rj-made.com
Open in
urlscan Pro
107.174.244.119
Malicious Activity!
Public Scan
Submission: On April 16 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on March 1st 2021. Valid for: 3 months.
This is the only time rj-made.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ASB Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 107.174.244.119 107.174.244.119 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
16 | 140.168.252.26 140.168.252.26 | 137448 (ASBBANKLI...) (ASBBANKLIMITED-AS-AP ASB BANK LIMITED) | |
6 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2004 | 15169 (GOOGLE) (GOOGLE) | |
2 | 140.168.252.29 140.168.252.29 | 137448 (ASBBANKLI...) (ASBBANKLIMITED-AS-AP ASB BANK LIMITED) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
39 | 7 |
ASN137448 (ASBBANKLIMITED-AS-AP ASB BANK LIMITED, NZ)
online.asb.co.nz |
ASN137448 (ASBBANKLIMITED-AS-AP ASB BANK LIMITED, NZ)
banner.asb.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
asb.co.nz
online.asb.co.nz banner.asb.co.nz |
89 KB |
8 |
gstatic.com
www.gstatic.com |
334 KB |
3 |
google.com
www.google.com |
13 KB |
1 |
rj-made.com
rj-made.com |
25 KB |
39 | 4 |
Domain | Requested by | |
---|---|---|
16 | online.asb.co.nz |
rj-made.com
online.asb.co.nz |
8 | www.gstatic.com |
rj-made.com
www.google.com |
3 | www.google.com |
rj-made.com
|
2 | banner.asb.co.nz |
rj-made.com
|
1 | rj-made.com | |
39 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.asb.co.nz |
online.asb.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.rj-made.com R3 |
2021-03-01 - 2021-05-30 |
3 months | crt.sh |
online.asb.co.nz Entrust Certification Authority - L1M |
2019-10-08 - 2021-11-06 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
banner.asb.co.nz Entrust Certification Authority - L1M |
2020-04-08 - 2022-04-08 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://rj-made.com/asb-co-nz/MBVKSUYDGFWSUIDGFWES7EJH57WU4EGW89UEGRFWESDGHSD0SD98FE9RD7F8RDFGHSDXFR/auth/auth.php?gVFShmMHqo1Nzap5eVRbvGRCT8eAA7bm0CFQpMAChLJd1UqhQEEhiPweCXTCbQu0SGtN3Yo9QDNjpzB87lCVxQWadIcowZQcoXtb3XR34Ynov0enZK86DQb1CtZewh5cORyMVEQBE2TEiZlWBsxFJkYwncXvdhVPEkkET1hgToXVyFX7vALg0CPeDSOwtFzc247KwuIG=
Frame ID: 4D13CB01F75BCA9280DEC4FF9F3208AC
Requests: 31 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&co=aHR0cHM6Ly9vbmxpbmUuYXNiLmNvLm56OjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&cb=39q5zorcoexv
Frame ID: DFCDF8ABB833FE18AD8A485E30B08B34
Requests: 4 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LcHumoUAAAAAM6d5MNFsuwIypIszPyRVVP0n_H0&cb=gptcnbi66swt
Frame ID: 3C3BED7A4CD326AA025155E93751A679
Requests: 4 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Underscore.js (JavaScript Libraries) Expand
Detected patterns
- script /underscore.*\.js(?:\?ver=([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Register now
Search URL Search Domain Scan URL
Title: Terms and conditions
Search URL Search Domain Scan URL
Title: About security
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Internet access terms
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
auth.php
rj-made.com/asb-co-nz/MBVKSUYDGFWSUIDGFWES7EJH57WU4EGW89UEGRFWESDGHSD0SD98FE9RD7F8RDFGHSDXFR/auth/ |
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.min.css
online.asb.co.nz/auth/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
online.asb.co.nz/auth/css/ |
26 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr-2.7.1.js
online.asb.co.nz/auth/js/ |
17 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json2.min.js
online.asb.co.nz/auth/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sha1.min.js
online.asb.co.nz/auth/js/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.0.min.js
online.asb.co.nz/auth/js/ |
94 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PopupManager.min.js
online.asb.co.nz/auth/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custFontSize.min.js
online.asb.co.nz/auth/js/ |
852 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
underscore-min.js
online.asb.co.nz/auth/js/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
909 B 671 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-accept.min.js
online.asb.co.nz/auth/js/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginBody.min.js
online.asb.co.nz/auth/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.min.js
online.asb.co.nz/auth/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
func.min.js
banner.asb.co.nz/Scripts/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
M
banner.asb.co.nz/marketting/ |
0 246 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-regular.woff2
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame DFCD |
20 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-asb.svg
online.asb.co.nz/auth/css/icons/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-profile.svg
online.asb.co.nz/auth/css/icons/ |
