citizen-teamsupport.com
Open in
urlscan Pro
45.147.197.70
Malicious Activity!
Public Scan
Effective URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Submission: On May 11 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.
This is the only time citizen-teamsupport.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citizens Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 42 | 45.147.197.70 45.147.197.70 | 204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands) | |
4 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:bab8 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
48 | 5 |
ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: s21.server-panel.net
citizen-teamsupport.com |
ASN20940 (AKAMAI-ASN1, NL)
p11.techlab-cdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
citizen-teamsupport.com
1 redirects
citizen-teamsupport.com |
489 KB |
4 |
techlab-cdn.com
p11.techlab-cdn.com |
58 KB |
2 |
go-mpulse.net
s.go-mpulse.net c.go-mpulse.net |
47 KB |
48 | 3 |
Domain | Requested by | |
---|---|---|
42 | citizen-teamsupport.com |
1 redirects
citizen-teamsupport.com
|
4 | p11.techlab-cdn.com |
citizen-teamsupport.com
|
1 | c.go-mpulse.net |
citizen-teamsupport.com
|
1 | s.go-mpulse.net |
citizen-teamsupport.com
|
48 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
citizen-teamsupport.com R3 |
2021-05-11 - 2021-08-09 |
3 months | crt.sh |
go.chameleonx.com DigiCert SHA2 Secure Server CA |
2020-12-24 - 2022-01-03 |
a year | crt.sh |
akstat.io DigiCert Secure Site ECC CA-1 |
2020-05-06 - 2021-08-05 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Frame ID: CA3576288EDEA93D1E561DD4CFFA8531
Requests: 47 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Frame ID: 6C7EFF0243E81D27B2388A4EBDBC9D1F
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://citizen-teamsupport.com/
HTTP 302
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://citizen-teamsupport.com/
HTTP 302
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
48 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
%D0%86%D0%BEg%D1%96n.php
citizen-teamsupport.com/ Redirect Chain
|
30 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
justme.js
citizen-teamsupport.com/public/ |
134 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
citizen-teamsupport.com/%D0%B5f%D1%95%D0%B5%D1%95/efs/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pm_fp.js
citizen-teamsupport.com/efs/efs/jsp-ns/ |
24 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.10.3.custom.min.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ |
61 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flows.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad-containers.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-2.6.2.min.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ |
199 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
placeholders.min.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tealeaf.js
citizen-teamsupport.com/efs/efs/js/ |
142 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CTZ_Green-01.png
citizen-teamsupport.com/efs/hhf/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citizensns.min.42588.js
citizen-teamsupport.com/efs/hhf/js/ |
423 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sec-3-2.css
citizen-teamsupport.com/efs/cp_challenge/ |
2 KB 558 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sec-cpt-3-2.js
citizen-teamsupport.com/efs/cp_challenge/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
789df05eano181e2e23b8a2156a8762
citizen-teamsupport.com/public/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65319_1825232283.js
p11.techlab-cdn.com/e/ |
55 KB 19 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65257_1825232252.js
p11.techlab-cdn.com/e/ |
14 KB 6 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64885_1825232283.js
p11.techlab-cdn.com/e/ |
4 KB 2 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65226_1825232283.js
p11.techlab-cdn.com/e/ |
69 KB 31 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citizen_roman.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ |
31 KB 31 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.9.1.min.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ |
90 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
s.go-mpulse.net/boomerang/ Frame 6C7E |
187 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
723 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-secure.png
citizen-teamsupport.com/efs/efs/grafx/ |
292 B 342 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flows-tooltip.png
citizen-teamsupport.com/efs/efs/grafx/ |
364 B 415 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-button-white.png
citizen-teamsupport.com/efs/efs/grafx/ |
1017 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-down-blue.png
citizen-teamsupport.com/efs/efs/grafx/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-right-orange.png
citizen-teamsupport.com/efs/efs/grafx/ |
165 B 215 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citiolb_icons.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ |
18 KB 9 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citizen_extrabold.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ |
