![](/screenshots/e54510a5-7e18-4609-8e14-1f43973f747b.png)
dcutest.com
Open in
urlscan Pro
2606:4700::6811:5b45
Malicious Activity!
Public Scan
Submission: On October 27 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2022. Valid for: a year.
This is the only time dcutest.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DCU (Banking)Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-34-64.us-west-2.compute.amazonaws.com
dpm.demdex.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-233-123.us-west-2.compute.amazonaws.com
dcu.demdex.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-133-182.compute-1.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com
ps.eyeota.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-180-36.compute-1.amazonaws.com
sync.crwdcntrl.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-241-14.compute-1.amazonaws.com
mid.rkdms.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-81-207.compute-1.amazonaws.com
sync.srv.stackadapt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
51 |
dcutest.com
dcutest.com |
2 MB |
12 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214 dcu.demdex.net — Cisco Umbrella Rank: 210102 |
14 KB |
7 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 490 |
26 KB |
3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
132 KB |
2 |
crwdcntrl.net
2 redirects
sync.crwdcntrl.net — Cisco Umbrella Rank: 756 |
593 B |
2 |
sitescout.com
2 redirects
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602 |
945 B |
2 |
eyeota.net
2 redirects
ps.eyeota.net — Cisco Umbrella Rank: 1010 |
1 KB |
2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 344 |
509 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61 |
99 KB |
1 |
stackadapt.com
1 redirects
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723 |
562 B |
1 |
rkdms.com
1 redirects
mid.rkdms.com — Cisco Umbrella Rank: 950 |
420 B |
1 |
pro-market.net
1 redirects
fei.pro-market.net — Cisco Umbrella Rank: 2526 |
305 B |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 236 |
614 B |
1 |
media6degrees.com
1 redirects
idpix.media6degrees.com — Cisco Umbrella Rank: 2247 |
554 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1073 |
517 B |
75 | 15 |
Domain | Requested by | |
---|---|---|
51 | dcutest.com |
dcutest.com
|
11 | dpm.demdex.net |
dcutest.com
|
7 | assets.adobedtm.com |
dcutest.com
|
3 | connect.facebook.net |
dcutest.com
connect.facebook.net |
2 | sync.crwdcntrl.net | 2 redirects |
2 | pixel-sync.sitescout.com | 2 redirects |
2 | ps.eyeota.net | 2 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | www.googletagmanager.com |
dcutest.com
|
1 | sync.srv.stackadapt.com | 1 redirects |
1 | mid.rkdms.com | 1 redirects |
1 | fei.pro-market.net | 1 redirects |
1 | c.bing.com | 1 redirects |
1 | idpix.media6degrees.com | 1 redirects |
1 | cm.everesttech.net | 1 redirects |
1 | dcu.demdex.net |
dcutest.com
|
75 | 16 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-28 - 2023-06-27 |
a year | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-08-05 - 2022-11-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://dcutest.com/
Frame ID: 19F2BE92A9DF4E5F878AAB1783476898
Requests: 65 HTTP requests in this frame
Frame:
https://dcu.demdex.net/dest5.html?d_nsid=0
Frame ID: 581F3D2A63D053018D89D5B1A9A8D40B
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/e54510a5-7e18-4609-8e14-1f43973f747b.png)
Page Title
Digital Federal Credit Union | Personal & Business BankingDetected technologies
Detected patterns
- <div class="[^"]*aem-Grid
- /etc\.clientlibs/
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/OneTrust.png)
Detected patterns
- otSDKStub\.js
Page Statistics
31 Outgoing links
These are links going to different origins than the main page.
Title: Insurance
Search URL Search Domain Scan URL
Title: Realty
Search URL Search Domain Scan URL
Title: Investment
Search URL Search Domain Scan URL
Title: Forgot Username/Password?
