verhaal.ng
Open in
urlscan Pro
2606:4700:3037::681f:4108
Malicious Activity!
Public Scan
Effective URL: https://verhaal.ng/.ck/
Submission: On September 27 via manual from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.
This is the only time verhaal.ng was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Triodos Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2606:4700:303... 2606:4700:3037::681f:4108 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 212.123.218.2 212.123.218.2 | 8220 (COLT COLT...) (COLT COLT Technology Services Group Limited) | |
1 2 | 185.113.196.138 185.113.196.138 | 8315 (SENTIA) (SENTIA) | |
1 | 212.123.218.46 212.123.218.46 | 8220 (COLT COLT...) (COLT COLT Technology Services Group Limited) | |
3 | 2606:4700::68... 2606:4700::6810:a10d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 99.80.15.1 99.80.15.1 | 16509 (AMAZON-02) (AMAZON-02) | |
33 | 7 |
ASN8220 (COLT COLT Technology Services Group Limited, GB)
bankieren.triodos.nl |
ASN8220 (COLT COLT Technology Services Group Limited, GB)
api.triodos.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-15-1.eu-west-1.compute.amazonaws.com
api.viglink.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
triodos.nl
1 redirects
bankieren.triodos.nl www.triodos.nl |
940 KB |
7 |
viglink.com
cdn.viglink.com Failed api.viglink.com |
31 KB |
6 |
verhaal.ng
verhaal.ng |
21 KB |
1 |
triodos.com
api.triodos.com |
33 KB |
33 | 4 |
Domain | Requested by | |
---|---|---|
17 | bankieren.triodos.nl |
verhaal.ng
bankieren.triodos.nl |
6 | verhaal.ng |
verhaal.ng
|
4 | api.viglink.com |
cdn.viglink.com
|
3 | cdn.viglink.com |
verhaal.ng
|
2 | www.triodos.nl |
1 redirects
verhaal.ng
|
1 | api.triodos.com |
verhaal.ng
|
33 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.triodos.nl |
bankieren.triodos.nl |
www.veiligbankieren.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-30 - 2021-07-30 |
a year | crt.sh |
bankieren.triodos.nl GlobalSign Extended Validation CA - SHA256 - G3 |
2020-07-07 - 2022-09-21 |
2 years | crt.sh |
www.triodos.nl GlobalSign Extended Validation CA - SHA256 - G3 |
2019-04-09 - 2021-05-21 |
2 years | crt.sh |
api.triodos.com GlobalSign Extended Validation CA - SHA256 - G3 |
2019-01-07 - 2021-04-07 |
2 years | crt.sh |
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-05-19 - 2020-11-25 |
6 months | crt.sh |
viglink.com Amazon |
2020-01-10 - 2021-02-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://verhaal.ng/.ck/
Frame ID: 29594489507E9545CEDD16DD3FADAC5A
Requests: 40 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://verhaal.ng/.ck/ Page URL
- https://verhaal.ng/.ck/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Matomo (Analytics) Expand
Detected patterns
- script /piwik\.js|piwik\.php/i
VigLink (Advertising Networks) Expand
Detected patterns
- script /(?:^[^/]*\/\/[^/]*viglink\.com\/api\/|vglnk\.js)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Service
Search URL Search Domain Scan URL
Title: https://bankieren.triodos.nl/
Search URL Search Domain Scan URL
Title: Uw gebruikersnaam of wachtwoord vergeten?
