reseaudesinstances-client.reuintillondecouncils.com
Open in
urlscan Pro
20.218.242.14
Malicious Activity!
Public Scan
Effective URL: http://reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification.php
Submission: On December 16 via automatic, source openphish — Scanned from DE
Summary
This is the only time reseaudesinstances-client.reuintillondecouncils.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Axa (Insurance)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 26 | 20.218.242.14 20.218.242.14 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:400d:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 156.154.246.59 156.154.246.59 | 19905 (ULTRADDOS) (ULTRADDOS) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 93.20.47.204 93.20.47.204 | 15557 (LDCOMNET) (LDCOMNET) | |
2 | 65.9.68.209 65.9.68.209 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 35.180.18.175 35.180.18.175 | 16509 (AMAZON-02) (AMAZON-02) | |
35 | 8 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
reseaudesinstances-client.reuintillondecouncils.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-209.fra56.r.cloudfront.net
logs1412.xiti.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-18-175.eu-west-3.compute.amazonaws.com
privacy.trustcommander.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
reuintillondecouncils.com
1 redirects
reseaudesinstances-client.reuintillondecouncils.com |
4 MB |
2 |
xiti.com
logs1412.xiti.com — Cisco Umbrella Rank: 53189 |
612 B |
2 |
gstatic.com
fonts.gstatic.com |
26 KB |
2 |
axa.fr
banque.axa.fr Failed www.axa.fr — Cisco Umbrella Rank: 646222 |
4 KB |
1 |
trustcommander.net
privacy.trustcommander.net — Cisco Umbrella Rank: 33919 |
567 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 |
1 KB |
35 | 6 |
Domain | Requested by | |
---|---|---|
26 | reseaudesinstances-client.reuintillondecouncils.com |
1 redirects
reseaudesinstances-client.reuintillondecouncils.com
|
2 | logs1412.xiti.com |
reseaudesinstances-client.reuintillondecouncils.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | privacy.trustcommander.net |
reseaudesinstances-client.reuintillondecouncils.com
|
1 | www.axa.fr |
reseaudesinstances-client.reuintillondecouncils.com
|
1 | fonts.googleapis.com |
reseaudesinstances-client.reuintillondecouncils.com
|
1 | banque.axa.fr |
reseaudesinstances-client.reuintillondecouncils.com
|
35 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
banque.axa.fr |
www.axa.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
www.axa.fr DigiCert SHA2 Extended Validation Server CA |
2022-09-23 - 2023-10-13 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
ouvriruncomptebancaire.axa.fr DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-23 - 2023-10-10 |
a year | crt.sh |
*.xiti.com Thawte RSA CA 2018 |
2022-04-29 - 2023-04-28 |
a year | crt.sh |
*.trustcommander.net Thawte RSA CA 2018 |
2022-03-09 - 2023-04-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification.php
Frame ID: 67D6652DE7DA56904F0F59C58C1FEDFC
Requests: 38 HTTP requests in this frame
Screenshot
Page Title
AuthentificationPage URL History Show full URLs
-
http://reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/
HTTP 302
http://reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
AT Internet XiTi (Analytics) Expand
Detected patterns
- xiti\.com/hit\.xiti
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Code d'accès oublié ou accès bloqué ?
Search URL Search Domain Scan URL
Title: Codes d'accès oubliés / Accès bloqué
Search URL Search Domain Scan URL
Title: Configuration et sécurité
Search URL Search Domain Scan URL
Title: Mentions légales
Search URL Search Domain Scan URL
Title: Politique Cookies
Search URL Search Domain Scan URL
Title: Données personnelles
Search URL Search Domain Scan URL
Title: Conditions générales et tarifaires
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/
HTTP 302
http://reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Authentification.php
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/ Redirect Chain
|
442 KB 156 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
123 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-novatio.css
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
axb_app.css
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
198 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
axb_app(1).css
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
41 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authent.jpg
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/ |
100 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
49 KB 49 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
205 KB 205 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modules-hashes-lib.min.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
10 KB 10 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
brand-i18n-lib.min.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
6 KB 7 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otp-wc-lib.min.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
126 KB 126 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
1 MB 1 MB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
772 KB 772 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eum.min.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
25 KB 25 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cadnas.jpg
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
domi-auth-fat.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
2 MB 2 MB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2a223646-f4d2-45dd-9361-e4871713b491
https://banque.axa.fr/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smarttag.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
70 KB 70 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privacy_v2_38.js.t%C3%A9l%C3%A9chargement
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/ |
68 KB 68 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a07dc036-3b06-454c-ba8a-c389ed35d5c7
