mailsdkf5.tk
Open in
urlscan Pro
23.254.147.26
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On August 23 via api from GB
Summary
This is the only time mailsdkf5.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nedbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
50 | 23.254.147.26 23.254.147.26 | 54290 (HOSTWINDS) (HOSTWINDS - Hostwinds LLC.) | |
1 | 168.142.204.33 168.142.204.33 | 3741 (IS) (IS) | |
52 | 3 |
ASN54290 (HOSTWINDS - Hostwinds LLC., US)
PTR: dal-shared-1.masterns.com
mailsdkf5.tk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
50 |
mailsdkf5.tk
mailsdkf5.tk |
370 KB |
1 |
nedsecure.co.za
netbank.nedsecure.co.za |
40 KB |
0 |
alliedplastics.in
Failed
alliedplastics.in Failed |
|
52 | 3 |
Domain | Requested by | |
---|---|---|
50 | mailsdkf5.tk |
mailsdkf5.tk
|
1 | netbank.nedsecure.co.za |
mailsdkf5.tk
|
0 | alliedplastics.in Failed |
mailsdkf5.tk
|
52 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
netbank.nedsecure.co.za |
www.nedbank.co.za |
www.netbankdemo.co.za |
nedbankonlinetrading.nedsecure.co.za |
www.entrust.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
netbank.nedsecure.co.za Entrust Certification Authority - L1M |
2018-10-22 - 2020-10-22 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
http://mailsdkf5.tk/c20/cgi-lin/ATTACHMENT-NED-2018-SURE.htm
Frame ID: 6D30FF6A54844A4BDCF4BBB4E54134A6
Requests: 47 HTTP requests in this frame
Frame:
http://mailsdkf5.tk/c20/cgi-lin/ForgetPasswordInfo.htm
Frame ID: F0CB9060CD20EFA6E6F42F6D171E67D3
Requests: 2 HTTP requests in this frame
Frame:
http://mailsdkf5.tk/c20/cgi-lin/Welcome.htm
Frame ID: 83ABC86C9FC5A05731441681C7138225
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Logon to NetBankDetected technologies
OpenSSL (Web Server Extensions) ExpandDetected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Title: Online Security
Search URL Search Domain Scan URL
Title: Apply
Search URL Search Domain Scan URL
Title: NetBank Demo
Search URL Search Domain Scan URL
Title: NetBank User Guide
Search URL Search Domain Scan URL
Title: More About NetBank
Search URL Search Domain Scan URL
Title: Talk to Us
Search URL Search Domain Scan URL
Title: Personal Money Manager
Search URL Search Domain Scan URL
Title: Online Share Trading
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Trusteer Rapport Security
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Click here
Search URL Search Domain Scan URL
Title: Fees
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Legal Requirements
Search URL Search Domain Scan URL
Title: Glossary
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
ATTACHMENT-NED-2018-SURE.htm
mailsdkf5.tk/c20/cgi-lin/ |
186 KB 187 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rapi.js
mailsdkf5.tk/c20/cgi-lin/ |
183 B 552 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info.css
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
mailsdkf5.tk/c20/cgi-lin/ |
5 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.css
mailsdkf5.tk/c20/cgi-lin/PageLoading_data/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Nedbank.css
mailsdkf5.tk/c20/cgi-lin/PageLoading_data/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
mailsdkf5.tk/c20/cgi-lin/ |
78 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JQuery.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDDialog.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDPolling.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MyFinancialLife.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RTCCutoff.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DarkHours.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_down.gif
mailsdkf5.tk/c20/cgi-lin/images/ |
56 B 411 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.gif
mailsdkf5.tk/c20/cgi-lin/images/ |
56 B 411 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NedbankLogo.gif
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu_shadow_left.jpg
mailsdkf5.tk/c20/cgi-lin/ |
405 B 763 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ResetPassword.js
mailsdkf5.tk/c20/cgi-lin/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login_Top.gif
mailsdkf5.tk/c20/cgi-lin/ |
230 B 586 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Left.gif
mailsdkf5.tk/c20/cgi-lin/ |
195 B 551 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.gif
mailsdkf5.tk/c20/cgi-lin/ |
587 B 944 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logonButton.jpg
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SubmitButton.jpg
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CancelButton.png
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Right.gif
mailsdkf5.tk/c20/cgi-lin/ |
197 B 553 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login_Bottom.gif
mailsdkf5.tk/c20/cgi-lin/ |
233 B 589 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Top.gif
mailsdkf5.tk/c20/cgi-lin/ |
244 B 600 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner_4.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner_2.jpg
mailsdkf5.tk/c20/cgi-lin/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner_3.jpg
mailsdkf5.tk/c20/cgi-lin/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keyboard.jpg
mailsdkf5.tk/c20/cgi-lin/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Bottom.gif
mailsdkf5.tk/c20/cgi-lin/ |
247 B 603 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alertIcon.gif
mailsdkf5.tk/c20/cgi-lin/ |
754 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EntrustLogo.gif
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PSALogo.gif
mailsdkf5.tk/c20/cgi-lin/ |