Search URL Search Domain Scan URL
Title: Join
Search URL Search Domain Scan URL
Title: EverFi Program
Search URL Search Domain Scan URL
Title: Visa® Rewards Login
Search URL Search Domain Scan URL
Title: 24X7 account access with DCU Digital Banking
Search URL Search Domain Scan URL
Title: Axuda
Search URL Search Domain Scan URL
Title: DCU for Kids
Search URL Search Domain Scan URL
Title: BECOME A MEMBER
Search URL Search Domain Scan URL
Title: Schedule An Appointment
Search URL Search Domain Scan URL
Title: LEARN MORE
Search URL Search Domain Scan URL
Title: LEARN MORE
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: LEARN MORE
Search URL Search Domain Scan URL
Title: Continue Application
Search URL Search Domain Scan URL
Title: Browser Diagnostics
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 64- https://cm.everesttech.net/cm/dd?d_uuid=10915105583151351621273736613639208203 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1qCfQAAAKUr8QNz
- https://idsync.rlcdn.com/365868.gif?partner_uid=10915105583151351621273736613639208203 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTA5MTUxMDU1ODMxNTEzNTE2MjEyNzM3MzY2MTM2MzkyMDgyMDMQABoNCP2E6poGEgUI6AcQAEIASgA HTTP 307
- https://dpm.demdex.net/ibs:dpid=477&dpuuid=2b61b5cd9852c46ef9db5957c4b3d848d7fa69bcb3665c45726c0386aeec45a7b0da87c991749652
- https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=10915105583151351621273736613639208203 HTTP 302
- https://dpm.demdex.net/ibs:dpid=992&dpuuid=5hvajw1lmp3e
- https://c.bing.com/c.gif?uid=10915105583151351621273736613639208203&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=078AF2B6FBE8676B31ACE0FCFAC266B9
- https://ps.eyeota.net/match?bid=6j5b2cv&uid=10915105583151351621273736613639208203&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
- https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=10915105583151351621273736613639208203&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
- https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=10915105583151351621273736613639208203 HTTP 302
- https://dpm.demdex.net/ibs:dpid=575&dpuuid=-3490070942601687580
- https://pixel-sync.sitescout.com/connectors/adobe/usersync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D82530%26dpuuid%3D%24UUID HTTP 302
- https://pixel-sync.sitescout.com/connectors/adobe/usersync?cookieQ=1&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D82530%26dpuuid%3D%24UUID HTTP 302
- https://dpm.demdex.net/ibs:dpid=82530&dpuuid=f90cfa5d-a800-4730-9124-988268567900-635a827d-4341
- https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=10915105583151351621273736613639208203?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=10915105583151351621273736613639208203?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9ac4569928e6a9bb4f4b1f6e08ba3a1a
- https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=10915105583151351621273736613639208203&_ct=img HTTP 302
- https://dpm.demdex.net/ibs:dpid=129099&dpuuid=9e5c20384dfd50280740f2087df0a72b
- https://sync.srv.stackadapt.com/sync?nid=adobe HTTP 302
- https://dpm.demdex.net/ibs:dpid=390122&dpuuid=vtxsxar2QuxrJjLmOHWvGZU4mbc
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dcutest.com/ |
198 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-dependencies.min.css
dcutest.com/etc.clientlibs/dcu/clientlibs/ |
76 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-site-layout.min.css
dcutest.com/etc.clientlibs/dcu/clientlibs/ |
101 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-site.min.css
dcutest.com/etc.clientlibs/dcu/clientlibs/ |
562 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
dcutest.com/scripttemplates/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-EN271d4b2692764b999a2e6682e60f4596.min.js
dcutest.com/ |
284 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCUGreen.svg
dcutest.com/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/images/svg/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_IMG_LOC_HomePage_C03_292_440_Desktop_MegaNavLearn_01.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_IMG_LOC_HomePage_C03_292_440_Desktop_MegaNavAccess_01.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_IMG_LOC_PDP_Ltd-Savings_C10_1280_920_Mobile_PageHero_01.jpg
