anz-live-chat.com
Open in
urlscan Pro
185.156.72.17
Malicious Activity!
Public Scan
Submission: On June 16 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on June 16th 2023. Valid for: 3 months.
This is the only time anz-live-chat.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-31-79.compute-1.amazonaws.com
dpm.demdex.net | |
anznz.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-156-178-225.cmh68.r.cloudfront.net
cdn.amplitude.com |
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-115.data.adobedc.net
saainfo.anz.co.nz |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-159-118.compute-1.amazonaws.com
cm.everesttech.net |
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-219.data.adobedc.net
anznz.tt.omtrdc.net |
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
cm.g.doubleclick.net | |
googleads.g.doubleclick.net |
ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com |
ASN13335 (CLOUDFLARENET, US)
zn5psovn6eac4xa7h-anz.siteintercept.qualtrics.com | |
siteintercept.qualtrics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
anz-live-chat.com
anz-live-chat.com |
976 KB |
7 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 218 anznz.demdex.net |
9 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176 |
109 KB |
4 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 398 |
131 KB |
3 |
qualtrics.com
zn5psovn6eac4xa7h-anz.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 924 |
25 KB |
3 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 |
2 KB |
2 |
yahoo.com
2 redirects
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1303 ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 |
1 KB |
2 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2355 |
3 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82 |
102 KB |
2 |
anz.co.nz
www.anz.co.nz saainfo.anz.co.nz |
68 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
455 B |
1 |
quantserve.com
1 redirects
cms.quantserve.com — Cisco Umbrella Rank: 846 |
495 B |
1 |
omtrdc.net
anznz.tt.omtrdc.net |
831 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1106 |
517 B |
1 |
amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3818 |
22 KB |
67 | 15 |
Domain | Requested by | |
---|---|---|
40 | anz-live-chat.com |
anz-live-chat.com
www.anz.co.nz |
6 | dpm.demdex.net |
1 redirects
anz-live-chat.com
|
4 | connect.facebook.net |
assets.adobedtm.com
connect.facebook.net |
4 | assets.adobedtm.com |
anz-live-chat.com
assets.adobedtm.com |
2 | siteintercept.qualtrics.com |
zn5psovn6eac4xa7h-anz.siteintercept.qualtrics.com
siteintercept.qualtrics.com |
2 | cm.g.doubleclick.net | 2 redirects |
2 | script.crazyegg.com |
anz-live-chat.com
script.crazyegg.com |
2 | www.googletagmanager.com |
assets.adobedtm.com
www.googletagmanager.com |
1 | zn5psovn6eac4xa7h-anz.siteintercept.qualtrics.com |
anz-live-chat.com
|
1 | ups.analytics.yahoo.com | 1 redirects |
1 | cms.analytics.yahoo.com | 1 redirects |
1 | www.google.com |
anz-live-chat.com
|
1 | cms.quantserve.com | 1 redirects |
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | anznz.tt.omtrdc.net |
assets.adobedtm.com
|
1 | cm.everesttech.net | 1 redirects |
1 | saainfo.anz.co.nz |
assets.adobedtm.com
|
1 | anznz.demdex.net |
assets.adobedtm.com
|
1 | cdn.amplitude.com |
assets.adobedtm.com
|
1 | www.anz.co.nz |
anz-live-chat.com
|
67 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.anz.co.nz |
comms.anz.co.nz |
help.anz.co.nz |
digital.anz.co.nz |
tools.anz.co.nz |
fwb.anz.co.nz |
news.anz.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.instagram.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
anz-live-chat.com R3 |
2023-06-16 - 2023-09-14 |
3 months | crt.sh |
www.anz.co.nz DigiCert SHA2 Extended Validation Server CA |
2023-01-16 - 2024-02-16 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-03-25 - 2023-06-23 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
cdn.amplitude.com Amazon RSA 2048 M01 |
2023-01-12 - 2024-02-11 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-09 - 2024-03-08 |
a year | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
saainfo.anz.co.nz DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-09 - 2023-10-10 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-09-01 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-27 - 2024-03-26 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://anz-live-chat.com/
Frame ID: A988FC59F47BF7E867D309EEBEDE6902
Requests: 63 HTTP requests in this frame
Frame:
https://anznz.demdex.net/dest5.html?d_nsid=0
Frame ID: 533118274C44F95014BD6F375EEB8EED
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
