www.resoanbsank.top
Open in
urlscan Pro
103.45.64.19
Malicious Activity!
Public Scan
Effective URL: https://www.resoanbsank.top/
Submission: On January 26 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.
This is the only time www.resoanbsank.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Resona Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 103.45.64.19 103.45.64.19 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
2 | 203.107.86.226 203.107.86.226 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
1 | 18.172.52.38 18.172.52.38 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 142.251.42.168 142.251.42.168 | 15169 (GOOGLE) (GOOGLE) | |
2 | 13.251.181.147 13.251.181.147 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 143.204.126.15 143.204.126.15 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
39 | 8 |
ASN64050 (BCPL-SG BGPNET Global ASN, SG)
www.resoanbeank.com | |
www.resoanbsank.top |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
sdk.51.la |
ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-38.nrt20.r.cloudfront.net
static.fraud-alert.net |
ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f8.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com
seal.digicert.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-15.nrt20.r.cloudfront.net
p.fraud-alert.net |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
resoanbsank.top
www.resoanbsank.top |
42 KB |
9 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
178 KB |
7 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 376 |
28 KB |
2 |
digicert.com
seal.digicert.com — Cisco Umbrella Rank: 10960 |
9 KB |
2 |
fraud-alert.net
static.fraud-alert.net p.fraud-alert.net |
22 KB |
2 |
51.la
sdk.51.la — Cisco Umbrella Rank: 71106 collect-v6.51.la Failed |
26 KB |
1 |
resoanbeank.com
www.resoanbeank.com |
656 B |
39 | 7 |
Domain | Requested by | |
---|---|---|
14 | www.resoanbsank.top |
www.resoanbsank.top
|
9 | www.googletagmanager.com |
www.resoanbsank.top
www.googletagmanager.com |
7 | bat.bing.com |
www.googletagmanager.com
bat.bing.com www.resoanbsank.top |
2 | seal.digicert.com |
www.resoanbsank.top
|
2 | sdk.51.la |
www.resoanbeank.com
www.resoanbsank.top |
1 | p.fraud-alert.net |
www.resoanbsank.top
|
1 | static.fraud-alert.net |
www.resoanbsank.top
|
1 | www.resoanbeank.com | |
0 | collect-v6.51.la Failed |
sdk.51.la
|
39 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.resona-gr.co.jp |
www.resonabank.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.resoanbeank.com R3 |
2024-01-25 - 2024-04-24 |
3 months | crt.sh |
*.51.la GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-20 - 2024-05-21 |
a year | crt.sh |
www.resoanbsank.top R3 |
2024-01-25 - 2024-04-24 |
3 months | crt.sh |
*.fraud-alert.net Amazon RSA 2048 M02 |
2023-09-28 - 2024-10-27 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-07 - 2024-06-05 |
a year | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 02 |
2024-01-21 - 2024-06-27 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.resoanbsank.top/
Frame ID: 8B18B6B1D48FB33E201BD18750834763
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
りそな銀行 マイゲートPage URL History Show full URLs
- https://www.resoanbeank.com/ Page URL
- https://www.resoanbsank.top/ Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- <input[^>]+name="__VIEWSTATE
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: お問合せはこちらから
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.resoanbeank.com/ Page URL
- https://www.resoanbsank.top/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.resoanbeank.com/ |
533 B 656 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js-sdk-pro.min.js
sdk.51.la/ |
34 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
collect-v6.51.la/v6/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.resoanbsank.top/ |
18 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.css
www.resoanbsank.top/static/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sresonacommon.js
www.resoanbsank.top/static/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js-sdk-pro.min.js
sdk.51.la/ |
34 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scs0102010.css
www.resoanbsank.top/static/css/ |
1 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sresonaseckeyboard.css
www.resoanbsank.top/static/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.resoanbsank.top/static/picture/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
help.png
www.resoanbsank.top/static/picture/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sresonaseckeyboard.js
www.resoanbsank.top/static/js/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bankname_jp.png
www.resoanbsank.top/static/picture/ |
974 B 1014 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_comment.png
www.resoanbsank.top/static/picture/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
right_arrow.png
www.resoanbsank.top/static/picture/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bullet_arrow_top.png
www.resoanbsank.top/static/picture/ |
170 B 209 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ci.gif
www.resoanbsank.top/static/picture/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
collect-v6.51.la/v6/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.js
static.fraud-alert.net/ |
62 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
630 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seal.min.js
seal.digicert.com/seals/cascade/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp1.png
www.resoanbsank.top/static/images/ |
569 B 632 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accept
