![](/screenshots/49654b02-35a7-4a54-8d59-0f83d5af58cd.png)
www.nexi.swiss
Open in
urlscan Pro
185.198.118.126
Malicious Activity!
Public Scan
Effective URL: https://www.nexi.swiss/de
Submission: On April 09 via api from CH — Scanned from CH
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 8th 2023. Valid for: a year.
This is the only time www.nexi.swiss was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nexi (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.75.241.234 54.75.241.234 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 94.237.7.63 94.237.7.63 | 202053 (UPCLOUD) (UPCLOUD) | |
1 1 | 51.145.250.217 51.145.250.217 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 13.69.228.0 13.69.228.0 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 18 | 185.198.118.126 185.198.118.126 | 35051 (NEXI-AS) (NEXI-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.186.68 142.250.186.68 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:225... 2600:9000:225b:5000:5:b7cc:d3c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2606:4700:10:... 2606:4700:10::6816:1cc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.66.192.23 18.66.192.23 | 16509 (AMAZON-02) (AMAZON-02) | |
29 | 9 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
sdk.privacy-center.org |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-23.muc50.r.cloudfront.net
sdk.privacy-center.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
nexi.swiss
1 redirects
nexi.swiss www.nexi.swiss |
5 MB |
3 |
acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 6772 cdn.acsbapp.com — Cisco Umbrella Rank: 7268 |
95 KB |
3 |
privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4768 |
167 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 5 |
885 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
201 KB |
2 |
nets.eu
2 redirects
www.nets.eu payments.nets.eu |
568 B |
1 |
gstatic.com
www.gstatic.com |
201 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 746 |
31 KB |
1 |
ccv.eu
1 redirects
www.ccv.eu |
5 KB |
1 |
jeronimo.ch
1 redirects
jeronimo.ch |
99 B |
29 | 10 |
Domain | Requested by | |
---|---|---|
17 | www.nexi.swiss |
www.nexi.swiss
|
3 | sdk.privacy-center.org |
www.nexi.swiss
sdk.privacy-center.org |
2 | acsbapp.com |
www.nexi.swiss
acsbapp.com |
2 | www.google.com |
www.nexi.swiss
www.gstatic.com |
2 | www.googletagmanager.com |
www.nexi.swiss
www.googletagmanager.com |
1 | cdn.acsbapp.com |
acsbapp.com
|
1 | www.gstatic.com |
www.google.com
|
1 | ajax.googleapis.com |
www.nexi.swiss
|
1 | nexi.swiss | 1 redirects |
1 | payments.nets.eu | 1 redirects |
1 | www.nets.eu | 1 redirects |
1 | www.ccv.eu | 1 redirects |
1 | jeronimo.ch | 1 redirects |
29 | 13 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.nexi.swiss Sectigo RSA Domain Validation Secure Server CA |
2023-08-08 - 2024-09-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.privacy-center.org Amazon RSA 2048 M03 |
2024-03-10 - 2025-04-07 |
a year | crt.sh |
acsbapp.com GTS CA 1P5 |
2024-02-23 - 2024-05-23 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.nexi.swiss/de
Frame ID: DD361882E07613BB979B5A9AA8D86F42
Requests: 29 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly93d3cubmV4aS5zd2lzczo0NDM.&hl=de-CH&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=pul1rhvcw26g
Frame ID: 5BE31176C7AD0BB8F3E2C75369E4B973
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/49654b02-35a7-4a54-8d59-0f83d5af58cd.png)
Page Title
Bezahllösungen für Ihr Geschäft | Nexi Schweiz - Ihr Payment PartnerPage URL History Show full URLs
-
https://jeronimo.ch/
HTTP 301
https://www.ccv.eu/ch-de/ HTTP 301
https://www.nets.eu/de-CH/payments HTTP 301
https://payments.nets.eu/de-CH HTTP 308
https://nexi.swiss/de HTTP 301
https://www.nexi.swiss/de Page URL
Detected technologies
Detected patterns
- /etc\.clientlibs/
![](/vendor/wappa/icons/didomi.png)
Detected patterns
- sdk\.privacy-center\.org/.*/loader\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
![](/vendor/wappa/icons/reCAPTCHA.png)
Detected patterns
- /recaptcha/api\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Leitfaden für barrierefreie Bildschirmlesegeräte, Feedback und Fehlerberichte
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Offene Stellen
Search URL Search Domain Scan URL
Title: Newsletter
Search URL Search Domain Scan URL
Title: Hinweisgebersystem
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://jeronimo.ch/
HTTP 301
https://www.ccv.eu/ch-de/ HTTP 301
https://www.nets.eu/de-CH/payments HTTP 301
https://payments.nets.eu/de-CH HTTP 308
https://nexi.swiss/de HTTP 301
https://www.nexi.swiss/de Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
de
www.nexi.swiss/ Redirect Chain
|
76 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-site.css
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/ |
289 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nexi-logo-white.svg
www.nexi.swiss/content/dam/nexinew/icone/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nexi-logo-dark.svg
www.nexi.swiss/content/dam/nexinew/icone/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DE-Spring-Offer-1920x1080.webp
www.nexi.swiss/content/dam/nexich/img/offer/ |
207 KB 208 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Home_Slide-Offer.png
www.nexi.swiss/content/dam/nexich/desktop/home/ |
3 MB 3 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Home_Slide-Offer2.png
www.nexi.swiss/content/dam/nexich/desktop/home/ |
341 KB 342 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
