urlscan.io logo urlscan.io
SecurityTrails logo

www.als-alexander.org Open in urlscan Pro
185.25.23.45  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://moedux.cf/cass.php
Effective URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Submission: On May 10 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 185.25.23.45, located in Greece and belongs to LANCOM Athens - Greece, GR. The main domain is www.als-alexander.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 29th 2018. Valid for: 3 months.
This is the only time www.als-alexander.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Charles Schwab (Financial)

Domain & IP information

IP Address AS Autonomous System
1 198.54.126.40 22612 (NAMECHEAP...)
2 9 185.25.23.45 199081 (LANCOM At...)
11 104.109.77.211 20940 (AKAMAI-ASN1)
3 104.109.80.74 20940 (AKAMAI-ASN1)
1 104.109.71.22 20940 (AKAMAI-ASN1)
27 6
1    198.54.126.40 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: host59.registrar-servers.com
moedux.cf
9    185.25.23.45 (Greece)

ASN199081 (LANCOM Athens - Greece, GR)
PTR: linux26.name-servers.gr
www.als-alexander.org
11    104.109.77.211 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-77-211.deploy.static.akamaitechnologies.com
www.schwab.com
3    104.109.80.74 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-80-74.deploy.static.akamaitechnologies.com
content.schwab.com
1    104.109.71.22 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-71-22.deploy.static.akamaitechnologies.com
tracker.marinsm.com
Apex Domain
Subdomains		 Transfer
14 schwab.com
www.schwab.com
content.schwab.com
196 KB
9 als-alexander.org
www.als-alexander.org
17 KB
1 marinsm.com
tracker.marinsm.com
307 B
1 moedux.cf
moedux.cf
457 B
27 4
Domain Requested by
11 www.schwab.com www.als-alexander.org
9 www.als-alexander.org 2 redirects www.als-alexander.org
3 content.schwab.com www.als-alexander.org
1 tracker.marinsm.com www.als-alexander.org
1 moedux.cf
27 5
Subject Issuer Validity Valid
www.als-alexander.org
Let's Encrypt Authority X3		 2018-04-29 -
2018-07-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Frame ID: 9178EE97EE6C808B80ED019F9FC716D6
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://moedux.cf/cass.php Page URL
  2. https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/index.php HTTP 302
    https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed... HTTP 301
    https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

27
Requests

26 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

213 kB
Transfer

418 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://moedux.cf/cass.php Page URL
  2. https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/index.php HTTP 302
    https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928 HTTP 301
    https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cass.php
moedux.cf/ 		304 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
http://moedux.cf/cass.php
Protocol
HTTP/1.1
Server
198.54.126.40 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
host59.registrar-servers.com
Software
Apache / PHP/5.6.36
Resource Hash

Request headers

Host
moedux.cf
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
9178EE97EE6C808B80ED019F9FC716D6

Response headers

Date
Thu, 10 May 2018 13:12:52 GMT
Server
Apache
X-Powered-By
PHP/5.6.36
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
251
Content-Type
text/html; charset=UTF-8
Primary Request /
www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Redirect Chain
  • https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/index.php
  • https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928
  • https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
68 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.25.23.45 , Greece, ASN199081 (LANCOM Athens - Greece, GR),
Reverse DNS
linux26.name-servers.gr
Software
nginx /
Resource Hash
70faeb5b9e0e8baeea4529d325c6a6db8a8fd812f7e198d797cdaf5a889faabb
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.als-alexander.org
:scheme
https
:path
/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://moedux.cf/cass.php
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
9178EE97EE6C808B80ED019F9FC716D6
Referer
http://moedux.cf/cass.php

Response headers

status
200
server
nginx
date
Thu, 10 May 2018 13:12:54 GMT
content-type
text/html
vary
Accept-Encoding Accept-Encoding
cache-control
max-age=0
expires
Thu, 10 May 2018 13:12:54 GMT
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block
x-nginx-cache-status
MISS
content-encoding
gzip