p.fraud-alert.net/ |
0 441 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
115 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 57 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
td
www.googletagmanager.com/ |
0 130 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
97077152.js
bat.bing.com/p/action/ |
1 KB 840 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 361 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
97077152
bat.bing.com/p/insights/t/ |
724 B 939 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.7.20
bat.bing.com/p/insights/s/ |
34 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
seal.digicert.com/seals/cascade/ |
155 B 626 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
b
bat.bing.com/p/insights/c/ |
0 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
b
bat.bing.com/p/insights/c/ |
0 122 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- collect-v6.51.la
- URL
- https://collect-v6.51.la/v6/collect?dt=4
- Domain
- collect-v6.51.la
- URL
- https://collect-v6.51.la/v6/collect?dt=4
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Resona Bank (Banking)41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| doScroll function| setEnterEvent function| InvalidInput function| SResonaInit object| LA number| laWaitTime object| _cpaq object| dataLayer undefined| theForm function| __doPostBack string| enterBtnId undefined| keyBoardObj function| $ function| $display function| $getStyle function| $getDisplay function| $Sleep function| $getElmTop function| getNowY function| $scrollToTop function| $createKeyboardBase function| showSoftwareKeyBoard function| SResonaSecKeyboard object| __dcid object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log object| __Cascade object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| UET function| UET_init function| UET_push object| ueto_1dbb58e244 object| uetq function| webinsights object| insightsuetq string| prop17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.resoanbeank.com/ | Name: ASPSESSIONIDAETSSQBR Value: GHFJGGKBCJLGFGGLKKJNBDBB |
|
www.resoanbeank.com/ | Name: __vtins__JyXMlR6BxTS1YSQd Value: %7B%22sid%22%3A%20%22652854be-47da-5f08-9d98-c58f1d01aa1a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201706270482169%2C%20%22ct%22%3A%201706268682169%7D |
|
www.resoanbeank.com/ | Name: __51uvsct__JyXMlR6BxTS1YSQd Value: 1 |
|
www.resoanbeank.com/ | Name: __51vcke__JyXMlR6BxTS1YSQd Value: 2504ad54-9f80-593d-9979-6db34576c936 |
|
www.resoanbeank.com/ | Name: __51vuft__JyXMlR6BxTS1YSQd Value: 1706268682172 |
|
www.resoanbsank.top/ | Name: ASPSESSIONIDAGSRQTAQ Value: BJKPHDKBFFLCNCDAEKHCNDFC |
|
www.resoanbsank.top/ | Name: __vtins__KHp6yM8LF4go2hGD Value: %7B%22sid%22%3A%20%2261611fd4-8b66-52ab-9d82-0fa772371745%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201706270493163%2C%20%22ct%22%3A%201706268693163%7D |
|
www.resoanbsank.top/ | Name: __51uvsct__KHp6yM8LF4go2hGD Value: 1 |
|
www.resoanbsank.top/ | Name: __51vcke__KHp6yM8LF4go2hGD Value: da79cf40-de59-53ed-9413-709231c6dd5f |
|
www.resoanbsank.top/ | Name: __51vuft__KHp6yM8LF4go2hGD Value: 1706268693164 |
|
.fraud-alert.net/ | Name: caulisCookie Value: 1015585787127087106 |
|
.resoanbsank.top/ | Name: _gcl_au Value: 1.1.1295553454.1706268694 |
|
.bing.com/ | Name: MUID Value: 2E725788E2096EF13C95439AE3716F93 |
|
.bat.bing.com/ | Name: MR Value: 0 |
|
.bat.bing.com/ | Name: MSPTC Value: jnCbJcNnjnHAf1oBzSRQ2p6PvZSWFaSroU-dlMl4s-o |
|
.resoanbsank.top/ | Name: _uetsid Value: 75a4ec10bc3e11eebe281b54698411b9|1kli1im|2|fiq|0|1486 |
|
.resoanbsank.top/ | Name: _uetvid Value: 75a53cc0bc3e11eeabebcb96a280ca31|ttaszu|1706268695098|1|1|bat.bing.com/p/insights/c/b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bat.bing.com
collect-v6.51.la
p.fraud-alert.net
sdk.51.la
seal.digicert.com
static.fraud-alert.net
www.googletagmanager.com
www.resoanbeank.com
www.resoanbsank.top
collect-v6.51.la
103.45.64.19
13.251.181.147
142.251.42.168
143.204.126.15
18.172.52.38
203.107.86.226
204.79.197.200
045953300026ca6ad4ca4412e7ee494bed9b881f6545d60f1534113a7bf777ef
0923b154b710ec5c80a8477ab7617e0620ac9da66937bf9e8e2780fe0556860b
0ce49179f8372fa449f4320a3d578d8fc6426a53e4ddbd6f1b5ffc1c3490c768
28f71234c77274a5e28078e2c3a80ac03a54415a5733d8b8b6ab422b2056cbdb
2930fe159b32a9dd59017b729e11979f74eabfec285c1657391146ecf3663d70
39a34b6e5fbd40ffe2c4548204d4001a5b30f9a1de69b8a25496b7fe15d0e695
4f4d1553716ce299b83239aab49161f787c69cf400868447e039701a44f4b381
573ae17aaefecb1fde31130fa00ac93d461fafb601e55cde82b2932ac3a793b4
5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6
6e08ac11997ad16818789ec272d6af1f2603a7d1425e74a604adfeb9153ab130
7be78c98a5f6c37f9eb313cfc3c07b1c525807b1c0ac350e3b639413d63e0daa
817f56ef5b0f6258a388ca4b7f10bf48398680a87bd87118dd97791062fbf49b
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
85e3861f84fe1d736d304678b71f43ae7589ebbd5055e2cc57603d645c1a91e0
87351606e4f01343277429723dc01220b66e586ad4b2215a8bebf9fb3099f8c8
9a5c1c7d2aa5626a759eecc3402cae440dd07cb971142d51bbc5adb743923896
9a7d28278a9dc945415f08c2c735342cc5a8a3f50bde53851c2aea92cd81d3e2
ae4582eb88d79a88c519b437a05f2d203f34d4068f121e73a44dea8b5eaf68a9
b812c12483496866867bac1dcad9c138a5d9d2b2d98a1a07c2ddd4c88f4f2eea
c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
d5de6ff939cf8000e6d333614697ceced9e3223ac5ea2c03822eabe46a030736
dcc48f0e53c010fe144c6bffd2ce7065177d14e0c31607ba37cb6629b83af373
e2844fb8d33bafe6507949f5925f19b5ba74dbf8d7ad6ee7c6bbe7213849d6df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9cd788ab7a8ee6e9b82a5fd60772e9c723677840168d5c4dab1c9b81bf91c3e