27 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citizen_book.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ |
31 KB 31 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
TealeafTarget.jsp
citizen-teamsupport.com/efs/servlet/efs/ |
176 B 153 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citizensns.min.42588.css
citizen-teamsupport.com/efs/hhf/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
equal-housing.gif
citizen-teamsupport.com/efs/hhf/img/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-follow-facebook.png
citizen-teamsupport.com/efs/hhf/img/ |
395 B 446 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-follow-twitter.png
citizen-teamsupport.com/efs/hhf/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-follow-linkedin.png
citizen-teamsupport.com/efs/hhf/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-follow-youtube.png
citizen-teamsupport.com/efs/hhf/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
elh.gif
citizen-teamsupport.com/efs/hhf/img/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fdicFooter.gif
citizen-teamsupport.com/efs/hhf/img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
TealeafTarget.jsp
citizen-teamsupport.com/efs/servlet/efs/ |
176 B 176 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citizen_bold.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ |
29 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
c.go-mpulse.net/api/ Frame 6C7E |
68 B 346 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
ae
p11.techlab-cdn.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- p11.techlab-cdn.com
- URL
- https://p11.techlab-cdn.com/ae?c=5f3eb0a4e1f7170011c6521b
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citizens Bank (Banking)85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| jQuery number| ___dm function| ___dto string| timeStamp string| pageURL string| pageName object| digitalData string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint object| html5 object| Modernizr function| yepnope function| $ object| CITIZENSOLB object| Placeholders string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| thebody object| TLT object| pako function| contentLoaded function| citizensHeaderFooter function| _ function| moment object| HHFJST object| Backbone object| HHF undefined| el object| _cf function| isNumeric function| needHelp function| isSpecialChar function| validateIE7 function| setFieldState function| hasErrors function| getValidateMessageListCheckSpaces function| getValidateMessageList function| getBasicFieldErrorMessages function| getBasicFieldSuccessMessages function| isIE7 function| isUnsupported function| setupToolTip function| setupNonStickyToolTip function| initPasswordToolTip function| initPasswordCapsLock function| validatePasswordRules function| validateField function| isEmpty function| validateGoodPasswordRules number| index object| _0x1aad function| _0x546d object| BOOMR_mq string| url string| hostname number| BOOMR_onload object| qsSearch6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.citizen-teamsupport.com/ | Name: TLTSID Value: 00008540558067337487650675359870 |
|
.citizen-teamsupport.com/ | Name: __ddgmark Value: 2Rh7YEx1IXAuTYli |
|
.citizen-teamsupport.com/ | Name: WCXSID Value: 8540558067337487650675359870 |
|
.citizen-teamsupport.com/ | Name: __ddgid Value: QN8iaipPlJAGj66G |
|
citizen-teamsupport.com/ | Name: PHPSESSID Value: j7mura8b1v2oaj2spnmdv9ttv5 |
|
.citizen-teamsupport.com/ | Name: __ddg1 Value: N7pK2B6fz3TkYcABei4b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.go-mpulse.net
citizen-teamsupport.com
p11.techlab-cdn.com
s.go-mpulse.net
p11.techlab-cdn.com
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:bab8
45.147.197.70
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
1699319d1a0e97bc5dab1f23467264b58c0ae190c5554892b675ae348e2b88e0
1efea7200f622de0ea17ac76fc4737fec4c5679b16a0a7a905160b6c52cdeafc
2281bceeaf3c81dc26731248960c8d210a0d461a02759c39b7a7b6c5ee1e06a0
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
2f28f024d97de1c1123d799ec77e968ee535b081524b1789809b869377901f37
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
6247b325d302c4b1903c7d0e8d371f1dc0d749c863166b5506dcce892ca95af8
76cba77b2278e1a607e6cfee801c924f6df8ae49920102e12599aa266010cab5
77657c69749f9a701c6776297b015a7bc609fff91e9ceb9356d51e2324b433c0
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
83eda21a4f7806fdbb15794c39cc28eaaa15f80d80a3093634a1ca63c57c0557
84d4423c9fb8eeedae8c949fcb1703b0439505f8e39a28fca2d3af142414b85a
87d14a13d44a09391efc17e466fb3962cb7ff0382715b88bced66c19ae3fd581
88146e8caa732ee54c82fcb58a0c95d5a0bcd44df238a3ebe91a6cb0ed764c7b
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
ae571edfb75648a099b4bb67a1b33cf1be1133eac6d74e92a786f0303fc08298
b179e19bea4af50f3f837b4c6821f572f80d4e1943d4e8a5b61ae79b6fe9c574
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab
c8a977fd23fc151d7944387ad07220eb673de84b4343d6304efe5a8e1c061b02
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e2b62cc25517f3453606f1906143abb7ce41e6aca4d54232afe06bd03d068ce7
e827785f43a3c6e3166227ab3d91cd1a5c85ee03755d49a2017a679d3a4156fb
e98c61d19f0e628139216fc2f3103faedad7910a4653db598c120b8fa7537ac8
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e