Redirect headers

status
301
server
nginx
date
Thu, 10 May 2018 13:12:54 GMT
content-type
text/html; charset=iso-8859-1
content-length
330
location
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
cache-control
max-age=0
expires
Thu, 10 May 2018 13:12:54 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
MISS
ps.css
www.schwab.com/public/file/PROSPECT-CSS/ 		73 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.schwab.com/public/file/PROSPECT-CSS/ps.css
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
c0a15b8289cc10469828a1c95405fde87363446bd8c71fa67d6956eae3aa4cb7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:54 GMT
content-encoding
gzip
server
Microsoft-IIS/7.5
cache-control
private
vary
Accept-Encoding
content-type
text/css
status
200
x-n
S
content-length
17016
x-xss-protection
1; mode=block
/
www.schwab.com/secure/asset/short/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.schwab.com/secure/asset/short/?cmsid=PS-HEAD-SCRIPT-BUNDLE
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:54 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="CAO CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELi OUR DEL SAMi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA GOV"
status
200
cache-control
private, max-age=600
content-type
text/html; charset=utf-8
content-length
36498
x-xss-protection
1; mode=block
asset
www.schwab.com/system/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.schwab.com/system/asset?cmsid=PS-TAG-HEADER&filename=hbx.js
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1f0f7538e4698980f28bdf9d279e8730d37ca780448465214f44261c3782ad2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 May 2018 13:12:54 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="CAO CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELi OUR DEL SAMi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA GOV"
status
200
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
5431
x-xss-protection
1; mode=block
expires
-1
file
www.schwab.com/public/ 		26 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.schwab.com/public/file?cmsid=LOGIN-STYLES&filename=main.css
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
e87107962df2fa9db2bfb003dcb609f364cc8964242f1a7f8af98239e44ca472
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:54 GMT
content-encoding
gzip
server
Microsoft-IIS/7.5
cache-control
private
vary
Accept-Encoding
content-type
text/css
status
200
x-n
S
content-length
7682
x-xss-protection
1; mode=block
short
www.als-alexander.org/system/asset/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.als-alexander.org/system/asset/short?cmsid=PR-HOME-EMB,BLANK-ASSET&pgformat=js&persjs=y
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.25.23.45 , Greece, ASN199081 (LANCOM Athens - Greece, GR),
Reverse DNS
linux26.name-servers.gr
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/system/asset/short?cmsid=PR-HOME-EMB,BLANK-ASSET&pgformat=js&persjs=y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.als-alexander.org
referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
:scheme
https
:method
GET
Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
x-xss-protection
1; mode=block
1099s-now-available-online.png
www.schwab.com/secure/file/P-10712105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.schwab.com/secure/file/P-10712105/1099s-now-available-online.png
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
801f0785aea4545b2157db90efa2d29aa24a48ed603eefb6a0c1c0dc3d112a68
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Thu, 10 May 2018 13:12:54 GMT
cache-control
private
server
Microsoft-IIS/7.5
content-length
9086
x-xss-protection
1; mode=block
content-type
image/png
schwab-mobile-for-ipad-and-android.png
www.schwab.com/secure/file/P-10712105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.schwab.com/secure/file/P-10712105/schwab-mobile-for-ipad-and-android.png
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
6f9a0cbb8bf670b85178d21f2f5f384e00793fde7a05d6cbd3feea3346667703
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Thu, 10 May 2018 13:12:54 GMT
cache-control
private
server
Microsoft-IIS/7.5
content-length
5435
x-xss-protection
1; mode=block
content-type
image/png
schwab-personal-trust-services.png
www.schwab.com/secure/file/P-10712105/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.schwab.com/secure/file/P-10712105/schwab-personal-trust-services.png
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
7085fa2163e84409587d2b1a11f2bb2a8ccaf17e79a0567ca72fabc1b9b51c52
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Thu, 10 May 2018 13:12:54 GMT
cache-control
private
server
Microsoft-IIS/7.5
content-length
11984
x-xss-protection
1; mode=block
content-type
image/png
we-want-to-hear-from-you.png
www.schwab.com/secure/file/P-10712105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.schwab.com/secure/file/P-10712105/we-want-to-hear-from-you.png
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
951c8488d402f50fd6a952cfcdfaeb613ea6ea09b6611f83e502c0a97de378e9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Thu, 10 May 2018 13:12:54 GMT
cache-control
private
server
Microsoft-IIS/7.5
content-length
8327
x-xss-protection
1; mode=block
content-type
image/png
GlanceCobrowseLoader_3.2.2M.js
content.schwab.com/glance/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.schwab.com/glance/GlanceCobrowseLoader_3.2.2M.js
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
HTTP/1.1
Server
104.109.80.74 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-80-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce18412ac1c6650c3ec74f0b04e93765c09d932c363cb934630854155db80403

