letzimpact.org
Open in
urlscan Pro
173.212.209.84
Malicious Activity!
Public Scan
Submission: On June 23 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on May 10th 2021. Valid for: 3 months.
This is the only time letzimpact.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Westpac (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
32 | 173.212.209.84 173.212.209.84 | () () | |
1 3 | 52.30.135.179 52.30.135.179 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 45.60.155.141 45.60.155.141 | () () | |
1 | 15.188.95.229 15.188.95.229 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.76.54.153 54.76.54.153 | () () | |
2 2 | 216.58.212.162 216.58.212.162 | 15169 (GOOGLE) (GOOGLE) | |
41 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
westpacnewzealand.sc.omtrdc.net |
ASN- ()
PTR: ec2-54-76-54-153.eu-west-1.compute.amazonaws.com
wnzl.demdex.net |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
cm.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
letzimpact.org
letzimpact.org www.letzimpact.org Failed |
3 MB |
4 |
demdex.net
1 redirects
dpm.demdex.net wnzl.demdex.net |
6 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net |
298 B |
2 |
westpac.co.nz
www.westpac.co.nz |
|
1 |
omtrdc.net
westpacnewzealand.sc.omtrdc.net |
153 B |
41 | 5 |
Domain | Requested by | |
---|---|---|
32 | letzimpact.org |
letzimpact.org
|
3 | dpm.demdex.net |
1 redirects
letzimpact.org
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | www.westpac.co.nz |
letzimpact.org
|
1 | wnzl.demdex.net |
letzimpact.org
|
1 | westpacnewzealand.sc.omtrdc.net |
letzimpact.org
|
0 | www.letzimpact.org Failed |
letzimpact.org
|
41 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.letzimpact.org R3 |
2021-05-10 - 2021-08-08 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
www.westpac.co.nz Entrust Certification Authority - L1M |
2019-07-21 - 2021-09-02 |
2 years | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-10-29 - 2021-11-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://letzimpact.org/wp-content/westp0ne/self-service.html?authentication?execution=e1s1
Frame ID: 7E3A5822781F61240ECC79752886A9D0
Requests: 39 HTTP requests in this frame
Frame:
https://wnzl.demdex.net/dest5.html?d_nsid=0
Frame ID: 22B4C1DF6DB3005166819D6231790D99
Requests: 2 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- script /\/wp-(?:content|includes)\//i
PHP (Programming Languages) Expand
Detected patterns
- script /\/wp-(?:content|includes)\//i
MySQL (Databases) Expand
Detected patterns
- script /\/wp-(?:content|includes)\//i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Dynatrace (Analytics) Expand
Detected patterns
- script /dtagent.*\.js/i
SiteCatalyst (Analytics) Expand
Detected patterns
- script /\/s[_-]code.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-Bold.ttf HTTP 301
- https://www.letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-Bold.ttf
- https://letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-Regular.ttf HTTP 301
- https://www.letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-Regular.ttf
- https://letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-SemiBold.ttf HTTP 301
- https://www.letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-SemiBold.ttf
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODA1NzgyNjUxNzM2MzU0MzAxNTEzNjEzMzUyMTUzMzM4ODYzODc= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODA1NzgyNjUxNzM2MzU0MzAxNTEzNjEzMzUyMTUzMzM4ODYzODc=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENkv8Bz2tHj8ecJTnTZGv2w&google_cver=1?gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESENkv8Bz2tHj8ecJTnTZGv2w&google_cver=1
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
self-service.html
letzimpact.org/wp-content/westp0ne/ |
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dtagent_ICA_7000200231032.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
195 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
275 B 478 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
1 B 201 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
313 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entrance.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
313 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
699 KB 108 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sjcl.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sha.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5c0d71ac64746d19e600f896.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
259 B 472 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-addd2f3ce0de416269fe730535978be0672e0d06.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
76 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-westpac-one-white.svg
letzimpact.org/wp-content/westp0ne/self-service_files/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-rotate.gif
letzimpact.org/wp-content/westp0ne/self-service_files/ |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-rotate2.gif
letzimpact.org/wp-content/westp0ne/self-service_files/ |
40 KB 40 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibmmfpf.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
296 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w1AppConfig.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
321 B 534 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-fa7e3bb183a39fdcd13d56b076b1ae48404eeba0.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
94 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
origination.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
656 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
1 MB 235 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
2 MB 470 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
