rajanlama.com.np
Open in
urlscan Pro
50.87.152.212
Malicious Activity!
Public Scan
Submission: On March 27 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 8th 2019. Valid for: 3 months.
This is the only time rajanlama.com.np was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commonwealth Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 50.87.152.212 50.87.152.212 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
15 | 104.111.251.25 104.111.251.25 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 104.111.237.142 104.111.237.142 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c08::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:809::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
33 | 6 |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 50-87-152-212.unifiedlayer.com
rajanlama.com.np | |
img.rajanlama.com.np |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-251-25.deploy.static.akamaitechnologies.com
static.my.commbank.com.au |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-237-142.deploy.static.akamaitechnologies.com
www.commbank.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
commbank.com.au
static.my.commbank.com.au www.commbank.com.au |
179 KB |
14 |
rajanlama.com.np
rajanlama.com.np img.rajanlama.com.np |
533 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
google.de
www.google.de |
385 B |
1 |
google.com
1 redirects
www.google.com |
466 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
352 B |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
33 | 7 |
Domain | Requested by | |
---|---|---|
15 | static.my.commbank.com.au |
rajanlama.com.np
|
10 | rajanlama.com.np |
rajanlama.com.np
|
4 | img.rajanlama.com.np |
rajanlama.com.np
|
2 | www.google-analytics.com |
1 redirects
rajanlama.com.np
|
1 | www.google.de |
rajanlama.com.np
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | fonts.googleapis.com |
rajanlama.com.np
|
1 | www.commbank.com.au |
rajanlama.com.np
|
33 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www1.my.commbank.com.au |
www.commbank.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rajanlama.com.np Let's Encrypt Authority X3 |
2019-02-08 - 2019-05-09 |
3 months | crt.sh |
my.commbank.com.au DigiCert SHA2 Extended Validation Server CA |
2018-08-12 - 2019-11-06 |
a year | crt.sh |
www.commbank.com.au DigiCert SHA2 Extended Validation Server CA |
2018-07-23 - 2019-07-24 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
img.rajanlama.com.np Let's Encrypt Authority X3 |
2019-02-24 - 2019-05-25 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://rajanlama.com.np/arcese.com/comdevice/
Frame ID: DB4B467C61B35B7FF4FA255A843E78E9
Requests: 16 HTTP requests in this frame
Frame:
https://www.commbank.com.au/digital/identity/authenticate/sign-out?dpOnly=true
Frame ID: A9D78E4926159E4F61A382BA72AB4D92
Requests: 1 HTTP requests in this frame
Frame:
https://rajanlama.com.np/netbank/Logon/Preload.aspx
Frame ID: 8B6D63C5BE32257ACC0E750A05FCA7FF
Requests: 16 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: I've forgotten my log on details
Search URL Search Domain Scan URL
Title: Find out more
Search URL Search Domain Scan URL
Title: Register for NetBank now
Search URL Search Domain Scan URL
Title: Online support for our products and services
Search URL Search Domain Scan URL
Title: Tips to stay safe online
Search URL Search Domain Scan URL
Title: How we protect you and our 100% security guarantee
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Let us show you how
Search URL Search Domain Scan URL
Title: Do you need financial assistance?