dcutest.com/content/dam/dcu/global/pdp/images/ |
432 B 432 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marathon-2020.jpg
dcutest.com/content/dam/dcu/global/generic/images/ |
390 B 390 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
posh-x-preview.svg
dcutest.com/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/images/svg/ |
1 KB 761 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
posh-chat-icon.svg
dcutest.com/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/images/svg/ |
1023 B 731 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
march-db-carousel-desktop.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
170 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0621-branches-open-homepage-carousel-desktop-sd.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
136 KB 137 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auto149-desktop.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
275 KB 275 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Checking-home-carousel-desktop-sd.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
524 KB 525 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nfl-banner-1456-wide.png
dcutest.com/content/dam/dcu/images/ |
80 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nfl-banner-300-wide.jpg
dcutest.com/content/dam/dcu/images/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-support-center.svg
dcutest.com/content/dam/dcu/global/iconography/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-app-status.svg
dcutest.com/content/dam/dcu/global/iconography/ |
10 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-make-payment.svg
dcutest.com/content/dam/dcu/global/iconography/ |
7 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-appointment.svg
dcutest.com/content/dam/dcu/global/iconography/ |
5 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cares-community-desktop.jpg
dcutest.com/content/dam/dcu/global/community-images/ |
402 B 402 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asw22-comm-carousel-desktop.jpg
dcutest.com/content/dam/dcu/global/community-images/ |
406 B 406 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
job-fair-community-carousel-desktop.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_ILLUS_LOC_HomePage_C08_YourOpinion_01.svg.svg
dcutest.com/content/dam/dcu/global/home/illustrations/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_ILLUS_LOC_HomePage_C08_ForWholeFamily_01.svg.svg
dcutest.com/content/dam/dcu/global/home/illustrations/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_ILLUS_LOC_HomePage_C08_Balance_01.svg.svg
dcutest.com/content/dam/dcu/global/home/illustrations/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_ILLUS_LOC_HomePage_C08_FinTech_01.svg.svg
dcutest.com/content/dam/dcu/global/home/illustrations/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_ILLUS_LOC_HomePage_C08_DCUKids_01.svg
dcutest.com/content/dam/dcu/global/home/illustrations/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_ILLUS_LOC_HomePage_C08_GrowthFountain_01.svg.svg
dcutest.com/content/dam/dcu/global/home/illustrations/ |
11 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CoOpSharedBranches_Homepage_Desktop_IMG_DCU_785x480.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
94 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SurchargeFreeATMs_Homepage_Desktop_IMG_DCU_785x480.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCUBranches_Homepage_Desktop_IMG_DCU_785x480.jpg
dcutest.com/content/dam/dcu/global/home/images/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_LOG_GLO_HomePage_C02_DCULogo-white_01.svg
dcutest.com/content/dam/dcu/global/generic/logos/ |
417 B 417 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_LOG_GLO_HomePage_C02_AppleStore_01.svg
dcutest.com/content/dam/dcu/global/generic/logos/ |
414 B 414 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_LOG_GLO_HomePage_C02_GooglePlaystore_01.svg
dcutest.com/content/dam/dcu/global/generic/logos/ |
