personal.bnz.co.ew.cloudns.nz
Open in
urlscan Pro
108.165.237.187
Malicious Activity!
Public Scan
Effective URL: https://personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/login.php?&nbuhrCsIDnT2vZ42S04GO2KUNdfib0CqOlL5rkeTjpxxgQtLqjHEbNjTZlVEZiyinVmH...
Submission: On December 20 via manual from AU — Scanned from NZ
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 19th 2023. Valid for: 3 months.
This is the only time personal.bnz.co.ew.cloudns.nz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 108.165.237.187 108.165.237.187 | 23470 (RELIABLESITE) (RELIABLESITE) | |
4 | 34.202.140.62 34.202.140.62 | 14618 (AMAZON-AES) (AMAZON-AES) | |
11 | 45.60.160.117 45.60.160.117 | 19551 (INCAPSULA) (INCAPSULA) | |
21 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-140-62.compute-1.amazonaws.com
dpm.demdex.net | |
anznz.demdex.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
anz.co.nz
digital.anz.co.nz |
517 KB |
5 |
cloudns.nz
1 redirects
personal.bnz.co.ew.cloudns.nz |
21 KB |
4 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208 anznz.demdex.net |
6 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
11 | digital.anz.co.nz |
personal.bnz.co.ew.cloudns.nz
digital.anz.co.nz |
5 | personal.bnz.co.ew.cloudns.nz |
1 redirects
personal.bnz.co.ew.cloudns.nz
|
3 | dpm.demdex.net |
personal.bnz.co.ew.cloudns.nz
digital.anz.co.nz |
1 | anznz.demdex.net |
personal.bnz.co.ew.cloudns.nz
|
21 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.anz.co.nz |
digital.anz.co.nz |
www.microsoft.com |
www.mozilla.org |
www.google.com |
help.anz.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
personal.bnz.co.ew.cloudns.nz Sectigo RSA Domain Validation Secure Server CA |
2023-12-19 - 2024-03-18 |
3 months | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
digital.anz.co.nz DigiCert EV RSA CA G2 |
2023-04-19 - 2024-05-19 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/login.php?&nbuhrCsIDnT2vZ42S04GO2KUNdfib0CqOlL5rkeTjpxxgQtLqjHEbNjTZlVEZiyinVmHMAxtOoHA8v1TWGjagB385vKhp2iRGvch7TFfbYpi7Jqt1jcjaFIHY93r5wGG1lSMeIRXZWhgSMdHXmKd3RHeO39jsNupTqWjQNz7gufJgRQxivyZpQ4eW0xvEoWeqJl8DUQM
Frame ID: 1415BAD45578905D986CCB238428374D
Requests: 21 HTTP requests in this frame
Frame:
https://anznz.demdex.net/dest5.html?d_nsid=0
Frame ID: 2A9BD65BBDC9B33B438746E6A14382DC
Requests: 1 HTTP requests in this frame
Frame:
https://personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/Otp_files/anz_logo_gradient.SVG
Frame ID: 73657CC6D2971A11F7EC47423F7B945B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ANZ: Internet Banking Log OnPage URL History Show full URLs
-
https://personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/
HTTP 302
https://personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/login.php?&nbuhrCsIDnT2vZ42S04GO2KUNdfib0CqOlL5rkeTjpxxgQtL... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Imperva (Security) Expand
Detected patterns
- /_Incapsula_Resource
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: ANZ Bank New Zealand Limited