ANZ Bank New Zealand Ltd | Online Banking | ANZDetected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- /etc\.clientlibs/
Amplitude (Analytics) Expand
Detected patterns
- cdn\.amplitude\.com
Crazy Egg (Analytics) Expand
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
80 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Bank accounts
Search URL Search Domain Scan URL
Title: Credit cards
Search URL Search Domain Scan URL
Title: Home loans
Search URL Search Domain Scan URL
Title: Personal loans
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: KiwiSaver and investments
Search URL Search Domain Scan URL
Title: Ways to borrow
Search URL Search Domain Scan URL
Title: Travel and foreign exchange
Search URL Search Domain Scan URL
Title: Tools and calculators
Search URL Search Domain Scan URL
Title: Private bank
Search URL Search Domain Scan URL
Title: Moving to New Zealand
Search URL Search Domain Scan URL
Title: Financial wellbeing
Search URL Search Domain Scan URL
Title: Rates, fees and agreements
Search URL Search Domain Scan URL
Title: Cyclone Gabrielle and flood support
Search URL Search Domain Scan URL
Title: Business banking at ANZ
Search URL Search Domain Scan URL
Title: Join ANZ Business
Search URL Search Domain Scan URL
Title: Contact business and agri specialists
Search URL Search Domain Scan URL
Title: Business accounts and cards
Search URL Search Domain Scan URL
Title: Business borrowing
Search URL Search Domain Scan URL
Title: Manage your business banking
Search URL Search Domain Scan URL
Title: International business
Search URL Search Domain Scan URL
Title: Sustainability in business
Search URL Search Domain Scan URL
Title: Biz Hub
Search URL Search Domain Scan URL
Title: Resources and insights
Search URL Search Domain Scan URL
Title: Business insurance
Search URL Search Domain Scan URL
Title: Webinars
Search URL Search Domain Scan URL
Title: Economic and market research
Search URL Search Domain Scan URL
Title: Receive payments
Search URL Search Domain Scan URL
Title: Institutional banking at ANZ
Search URL Search Domain Scan URL
Title: Relationship Management
Search URL Search Domain Scan URL
Title: Transaction banking
Search URL Search Domain Scan URL
Title: Markets
Search URL Search Domain Scan URL
Title: Finance and capital raising
Search URL Search Domain Scan URL
Title: Digital services
Search URL Search Domain Scan URL
Title: Doing business internationally
Search URL Search Domain Scan URL
Title: Trade and supply chain
Search URL Search Domain Scan URL
Title: Sustainable finance
Search URL Search Domain Scan URL
Title: Contact our relationship managers
Search URL Search Domain Scan URL
Title: Business insights
Search URL Search Domain Scan URL
Title: How to bank with ANZ
Search URL Search Domain Scan URL
Title: Join ANZ
Search URL Search Domain Scan URL
Title: Ways to bank
Search URL Search Domain Scan URL
Title: Ways to pay
Search URL Search Domain Scan URL
Title: Guide to banking safely
Search URL Search Domain Scan URL
Title: Environmental sustainability
Search URL Search Domain Scan URL
Title: A-Z Review
Search URL Search Domain Scan URL
Title: Help and support
Search URL Search Domain Scan URL
Title: Financial hardship assistance
Search URL Search Domain Scan URL
Title: Find ANZ
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Log in
Search URL Search Domain Scan URL
Title: Personalise your Visa Debit card
Search URL Search Domain Scan URL
Title: KiwiSaver
Search URL Search Domain Scan URL
Title: Foreign exchange rates
Search URL Search Domain Scan URL
Title: Term Deposits
Search URL Search Domain Scan URL
Title: Interest rates, fees, terms and conditions
Search URL Search Domain Scan URL
Title: More about your fixed term ending
Search URL Search Domain Scan URL
Title: All fixed term home loan rates
Search URL Search Domain Scan URL
Title: Floating rate home loans
Search URL Search Domain Scan URL
Title: Calculate your mortgage repayments
Search URL Search Domain Scan URL
Title: Help to manage your home loan
Search URL Search Domain Scan URL
Title: ANZ Good Energy Home Loan
Search URL Search Domain Scan URL
Title: Get your score
Search URL Search Domain Scan URL
Title: Start saving
Search URL Search Domain Scan URL
Title: Pay off your home loan faster
Search URL Search Domain Scan URL
Title: Upgrade to an ANZ MyPhoto card
Search URL Search Domain Scan URL
Title: anz.co.nz/fapdisclosure
Search URL Search Domain Scan URL
Title: About us
Search URL Search Domain Scan URL
Title: News and media releases
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Complaints and Banking Ombudsman Scheme
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privacy at ANZ
Search URL Search Domain Scan URL