Search URL Search Domain Scan URL
Title: Need help with your financial plan? Book a conversation with a Financial Planner
Search URL Search Domain Scan URL
Title: To help you save, we've made it easier to track and sort what you spend
Search URL Search Domain Scan URL
Title: A simpler and faster way to pay. Introducing PayID
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://www.google-analytics.com/r/collect?v=1&_v=j73&a=376997368&t=pageview&_s=1&dl=https%3A%2F%2Frajanlama.com.np%2Fnetbank%2FLogon%2FPreload.aspx&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Rajan%20Lama&sd=24-bit&sr=1600x1200&vp=&je=0&_u=IEBAAEAB~&jid=493658854&gjid=358143036&cid=463993703.1553651090&tid=UA-63742147-1&_gid=1983856579.1553651090&_r=1&z=543442207 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63742147-1&cid=463993703.1553651090&jid=493658854&_gid=1983856579.1553651090&gjid=358143036&_v=j73&z=543442207 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63742147-1&cid=463993703.1553651090&jid=493658854&_v=j73&z=543442207 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63742147-1&cid=463993703.1553651090&jid=493658854&_v=j73&z=543442207&slf_rd=1&random=2309563046
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rajanlama.com.np/arcese.com/comdevice/ |
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logon-merge.8397238ab0ae7a25ea1af4d375f2c3df.css
static.my.commbank.com.au/static/netbank/theme/fo/css/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif
static.my.commbank.com.au/static/netbank/theme/fo/images/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetBankSecurity.jpg
static.my.commbank.com.au/static/cmxAssets/netbank-logon/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking-merge.f834e48d4a979c21a0b31493c2e23186.js
static.my.commbank.com.au/static/netbank/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-merge.36971982ebc03a2658d8e51f70007637.js
static.my.commbank.com.au/static/core/js/ |
391 KB 134 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marketing-merge.bb88d5b7879221e1a2c4f2cae83b733a.js
static.my.commbank.com.au/static/netbank/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trackingbootstrap.b3780fc2adfa39203f80818f2e1cb7a3.js
static.my.commbank.com.au/static/netbank/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instrumentation-merge.4043785f5795e2e8297bdfe0cdf60f4d.js
static.my.commbank.com.au/static/core/js/ |
19 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
func.b7759e02a4397dfa67abf4ee2bf7106a.js
static.my.commbank.com.au/static/netbank/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartbanner.d1197ec1675a985d0591d2083729fe1a.js
static.my.commbank.com.au/static/netbank/js/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
sign-out
www.commbank.com.au/digital/identity/authenticate/ Frame A9D7 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hbg.0236e4e9a193069c4e8554db8b06354c.png
static.my.commbank.com.au/static/netbank/theme/fo/images/ |
254 B 626 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logonsprite2.307a0c523f35f709f390895b4720d350.png
static.my.commbank.com.au/static/netbank/theme/fo/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marketing-merge.bb88d5b7879221e1a2c4f2cae83b733a.js
static.my.commbank.com.au/static/netbank/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trackingbootstrap.b3780fc2adfa39203f80818f2e1cb7a3.js
static.my.commbank.com.au/static/netbank/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
func.b7759e02a4397dfa67abf4ee2bf7106a.js
static.my.commbank.com.au/static/netbank/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Preload.aspx
rajanlama.com.np/netbank/Logon/ Frame 8B6D |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
79566.css
rajanlama.com.np/wp-content/cache/minify/ Frame 8B6D |
62 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 8B6D |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
00dea.css
rajanlama.com.np/wp-content/cache/minify/ Frame 8B6D |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
45790.js
rajanlama.com.np/wp-content/cache/minify/ Frame 8B6D |
119 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-e1501607517833.png
img.rajanlama.com.np/2017/08/ Frame 8B6D |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon2-80x70.png
img.rajanlama.com.np/2017/08/ Frame 8B6D |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon1-80x70.png
img.rajanlama.com.np/2017/08/ Frame 8B6D |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon3-80x70.png
img.rajanlama.com.np/2017/08/ Frame 8B6D |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc514.js
rajanlama.com.np/wp-content/cache/minify/ Frame 8B6D |
1 MB 439 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a764e.js