307 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-site.js
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/ |
838 KB 840 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 885 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
www.nexi.swiss/g78f9/in/b76cf975e1179ecc1956e164ee598fd8/2/ |
0 832 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
64 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ |
56 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
acsbapp.com/apps/app/dist/js/ |
302 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KarbonAppMedium.woff2
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nexinew.ttf
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/ |
21 KB 22 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KarbonApp.woff2
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ |
40 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ |
501 KB 201 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
304 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.4ee70385a827876ed22e1c022a02fc63ec620f9e.js
sdk.privacy-center.org/sdk/4ee70385a827876ed22e1c022a02fc63ec620f9e/modern/ |
342 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
cdn.acsbapp.com/config/nexi.swiss/ |
164 B 701 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame 5BE3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Verlauf_Nexi.jpg
www.nexi.swiss/content/dam/nexich/img/ |
90 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Border_Nexi.png
www.nexi.swiss/content/dam/nexich/img/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ui-gdpr-en-web.4ee70385a827876ed22e1c022a02fc63ec620f9e.js
sdk.privacy-center.org/sdk/4ee70385a827876ed22e1c022a02fc63ec620f9e/modern/ |
264 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KarbonAppSemibold.woff2
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de-app.json
acsbapp.com/apps/app/dist/js/locale/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.png
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ |
801 B 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ |
34 KB 35 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nexi (Banking)54 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| dataLayer object| nexinew function| $ function| jQuery boolean| gdprAppliesGlobally object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| didomiEventListeners object| didomiOnReady object| didomiRemoteConfig string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget object| regeneratorRuntime object| picturefillCFG function| picturefill function| clearImmediate function| setImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| thePicker object| deviceBreakpoints object| recaptcha object| closure_lm_91564 object| webpackChunkDidomi object| Didomi function| onYouTubeIframeAPIReady object| googletag object| adsbygoogle object| didomiState undefined| new_src object| DidomiSanitizing function| pure_addEventListener function| pure_removeEventListener4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.nets.eu/ | Name: NetsCORS Value: 108962430548d1aa88393ff5219c630c |
|
www.nets.eu/ | Name: Nets Value: 108962430548d1aa88393ff5219c630c |
|
www.nexi.swiss/ | Name: TS0168694d Value: 0101a8acbe55125f501750fae701dcbbb49d97f7add1ca9b8a6d1d69bd6f0cf037c624459d1b06bbf0a9d5457cc5c33fef9482789d |
|
.nexi.swiss/ | Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThlYzA2NTUtYjkyZC02N2Q0LWJlYmYtNmU5MTBmMzE1MTI2IiwiY3JlYXRlZCI6IjIwMjQtMDQtMDlUMDE6MDc6MzEuODU4WiIsInVwZGF0ZWQiOiIyMDI0LTA0LTA5VDAxOjA3OjMxLjg1OFoiLCJ2ZXJzaW9uIjpudWxsfQ== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acsbapp.com
ajax.googleapis.com
cdn.acsbapp.com
jeronimo.ch
nexi.swiss
payments.nets.eu
sdk.privacy-center.org
www.ccv.eu
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nets.eu
www.nexi.swiss
13.69.228.0
142.250.186.68
18.66.192.23
185.198.118.126
2600:9000:225b:5000:5:b7cc:d3c0:93a1
2606:4700:10::6816:1cc
2a00:1450:4001:808::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:828::2008
51.145.250.217
54.75.241.234
94.237.7.63
16d1130503387aa924cf223ff72a029d402ead92f5c6366798aa57582bc97e7f
24a87858c735bc97c97325274dcfac3022ce2f544f27c35e09fa6f31de31e1ee
261da024915b2029c9f8097cf9d6e8c58141720167467908b6d5972ea3da8859
27798a9f2d3863843469a5fa22c490c8871ad717a279a723d766a2fb0c24335e
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
2e3de6d0bb1cc35c3c0d2773b226a0c4fa11123f57ff08612b62b45e57793a2f
31b55f9ceb6046068f3ef37edcefb33ff8525cb641043d2e25543e7cd7bb6f0b
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
4eadfab9cc209e2c015499bf86bb7178360d0406f2f4d9bd6d942aca6588cb7f
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
56ac942979d04a52ea5050844008158594c1538eaaf42b227fac43efb9069242
79f17d8fc34aaa7c843fd3fe306ad4da4d8d156d0bd1adf3be1a19d4de9c47cc
7ac73c463d8a444e3d1d9f8f61a678ff5911c91395d05ee1ea26f80cd77fa506
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
b06d837458d194658b3a4744b4b0a7a012a0b26d3473a99b7aab66d56e321944
b69f81a22e01c8d3ff33d004cdb7e5e0ed711a1d7dd66e998f5d2d3382d0d750
c3dcbfb03072607c15168cb182bf50087a8a98ddb139008ee769a3f4e19f0316
cb21219cb43b49ba2a9186786d42843956614f6d1374bac21ce276f336da5c6d
cbc0db4c7cf95a8e6110801f0a85010d839580fcc71bbae20186e737c382d0e4
d47fb56be7653116e45291be9d309a661be43740a5b0adec22116d4b251669a6
ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e
e2ed3b0a025d512182f96ed82e8ebc9d4d5695b26d63b2b85f27e95e98f7c2be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f96415982ac980d30f14857ea49d167823797b51bc292593920936ad64e521a0