myir.ird.govt.nz.nze.dns-dynamic.net
Open in
urlscan Pro
3.107.13.217
Malicious Activity!
Public Scan
Effective URL: https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/home.php?&Fv6jNpXLg3FNtoHm2wlbx9wjt4msbvXCBa28Z9oaCcaq2TiMCkvvtvKnNLOptCRv7qkEZV0it37UPSR...
Submission Tags: @phish_report
Submission: On May 21 via api from FI — Scanned from NZ
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 21st 2024. Valid for: 3 months.
This is the only time myir.ird.govt.nz.nze.dns-dynamic.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NZ Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 26 | 3.107.13.217 3.107.13.217 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2404:6800:400... 2404:6800:4006:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2404:6800:400... 2404:6800:4006:814::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 138.235.20.10 138.235.20.10 | 136990 (IRD-NZ-AS...) (IRD-NZ-AS-CLOUD-AP Inland Revenue Department) | |
2 | 138.235.20.11 138.235.20.11 | 136990 (IRD-NZ-AS...) (IRD-NZ-AS-CLOUD-AP Inland Revenue Department) | |
33 | 5 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-107-13-217.ap-southeast-2.compute.amazonaws.com
myir.ird.govt.nz.nze.dns-dynamic.net |
ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ)
services.ird.govt.nz |
ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ)
myir.ird.govt.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
dns-dynamic.net
4 redirects
myir.ird.govt.nz.nze.dns-dynamic.net |
225 KB |
4 |
ird.govt.nz
services.ird.govt.nz myir.ird.govt.nz |
19 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 |
21 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
301 KB |
33 | 4 |
Domain | Requested by | |
---|---|---|
26 | myir.ird.govt.nz.nze.dns-dynamic.net |
4 redirects
myir.ird.govt.nz.nze.dns-dynamic.net
|
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | www.googletagmanager.com |
myir.ird.govt.nz.nze.dns-dynamic.net
www.googletagmanager.com |
2 | myir.ird.govt.nz | |
2 | services.ird.govt.nz | |
33 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ird.govt.nz |
myir.ird.govt.nz |
www.govt.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
myir.ird.govt.nz.nze.dns-dynamic.net ZeroSSL RSA Domain Secure Site CA |
2024-05-21 - 2024-08-19 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
services.ird.govt.nz DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-14 - 2024-11-14 |
a year | crt.sh |
myir.ird.govt.nz DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2024-02-19 - 2025-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/home.php?&Fv6jNpXLg3FNtoHm2wlbx9wjt4msbvXCBa28Z9oaCcaq2TiMCkvvtvKnNLOptCRv7qkEZV0it37UPSR68N2fziejKITDZRn5Avx2NE26iH2FdrNjA74VQFN30vQQZ6TtXZLGxwAAP17xhgGh40E3QgNG7C5dW3UGVMXymsGjgfyg4Y6ZL3jjSlcqxxONYSVVytYvWCYS
Frame ID: AFD3F9CBE94148F40ED787E49B0716A6
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
Inland Revenue - Te Tari Taake, New ZealandPage URL History Show full URLs
-
http://myir.ird.govt.nz.nze.dns-dynamic.net/
HTTP 307
https://myir.ird.govt.nz.nze.dns-dynamic.net/ HTTP 302
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe?&nAyQzPcn0qKjPEaukTDoOdUBHkWG6mlvsi2oH7gq9nmFTcq5OxfpzbnS7K6ZykIGf65b... HTTP 307
http://myir.ird.govt.nz.nze.dns-dynamic.net/ HTTP 302
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe?&stvmEhUvUBg1ffq1TowOPnastyLxZqD1B9S7JeGmfNBVQyouni7ASBXvucp7OnA8BVqJ... HTTP 301
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/?&stvmEhUvUBg1ffq1TowOPnastyLxZqD1B9S7JeGmfNBVQyouni7ASBXvucp7OnA8BVq... HTTP 302
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/home.php?&Fv6jNpXLg3FNtoHm2wlbx9wjt4msbvXCBa28Z9oaCcaq2TiMCkvvtvKnNLO... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Inland Revenue homepage
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Forgot user ID?
Search URL Search Domain Scan URL
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Not yet registered?