Search URL Search Domain Scan URL
Title: Register now
Search URL Search Domain Scan URL
Title: Edge ®
Search URL Search Domain Scan URL
Title: Firefox ®
Search URL Search Domain Scan URL
Title: Chrome ®
Search URL Search Domain Scan URL
Title: More about our recommended software settings
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Log on
Search URL Search Domain Scan URL
Title: Security & Privacy Statement
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Title: Electronic Banking Conditions
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/
HTTP 302
https://personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/login.php?&nbuhrCsIDnT2vZ42S04GO2KUNdfib0CqOlL5rkeTjpxxgQtLqjHEbNjTZlVEZiyinVmHMAxtOoHA8v1TWGjagB385vKhp2iRGvch7TFfbYpi7Jqt1jcjaFIHY93r5wGG1lSMeIRXZWhgSMdHXmKd3RHeO39jsNupTqWjQNz7gufJgRQxivyZpQ4eW0xvEoWeqJl8DUQM Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/ Redirect Chain
|
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
834 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d-all-full-lood-when-holence-to-all-pratesse-I-p
digital.anz.co.nz/ |
230 KB 77 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script
digital.anz.co.nz/preauth/web/service/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo.js
digital.anz.co.nz/preauth/assets/fonts/licenced/myriad-pro/ |
19 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo-d.css
digital.anz.co.nz/preauth/assets/fonts/licenced/myriad-pro//c/ |
108 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.responsive.css
digital.anz.co.nz/preauth/assets/ |
127 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
digital.anz.co.nz/preauth/assets/ |
769 KB 229 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preauth.js
digital.anz.co.nz/preauth/assets/ |
143 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g.png
personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Savings-login.jpg
digital.anz.co.nz/App_Themes/Common/Images/sidebar/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
digital.anz.co.nz/ |
147 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
838 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
anznz.demdex.net/ Frame 2A9B |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-gradient.png
digital.anz.co.nz/preauth/assets/images/brand/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anz-icons.woff
digital.anz.co.nz/preauth/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anz_logo_gradient.SVG
personal.bnz.co.ew.cloudns.nz/kia-col/bank/ANZ/Otp_files/ Frame 7365 |
5 KB 6 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
personal.bnz.co.ew.cloudns.nz/ |
316 B 316 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anz-icons.ttf
digital.anz.co.nz/preauth/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
d-all-full-lood-when-holence-to-all-pratesse-I-p
digital.anz.co.nz/ |
737 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
839 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/anz-icons.woff?88b0600a601495d043793b3d6c58d55c