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 13:12:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Feb 2016 19:14:17 GMT
Server
Apache
ETag
"32ede0528eb83a1f6c98c3cef4ce0a85:1454440457"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, GET, GET, GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2784
asset
www.als-alexander.org/system/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.als-alexander.org/system/asset?cmsid=PS-TAG-FOOTER&filename=hbx.js
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.25.23.45 , Greece, ASN199081 (LANCOM Athens - Greece, GR),
Reverse DNS
linux26.name-servers.gr
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/system/asset?cmsid=PS-TAG-FOOTER&filename=hbx.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.als-alexander.org
referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
:scheme
https
:method
GET
Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
x-xss-protection
1; mode=block
file
www.schwab.com/public/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.schwab.com/public/file?cmsid=LOGIN-SUPPORT-SCRIPTS&filename=main.js
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
96b3fb66dedebf8abd9b9a5885e3b8c6f434f1d536a75f775f1b62c273fdd567
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:54 GMT
content-encoding
gzip
server
Microsoft-IIS/7.5
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
private
content-length
2008
x-xss-protection
1; mode=block
xpxe4op6q0.js
tracker.marinsm.com/tracker/async/ 		0
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.marinsm.com/tracker/async/xpxe4op6q0.js
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
HTTP/1.1
Server
104.109.71.22 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-71-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 13:12:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=1497
Connection
keep-alive
X-MarinTrackerVersion
3
Content-Length
20
Expires
Thu, 10 May 2018 13:37:51 GMT
background_image_exblur_dev2b.jpg
content.schwab.com/web/login/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.schwab.com/web/login/background_image_exblur_dev2b.jpg
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
HTTP/1.1
Server
104.109.80.74 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-80-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
689137464c584b5cc1afb209ecf7e0ef9b0ac8648b0d0945561edaf46f650c40

Request headers

Referer
https://www.schwab.com/public/file?cmsid=LOGIN-STYLES&filename=main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 13:12:54 GMT
Last-Modified
Mon, 19 Jun 2017 20:55:41 GMT
Server
Apache
ETag
"b7e11a480b99f556a48bb74e6060071c:1497905741"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62595
schwabsafe_logo.svg
content.schwab.com/web/login/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.schwab.com/web/login/schwabsafe_logo.svg
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
HTTP/1.1
Server
104.109.80.74 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-80-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631