Title: Website terms of use
Search URL Search Domain Scan URL
Title: Terms and conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4F78C81755B29B567F000101%40AdobeOrg&d_nsid=0&ts=1686928215761 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4F78C81755B29B567F000101%40AdobeOrg&d_nsid=0&ts=1686928215761
- https://cm.everesttech.net/cm/dd?d_uuid=48402844408744697221066336383048466960 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIx7WAAAAJLOUgNw
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDg0MDI4NDQ0MDg3NDQ2OTcyMjEwNjYzMzYzODMwNDg0NjY5NjA= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDg0MDI4NDQ0MDg3NDQ2OTcyMjEwNjYzMzYzODMwNDg0NjY5NjA=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB2_dyx0u4JxXz10aT6UQCc&google_cver=1?gdpr=0&gdpr_consent=
- https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=9N6QdvWInS3v05AloNyFdvPenSDv3ZtxoYyzVAWT
- https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=48402844408744697221066336383048466960&gdpr=0&gdpr_consent= HTTP 302
- https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=48402844408744697221066336383048466960&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-J0Pbl4lE2pH.5gk2XvwRUN0NCYN52Pr3.vY-~A
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
anz-live-chat.com/ |
817 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r-Night-to-constremembry-Exeunt-Thung-con-of-out
anz-live-chat.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r-Night-to-constremembry-Exeunt-Thung-con-of-out
www.anz.co.nz/ |
210 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-base.lc-20210606-lc.min.css
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.woff2
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Regular.woff2
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Semibold.woff2
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Light.woff2
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-151c1fdf28d4.min.js
assets.adobedtm.com/7a5e6b9cae1f/6ce2bf584c09/ |
369 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu.png
anz-live-chat.com/images/ |
303 B 406 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-anz.svg
anz-live-chat.com/images/ |
38 KB 28 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
android-chrome-256x256.webp
anz-live-chat.com/images/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
map.png
anz-live-chat.com/images/ |
467 B 522 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat.png
anz-live-chat.com/images/ |
488 B 543 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.png
anz-live-chat.com/images/ |
624 B 678 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.png
anz-live-chat.com/images/ |
466 B 521 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow.png
anz-live-chat.com/images/ |
296 B 351 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
We_Do_How_Family.webp
anz-live-chat.com/images/ |
57 KB 57 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manage-foreign-exchange-risk.svg
anz-live-chat.com/images/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
calculate-smart-investment.svg
anz-live-chat.com/images/ |
4 KB 1005 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
import-business-international.svg
anz-live-chat.com/images/ |
2 KB 804 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
private-school-fee-calculator.svg
anz-live-chat.com/images/ |
5 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Job1990_ANZ_We_Do_How_Image_1_Landscape_Final_RGB_HR_image-text-split-xl.webp
anz-live-chat.com/images/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Job1990_ANZ_We_Do_How_Image_7_Portrait_Final_HR_image-text-split-xl.webp
anz-live-chat.com/images/ |
414 KB 414 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Job1990_ANZ_We_Do_How_Image_6_Final_HR_v2_image-text-split-xl.webp
anz-live-chat.com/images/ |
332 KB 333 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BRAND_HOW_MyPhoto_Card_3xPerspective.webp
anz-live-chat.com/images/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gomoney_accounts-cropped.webp
anz-live-chat.com/images/ |
24 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Contact_Us.svg
anz-live-chat.com/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Find_Us.svg
anz-live-chat.com/images/ |
1 KB 801 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Help_Support.svg
anz-live-chat.com/images/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-react.lc-1679958786577-lc.min.js
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Semibold.woff
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Regular.woff
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.woff2