Search URL Search Domain Scan URL
Title: Help logging in
Search URL Search Domain Scan URL
Title: Conditions of use
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://myir.ird.govt.nz.nze.dns-dynamic.net/
HTTP 307
https://myir.ird.govt.nz.nze.dns-dynamic.net/ HTTP 302
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe?&nAyQzPcn0qKjPEaukTDoOdUBHkWG6mlvsi2oH7gq9nmFTcq5OxfpzbnS7K6ZykIGf65bhrpAoDhapzwJnimARxLNH5C1o9Q1FMfibgsRFNtdXfLpkqopHFxksOSBwKJTeJmfjBwjCb8mmIxStk35n1jV9dOXNfmdGmWeto1fdKabvEo0FYJaicwUvqTeAHlWm3Wr5pOC HTTP 307
http://myir.ird.govt.nz.nze.dns-dynamic.net/ HTTP 302
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe?&stvmEhUvUBg1ffq1TowOPnastyLxZqD1B9S7JeGmfNBVQyouni7ASBXvucp7OnA8BVqJ8oygY08MclPNZDCCbE0c3CtiJVSAd7qgeowTerYvLM3YWN8vpx7qLwsgtX7ZaOmFPYpVd4fqIfmGB5JENt2sfNoWsBdCaSxsgpuynZrX1SZQe5Yf7YU2Jw3TRI4wWNAyUOr2 HTTP 301
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/?&stvmEhUvUBg1ffq1TowOPnastyLxZqD1B9S7JeGmfNBVQyouni7ASBXvucp7OnA8BVqJ8oygY08MclPNZDCCbE0c3CtiJVSAd7qgeowTerYvLM3YWN8vpx7qLwsgtX7ZaOmFPYpVd4fqIfmGB5JENt2sfNoWsBdCaSxsgpuynZrX1SZQe5Yf7YU2Jw3TRI4wWNAyUOr2 HTTP 302
https://myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/home.php?&Fv6jNpXLg3FNtoHm2wlbx9wjt4msbvXCBa28Z9oaCcaq2TiMCkvvtvKnNLOptCRv7qkEZV0it37UPSR68N2fziejKITDZRn5Avx2NE26iH2FdrNjA74VQFN30vQQZ6TtXZLGxwAAP17xhgGh40E3QgNG7C5dW3UGVMXymsGjgfyg4Y6ZL3jjSlcqxxONYSVVytYvWCYS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
home.php
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/ Redirect Chain
|
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_002
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
170 KB 170 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-base.css
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-sm.css
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-md.css
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-lg.css
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-myir-lg.PNG
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-realme.png
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-new-window-white.png
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
164 B 471 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-padlock.png
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logout.gif
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
43 B 349 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oam_logout_success.gif
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
323 B 323 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
New_Zealand_Government_logo.svg
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
6 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.js
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
389 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-myir-lg.png
myir.ird.govt.nz.nze.dns-dynamic.net/kia-oe/img/ |
323 B 323 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
303 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
292 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 186 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 93 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
favicon.ico
services.ird.govt.nz/irsso/resources/img/ |
7 KB 7 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
favicon.ico
services.ird.govt.nz/irsso/resources/img/ |
7 KB 7 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.png
myir.ird.govt.nz/Icon/ |
829 B 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
myir.ird.govt.nz/Icon/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NZ Government (Government)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
myir.ird.govt.nz.nze.dns-dynamic.net/ | Name: PHPSESSID Value: 6s7vp00o9jsof2kodhf1ju5osr |
|
.dns-dynamic.net/ | Name: _ga_M92SHK1114 Value: GS1.1.1716319047.1.0.1716319047.0.0.0 |
|
.dns-dynamic.net/ | Name: _ga_BZ87Q5B94Z Value: GS1.1.1716319047.1.0.1716319047.0.0.0 |
|
.dns-dynamic.net/ | Name: _ga Value: GA1.2.1064191814.1716319047 |
|
.dns-dynamic.net/ | Name: _gid Value: GA1.2.390233560.1716319047 |
|
.dns-dynamic.net/ | Name: _gat_UA-235836-45 Value: 1 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
myir.ird.govt.nz
myir.ird.govt.nz.nze.dns-dynamic.net
services.ird.govt.nz
www.google-analytics.com
www.googletagmanager.com
138.235.20.10
138.235.20.11
2404:6800:4006:80b::2008
2404:6800:4006:814::200e
3.107.13.217
0c2c254eca634c39634f2747eb66b9d3149be28aab183082f9b996033407e95a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20b346aaca8b83790ae349e5bcc24baf858b72583d6cd83c18ff5beb48d21f6c
3cdbdfd59038f742e5ef68f8a0b560653ffbc1edb7dd092125182689db3fff6e
450e366c94a84699e79e65d3dcc3f84f966f22259d2090f16ccf74b77caa27c2
46943bf9204a42b2f42496805bb24eac54387d55efce08da8c0b7011f5c998f6
4d407be54018aec8b0377456de982568ba3e889643af298bc411a306f089562f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fff28609a3d1f62a697b80c5a5517385ac7cf0767edc9eabcc25b113d5865c7
700367aa13d61559d5d279322b2eb8a1d86595b01202c6e0f256f7010331ecc7
7bce1816c1a043accc42ee2a38bf2a76db546095ccb1bb6238a2ef0c4aab5a73
80dc5c22254f0d0b96ebdd0fdba44c6a5b53c7ba44ea697e9784c038ea249f75
a322817ab899743331149fde45794dad95b777581eab584c6f6e68f4c72c40dc
a867943372f6f7a9ad62e54eef1fc0116dea05e68873c9b886cc0ba05cd0ec2b
ab7963fb70ccef996d6b8d3b941d581e5bb486ea4650143d98275206e99651b0
ad76a21531ed9a54d1b3a5191f62c41470d75b631a6c867a2ebeabc185a4add9
b61b2a05332a7459306aa7c454824c03db25d36db255ff0e28bcee6e225d218e
d661431d1c3c5282bf55dd55f7c351fc403728786b99c2afcb1305accbc34752
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bcac34b1e0d8ff5a5ddaddede5ca137c926d174d9c489cf16aa06bd742da87
eee5fbb3381b35db7e69f82e44643d1183f10c4617fa6e4666d43e0ee236b309