Request headers

Referer
https://www.schwab.com/public/file?cmsid=LOGIN-STYLES&filename=main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 13:12:54 GMT
Last-Modified
Tue, 20 Jun 2017 20:14:24 GMT
Server
Apache
ETag
"7449c161258eba54600debcbd1229b1d:1497989664"
Content-Type
image/svg+xml
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2058
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
CharlesModern-Light.woff
www.schwab.com/public/file/P-6220301/ 		0
0
short
www.als-alexander.org/system/asset/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.als-alexander.org/system/asset/short?cmsid=PR-HOME-EMB,BLANK-ASSET&pgformat=js&persjs=y
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.25.23.45 , Greece, ASN199081 (LANCOM Athens - Greece, GR),
Reverse DNS
linux26.name-servers.gr
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/system/asset/short?cmsid=PR-HOME-EMB,BLANK-ASSET&pgformat=js&persjs=y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.als-alexander.org
referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
:scheme
https
:method
GET
Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
x-xss-protection
1; mode=block
CharlesModern-Light.ttf
www.schwab.com/public/file/P-6220301/ 		0
0
short
www.als-alexander.org/system/asset/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.als-alexander.org/system/asset/short?cmsid=PR-HOME-EMB,BLANK-ASSET&pgformat=js&persjs=y
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.25.23.45 , Greece, ASN199081 (LANCOM Athens - Greece, GR),
Reverse DNS
linux26.name-servers.gr
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/system/asset/short?cmsid=PR-HOME-EMB,BLANK-ASSET&pgformat=js&persjs=y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.als-alexander.org
referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
:scheme
https
:method
GET
Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
x-xss-protection
1; mode=block
linear-gradient(-180deg,
www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/Charles%20Schwab%20and%20Co.,%20Inc%20_%20Login_files/ 		475 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/Charles%20Schwab%20and%20Co.,%20Inc%20_%20Login_files/linear-gradient(-180deg,
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.25.23.45 , Greece, ASN199081 (LANCOM Athens - Greece, GR),
Reverse DNS
linux26.name-servers.gr
Software
nginx /
Resource Hash
e14c4236c71982d8fb9f3da850537b8bfb759c5f883a1f437d9719bdc7e26884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/Charles%20Schwab%20and%20Co.,%20Inc%20_%20Login_files/linear-gradient(-180deg,
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.als-alexander.org
referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
:scheme
https
:method
GET
Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
x-xss-protection
1; mode=block
CharlesModern-Regular.woff
www.schwab.com/public/file/P-6220301/ 		0
0
CharlesModern-Regular.ttf
www.schwab.com/public/file/P-6220301/ 		0
0
SIP-review.png
www.schwab.com/secure/file/P-10712105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.schwab.com/secure/file/P-10712105/SIP-review.png
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
7b26513d14423d347ee5dc3f0929eec0d6075054099756b5785f4bacc99b9b67
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Thu, 10 May 2018 13:12:54 GMT
cache-control
private
server
Microsoft-IIS/7.5
content-length
10959
x-xss-protection
1; mode=block
content-type
image/png
Personal_trust.png
www.schwab.com/secure/file/P-10712105/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.schwab.com/secure/file/P-10712105/Personal_trust.png
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
SPDY
Server
104.109.77.211 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-211.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 /
Resource Hash
d9f73d0148cd68935a0280905b8431cd5dfc895a37aa6bc8e2c274ac43a407f0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Thu, 10 May 2018 13:12:54 GMT
cache-control
private
server
Microsoft-IIS/7.5
content-length
15546
x-xss-protection
1; mode=block
content-type
image/png
asset
www.als-alexander.org/system/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.als-alexander.org/system/asset?cmsid=PS-TAG-FOOTER&filename=hbx.js
Requested by
Host: www.als-alexander.org
URL: https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.25.23.45 , Greece, ASN199081 (LANCOM Athens - Greece, GR),
Reverse DNS
linux26.name-servers.gr
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/system/asset?cmsid=PS-TAG-FOOTER&filename=hbx.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.als-alexander.org
referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
:scheme
https
:method
GET
Referer
https://www.als-alexander.org/schwab/schwab.compublicschwabnnloginlogin.html&lang=en/d67e5228b66fe4cb0e2ed23c697d4928/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.schwab.com
URL
https://www.schwab.com/public/file/P-6220301/CharlesModern-Light.woff
Domain
www.schwab.com
URL
https://www.schwab.com/public/file/P-6220301/CharlesModern-Light.ttf
Domain
www.schwab.com
URL
https://www.schwab.com/public/file/P-6220301/CharlesModern-Regular.woff
Domain
www.schwab.com
URL
https://www.schwab.com/public/file/P-6220301/CharlesModern-Regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Charles Schwab (Financial)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| _mTrack boolean| APTload string| waEnvId string| tmsActiveDomain string| tmsActiveDomainDWT object| re undefined| waLanguage string| proactiveChatHost string| reactiveChatHost string| waCategoryName string| waPageName boolean| wa_enable number| hexcase string| b64pad number| chrsz string| sendBid boolean| wa_global_disable function| SHA256 function| getCookie function| fetchBrowserId function| base64ToAscii function| mkTmsCookie function| str2ab function| bin2String function| createGuid object| scatAccounts object| utag_data object| TagParameters function| openPopup function| menuLink function| isValidUrl undefined| ie object| x object| loginBanners object| _schw object| GLANCE number| n object| loginBannerData

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.schwab.com
moedux.cf
tracker.marinsm.com
www.als-alexander.org
www.schwab.com
www.schwab.com
104.109.71.22
104.109.77.211
104.109.80.74
185.25.23.45
198.54.126.40
0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631
2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048
689137464c584b5cc1afb209ecf7e0ef9b0ac8648b0d0945561edaf46f650c40
6f9a0cbb8bf670b85178d21f2f5f384e00793fde7a05d6cbd3feea3346667703
7085fa2163e84409587d2b1a11f2bb2a8ccaf17e79a0567ca72fabc1b9b51c52
70faeb5b9e0e8baeea4529d325c6a6db8a8fd812f7e198d797cdaf5a889faabb
7b26513d14423d347ee5dc3f0929eec0d6075054099756b5785f4bacc99b9b67
801f0785aea4545b2157db90efa2d29aa24a48ed603eefb6a0c1c0dc3d112a68
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
951c8488d402f50fd6a952cfcdfaeb613ea6ea09b6611f83e502c0a97de378e9
96b3fb66dedebf8abd9b9a5885e3b8c6f434f1d536a75f775f1b62c273fdd567
c0a15b8289cc10469828a1c95405fde87363446bd8c71fa67d6956eae3aa4cb7
ce18412ac1c6650c3ec74f0b04e93765c09d932c363cb934630854155db80403
d1f0f7538e4698980f28bdf9d279e8730d37ca780448465214f44261c3782ad2
d9f73d0148cd68935a0280905b8431cd5dfc895a37aa6bc8e2c274ac43a407f0
e14c4236c71982d8fb9f3da850537b8bfb759c5f883a1f437d9719bdc7e26884
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87107962df2fa9db2bfb003dcb609f364cc8964242f1a7f8af98239e44ca472