Search URL Search Domain Scan URL
Title: veelgestelde vragen
Search URL Search Domain Scan URL
Title: www.veiligbankieren.nl
Search URL Search Domain Scan URL
Title: veilig online bankiert
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: uw persoonlijke gegevens
Search URL Search Domain Scan URL
Title: instellingen van uw rekeningen
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Mijn Geld Gaat Goed
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://verhaal.ng/.ck/ Page URL
- https://verhaal.ng/.ck/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://www.triodos.nl/media/sitewide/185596/ib-hangslotje HTTP 301
- https://www.triodos.nl/binaries/content/gallery/tbnl/inline/ib-images/ib-hangslotje.jpg
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
verhaal.ng/.ck/ |
142 B 492 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ticp40Xndsco2_7yz54Ko254LXg.js
verhaal.ng/cdn-cgi/apps/head/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2IzPPAFLVEhnCJelzjZtYdGEkUc.js
verhaal.ng/cdn-cgi/apps/body/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
verhaal.ng/.ck/ |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vglnk.js
cdn.viglink.com/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ticp40Xndsco2_7yz54Ko254LXg.js
verhaal.ng/cdn-cgi/apps/head/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.js.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/scripts/ |
10 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/styles/ |
78 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
country_NL.css.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/styles/ |
573 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angularStyle.css.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/styles/ |
797 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsf.js.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/ |
46 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
bankieren.triodos.nl/ib-seam/org.richfaces.resources/javax.faces.resource/org.richfaces.staticResource/4.5.0.Final-1.8/PackedCompressed/org.richfaces/ |
147 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
packed.js
bankieren.triodos.nl/ib-seam/org.richfaces.resources/javax.faces.resource/org.richfaces.staticResource/4.5.0.Final-1.8/PackedCompressed/packed/ |
466 KB 466 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
packed.css
bankieren.triodos.nl/ib-seam/org.richfaces.resources/javax.faces.resource/org.richfaces.staticResource/4.5.0.Final-1.8/PackedCompressed/emeraldTown/packed/ |
65 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jq.function.js.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/scripts/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jq.function.login.js.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/scripts/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
piwik.js.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/scripts/ |
55 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tokendp310.css.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/styles/ |
23 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.css.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/styles/ |
16 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headerLogo_nl.gif.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/images/ |
2 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ib-hangslotje.jpg
www.triodos.nl/binaries/content/gallery/tbnl/inline/ib-images/ Redirect Chain
|
886 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20171108011017782066000000
api.triodos.com/kwymg/media/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2IzPPAFLVEhnCJelzjZtYdGEkUc.js
verhaal.ng/cdn-cgi/apps/body/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headerBg.png.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/images/ |
189 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconAlert.gif.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/images/ |
331 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
662 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
467 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
752 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
478 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
784 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
836 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footerBg.png.seam
bankieren.triodos.nl/ib-seam/javax.faces.resource/images/ |
359 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
60 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vglnk.js
cdn.viglink.com/api/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
cdn.viglink.com/images/ |
43 B 295 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
cdn.viglink.com/images/ |
