bankfirstonline.com
Open in
urlscan Pro
67.225.255.155
Public Scan
Effective URL: https://bankfirstonline.com/
Submission: On July 09 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on June 11th 2020. Valid for: 3 months.
This is the only time bankfirstonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3032::ac43:d0fb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
25 | 67.225.255.155 67.225.255.155 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
2 | 107.162.133.142 107.162.133.142 | 55002 (DEFENSE-NET) (DEFENSE-NET) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:818::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 52.129.74.13 52.129.74.13 | 395492 (IOVATION3) (IOVATION3) | |
34 | 6 |
ASN395492 (IOVATION3, US)
PTR: mpsnare.iesnare.com
mpsnare.iesnare.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
bankfirstonline.com
bankfirstonline.com |
2 MB |
3 |
iesnare.com
mpsnare.iesnare.com |
22 KB |
3 |
gstatic.com
fonts.gstatic.com |
29 KB |
2 |
secureinternetbank.com
web11.secureinternetbank.com |
125 KB |
1 |
googleapis.com
fonts.googleapis.com |
861 B |
1 |
iowa-nebraskastatebank.com
1 redirects
iowa-nebraskastatebank.com |
250 B |
34 | 6 |
Domain | Requested by | |
---|---|---|
25 | bankfirstonline.com |
bankfirstonline.com
|
3 | mpsnare.iesnare.com |
web11.secureinternetbank.com
mpsnare.iesnare.com bankfirstonline.com |
3 | fonts.gstatic.com |
bankfirstonline.com
|
2 | web11.secureinternetbank.com |
bankfirstonline.com
|
1 | fonts.googleapis.com |
bankfirstonline.com
|
1 | iowa-nebraskastatebank.com | 1 redirects |
34 | 6 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bankfirstonline.com Let's Encrypt Authority X3 |
2020-06-11 - 2020-09-09 |
3 months | crt.sh |
web11.secureinternetbank.com DigiCert SHA2 Extended Validation Server CA |
2020-01-06 - 2022-02-21 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA |
2020-04-08 - 2021-05-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bankfirstonline.com/
Frame ID: 84BA587F8056E086A12F4F60F4DC854C
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://iowa-nebraskastatebank.com/
HTTP 301
https://bankfirstonline.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: CHAT ONLINE
Search URL Search Domain Scan URL
Title: OPEN AN ACCOUNT
Search URL Search Domain Scan URL
Title: ORDER CHECKS
Search URL Search Domain Scan URL
Title: Enroll now.
Search URL Search Domain Scan URL
Title: Forgot Password?
Search URL Search Domain Scan URL
Title: Forgot password or PIN?
Search URL Search Domain Scan URL
Title: Apply
Search URL Search Domain Scan URL
Title: Visit Website
Search URL Search Domain Scan URL
Title: powered by Enfold WordPress Theme
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://iowa-nebraskastatebank.com/
HTTP 301
https://bankfirstonline.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bankfirstonline.com/ Redirect Chain
|
63 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
bankfirstonline.com/wp-includes/css/dist/block-library/ |
52 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smart-app-banner.css
bankfirstonline.com/wp-content/plugins/add-smart-app-banner/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelementplayer-legacy.min.css
bankfirstonline.com/wp-includes/js/mediaelement/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-mediaelement.min.css
bankfirstonline.com/wp-includes/js/mediaelement/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avia-merged-styles-96b1205aab5e1721e4539f93f675eb04---5ecd72656c530.css
bankfirstonline.com/wp-content/uploads/dynamic_avia/ |
415 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
bankfirstonline.com/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
bankfirstonline.com/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smart-app-banner.js
bankfirstonline.com/wp-content/plugins/add-smart-app-banner/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BankFirst-Arrow-Preloader-01.png
bankfirstonline.com/wp-content/uploads/2020/02/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BankFirst_Logo-01.png
bankfirstonline.com/wp-content/uploads/2020/02/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
remoteLoginSecure
web11.secureinternetbank.com/PBI_PBI1151/js/ |
30 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RemoteLogon
web11.secureinternetbank.com/EBC_EBC1151/js/ |
94 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelement-and-player.min.js
bankfirstonline.com/wp-includes/js/mediaelement/ |
157 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelement-migrate.min.js
bankfirstonline.com/wp-includes/js/mediaelement/ |
1 KB 756 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-mediaelement.min.js
bankfirstonline.com/wp-includes/js/mediaelement/ |
907 B 685 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bj-lazy-load.min.js
bankfirstonline.com/wp-content/plugins/bj-lazy-load/js/ |
2 KB 894 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
bankfirstonline.com/wp-includes/js/ |
1 KB 980 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avia-footer-scripts-c7587c1a8f39aa088947fbaad0d0c659---5ecd7268051e5.js
bankfirstonline.com/wp-content/uploads/dynamic_avia/ |
191 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 861 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
bankfirstonline.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entypo-fontello.woff
bankfirstonline.com/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/ |
46 KB 46 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wdp.js
mpsnare.iesnare.com/general5/ |
44 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.js
mpsnare.iesnare.com/5.3.0/ |
477 B 810 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
time.mp3