419 B 419 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_LOG_GLO_HomePage_C02_NCUA_01.svg
dcutest.com/content/dam/dcu/global/generic/logos/ |
408 B 408 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DCU_LOG_GLO_HomePage_C02_EqualHousing_02.svg
dcutest.com/content/dam/dcu/global/generic/logos/ |
416 B 416 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-base.min.js
dcutest.com/etc.clientlibs/dcu/clientlibs/ |
337 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-dependencies.min.js
dcutest.com/etc.clientlibs/dcu/clientlibs/ |
249 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-site.min.js
dcutest.com/etc.clientlibs/dcu/clientlibs/ |
251 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
dcutest.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
102 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
159 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_alert_bell.svg
dcutest.com/content/dam/dcu/global/iconography/ |
2 KB 880 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcu-iconset.woff2
dcutest.com/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v2/ |
3 KB 4 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online-deposit-d1-desktop-v2.svg
dcutest.com/content/dam/dcu/global/merchbox/ |
399 B 399 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-sale-d1-desktop-v2.svg
dcutest.com/content/dam/dcu/global/merchbox/ |
394 B 394 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
car-refinance-d1-desktop-v2.svg
dcutest.com/content/dam/dcu/global/merchbox/ |
398 B 398 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcu-iconset.woff2
dcutest.com/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v5/ |
4 KB 4 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
streamline.ttf
dcutest.com/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/streamline-icons/ |
10 KB 10 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC5eb41e0290124fe59845d03b303da898-source.min.js
assets.adobedtm.com/c710ed4af822/9928f11b8b77/745a66c43540/ |
457 B 556 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC2f03ed1dba3d456dbcbecc083f9a5ebf-source.min.js
assets.adobedtm.com/c710ed4af822/9928f11b8b77/745a66c43540/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCf7fcd89d8991451b8863814935e70d0d-source.min.js
assets.adobedtm.com/c710ed4af822/9928f11b8b77/745a66c43540/ |
386 B 512 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC62a2ef1e23d34429ad32513353526ffa-source.min.js
assets.adobedtm.com/c710ed4af822/9928f11b8b77/745a66c43540/ |
362 B 492 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity.js
connect.facebook.net/signals/plugins/ |
64 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
629895564074653
connect.facebook.net/signals/config/ |
294 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
dcu.demdex.net/ Frame 581F |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=Y1qCfQAAAKUr8QNz
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=477&dpuuid=2b61b5cd9852c46ef9db5957c4b3d848d7fa69bcb3665c45726c0386aeec45a7b0da87c991749652
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=992&dpuuid=5hvajw1lmp3e
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 948 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1957&dpuuid=078AF2B6FBE8676B31ACE0FCFAC266B9
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=575&dpuuid=-3490070942601687580
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=82530&dpuuid=f90cfa5d-a800-4730-9124-988268567900-635a827d-4341
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=121998&dpuuid=9ac4569928e6a9bb4f4b1f6e08ba3a1a
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 943 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=129099&dpuuid=9e5c20384dfd50280740f2087df0a72b
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=390122&dpuuid=vtxsxar2QuxrJjLmOHWvGZU4mbc