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/anz-icons.ttf?88b0600a601495d043793b3d6c58d55c
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture object| PreAuthPage object| Typekit function| a1_0xb91f function| a1_0x1d56 object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha function| createDeprecatedModule function| Visitor function| s_doPlugins function| AppMeasurement function| s_gi function| s_pgicq boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs object| trackingServer object| visitorObjectConfig undefined| domainSplit object| visitor object| s object| JSEncryptExports function| JSEncrypt object| EmberENV function| $ function| jQuery object| Ember object| Em function| _ object| html5 object| Modernizr object| s_c_il number| s_c_in number| s_objectID number| s_giq object| KJUR object| Hex object| Base64 function| ASN16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
personal.bnz.co.ew.cloudns.nz/ | Name: PHPSESSID Value: f3abibf0npa0jf864mselhmoql |
|
.anz.co.nz/ | Name: visid_incap_2646974 Value: /kOdtdvARJWTQPdmvROlzbNfgmUAAAAAQUIPAAAAAABMOg7aZ6nUbNflWkuJeVUS |
|
.anz.co.nz/ | Name: incap_ses_249_2646974 Value: pLFyIsMbEhPjw1Ls3KB0A7NfgmUAAAAAh1Ctt+KTL1QIjX7mxWAliQ== |
|
personal.bnz.co.ew.cloudns.nz/ | Name: ___utmvc Value: 3mTYF75phJNDLUUdfMZkZk+IVl2g6RQw8b9ouXUVFUs8RLJkBqzT9qxhD73dLkHlfho+Li50w2cwZMzejMomq1fg1ueiQPM9x65wZiz0v86FanhEinDzMHyDjmN2Niqb6USJGBjekW5NMWF22z+UeVwlj1a6cEfk4y5I+5SCSRcPWVpi28fLpw0w5ARzNcxgLMW5QQjeoxaWStONVHhKOsXKr0T+eIGsg1ndRJNdSjGtVd+R9LOX14pXj63PFkTZAvGsn0582MuizO40XeyP0mwNQT3SIubr/ogPJO9jPaqPgb9cArSEvkAm6sGF3hsDFwMMlKU2z7EGre7PKh12eEggoHsLkwRUiKlWHYjfs+oZa+5CBWUcI9MlDS/yhiDIctBe3q2vPs3cario+MB9zlNi4Lya3DeJw8hpxDNmXtBkS/NJPFpwQSQkfdPP10j+6RHHCKr1/aXfUk5GiUMkGw7bwtd8YRGioWCyItpms1eSlax7cIzfaC4Bp7Dw0iGF0Gkhh4bpLuZjHsfA67mT0zCgu3VK2UWThCPfzkq4IeKZ7UAyJAs0CgTGcN/F089szq25YtGzCtvrzueDY9jMtgSEkrL4f83geMVRj9+mtIOEQzJS8jQqBXRCstnouLbHsGLBKYoo8k2eHtRf9THQkA2KDVtQ07DDb1ER+PqPS9M9fgpcwchUXDCmEubdEkfVE0LBvqMNCswArkauYdEYaLjGFYr4Yr+CFFGiUk2jNdoZZun/+jSW+mOWUI3/q72ylFwwi0msVC4W4OmmsujRuucUvj7RcnRwvCSjVBScqkOngxvSghEd8s2lq5p+C8MgnDCRDWcqgR66U0tKIJ3LfRcf2592uWG+YZ2mHt7ksKG/3Otv0nwUB7oAVyW4BAM0qTIqrfnJIVbfL8nQCpIihbaEDKEeRR/1FcKqxUnD6c1DnM0HYV+4nzWYhnrKM1QHC55PO0/giZ6QVfeBHsRM58yU+D08IKKkoxYkwI3u8LyoN3+MhYJgThbJBehCJPeXo+/7vsn1SwlcOVo5ij7MVkPLdInc1rvH6X6ktCE9YNruKpejTTs5Q5Bzk6ZP3+F7yFf4NNYH5UhB82S90+cjAhRuPeXMnFkdoKM4Be47Dk6kRaykZggiowKX4OD2EO75yYPh86SHun4JmlVUUsLP8dyWDWRAm67mQ0r+YlTaZrmGYH8n1qJuVVxDWOo9pS0eye8gIqERSQT3eeikLvvvoQJygcvKz0LP9onpjeBQBwXIogmQWx2fC8vdYIH06+1uoCmPJ401aT/ZzCuokP0mGHWOt4lijGsjGX+JS9YogcafFlgNTAzGeyCGOX0/tJu9Grt7i1RXKZRx8U/8OmSxi/eFnzWKOJypxBmdx4gG7uRKT8GiCoKyY3iYKrQnzCeHYBWpd1ejxXdQsWIhvU1Q5rwWY2z34NUoU9rpv3WWPueYClhQ5ALgkmeBOvmscLzO9myVp9CICIXcLSFy/Jwn8y66YH0ho3XY5d6xGLS38zuPqYUGmkCz+ym9SkftsVNLneHe9zzCsqEdE29d4+Si6hO0yIpTaolmBwbw063o2UvZq7aXtlR5z0wTzOxT1RzVKk+bI0ig2TtgmTtACoNVDYUW46WjZUJ5AkwnLRsJ5wMSOrJnyOA3bvBUyFEC5Rsowb3KgiVCQe1CmKnIeW7uiznFSQnQq849dUJlv/q5ZEtS8jKK6r56/vxZmBPUVboavKUgxrttcsSFN59j078pOwo4OPyIVvJhYDmIevRJL/TfEuy2Uu9I6LSD7bUue2m9hhKdy38G96Ayi6wyw6Su0kqIxA1mLFmWKfli3eBIE/kmRL4kYmA1ozNbRkyqIa6xbp0qiXI1ZEXLPIs/idVxFLYcVSezQiULJUmLFXOCnv9m0EjghRwZANAZKQSmdqF1OF3324GHpm3Q/h149ZNHOmoXrNyHF/SxhQHX1TMWgqmnTlUuxRHI2vW/BIknxtIZqUvAl0yr3cyHKhFFnlxzfXQ0EILHTCdtnmvpM0KUMEReER7GWVM1ce27WOkqLhmLsDU7zB1zxNHQ8fA7XBKKlJ4rVn+e6TH08b67+LwmSni2eHd3FdXILCxCSM4yNeMsin+Gw+s+4Y1ME7JWHfYp0kasZ472YfsDrJggmzT/eO+ByMElLDfUs7iggePlfDMSXvWw0tMEzZrqvYvYKdciyfFemseMciSWhfrq9eLbHyNpx9+zGjlvig9WiqHrdNubko0fNT52hnxXjJCsiTivJk8XKG0sk4QFVrx/bUVBMSN+7mBnKQMFiWMYOEl8LVTFowk1wxKoWeDj+dz/WjtFgRIUuhA4OyGh15R4LQ6YhI22Fb45VtHZT/TeNRETZd1GntewSvvhX80e3/bF0pRbj06eHDqXRpPv4J7UDnYIB4Dyijdo7WDJNFhq8j39AWTLKKRw50fSPsA2oFIT/Vy3BHE4ikwgOcyxBZu7v5L8K2sutgju+rGs2uHTQyEdM2jJYNl3PYsB6k1Cro9XDxH/t09DDkFCuk4BURRUKSjc62R340xj7yg7XbkKGuMmlP1bhrPecIC/FqFX4LqdtSwqhgg/Gc6EHqOAwd52aZzZ+XPDr1DT53pIxw7zZ6AG63j+DfG01Hx+0qHQIqc3MSILBYLRDB6FwjCaxQ5iV7wNJrNe+tlgjSbA7SAVA+bkySCuJHkPcnYmW47pjIupOQsN1jAaKv5tNuBIUUPpfjnONeb6csXf4uZwyGWqjIAQovh/1ac9F5UaefOZCyj+WlPGXt5eVegoBvtbkYclR36qQGnQNICgJql3dPPOCV7fM+yAwq7ELGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4= |
|
.demdex.net/ | Name: demdex Value: 92204943823872514983297680324511190019 |
|
.cloudns.nz/ | Name: AMCV_4F78C81755B29B567F000101%40AdobeOrg Value: 283337926%7CMCIDTS%7C19712%7CMCAAMLH-1703647795%7C7%7CMCAAMB-1703647795%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCMID%7C92219263895918159653300203050145034804%7CMCAID%7CNONE |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
anznz.demdex.net
digital.anz.co.nz
dpm.demdex.net
personal.bnz.co.ew.cloudns.nz
digital.anz.co.nz
108.165.237.187
34.202.140.62
45.60.160.117
033507aeefb0c4b634f96824777a8edf96ea06fb69f0aaac3f79fe00b37e9383
1627eaba90ffada77b1ecdc8d7e045870c219b7ca608a626280de970a001ddbe
4b859d49c2bf00762b7e5c000e7a2d0721c3824b280ca29809c4e324bd897a70
5ea2f6f84165f0cc7a8bbabdc5c74d62683bb43d555e842648c0d90311f46de4
63f05bdd8a79c93e15d8d95cc55bcf66ddf8e90a7d3a71f17190d8243327ec6a
6b9c3e1cdac34aa860caabd9530a5376891b7a0bc6e56d73d2c7b52455316722
7320dceb76dec7cfc2ed7e6fd3450ba2d3076ecbee54b3e6d4b1e63b9d056b07
748e1308665cfc6f788d18be7bda66ed43e88dffdf5ca36d0501cf7ea944d6ac
793af3bf742e6704f754b7e4d735a14df448761c2e664cae372a03389c9e5337
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fe259bc16bad77020dab0c77cc1d5ef23dcf51e11b4b90f9f5b88bde4e3e72e
8c1b9893b9c83d4413c9bcf8e93337c153e46cf8c16f87d69e6657efeadd573d
a24327705e54f0611e00b9ccff97da33a603ca43f66e3be63c4bac5b06b48ccf
bf848ae1d38016648cbfd584425d650b598ffdad93f61591ef35a9a06608652d
c48627cca0acac1bbb30401c842c8c0b31b2429575fa27daa6ffcdd64f2f7da2
c89404f1564e543aa95db072387fd1f3f84998b748be83af3e1df75910991925
ca56be0afd8ae811b855bffe503e095c0b6deb1b52d7a7d42d0b6e6624e8bc97
cabf27b9010a84f5df8376633dadbb8abe437d0ce6d90839f9ebad472bcb93e7
e0b1acb0e098f44401d9d89902d17604b0eeb90d9873398e89efaadb2f4e0b43
f65d10cff42dc65331897e698fb3a386550bb0e6a610bd800b77d3c543b2ff7d
f7145983431ce1bb8e4ff31ceb22cc8b487a03fbd1b59061dadcfc8367b90566