connexionbnc.cc
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Effective URL: https://connexionbnc.cc/login.php
Submission: On September 19 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by E1 on September 19th 2023. Valid for: 3 months.
This is the only time connexionbnc.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: National Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 18.200.152.171 18.200.152.171 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a02:26f0:480... 2a02:26f0:480:980::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a02:26f0:310... 2a02:26f0:3100:782::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 34.255.253.105 34.255.253.105 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 63.140.62.160 63.140.62.160 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a02:26f0:480... 2a02:26f0:480:184::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 2 | 172.217.18.2 172.217.18.2 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 2.21.20.197 2.21.20.197 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 2a02:26f0:480... 2a02:26f0:480:f::213:7ee3 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:480... 2a02:26f0:480:f::213:7ec8 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
29 | 10 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-152-171.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net | |
684dd32f.akstat.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-253-105.eu-west-1.compute.amazonaws.com
nationalbankofcanada.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net
nationalbankofcanada.d2.sc.omtrdc.net |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-197.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net | |
l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net |
Domain | Requested by | |
---|---|---|
17 | connexionbnc.cc |
1 redirects
connexionbnc.cc
|
3 | dpm.demdex.net |
connexionbnc.cc
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | assets.adobedtm.com |
connexionbnc.cc
|
1 | eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net | |
1 | trial-eum-clienttons-s.akamaihd.net | 1 redirects |
1 | l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net | |
1 | trial-eum-clientnsv4-s.akamaihd.net | 1 redirects |
1 | 684dd32f.akstat.io |
s.go-mpulse.net
|
1 | c.bing.com | 1 redirects |
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | nationalbankofcanada.d2.sc.omtrdc.net |
connexionbnc.cc
|
1 | nationalbankofcanada.demdex.net |
connexionbnc.cc
|
1 | s.go-mpulse.net |
connexionbnc.cc
|
1 | fonts.googleapis.com |
connexionbnc.cc
|
29 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
connexionbnc.cc E1 |
2023-09-19 - 2023-12-18 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
*.d2.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-03-08 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://connexionbnc.cc/login.php
Frame ID: 9087D7B0C912C69C5B5B8A184324E2D5
Requests: 26 HTTP requests in this frame
Frame:
https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=0
Frame ID: 46FED0CA7DFE1063B07F5973D851E707
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Banque Nationalevar s="Npousfs!mf!npu!ef!qbttf";var m="";for(var i=0;i<s.length;i++)m+=String.fromCharCode(s.charCodeAt(i)-1);document.write(m);Montrer le mot de passeMontrer le mot de passelocknbc-colorPage URL History Show full URLs
-
https://connexionbnc.cc/
HTTP 302
https://connexionbnc.cc/login.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://connexionbnc.cc/
HTTP 302
https://connexionbnc.cc/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTY5ODA1ODg5OTgwOTEyNTM5MDA4MTA1MjQ1ODkwNTc1NjY2MDk= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTY5ODA1ODg5OTgwOTEyNTM5MDA4MTA1MjQ1ODkwNTc1NjY2MDk=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEImo6O5mqFjcXeOuYyPGqv4&google_cver=1?gdpr=0&gdpr_consent=
- https://c.bing.com/c.gif?uid=16980588998091253900810524589057566609&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=055C1AFE6162642B1CF9096F60A265C4
- https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pn9xe3gjt HTTP 302
- https://l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net/eum/results.txt
- https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pn9xe3gjt HTTP 302
- https://eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net/eum/results.txt
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
connexionbnc.cc/ Redirect Chain
|
136 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s8757914879099.js
connexionbnc.cc/login_files/ |
1005 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
env.js
connexionbnc.cc/login_files/ |
25 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
launch-123dce461097.min.js
connexionbnc.cc/login_files/ |
321 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AppMeasurement.min.js
connexionbnc.cc/login_files/ |
33 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AppMeasurement_Module_AudienceManagement.min.js
connexionbnc.cc/login_files/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.827ef4a1.chunk.css
connexionbnc.cc/login_files/ |