43 B 129 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ping
api.viglink.com/api/ |
238 B 959 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync.js
api.viglink.com/api/ |
0 307 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync.gif
api.viglink.com/api/ |
0 307 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
domains
api.viglink.com/api/ |
41 B 483 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.viglink.com
- URL
- https://cdn.viglink.com/api/vglnk.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Triodos Bank (Banking)69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| Eager object| CloudflareApps function| toggleCheckboxesWithinElement function| isRowSelected function| isElementChildOf function| uncheckAndDisableCheckbox function| enableCheckbox function| uncheckCheckbox function| isEnterButtonPressed function| isNavigationCharacter function| updateIBTimeout function| showSessionTimeoutDiv function| resetSessionTimeoutDiv function| autotab function| autotabForAmount function| autotabForNumbers function| setFocus function| selectContent function| textAreaKeyPress function| textAreaKeyUp function| closeWindow function| disableLogOutLinkIB function| scrollToTop function| scrollToFirstError function| isChrome function| isIEorEdgeBrowser function| scrollIntoView function| disableLink function| disableThisLinkOnly function| disableClick function| disableLinksInDocument function| showTooltip function| hideTooltip object| jsf object| mojarra function| $ function| jQuery function| sbjQuery object| RichFaces object| atmosphere object| $superInputNumberSlider function| JSNode function| E function| ET function| T function| C function| D object| jQuery111104473016239584888 function| $j object| JSON2 object| _paq object| Piwik object| AnalyticsTracker function| piwik_log number| clientTimeUTC string| serverTimeUTC number| timeDifferenceSeconds object| timeWarningDiv undefined| vglnkjqry function| vglnkfn number| vglnkcldflr function| vglnk boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16012036294376 undefined| vglnk_16012036299397 undefined| vglnk_160120363013092 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.verhaal.ng/ | Name: __cfduid Value: dea1d5fa8f3f2194afa03c537d898cc811601203628 |
|
verhaal.ng/.ck | Name: ready Value: gogo |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.triodos.com
api.viglink.com
bankieren.triodos.nl
cdn.viglink.com
verhaal.ng
www.triodos.nl
cdn.viglink.com
185.113.196.138
212.123.218.2
212.123.218.46
2606:4700:3037::681f:4108
2606:4700::6810:a10d
99.80.15.1
00927e6366937475fc96fd970e676c38c366addcd68452bfa7bc46d07c67e06a
02d51dbf4d98810160361d976c61d1f95d4eeec93f84816c0302f238dec0be3c
06b849b42c415ba78c17cf8bd62d001f6b70c0414f3d5fa70df93cf42ef12375
0715c362eca93d3621ce00664796868c69e426a737cca73ebc7431e2c40407ff
0c10d1dbdebc28783cb78c6a0650382c6d5ae6394c21e20b4fb67a3964ebd609
0d3e00a7faa47227301a5f7045481a77e78e92044f19d9190164706266b79dbd
195659ecb08ccc8ee38a9e6ec767387b5eea8f00ee7eac6a39b7ba65ca56ae8e
1bb2db5f9ca84f910dfec13619c2b12ec1e1196023e677e89ae8bb33111542c5
1d8dc335945815e4848a10a14c9d3cfe15a9a4c3da402f1e48fd3640123e4a69
205faab94aebc1b3ce936f5bff52d92c0084ab08516ae0b7e1cb8c0a56981384
255592d057d0923d02ec5c80b2a0925d6a89799932b8443961826a1c91f617ee
297f08adaa453fd5f30a9cb10575a818c37ba7f96f13675f48c8563e9d185e53
452f319685e2bdf7b0b02f419ce51e431496172b79af4ce6e38471d2b8cb28e3
460d37b053f4da177ece38339f89607b8700e4362a5b6b22d8cfb41c632025f3
4a9f4ea70b0af24ca1c5d383e2129957cb27da87581a12e6f389257c69f60327
4eb377e78e53684d63f72268b288be000e03247bffa58960dc86abcf85739edf
5934ea1909e887c1c39a84fac859af3259b07e33b84c342d9141f0b953945ab8
6ab4ae1caffc4ecd67555c829da227ce70f01de0befa0bbd24b73f5504fc927e
6ccd85c8d72fb3c3ce6f77d4b3a5bb12dd627cdeed7577fd74495f1083d9949d
714839f7e8e03b029b16c06e2df511db93a702d071cd69878510115f5ad5e258
716bb087c750c351137ed1af693f3e703135059b3e7ed0b2c593c2c8c577d804
821074eb4b029be98ac97804e6bd25000cce0bc68b3de34316e5baaa13697c24
85fe3a7a701953bb378b5f91d352470a87d3099f56cb0ec660c7712963a16457
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
957a1bdd25ed040b035e35f2172a8505b25c445a38fe6d061caa5319bc189193
a02ea942415feaa58e8eabf4388fcca3225b725d577edec63ada43f7614bbae5
a06748a251c87a69b146af2d86e9894f8a02223d4e0ea4582baba8ca45ce7dc6
aeab7323a30a48ec3e1a12a5a32461e7bbca8f5039394dbb5fc8860053c5fe1b
c7e71af579471a4f0dadbf59afcec3dec2e3d215b6b906e9ba56f594c8610609
ce3d9102b2a01f784637e012f8e531f765af2606ecdcd36a5b8ad6b64cae224f
dc4bdee25c1107c253bd6c3bdaa84a53bfcf36bacaedd417c5bd027663f26bcd
dfffecf68cc1392b85b513ec3e5cb7f8d63c52a887c5c039f228dfd43029e6c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f38d99a8a8c1d671d7ea9f2052505b61964d6b311555bc835cebab7215bf71ee
f6edbf862904ac1db16a2c5d40d010df44af28331cd92fa4b6d9b7c4f675dd77