448 B 805 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AskOnceLogo.gif
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NedbankFooterLogo.gif
mailsdkf5.tk/c20/cgi-lin/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDDialog.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDPolling.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JQuery.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDDialog.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDPolling.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MyFinancialLife.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RTCCutoff.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DarkHours.js
mailsdkf5.tk/c20/cgi-lin/CachePage_data/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ForgetPasswordInfo.htm
mailsdkf5.tk/c20/cgi-lin/ Frame F0CB |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Welcome.htm
mailsdkf5.tk/c20/cgi-lin/ Frame 83AB |
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ContentFrame.css
alliedplastics.in/n1/ForgetPasswordInfo_data/ Frame F0CB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ContentFrame.css
mailsdkf5.tk/c20/cgi-lin/ForgetPasswordInfo_data/ Frame 83AB |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainImage.jpg
mailsdkf5.tk/c20/cgi-lin/Welcome_data/ Frame 83AB |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- alliedplastics.in
- URL
- http://alliedplastics.in/n1/ForgetPasswordInfo_data/ContentFrame.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nedbank (Banking)79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| event function| openclose object| rn_img1on object| rn_img1off object| rn_img2on object| rn_img2off function| showtip function| hidetip function| transfer_on_confirm function| GetPage function| MaxFrameHeight function| OnLoad function| rHarvest function| $ function| jQuery function| BigInteger object| M string| ApplicationPath string| GlobalBrand object| $this object| AJAXPageDisable function| LoadScript function| CreateNamespace object| jsCommon function| ProcessResetPasswordAjaxUSSD string| controlPrefix object| divErrorMsg function| AjaxErrorRetrievingResetPasswordUSSD function| EnableNewAndConfirmPassword object| Nedbank string| sizeOfUpperFrame undefined| warningWin object| UndoValidateChanges object| ValidateCtrlParms object| ValidateCtrlIds object| ValidateTableParms object| ValidateTableIds object| BrowserDetect string| versionNum function| ContentInit function| ContentResize object| USSDDialog object| USSDDialog1 function| SetNonceValue object| USSD object| USSD1 object| framesCommon object| logonForm boolean| hasSubmitStarted undefined| LoadTime undefined| SubmitTime function| PageGetSubmitTime function| PageGetLoadTime function| ValidateAndReset function| ValidateAndResetSubmit function| ProcessResetPasswordSubmitAjax function| AjaxErrorRetrievingResetPasswordSubmit function| CancelResetPassword function| ProcessResetPasswordAjax function| AjaxErrorRetrievingResetPassword function| SubmitToVerifyPage function| ValidateAndSubmit function| ajax_jsonp_call function| ajax_post_callBack function| ValidatePassword function| ComparePasswords function| EnterCatch number| NonceValue string| IncorrectSecretLength1 string| InvalidSymbolInPassword1 string| MinimumRestriction1 string| InvalidConfirmPassword1 string| BlankConfirmPassword1 string| ResponseProfile string| ResponsePin object| EmptyFormOnSubmitEvents function| Events object| validate_obj object| focusInput0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alliedplastics.in
mailsdkf5.tk
netbank.nedsecure.co.za
alliedplastics.in
168.142.204.33
23.254.147.26
00b4391c98e490dd34a2996c7774060c7b6392d8000e55d2750f370fa388e022
04a07a2d47ac28097936104995b996bd289c14e99783ecc2e9f880a36b5f877f
125d3b4a2a3be29b0f560d827f1be4fd1573bf70d9c1d2c85eb7d88da4badcc2
1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c
1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046
3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77
3b74da1dc5e115969985bf88ffcb65065b9f20b803dacdb406cf136f73629db9
424eb6c025744e388d160dc14794ab0ac245dd0833ddaca492358225a5e6255e
43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf
443ffea27d512002cf9c6cf790db768319ccb4166114522d7851586db9d12b37
45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979
5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4
5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e
5f5077cb7cdffe7e22862fbe4b9594099092cf655df8d7df889fcb0a2d8e0fe8
6c0d18cfe9d30cce0dd1227d8b731375058ef8046e3622f588561643605a8656
6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917
71b1e6fa4eacd771334533831e6b1c176ebc05b66661c9bdb01022ac4be0d7bb
7c368d5b685622ffaa33c0dcaacd8f57cbed9cdbf40d105f25b89e79d4fe4a3b
811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3
87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6
89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86
9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050
9af13455e5bbb1512bb3ada4d78a60c51d03d2e3c22a5b2c1f12f9804ab9e360
a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70
b033d093b779ff24ba2336e66776d5248f2a72bc2f581345242c3018e2e74888
b76c521158683cee2561f012eb21669061226d40d8718a51a5baa4bb10aa079b
bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc
c4710f862b06ce2fa554b66f9a0d1fb61f89fa8d3afbdcc5b6ffc0f386b80e74
ce99331107e7176def8527e26eacbeab675e40cd119dbae4da138ea348e4ac0e
d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2
d93d5de642569242af13f59efe0fb4fc7bfaae83b01eb84966183c15fffc8f1d
f59b7978885e1ce59874d8b42ecdeeaf96eaecbe4eaa3299748805ec6c8cc5bb
fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d