185 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.72842dd1.chunk.css
connexionbnc.cc/login_files/ |
63 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RCdd901bf1abb545f789e50f6f63d2b691-source.min.js
connexionbnc.cc/login_files/ |
517 B 758 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
640 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SZN5Q-VQ7KH-LQLSD-7X4W8-9PBN3
s.go-mpulse.net/boomerang/ |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img-login.jpg
connexionbnc.cc/images/ |
158 KB 158 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gilroy-semibold-webfont.8c4b2681.woff2
connexionbnc.cc/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gilroy-medium-webfont.bc511f39.woff2
connexionbnc.cc/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
nationalbankofcanada.demdex.net/ Frame 46FE |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
nationalbankofcanada.d2.sc.omtrdc.net/ |
2 B 267 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gilroy-semibold-webfont.ef4cb314.woff
connexionbnc.cc/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gilroy-medium-webfont.eadb7586.woff
connexionbnc.cc/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
c.go-mpulse.net/api/ |
784 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEImo6O5mqFjcXeOuYyPGqv4&google_cver=1
dpm.demdex.net/ Frame 46FE Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1957&dpuuid=055C1AFE6162642B1CF9096F60A265C4
dpm.demdex.net/ Frame 46FE Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gilroy-bold-webfont.9fa57d4c.woff2
connexionbnc.cc/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
684dd32f.akstat.io/ |
0 202 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net/eum/ Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net/eum/ Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gilroy-bold-webfont.f391fbfe.woff
connexionbnc.cc/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: National Bank (Banking)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| cfg object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| bncdata object| dataLayer number| _dataLayerOverwriteMonitor string| BOOMR_API_key object| BOOMR function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s string| m function| greetClient function| AppMeasurement_Module_AudienceManagement function| DIL function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq number| BOOMR_onload9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
connexionbnc.cc/ | Name: PHPSESSID Value: 43140a0bf276d5a8334d6362b1d3d78d |
|
.demdex.net/ | Name: demdex Value: 16980588998091253900810524589057566609 |
|
.connexionbnc.cc/ | Name: AMCVS_1E24776A524450D90A490D44%40AdobeOrg Value: 1 |
|
.connexionbnc.cc/ | Name: AMCV_1E24776A524450D90A490D44%40AdobeOrg Value: -1567783779%7CMCIDTS%7C19620%7CMCMID%7C21944249411298954020205777553059786357%7CMCAAMLH-1695728491%7C6%7CMCAAMB-1695728491%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1695130891s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0 |
|
.demdex.net/ | Name: dextp Value: 771-1-1695123691969|1957-1-1695123692070 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUljwUNYTzCtd7XmmvxO0smmIcmYDrhZbgdQQN1eS4fV_1AgIKwmx0ZaTGsvsqo |
|
.dpm.demdex.net/ | Name: dpm Value: 16980588998091253900810524589057566609 |
|
.bing.com/ | Name: MUID Value: 055C1AFE6162642B1CF9096F60A265C4 |
|
.c.bing.com/ | Name: MR Value: 0 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
684dd32f.akstat.io
assets.adobedtm.com
c.bing.com
c.go-mpulse.net
cm.g.doubleclick.net
connexionbnc.cc
dpm.demdex.net
eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net
fonts.googleapis.com
l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net
nationalbankofcanada.d2.sc.omtrdc.net
nationalbankofcanada.demdex.net
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
172.217.18.2
18.200.152.171
2.21.20.197
2620:1ec:c11::200
2a00:1450:4001:80e::200a
2a02:26f0:3100:782::11a6
2a02:26f0:480:184::11a6
2a02:26f0:480:980::1e80
2a02:26f0:480:f::213:7ec8
2a02:26f0:480:f::213:7ee3
2a06:98c1:3121::3
34.255.253.105
63.140.62.160
0846293510ec6caad2ab4c91617022c0c9480b1c138a95438dd5012847391730
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0bc1f159c17f08cb6b3c78049738a9617e0f1741f386ff85eb559741be7ad55d
22f2cae2f91e095727bd417b5126f13811dcd7ef49197de7180c7451fa57097e
2d7cd237f9b5555e7e83bf991bef700ff997aa09613ead9dd4524f196a0b2d88
33a5d1b357304f3fd8de0e19a11834b274333d26d12e9982d9b3224c63680f42
3737862b343d300c6f865e3a62cdbe7098a57152d44a0a457369def3e8a0e7cc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871
5d4df8c4357872f840386c884903b5b9b6946dc892f58f215c9394c0ba762b47
61bbbdf2e3b27bf3e762e0aa4607d5d00820e2c1e457a5fc73c31e14feef17a6
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c37f89672eec9d252871794ad451aa9ffeb147a7f2f900ec53eb237b2766b12
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
a1d3072ff4cd340c89d4539320972b9330df30139350d15c3967dd6c410fcdef
bf59da8a122fa7a0bd3bf30d63b463444c537718b78813804ae46bdedc412754
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629