dpm.demdex.net/ Frame 581F Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DCU (Banking)84 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| OptanonWrapper object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| dataLayer function| gtag object| QuantumMetricOnload function| $ function| jQuery function| Popper object| bootstrap function| Cookies object| Typeahead function| getPageTitle function| getPageUrl function| getPageDetail function| getBreadcrumb function| getPageURLQueryString function| getRandNumber function| getDateTime function| generateSessionId function| getSessionId function| getPageVanityURL function| getReferrer function| getReplicatedDate function| getPageLanguage function| getCategoryDetails function| getCategoryType function| getFormName function| getFormType function| getFormErrors function| getFormErrorsPercentage function| getCalculatorCategory function| getCalculatorTitles function| getCalculatorTypes object| dcu function| excecuteCorousel function| triggerBenefitsOffers function| triggerStickyNavbar function| triggerReviews function| removeErrorMessage function| validateCalc function| loadCal function| loadIFrameMultiCal function| findInternalEls function| cycleFocus function| setAriaLabel function| cardsEqualHeightOnResize function| columnControllerCardsResize object| google_tag_manager object| google_tag_data function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| _0x282b function| _0x3cf3 object| digitalData object| pageInfo object| userInfo object| categoryInfo object| formInfo object| calculatorInfo string| jsonObject23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dcutest.com/ | Name: firstvisit Value: yes |
|
.dcutest.com/ | Name: _gcl_au Value: 1.1.1948470655.1666876029 |
|
.demdex.net/ | Name: demdex Value: 10915105583151351621273736613639208203 |
|
.dcutest.com/ | Name: AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg Value: 1 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y1qCfQAAAKUr8QNz |
|
.dpm.demdex.net/ | Name: dpm Value: 10915105583151351621273736613639208203 |
|
.dcutest.com/ | Name: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19293%7CMCMID%7C11418218180747263781247632639885279835%7CMCAAMLH-1667480828%7C9%7CMCAAMB-1667480828%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666883228s%7CNONE%7CMCSYNCSOP%7C411-19300%7CvVersion%7C5.4.0 |
|
.rlcdn.com/ | Name: rlas3 Value: IrjxUL69LAm/ouWxTQ0ba0b6NMShgDq7POizm0r2Ra0= |
|
.rlcdn.com/ | Name: pxrc Value: CP2E6poGEgUI6AcQABIGCPHrARAA |
|
.media6degrees.com/ | Name: clid Value: 2rkexrx011705hvajw1lmp3e000000018c011801a01 |
|
.media6degrees.com/ | Name: acs Value: 012020k1rkexrxxzt10 |
|
.bing.com/ | Name: MUID Value: 078AF2B6FBE8676B31ACE0FCFAC266B9 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.eyeota.net/ | Name: mako_uid Value: 184198dbb59-105a0000010a437c |
|
.eyeota.net/ | Name: SERVERID Value: 17276~DM |
|
.sitescout.com/ | Name: ssi Value: f90cfa5d-a800-4730-9124-988268567900#1666876029947 |
|
.sitescout.com/ | Name: _ssuma Value: eyIyIjoxNjY2ODc2MDI5OTkwfQ |
|
.crwdcntrl.net/ | Name: _cc_cc Value: ctst |
|
.demdex.net/ | Name: dextp Value: 60-1-1666876029146|477-1-1666876029247|992-1-1666876029348|1957-1-1666876029449|30064-1-1666876029550|575-1-1666876029651|82530-1-1666876029752|121998-1-1666876029853|129099-1-1666876029954|390122-1-1666876030056 |
|
.rkdms.com/ | Name: sessionid Value: h-9e5c20384dfd50280740f2087df0a72b_t-1666876030 |
|
.rkdms.com/ | Name: sc Value: 3%3A103621 |
|
sync.srv.stackadapt.com/ | Name: sa-user-id Value: s%3A0-bedc6cc5-aaf6-42ec-6b26-32e63875af19.f5v7YM2mWbOv2cKVjlHp33wG78AUWuCpyLKsiQ9%2BhW4 |
|
.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3Avtxsxar2QuxrJjLmOHWvGZU4mbc.hMFjyKZ%2BC8%2F5AjouEeeqpuA42qjiTY%2B7CcER%2BNOX0I0 |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
c.bing.com
cm.everesttech.net
connect.facebook.net
dcu.demdex.net
dcutest.com
dpm.demdex.net
fei.pro-market.net
idpix.media6degrees.com
idsync.rlcdn.com
mid.rkdms.com
pixel-sync.sitescout.com
ps.eyeota.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
www.googletagmanager.com
207.198.113.89
23.23.180.36
2600:1400:d:48b::1e80
2600:1901:0:8eee::
2606:4700:4400::6812:25fe
2606:4700::6811:5b45
2607:f8b0:4006:81e::2008
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
34.216.233.123
34.237.81.207
35.166.34.64
35.190.60.146
