coldstream.civicwebcms.com Open in urlscan Pro
67.22.106.27  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set pichinchaonline.html Show response coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/	10 KB 4 KB	254ms 116ms	Document text/html	67.22.106.27 Canada Web Hosting
General Check archive.org Show headers Download Go to Full URL http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol HTTP/1.1 Server 67.22.106.27 , Canada, ASN19234 (CANADAWEBHOSTING-AS - Canada Web Hosting, CA), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash e6c29bf9aaaae5d4b76d47f900557d4c8b27cceaeb31952ce8d913a30f6c830a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host coldstream.civicwebcms.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Cache-Control public,max-age=7776000,no-cache, no-store, must-revalidate Pragma no-cache Content-Type text/html Content-Encoding gzip Last-Modified Wed, 12 Jun 2019 16:27:18 GMT Accept-Ranges bytes ETag "38d6eb43b21d51:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Date Wed, 12 Jun 2019 17:40:19 GMT Content-Length 3395 Set-Cookie UqZBpD3n3iXPAw1X=v16qfmgwSDSa8; Expires=Wed, 12-Jun-2019 17:43:19 GMT; Path=/
GET H2	200	bootstrap.min.css nuevoenvios.webcindario.com/BancoPichincha_files/	118 KB 20 KB	146ms 43ms	Stylesheet text/css	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/BancoPichincha_files/bootstrap.min.css Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT content-encoding gzip etag W/"5ce68b38-1d975" last-modified Thu, 23 May 2019 11:59:52 GMT server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/css status 200
GET		common.min.css bancaweb.pichincha.com/bancapersonal/css/	0 0
GET H2	200	font.min.css nuevoenvios.webcindario.com/BancoPichincha_files/	910 B 1 KB	144ms 44ms	Stylesheet text/css	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/BancoPichincha_files/font.min.css Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 7fe3e7c6bb4cee1a6275efca92646a6a9601c6a0fee83dda8f2c6f072a353480 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT etag "5ce68b38-38e" last-modified Thu, 23 May 2019 11:59:52 GMT server nginx x-powered-by Webcindario Hosting Service content-type text/css status 200 accept-ranges bytes content-length 910
GET H2	200	logo.svg nuevoenvios.webcindario.com/BancoPichincha_files/	10 KB 10 KB	145ms 46ms	Image image/svg+xml	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://nuevoenvios.webcindario.com/BancoPichincha_files/logo.svg Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash af792c6398f9d568f37f7bd93bcd831c5f27bdb0fa19131137c41497fe6576eb Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT etag "5ce68b38-28e5" last-modified Thu, 23 May 2019 11:59:52 GMT server nginx x-powered-by Webcindario Hosting Service content-type image/svg+xml status 200 accept-ranges bytes content-length 10469
GET H2	200	HomeBanking.css nuevoenvios.webcindario.com/hbapp_files/	12 KB 2 KB	143ms 44ms	Stylesheet text/css	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/hbapp_files/HomeBanking.css Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 88c47a8d1f086d15e72efad1b9f2732d61e699480322c15fa660bd8d7ebf08e4 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT content-encoding gzip etag W/"4f4ca0dc-3003" last-modified Tue, 28 Feb 2012 09:39:40 GMT server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/css status 200
GET H2	200	common.js Show response nuevoenvios.webcindario.com/hbapp_files/	14 KB 4 KB	142ms 45ms	Script application/javascript	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/hbapp_files/common.js Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash a179322cbcd18fb4ce6d88b16268bdfb3e21fc0004430e74053c1775e6b36061 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT content-encoding gzip etag W/"4f4ca0dc-3778" last-modified Tue, 28 Feb 2012 09:39:40 GMT server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type application/javascript status 200
GET H2	200	ayuda.js Show response nuevoenvios.webcindario.com/hbapp_files/	2 KB 1021 B	138ms 45ms	Script application/javascript	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/hbapp_files/ayuda.js Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 084f1ee55bf81c47122e4538bd29a75515ac4f6a13e5324d6753fd7071eed9df Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT content-encoding gzip etag W/"4f4ca0dc-6eb" last-modified Tue, 28 Feb 2012 09:39:40 GMT server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type application/javascript status 200
GET H2	200	TopLogin.gif nuevoenvios.webcindario.com/hbapp_files/	4 KB 4 KB	67ms 65ms	Image image/gif	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://nuevoenvios.webcindario.com/hbapp_files/TopLogin.gif Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash e4736436eeec9331be69d502fdba78c5dbdca7ed6fe0a453eea07e09d24756b9 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT etag "5cdc4812-eb1" last-modified Wed, 15 May 2019 17:10:42 GMT server nginx x-powered-by Webcindario Hosting Service content-type image/gif status 200 accept-ranges bytes content-length 3761
GET H2	200	0.gif nuevoenvios.webcindario.com/hbapp_files/	43 B 193 B	67ms 65ms	Image image/gif	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://nuevoenvios.webcindario.com/hbapp_files/0.gif Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT etag "4f4ca0dc-2b" last-modified Tue, 28 Feb 2012 09:39:40 GMT server nginx x-powered-by Webcindario Hosting Service content-type image/gif status 200 accept-ranges bytes content-length 43
GET H2	200	botIngresar.gif nuevoenvios.webcindario.com/hbapp_files/	2 KB 2 KB	67ms 65ms	Image image/gif	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://nuevoenvios.webcindario.com/hbapp_files/botIngresar.gif Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 902a1b1b4063baf5fbb56a912d0342ec453e7b83ffe6e46ea0d12c30d4f5172d Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:19 GMT etag "4f4ca0dc-6b6" last-modified Tue, 28 Feb 2012 09:39:40 GMT server nginx x-powered-by Webcindario Hosting Service content-type image/gif status 200 accept-ranges bytes content-length 1718
GET H2	200	huellaDigital.min.js.descarga Show response nuevoenvios.webcindario.com/BancoPichincha_files/	6 KB 2 KB	67ms 64ms	Script text/html	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/BancoPichincha_files/huellaDigital.min.js.descarga Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 152b0b6161e1ac2bba590869fc9b5c87b04c4f6d51c757727a5d81620296e496 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 12 Jun 2019 17:40:19 GMT content-encoding gzip server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/html
GET H2	200	jquery-3.3.1.min.js.descarga Show response nuevoenvios.webcindario.com/BancoPichincha_files/	86 KB 30 KB	67ms 64ms	Script text/html	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/BancoPichincha_files/jquery-3.3.1.min.js.descarga Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash a55efec91b3393de5d0017f9bffb958b0caaf639103435fc9a674c382fb07ca4 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 12 Jun 2019 17:40:19 GMT content-encoding gzip server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/html
GET H2	200	bootstrap.min.js.descarga Show response nuevoenvios.webcindario.com/BancoPichincha_files/	37 KB 10 KB	67ms 64ms	Script text/html	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://nuevoenvios.webcindario.com/BancoPichincha_files/bootstrap.min.js.descarga Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash e700107013d4a21413387b5cc0debd2e7458304e6fb00314cb9d71b4aa93af2e Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 12 Jun 2019 17:40:19 GMT content-encoding gzip server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/html
GET H2	200	bklogin.gif nuevoenvios.webcindario.com/hbapp_files/	6 KB 6 KB	40ms 38ms	Image image/gif	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://nuevoenvios.webcindario.com/hbapp_files/bklogin.gif Requested by Host: coldstream.civicwebcms.com URL: http://coldstream.civicwebcms.com/sites/coldstream.civicwebcms.com/files/webform/pichinchaonline.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 1fa07a074aeb9ae8c11bae47bec08555e0ba12ea201c3aa8097415af35878866 Request headers Referer http://coldstream.civicwebcms.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 12 Jun 2019 17:40:20 GMT etag "4f4ca0dc-1828" last-modified Tue, 28 Feb 2012 09:39:40 GMT server nginx x-powered-by Webcindario Hosting Service content-type image/gif status 200 accept-ranges bytes content-length 6184