rajanlama.com.np/wp-content/cache/minify/ Frame 8B6D |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
rajanlama.com.np/wp-includes/js/ Frame 8B6D |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 8B6D |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn-menu.png
rajanlama.com.np/wp-content/themes/business-one-page/images/ Frame 8B6D |
370 B 620 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
to-top.png
rajanlama.com.np/wp-content/themes/business-one-page/images/ Frame 8B6D |
271 B 521 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Frame 8B6D Redirect Chain
|
42 B 385 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commonwealth Bank (Banking)63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| WebForm_OnSubmit object| Page_ValidationSummaries function| HashSet function| debounce boolean| isIE boolean| isWin boolean| isOpera function| JSGetSwfVer undefined| flashVersion boolean| flashVersionChecked function| getFlashVersion function| getFlashVersionScript object| paramArr object| newParamArr function| addParam object| valueArray function| createBanner function| writeBanner object| loadingQueue function| ValidationSummaryOnSubmit function| Page_ClientValidate undefined| _ValidatorGetValue function| RequiredFieldValidatorEvaluateIsValid function| ValidatorUpdateDisplay function| CustomValidatorEvaluateIsValid undefined| _CompareValidatorEvaluateIsValid function| CheckBoxListMandatoryValidator function| CheckBoxMandatoryValidator function| ValidateCalendarMandatory function| ValidateCalendar function| ValidateMaxLength function| ValidateCurrencyLength function| ValidateEmail function| ValidateMobile function| ValidateAutoCompleteField function| RowMandatoryValidate boolean| __cbaPreventValidationSummaryFlag function| __cbaPreventValidationSummary function| ValidationSummaryShowMessage function| ValidationSummaryHide object| Icrm function| $ function| jQuery object| CommBank number| jsVersion boolean| _isBeginRequestRegistered boolean| _isEndRequestRegistered function| DP_jQuery_1553651087329 object| jQuery19108153391985252738 function| Q boolean| form1_submitted function| StringBuffer object| Base64 function| Utf8EncodeEnumerator function| AnsiEncodeEnumerator function| Base64DecodeEnumerator object| Compression object| Logger object| RawDeflate function| OldWebForm_OnSubmit5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.commbank.com.au/ | Name: ADRUM_BT1 Value: R:46|i:20727|e:0 |
|
.rajanlama.com.np/ | Name: _gat Value: 1 |
|
www.commbank.com.au/ | Name: ADRUM_BTa Value: R:46|g:2f5c5b36-795f-4afe-914e-d95861558aac|n:customer1_cdeb089d-f3b9-4461-b24a-eaf349668dd9 |
|
.rajanlama.com.np/ | Name: _gid Value: GA1.3.1983856579.1553651090 |
|
.rajanlama.com.np/ | Name: _ga Value: GA1.3.463993703.1553651090 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
img.rajanlama.com.np
rajanlama.com.np
static.my.commbank.com.au
stats.g.doubleclick.net
www.commbank.com.au
www.google-analytics.com
www.google.com
www.google.de
104.111.237.142
104.111.251.25
2a00:1450:4001:808::2003
2a00:1450:4001:809::2004
2a00:1450:4001:815::200a
2a00:1450:4001:821::200e
2a00:1450:400c:c08::9b
50.87.152.212
0136038eaf080938719646eaf5a86c1eb7eb4825c44e8e0e793c7c67ae76cff6
022bbf90b46efb539e8ba49bf1ad65a4ae325dec12aecefaa75b099cdd7e2a73
293a3eb112095c32db03de180f665b4799d9e8c0c70e609291930f74563fa4e1
316967b82341b6ee628fa2115aa33ba631c817a41a03337d698fd426ae42c092
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
6904a3155d8b3203af57d525518829e27f897899daa6c6cf8d760a1e3ab0d229
700303a27f1a898cfba0febbb9ef126ce76fad6ba65108d3b56c35ea973b73fb
7559efa2e9066c29af3144a11e08737bb3911dd4457f4c1eb96814058c527450
7cf46fbfca24dd814d3ef457da79b54ca3a38858a75f6f70ff49343231cc0bf9
800545f971de986105c82bd35c8182d27766fb3b6281c5908d8102cea4d0444c
939d8051ad6d7acbec98259100489bbeb7f0bbac5b8fdfc9968547110c04a841
a203e491a9eb0495ca257fd8e707699022813ff36f71a668d8210cc8c23cd253
a6e81199ae852a9aa34ed1e08b790938558c1aa6ff8a8b63e3d89becdb680b58
b3da868fcfdbbdb407f7f805b1091c1c4c8e7130208bdeb22fe4cc0a85eb0a2a
c1366941e76e519a2aa15c50241f44f81528f5c5765f200c420d70e1fd26b893
c3787cbabd5c9acf9bfdc72c8e706754d644a14d5bd538e675c1885ccae87341
c7f7f52a10e16a3c9410a8f6accb4bc9bf600aee1c118a0f8e2cfadf5b74d997
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d7dd826281b478767753a524f13a0da7744257bb1d45f4896a345d9276390d21
d8a2286d0a43d2db39057cb9cdc24525faa02d2285300a8b0e880040f3b3d517
e84c7b6b46eb43c006b305e093020f64456ffc86e2d2a1e760b8839e9060637c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0755c4aa02ff90cf951d4752166ce52ea98cb85b86186f954dcc5d9d9cd02c0
fc096f3f106d2c65a4366671e845b0eb2486ccdfe847af38ea05ecd9a87933ee