940 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entrance.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
940 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
940 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.js
letzimpact.org/wp-content/westp0ne/self-service_files/ |
940 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css
letzimpact.org/wp-content/westp0ne/self-service_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-westpac-one.png
letzimpact.org/wp-content/westp0ne/self-service_files/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-Bold.ttf
www.letzimpact.org/wp-content/westp0ne/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-Regular.ttf
www.letzimpact.org/wp-content/westp0ne/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-SemiBold.ttf
www.letzimpact.org/wp-content/westp0ne/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sjcl.js
letzimpact.org/wp-content/westp0ne/self-service_files/node_modules/sjcl/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sha.js
letzimpact.org/wp-content/westp0ne/self-service_files/node_modules/jssha/src/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
476 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satellite-5c0d71ac64746d19e600f896.js
www.westpac.co.nz/assets/dtm/w1/live/6cd2b9cc9a79b3884b8c9dd231fafa1930b2c3fc/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
westpacnewzealand.sc.omtrdc.net/ |
67 B 153 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s-code-contents-addd2f3ce0de416269fe730535978be0672e0d06.js
www.westpac.co.nz/assets/dtm/w1/live/6cd2b9cc9a79b3884b8c9dd231fafa1930b2c3fc/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
wnzl.demdex.net/ Frame 22B4 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dynaTraceMonitor
letzimpact.org/wp-content/westp0ne/ |
49 KB 12 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame 22B4 Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.letzimpact.org
- URL
- https://www.letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-Bold.ttf
- Domain
- www.letzimpact.org
- URL
- https://www.letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-Regular.ttf
- Domain
- www.letzimpact.org
- URL
- https://www.letzimpact.org/wp-content/westp0ne/fonts/SourceSansPro-SemiBold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Westpac (Banking)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dT_ object| dynaTrace function| noBack string| message function| clickIE4 function| clickNS4 function| check_all function| q object| s boolean| u object| sjcl function| w function| x function| C function| E function| A function| B function| D undefined| F undefined| G object| H boolean| I undefined| J undefined| K function| jsSHA function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq object| logger object| ibmmfpfanalytics function| Deferred function| WLJQ object| WLJSX function| __WLConfig function| __WLLocalStorageDB function| __WLClient function| __WLBrowserManager function| __WLApp function| __WLDeviceAuth function| __WLLocalStorage function| __WLDevice boolean| isCryptoShim function| __WLCrypto function| __WLIndexDB function| __WLDAO function| __WLAsyncDAO function| __WLSyncDAOWrapper function| __WLVarStorageDB function| WLResourceRequest object| WLAuthorizationManager object| WL object| w1AppConfig function| Visitor object| _satellite object| webpackJsonp1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
letzimpact.org/ | Name: dtPC Value: 254444520_132h1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm.g.doubleclick.net
dpm.demdex.net
letzimpact.org
westpacnewzealand.sc.omtrdc.net
wnzl.demdex.net
www.letzimpact.org
www.westpac.co.nz
www.letzimpact.org
15.188.95.229
173.212.209.84
216.58.212.162
45.60.155.141
52.30.135.179
54.76.54.153
004ccf1aac4d49a735981047b9b297580a5d275372b811f8acd463dee0e2bf9c
012ffd0cde06e52b3895f998390062f1ac1d14cec4936c6173917dff41c432e0
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0e72a949e13641ac5b22375710d4dabac723dbc0a7f819ad9da454ecbbe00068
108d727e38d851e83ee1aea3def28e67e66c0994073bcdc0eebd8e92883ef80b
123ea9db0b64a2e7d27d92643d05167f6378a17cb0fd90b7ce0812fdb5e96801
12f7bbde143867abfccefd915382275d52086b48692da4a8964e137cc9be8e51
23e22334f525b2759e87148b6f29191ac1ebb8d411456a70496e6734f5a5c7dc
275bc3a93105cc29871005c1720343477089ea7e218f438784222f597e605beb
55de14b6e7a209964e275b08da5fcc131b058fb04bb781bcaf3386b0e81811ce
629a3eb5e9baabafd748ac0db430da22c6c1ebbb526908ab442952ebda1436de
70848a647d6d22de147a828b5db04c2f60f5fd9bae9b5897d1edc62003a4603d
7625551f805c34210ab419da91a01b9dae87ced0cf33386b29c5cda149a04a40
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d99669a91559703d6771a05e832f6a8612f7f8efe9b00187710224d1de1e076
8352b4991a99021e7cf33d2e17ff486ca4bb7feb0be2d0547f731dfe074940c6
8d9803f1f658f5c18a3c18d4adc5295d36d83ae13e028d6cb99069ad490fe2cd
977e80e702c26b6185c64494000bfdb3ee933ae0a5c6e9d5ea5caae097d035e9
a0f38cef83ced5694d3c83e36584b096e8a7e8473adababf730310e1dfdb4a08
a14200871ebe84b70c90160456bae81eb2a5dcbb4fc74a77d46370e0ccb4bb11
b8fc0f65835f122a5cfbce9068db28267cb4387e755eb50b6f52f622eaeeb10e
b90e60824fd32e85efe8af95e382a63e62692532bcff1952ab9c05cd8e579549
be5677c8a3fb87da3355660d082c1bb25a21c5aac7029d7c042b8c15d96b6fa5
c378af61d28ecc58de697463ca90bdb61967a8c23837274c20b2ae0fb20b0de3
c4e3f8537ec1bdde74efcf55a65e5f08216f552a34e3d6668936d910158f265c
cf82b7bcb7f22aaa363a4094db90fe8a1a8bee832533b7837d22515e28941075
de047dbb671991f9a6c36f584c337a3676af3408e473f14af17260169517f00f
ed1e8f674a5630102ec1cfafc438f3f88675ac57f576dd0cd26595f5fc07d01f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f492a0b343ef38f7dffa7547a630b2d1357c97b995c206c021602016369dade7
f690e85b2e00140a1205c93439a941bf5a04f99971bf9ea47c5b76fd3353902a
fb3a6e43bc13dd8ba3d4cb557202ace068d523d832d6a0312efa3282ede43df8