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Light.woff
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Bold.woff2
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.woff
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyriadPro-Bold.woff
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
108 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
953 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
34 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
125 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amplitude-8.5.0-min.gz.js
cdn.amplitude.com/libs/ |
68 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.ttf
anz-live-chat.com/etc.clientlibs/anzconz/clientlibs/clientlib-react/resources/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2672.js
script.crazyegg.com/pages/scripts/0036/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
anznz.demdex.net/ Frame 5331 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
saainfo.anz.co.nz/ |
48 B 459 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=ZIx7WAAAAJLOUgNw
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
delivery
anznz.tt.omtrdc.net/rest/v1/ |
334 B 831 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity.js
connect.facebook.net/signals/plugins/ |
64 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
758964820898857
connect.facebook.net/signals/config/ |
138 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
139 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anz-live-chat.com.json
script.crazyegg.com/pages/data-scripts/0036/2672/site/ |
960 B 704 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
r-Night-to-constremembry-Exeunt-Thung-con-of-out
anz-live-chat.com/ |
1 KB 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
inferredevents.js
connect.facebook.net/signals/plugins/ |
71 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEB2_dyx0u4JxXz10aT6UQCc&google_cver=1
dpm.demdex.net/ Frame 5331 Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007411011/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1175&gdpr=0&dpuuid=9N6QdvWInS3v05AloNyFdvPenSDv3ZtxoYyzVAWT
dpm.demdex.net/ Frame 5331 Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1007411011/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=30646
dpm.demdex.net/ Frame 5331 Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zn5psovn6eac4xa7h-anz.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10.f608fb185c0061ce2cda.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
63 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
r-Night-to-constremembry-Exeunt-Thung-con-of-out
anz-live-chat.com/ |
1 KB 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
r-Night-to-constremembry-Exeunt-Thung-con-of-out
anz-live-chat.com/ |
1 KB 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)62 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| _oEval string| __ANZ_CSP_SCRIPT_NONCE object| reese84 function| a1_0x4e1a function| a1_0x5913 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha object| _satellite boolean| __satelliteLoaded function| fbq function| _fbq object| adobe function| Visitor string| cdomain object| s_c_il number| s_c_in object| adobeDataLayer object| dataLayer function| gtag object| amplitude function| linkTrack object| superT object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| __INITIAL_TARGET_OFFERS__ function| removeDuplicates object| tokenArray function| retrieveTargetTokens object| adobeMbox function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| getNewRepeat function| getPageLoadTime function| getTimeParting object| __AMPLITUDE__ object| google_tag_manager object| google_tag_data boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL object| GooglebQhCsO object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.93.0 object| _qsie20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.anz.co.nz/ | Name: visid_incap_2629367 Value: pK09/SuzRyO+wWa5Z9DqLFZ7jGQAAAAAQUIPAAAAAAApRCCN2zHTKrObsNjwevpz |
|
.anz.co.nz/ | Name: nlbi_2629367_2147483392 Value: 6KFfFZxG1gJX/YltDHnMSgAAAAAGV6DgMViRQVKA03FP/aCQ |
|
.anz.co.nz/ | Name: incap_ses_700_2629367 Value: dkqbRHyexw9DTeNmOue2CVZ7jGQAAAAA0jWQlXBuMkXdxAzmCLQadQ== |
|
.anz-live-chat.com/ | Name: at_check Value: true |
|
.demdex.net/ | Name: demdex Value: 48402844408744697221066336383048466960 |
|
.anz-live-chat.com/ | Name: amp_ae3322 Value: p749onQLyTaHlHfVvB_puC...1h32c3jum.1h32c3jum.0.0.0 |
|
.anz-live-chat.com/ | Name: AMCVS_4F78C81755B29B567F000101%40AdobeOrg Value: 1 |
|
.anz-live-chat.com/ | Name: _gcl_au Value: 1.1.1986142480.1686928216 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZIx7WAAAAJLOUgNw |
|