50.16.174.192
54.145.133.182
54.91.241.14
027479e0e7ea992444111c8864c4588f2e880ee294f16b717841ceb0175f72e5
0425a61674698dabd616971a8990cf6249c12192c33d4b974a8eb73f9ca2de99
117118cab1952e74559082f081c6a4266af78a8fbdf524c62b77d21ebdb03a38
181f6ba84ec96d475388d9ec01aee17ff45a088441f642731fad54c48b268e9a
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
1ad3e45193d85ff2dc5f1895d749087e39289684c5ab0dd8fa892f544644aff5
21bf7386c6bab2a369fcaeefbe3991291f5c3d65ac251657bb11ff53d328aa82
25d8f88f86ff9a987a10d958e7fc68ade676fd926c772c65278e4ef1951e9806
37b7a034a5998435e91f00b5cbbd5ae854a0cdf61198eb084f08511efc0fe6ee
3e0b993648fb84008f768cf811ff63897aa30bc2a9bd77f3fbd2db0bbf4277ef
3f529f863d8486e7035f14da6390bac81cc0fb443167017f4e6238eb3029a622
40483138035e563cb73b983e265ce1456ec613313f4acc1e4d9b833ca1197f04
4269004add68585a86d8e3acf9d2440b7da1af9afe7aaeecf019a08afec2ef90
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
468b3777a67b1966529d5838689c383ef0b162d80d7efc3accaa41cba5876aa7
4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871
4d1e205c81f050c8fb8e79b8a3ab336d3dcca333f40b3eff1e0c5c3b2e66145d
57be1123ad09526ab00dc1e498511c8d3dc3b26fd795324123d7e03b26e9fe51
66c03a9263f23f487f434d7cfd4d7abfc0254c1c062f14342c8bbaee7a540ba1
69bf6079c5be622f8430ac2fd89573940ebd7fbce890a76e9ccae80383059ffa
6b699bcedbb4f92c59140cc0d807333f22b3c36fd08fabc4fd0bbacecf955dc2
71703123c9ce9d2815e8cf7a3163029724bdc4d21bcd43d03555b69d3acfed77
761805665bc71fa6eda6dd4ef312203fa592693800c1ad92ceb4649cb3c28f91
7914186aaa37dc60f1c1cfbe6c383d7a5265d9275bd54c178c6f7ab885297328
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7da2615d064196e6a09ec09b72dd4c23076291242d1bec7e33d42bdec2bfbb9b
7e213edd3cbb33bfabb6f502ce9a6fe0162bdb3a43fbc8478067b9f6fa3ebb96
8222a3a8c752a93c29dd60c4bf62b864365a9044c97526be9e86c35cd2f2f1ff
86386a40c20ecbe084a928d847baa15e843bb523aaed4c4fdf224d128b013a80
8908202dff146c476ece34836005fa0eec689024a7b9719065d3b65652259128
8967dc009b2bfbb0fe09ca36a396343cf55388c69dfd14d8b49fa3e1f21fb860
8bd15c5562ef3b19250e9d75b15407b19c6842266b98268b22777f3c2e84ccdb
8be81be9a5e6f8926bc4d17fbaa9e371c195f14fa71da8abe7d1cdddb5ff1b85
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
96c6d4c1a815586552c3f88b3869e971ee15e62c723d399eb44d816487fb30c7
a06fc2660a3f6397b58ab5de2e718cf2ab15a28e691ae8a581f6245544f2a056
a11cf2980387b035917788df2b409ad634f547ee526d4f50e70a57c891611fa6
a34d79902a072dd25fc43cfa4c0b22c8be18afdb19d45ac74c05a72f8261fcce
ad0ddcb72ecf5af15402ad6bdddb48f2fc6b0bd8c0e2223e1c42b197fed92d48
afcfd6c967ff1d6342d88139a3e22cb9aa8d1f27dbef0a53dfcf154e42c8aa5f
b1ca231c3bb75e09df1d8b12eec59fe36a89c98c63eaed06a9f91741992550fa
b48e8e89851cb0d93dbd4f0f4def705671415d1dd18b7c5c58b775aeb921778b
b5619bb90846a8aa8039d10c29bd14ca92d7b67d8b2f9c72c3be703792faeb84
b75787dbf4237995fbe0622c9b96e62d6195867c90ebb2e8df559bcb499c45f8
b772e71df32c3feb22b8ebc11ff0d7cbe8fef40bdf734f7d38de07ff8fd66b42
b7a888291eb9779c17f1fcc75b3e2c9caecfb2a11785d648968a37d00065508b
b7da52a613907177971593770bcc58698a25678875acf9bd41396ee20eee3ce8
bac3ebfa0718e95d5b519c695d2e33c31253f8bb41cf7948d2e7ad1a1866b90a
bceb755e5bf696cf08fcb0e9de9ae79c09df6a9d407e1916d533cd9e11e35b8a
bfc12b170b4ab79eaa9fc35c5e8251e2f0276e437c3833e710d14e6142c8fbc3
c33250b971aeff86efbcf828e6eecc0a6973a526aa26e53ea149c92cdaa323e2
cf6ecfd0981cc0a1c5206ad41982ba9e80968159727a77f3a61cca825ee2820b
deeb253ac3f4c41c5a1a620f2ba177a0f7cce5e4022844b7483c0a7ab6580b3b
e0ebfcc9870fb1f278eec80456b28522498dbe379aae4755f42ec70993ba5579
e1492057b6afa7f6a3100d0cfc64295104eaedf78bf29b7bfcb9c544c0605a9d
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e5c351391bd830196022c5e12b73a5ce48c0795ef297714993a315f4acf95343
e7f76069af24b1d29f09af97f6bd62453e386e3c3c3279866f2687bebe967ccb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08ad378538234bfbf1640a61f0bc30de6e05af8851234b6502ccd842188ff17
f3cdd5493d961f49fe4156ac46a6b7fcd6f7ffabacf5062b9465965b65c9c782
f5ab44a42bb3511def08dbe24e0755f71d2185fc3d20202e4ca2880c88cbfbd3
f9d960f8140d8ce7150a9a6df5028988ed92aa3b296aa6d3273a8d61af994633
fc03f184cc85520a1d46167de91aa19c36c3c4a6926f3bd4d8e37ab7db6584fa