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bancaweb.pichincha.com

URL

https://bancaweb.pichincha.com/bancapersonal/css/common.min.css

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Pichincha (Banking)

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| checkMandatory function| checkMinLength function| isAlphaNumeric function| AlfaNumCheck function| trim function| rtrim function| ltrim function| openWindow function| openFloatWindow function| openFloatWindowReturn function| setValue function| diff function| FormatoFecha function| notEmptyCheck function| lengthCheck function| integerCheck function| realCheckOld function| realCheck function| emailCheck function| intCheck function| passCheck function| validatePrompt function| gt0Check function| ge0Check function| lt0Check function| le0Check function| dateCheck function| gtDate function| patternMatchCheck function| parseFloatSpanish function| CleanForm function| checkGreaterThanCero function| checkNumeric function| checkNumericLength string| digits string| float_chars string| int_chars string| phone_chars string| zip_chars string| alpha string| lowAlpha function| PosicionAyuda function| BuscaCoordenadas function| Coordenada function| MuestraOcultaLayers function| BuscaObjeto function| enviar function| getPlug function| getZone function| getScreenDepth function| getFont function| detect function| getBrowserAndVersion function| getOS function| setHuella

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bancaweb.pichincha.com
coldstream.civicwebcms.com
nuevoenvios.webcindario.com
bancaweb.pichincha.com
5.57.226.202
67.22.106.27
084f1ee55bf81c47122e4538bd29a75515ac4f6a13e5324d6753fd7071eed9df
152b0b6161e1ac2bba590869fc9b5c87b04c4f6d51c757727a5d81620296e496
1fa07a074aeb9ae8c11bae47bec08555e0ba12ea201c3aa8097415af35878866
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15
7fe3e7c6bb4cee1a6275efca92646a6a9601c6a0fee83dda8f2c6f072a353480
88c47a8d1f086d15e72efad1b9f2732d61e699480322c15fa660bd8d7ebf08e4
902a1b1b4063baf5fbb56a912d0342ec453e7b83ffe6e46ea0d12c30d4f5172d
a179322cbcd18fb4ce6d88b16268bdfb3e21fc0004430e74053c1775e6b36061
a55efec91b3393de5d0017f9bffb958b0caaf639103435fc9a674c382fb07ca4
af792c6398f9d568f37f7bd93bcd831c5f27bdb0fa19131137c41497fe6576eb
e4736436eeec9331be69d502fdba78c5dbdca7ed6fe0a453eea07e09d24756b9
e6c29bf9aaaae5d4b76d47f900557d4c8b27cceaeb31952ce8d913a30f6c830a
e700107013d4a21413387b5cc0debd2e7458304e6fb00314cb9d71b4aa93af2e