mpsnare.iesnare.com/ |
504 B 880 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mortgage-1500x430.jpg
bankfirstonline.com/wp-content/uploads/2020/05/ |
173 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
May_4@72x-100-1.jpg
bankfirstonline.com/wp-content/uploads/2020/05/ |
224 KB 224 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
May_1@72x-100-1.jpg
bankfirstonline.com/wp-content/uploads/2020/05/ |
334 KB 334 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
May@72x-100-1.jpg
bankfirstonline.com/wp-content/uploads/2020/05/ |
250 KB 250 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
May_3@72x-100-1.jpg
bankfirstonline.com/wp-content/uploads/2020/05/ |
252 KB 253 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
May_2@72x-100-1.jpg
bankfirstonline.com/wp-content/uploads/2020/05/ |
316 KB 316 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
266 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _wpemojiSettings undefined| $ function| jQuery function| SmartBanner boolean| avia_is_mobile object| avia_framework_globals object| twemoji object| wp function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| rng_seed_int function| rng_seed_time function| rng_get_byte function| rng_get_bytes function| SecureRandom function| Arcfour function| ARC4init function| ARC4next function| prng_newstate function| BigInteger function| nbi function| am1 function| am2 function| am3 function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| findPrimes function| millerRabin function| bitSize function| expand function| randTruePrime function| mod function| addInt function| mult function| powMod function| sub function| add function| inverseMod function| multMod function| randTruePrime_ function| randBigInt_ function| GCD_ function| inverseMod_ function| inverseModInt_ function| eGCD_ function| negative function| greaterShift function| greater function| divide_ function| carry_ function| modInt function| int2bigInt function| str2bigInt function| equalsInt function| equals function| isZero function| bigInt2str function| dup function| copy_ function| copyInt_ function| addInt_ function| rightShift_ function| halve_ function| leftShift_ function| multInt_ function| divInt_ function| linComb_ function| linCombShift_ function| addShift_ function| subShift_ function| sub_ function| add_ function| mult_ function| mod_ function| multMod_ function| squareMod_ function| trim function| powMod_ function| mont_ undefined| rng_state object| rng_pool number| rng_pptr object| t undefined| z number| BI_FP string| BI_RM object| BI_RC number| rr number| vv object| PBI number| rng_psize number| dbits number| canary boolean| j_lm string| io_global_object_name object| IGLOO number| bpe number| mask number| radix string| digitsStr object| buff object| one object| ss object| s0 object| s1 object| s2 object| s3 object| s4 object| s5 object| s6 object| s7 object| T object| sa object| mr_x1 object| mr_r object| mr_a object| eg_v object| eg_u object| eg_A object| eg_B object| eg_C object| eg_D object| md_q1 object| md_q2 object| md_q3 object| md_r object| md_r1 object| md_r2 object| md_tt object| primes object| pows object| s_i object| s_i2 object| s_R object| s_rm object| s_q object| s_n1 object| s_a object| s_r2 object| s_n object| s_b object| s_d object| s_x1 object| s_x2 object| s_aa object| EBC function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| submitCallback function| errorCallback object| args object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| BJLL_options object| BJLL function| Froogaloop function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| onYouTubeIframeAPIReady function| $f object| jQuery112409405396987244359 string| waypointContextKey0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bankfirstonline.com
fonts.googleapis.com
fonts.gstatic.com
iowa-nebraskastatebank.com
mpsnare.iesnare.com
web11.secureinternetbank.com
107.162.133.142
2606:4700:3032::ac43:d0fb
2a00:1450:4001:801::200a
2a00:1450:4001:818::2003
52.129.74.13
67.225.255.155
00b386574fc8bd2669ff4cc7eed926d7392938c6b999a7ce5f42fb68e1036af3
12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ffda86985106d5f87ebe8e27ddf7836c836a071979bd3b0b931e85797143924
3addcffecc600fbbd3b58b62e438ceb159bc892ed349d0169ab210e5d1a0bc6e
3c8684da3b9889fdc9552e6312c4050cd2a31c793ce7d24bb5f6ae500553d4c7
3ed3c2fa8d1c956415ca9686fc0c6e759b5b9284677b78e584d594baf32edb33
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5473c7abfe3f735a00bbb767225e326c503c3ce9ea390d9f79be66ebd234d746
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
801e4d1cc07dfa3cc5536ee07eff767c9395a501676b1b225b3cb0f2409876c4
8dbebcfc2331d70321915abfc053f9dd566804d4b3d280bebb6a83e1a1306c28
90de1080b519e851ed7d624a32fe0686d4196f414e4205e43c3c1cb8c439d7ff
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9736eed7b9da76c6df5b397e14f7644f40feb80fcd011c46a0c903d586202967
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
a1dab653712c362ac5cb448ff1e0094661eca85f7fbd1209d21072cab07d7a69
a5e52ce140b54c166585ebf9e4b19d11c24999dfb1d9033e78b87792e3ae3df3
b1863c5fa236bd391b3b53b5eeb9e9488c0c055da084d17505e9543c4f8b2992
b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
be40cdb52ad2b427cce77b22d1cbd1d59293e0ef00e3f15a9a2cbf817d697ce2
bf6a3b7717e31c6394292373dda60837a7fb5b6879714120d4c4c6ff30d1314c
c37a9407ff4ebe076792ca5344e87caf33943b254a28aada489f27d88cbe4e01
d1a1e12b86c374165b8a464f912703d719c937ef38422128ca599354d9794574
d9ef53a13f05dbf0cdb2503825a538e034c9e19af2c340ad205199d237462db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e3281b07c486f634c95b4dafd43644e631ee900da8fafc709864ae0ba2ed1a
faca362ac643f3f7faa7f1a0dcd49daad77800c3bf748f873bc3faaa1e002ab4