http://reseaudesinstances-client.reuintillondecouncils.com/ |
6 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authent.jpg
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/ |
100 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
padlock.svg
www.axa.fr/content/dam/axa/desktop/banque-credits/banque-espace-client/ |
957 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authent.jpg
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/assets/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-bold.woff2
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-bold.woff
reseaudesinstances-client.reuintillondecouncils.com/recommandation/info/public/Authentification_files/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hit.xiti
logs1412.xiti.com/ |
35 B 307 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hit.xiti
logs1412.xiti.com/ |
35 B 305 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modules-hashes-lib.min.js
reseaudesinstances-client.reuintillondecouncils.com/novatio-core/modules-hashes-lib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
privacy.trustcommander.net/privacy-consent/ |
43 B 567 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
307 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modules-hashes-lib.min.js
reseaudesinstances-client.reuintillondecouncils.com/novatio-core/modules-hashes-lib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- banque.axa.fr
- URL
- blob:https://banque.axa.fr/2a223646-f4d2-45dd-9361-e4871713b491
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Axa (Insurance)80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| google_tag_data function| ga object| gaplugins object| google_tag_manager function| postscribe object| google_tag_manager_external object| dataLayer function| listenPost object| ModulesHashesLib object| BrandI18nLib object| OtpWcLib object| uxLib string| uxEfs object| ATInternet function| ATCustomEvent number| tcImplicit number| tcImplicitClick number| tcImplicitScroll number| tcReloadContainer number| tcScrollPercentage number| tcTrustTrigger string| tcTrustTriggerName string| tcImplicitType function| tcGetScrollPercent function| reloadAllContainers function| optinAndReload function| removeBanner undefined| optinOnScroll string| tCPrivacyTagManager function| tc_closePrivacyCenter function| tc_closePrivacyButton function| prepareAcmVendorConsent function| prepareConsent object| privacyForceHitDomain object| tagCategories object| tagVendors number| tc_privacy_used function| tC object| caReady function| cact function| appendBlockFraudWarning object| tag number| level2 function| getEmp function| getNavigator function| getLanguage function| getScreenResolution function| getNavigatorPlatform function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| detect function| t function| u function| A function| C function| y function| z function| B undefined| sjcl undefined| D undefined| E undefined| F undefined| G undefined| H object| angular function| _ function| moment object| timekeeper object| xhook object| domtoimage string| tcVendorsConsent string| tcCategoriesConsent object| overlay object| $authTitle3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.reuintillondecouncils.com/ | Name: TCPID Value: 122125132630243458146 |
|
reseaudesinstances-client.reuintillondecouncils.com/ | Name: atuserid Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%225ed0fa77-5c2c-4c47-a2ea-6e55e4dd1cb6%22%2C%22options%22%3A%7B%22end%22%3A%222024-01-17T13%3A26%3A30.103Z%22%2C%22path%22%3A%22%2F%22%7D%7D |
|
reseaudesinstances-client.reuintillondecouncils.com/ | Name: atauthority Value: %7B%22name%22%3A%22atauthority%22%2C%22val%22%3A%7B%22authority_name%22%3A%22cnil%22%2C%22visitor_mode%22%3A%22exempt%22%7D%2C%22options%22%3A%7B%22end%22%3A%222024-01-17T13%3A26%3A30.111Z%22%2C%22path%22%3A%22%2F%22%7D%7D |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banque.axa.fr
fonts.googleapis.com
fonts.gstatic.com
logs1412.xiti.com
privacy.trustcommander.net
reseaudesinstances-client.reuintillondecouncils.com
www.axa.fr
banque.axa.fr
156.154.246.59
20.218.242.14
2a00:1450:4001:830::2003
2a00:1450:400d:808::200a
35.180.18.175
65.9.68.209
93.20.47.204
256471969aad42f69a5e652875425ca13038c844b673287cbad71a909307a8ba
4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699
40ddf88b89103e9d53aad8a76649e56f9f90f7a2d6d754b66273d048488f7e8e
4879ebd687108acb84f07ff90f806e040389b32ded9b12fbde441211f91ee5eb
4b7548feecf18c22fc4914bf7304270126bff8ca3ab7ee30cc103467cebd3a6c
621ac9d6e3205ec43743bc63947322782ad63dc3e39d25e6535005c0d3ef8086
654e7e4599e04f24267341de3d4260d0c332c10bc66b3c99d8f242fdeb258c1c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8239159ce2f3039ae7d57d45dd0d7b389f18971584bbd5a934724f108ebd848c
83f44a77be10acee5f526779874c6bb347f56bed73db5e1d3de93bdb5d8c5130
8427fc3612441573660c7ca17f9b3ae0b6df086cf151f517938e068332473a12
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
982a0d6da38bfcf90afb9857f885b2aaad3e5421e91a8320befc56a763e350f4
a1005cce9d6b89c810a1ab2623b2692aa40e5f9991eb14be1ddd060161f0215f
a1a1df7eb2feeeda70bfe572b27b892b8067bc13d7fe9904c873e18998bec4f6
a35a025624ad8566b0a2e918355e1f7c9ff6b8267519013cee9bf23d382795d1
aa52977e050e05fedf24039dc58c7525b9a8dc1e1c41b5d8666ca10d455607a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bf62c48b09e55011139dbe497ef1fae26d65da75807a98314a6600a0b4746a2a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c9d340f5ec71caa6555f4f0612c23c9b209ec39f5ec950dd569a53ab88901473
d787269e9c602cbb18fdf74fbc02d1701e29d8a10b10429fe48ba58eb24e6d73
dd4b97a548ee205e997a3cd29e32edd122ccd1dff3bfdf7997863a6068d122be
e118c0623d37daccbcb18489f1cd5301a83da3824fb09e1eb0fa2b179caceb85
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
ea75de840abc41139ebd84391a0fa07465d75bd078d707049fc5dc40c06cb9da
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77
ee9771b0c678416227f955e21d8554c6528fff69e3ddf6fe6e127c466b89d293
fea708d2b1f309d00ce7fddfdac4a1ad15288cd86aada814fa9b5dc2ec4c5878