.dpm.demdex.net/ | Name: dpm Value: 48402844408744697221066336383048466960 |
|
.anz-live-chat.com/ | Name: AMCV_4F78C81755B29B567F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19525%7CMCMID%7C48377796468803316291063826645932784679%7CMCAAMLH-1687533016%7C7%7CMCAAMB-1687533016%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1686935416s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19532%7CvVersion%7C5.5.0 |
|
.anz-live-chat.com/ | Name: mbox Value: session#20d27aa2aa064556affaf759e15c4517#1686930077|PC#20d27aa2aa064556affaf759e15c4517.34_0#1750173017 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlGe8JXIyJ3qptkpougYyOQ-gD69AaQ835S2N9-0Evpgg0QaLhhRJJ5XLBWQeU |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.demdex.net/ | Name: dextp Value: 771-1-1686928216344|1175-1-1686928216510|30646-1-1686928216611 |
|
.quantserve.com/ | Name: d Value: ENwBDAGfKbmvYA |
|
.quantserve.com/ | Name: mc Value: 648c7b58-980b6-c1455-73dcf |
|
.yahoo.com/ | Name: A3 Value: d=AQABBFh7jGQCENjiUGQ8UiQf7iEgt7bR77QFEgEBAQHMjWSWZNxH0iMA_eMAAA&S=AQAAAlrTsObG0I5HG-c2lgxSLus |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 19cu~2c93 |
|
anz-live-chat.com/ | Name: QSI_HistorySession Value: https%3A%2F%2Fanz-live-chat.com%2F~1686928217243 |
19 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
anz-live-chat.com
anznz.demdex.net
anznz.tt.omtrdc.net
assets.adobedtm.com
cdn.amplitude.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
saainfo.anz.co.nz
script.crazyegg.com
siteintercept.qualtrics.com
ups.analytics.yahoo.com
www.anz.co.nz
www.google.com
www.googletagmanager.com
zn5psovn6eac4xa7h-anz.siteintercept.qualtrics.com
104.17.208.240
108.156.178.225
172.217.13.194
185.156.72.17
2600:1402:b800:1381::1e80
2606:4700::6813:9408
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2004
2620:116:800b:21:4cb8:1820:80ca:50f7
2a03:2880:f011:8:face:b00c:0:1
3.225.218.10
45.60.152.117
52.207.31.79
52.21.159.118
63.140.38.115
63.140.38.219
76.13.32.147
02605b08aeb30976d465a0e228e61a1e02f87f8138e64d0cf11cf19782e18881
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0c96f81b69a57d2fa00f5a0886f1e161bc6c3ad5e51973b019713e150a174e14
0d09ba96295acd14c13b91d3f2c9b6182b444e23fbce6553796d7aa31e6790f9
1bc64d141dbd1c014a180ae09f11092e08d4fb0bcea22ff7de5c73c0bfed9712
20048182894f40ceaefdd3fd1dc6f9af3b81bf81b7a10600d8f498d235343f14
22283149ebeedaa901c06444f725d0282011503b70598dbd2f20ff748116567a
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
24681a1d9b4c077dc2f28a642c97f5e778a5f87dc06a2ebc5a5ca6a974a6d10b
37530ba0db78daa87313fec820b5c7ce4d837ee57d46c28c91a36df37c66916f
3c84e53c0059971a5d58dccf31f6dc0551904b9414b4b09a08bfde921e3df2dc
430d8ff17b620fef7591b60c54a8b678f09d7b60e3e2889d576347b47ff35e6c
4512b924e55759bd84e364c7466cd57e7e4df81e83b35c34e8de15f86907650e
4b6e8ac06f0715b4fa45ec0660f3bea6d07d739640cb44646dcdd09b9e69d239
4e63c959225ff5a8607e627591a890510b8f4dcf5456e254b0722ab3fa5458d6
50e00a569ef68a075e75cec874b5d1ca8cec717f36a1ae0546a0b2043f1efe91
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
672d01c1674895fe085f47c004d14a4c833048476947e21714b41c8f0419881c
711fb49bf30eb839c648725aa0b1d1572613c41fd9d744f984cfc557dfaa1142
7727e51862410c0470cdb89d4304467e2f1fd21bc9627cda38a7889de6351b5f
77da6ca49c7c99a79c61c22cda091648ab8cc5c1b817dee860fca0ac38220ea1
782ccff813f3bc20968bc8454d000f171bb9927ed4b0ba49dae227624fffe1b7
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
80430473dab7e8fffd7489cb76f4d6cd4e1147d6bd11cf5185360dbd2fa5e895
8729f5fa4116dc23e4fa5e006833783eb533e056035d04fafe429fe08c6aba85
8c80a4d87980c41c9778e518f130c45cc1171b2ed2fbedabf0f5215f65f4c0e1
9b9808f9a9c7e2564f844705eff2d5e505931b1d02f3e746bca791411627c649
a14680ba748681e8d199a54a74a6ca380c63b82763baaa391fb723ff2f98ebd2
aed0c32bdab575e8f59044cac1a62ec616dca8f1407001427feeb281b062c747
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
b5ae391b9ef283d85ea4451e12894a4b0fe50a7846aa5cf58a119ff74bc99731
cd9b0b65441a8d8c84a6e13f70171cd38cb239bc7cc238be983d783b33bc0c4c
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d84d662dd92af7fe8da59d626fc97d844c608176458870ede2d9af1d6fb9d751
d935d06ac25c8d5e0aa0efdfe604bd0fc47d7d7fdf502860b3390f59b04b5272
dd21426f0675d7707d6669acb48bd6b0e677b67162c94a2d16fb1e9f2f6a90a1
df477d03866885295a31b44c475bc6150273fc522c3bd5c1db69478650ebc2a5
e0fc5c4340f6b1c9d3134302f36abdd7885368082538748e2a91d0eec4721a6b
e14baccd6fa8b6892464f998acc49367557af584b37e813695a11eee4e85f904
ebb2a880498a656c76144ec2db934ab659a099b5565069d2f1ca6216f209f97e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75fd82e264d384f831f838546fcf2e29f8803bac2a766305ca3bda458d0c264
fc9317e54ddc4fd260cfeafe8c844920b6f0419d06a7f98b3a1108dc6e1fb306