534 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-lock-outline.svg
online.asb.co.nz/auth/css/icons/ |
757 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-information.svg
online.asb.co.nz/auth/css/icons/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-extralight.woff2
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-semibold.woff2
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
bframe
www.google.com/recaptcha/api2/ Frame 3C3B |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ |
334 KB 334 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ Frame DFCD |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ Frame DFCD |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ Frame 3C3B |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ Frame 3C3B |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ Frame DFCD |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-regular.woff
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ Frame 3C3B |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-semibold.woff
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-extralight.woff
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-regular.ttf
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-semibold.ttf
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
overpass-extralight.ttf
online.asb.co.nz/auth/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-regular.woff2
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-extralight.woff2
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-semibold.woff2
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-regular.woff
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-semibold.woff
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-extralight.woff
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-regular.ttf
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-semibold.ttf
- Domain
- online.asb.co.nz
- URL
- https://online.asb.co.nz/auth/css/fonts/overpass-extralight.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ASB Bank (Banking)63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Modernizr object| html5 function| yepnope function| hex_sha1 function| b64_sha1 function| any_sha1 function| hex_hmac_sha1 function| b64_hmac_sha1 function| any_hmac_sha1 function| sha1_vm_test function| rstr_sha1 function| rstr_hmac_sha1 function| rstr2hex function| rstr2b64 function| rstr2any function| str2rstr_utf8 function| str2rstr_utf16le function| str2rstr_utf16be function| rstr2binb function| binb2rstr function| binb_sha1 function| sha1_ft function| sha1_kt function| safe_add function| bit_rol number| hexcase string| b64pad function| $ function| jQuery function| popupManagerRegisterNS object| ASB function| custFontSize function| _ object| MarketingConfig object| antiClickjack object| loginConfig function| getCookie string| warningString function| LoadMarketing function| LoadFunc object| jQuery1110018872801891216562 number| intFontSize number| currentFontSize number| c_start object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rj-made.com/ | Name: IV_JCT Value: %2Fauth |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banner.asb.co.nz
online.asb.co.nz
rj-made.com
www.google.com
www.gstatic.com
online.asb.co.nz
107.174.244.119
140.168.252.26
140.168.252.29
2a00:1450:4001:803::2003
2a00:1450:4001:808::2003
2a00:1450:4001:813::2004
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
0adbf7dab640633fc199eb2fe91784847a1c81571de43ede1ef577efa7ba0df1
10b33fdad14719c081f524e492199133dab898e40a5da5a393df1a3b9a3d0633
1274f09ff41e34718771c90edda5b41b011e4122006fbfb9bb6efa7adb392cce
34c1757c7eac4eeb1f4c65be191d76ea7a851ea44f155e79d4db456971f09926
3697c2d6dce22c53f2929a3a06a7b8d9c45fb3b3004d66a40e3ae5d523c769e0
3f20f7b5c6a167c81a08fd9f810c149dd791d9dcd8c5565f7e55a20140c70d94
4b3cf8c87337c3e89ab4d5098cb37f4394774441331a1e1e6a01425a955667c2
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
7e9524154c00820e477b9289c2a86727673c17edb1bf531b41771cc5d6245d5a
849a88f0801d56701f2ab2aa3d255cfa9ac03b4b20cc85cecd41816fb4271da5
8ed769e9c3db90a36cfc03e8cae73eedf2a554b464d689b7b246442302ffe41e
951349bd5206d7885ec9d7e299f2115618eeefdd9f9c53fdb834187aee291f03
a073f4b5de1358710e099851f696b89975c2fdbdceb462f4d806903bc203be20
ae53b8317e54a9e60cded2b876fa42538391c5d782b908995d5d54940f534ce5
bce31cd5fcf9edb3c13f68c8270e8dd6181b0dcb12143342a0e55bcf805fc92d
c8d558dceebc613d004d2042350127e313336e792a13143726718fe22d5ceb7f
cdef89fc9e6fe720ff5c4ad6047e741135d64c8110284bd987378514b00fff16
d0f9fcead3b420bf003b420818181a7428accd2d7c2340297c3a03135f19d4d4
daff09c2eed6877d426f90bff5e7997c1f2d8123a0a3637fa5a7b1e2ac71f305
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea96c489669f0f8f60e99fa09e947d4ba62cbde2a11b905318c5d94cfbdaceef
eb5db1db26f8e30dc4df52f253a472255e6e052fd3b2e25bf5a687921fc14079