84b2fa8b5d7c
5e6e4b59e776656c913d4f6fa9e5c586678c9954a2b75fc287752ee9b6e976d2
6355d2f569635d7ed7c4fa9286e79a5eb5ecc6b17d64f97e64687195a1d4e7c3
66171501c2a2df0ccfb7e034730b81578492b3508f54e05b0c3847e81c8b8bb2
6e7beda9f3ed90316bad09c861392b56f5f8125a0fbb4a29c76933e38c44dce7
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57
7e21f113c0b7b34045da6c870dfcb863c6af5d0a8de63ae0d539373ea8f99a0d
82bb557cf480b5f06d375306fdf9fb8bdfd9c3139250eeac4c56e65435cdddb3
84ba16f5e88aa6a75681f2aca2a80e22ff8207512f1e616c3a963f358156474a
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9802c25176beb0ba013230dcd15ca0fc266030a03a6d078a0ddabd2a5592445e
983364371c4e05731c4ac45028811eba0bbaa0a71e1c1c1d25e6757aef763607
9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff
a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
be75bd4ece74fdb044d991fed3ebe153c99009970c90a171b24d2d8949e28bd8
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131
c9b1de23ef555ae2b01ed1ffbf1a93643f09d79e1b17c89fe05b4b7552059c02
d01911e5cd23948baa57eaf709c86932d09a4deb133086ef9386bc49cb1124d7
dd662b6e50e8121af3a3fcdb888012d0eadcefde358452e9b2f45e9980d86325
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f62cf0c74e65ce947a5942261b9d2e4b40733f8866b4b618b39c7b51a337f4
f6b6ebd962eb5771760ecfd687419341e5cc2ae2275f27ec8ee18d238fe17b1f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c