spillajewelry.com
Open in
urlscan Pro
216.55.185.101
Malicious Activity!
Public Scan
Submission: On December 04 via manual from GB
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 30th 2016. Valid for: a year.
This is the only time spillajewelry.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Barclays (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 216.55.185.101 216.55.185.101 | 18501 (CODERO-DFW) (CODERO-DFW - Codero) | |
22 | 157.83.124.232 157.83.124.232 | 44022 (BARCLAYS-...) (BARCLAYS-RETAIL) | |
1 2 | 63.140.43.21 63.140.43.21 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 66.117.29.11 66.117.29.11 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
33 | 5 |
ASN18501 (CODERO-DFW - Codero, US)
PTR: titan.indowebsite.net
spillajewelry.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: barclays.co.uk.ssl.d3.sc.omtrdc.net
smetrics.barclays.co.uk |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
barclaysbankplc.tt.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
barclays.co.uk
1 redirects
bank.barclays.co.uk smetrics.barclays.co.uk |
178 KB |
1 |
omtrdc.net
barclaysbankplc.tt.omtrdc.net |
749 B |
1 |
spillajewelry.com
spillajewelry.com |
29 KB |
33 | 3 |
Domain | Requested by | |
---|---|---|
22 | bank.barclays.co.uk |
spillajewelry.com
|
2 | smetrics.barclays.co.uk |
1 redirects
spillajewelry.com
|
1 | barclaysbankplc.tt.omtrdc.net |
bank.barclays.co.uk
|
1 | spillajewelry.com | |
33 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
bank.barclays.co.uk |
www.barclays.co.uk |
www.lendingstandardsboard.org.uk |
www.premierleague.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
spillajewelry.com COMODO RSA Domain Validation Secure Server CA |
2016-12-30 - 2017-12-30 |
a year | crt.sh |
bank.barclays.co.uk Symantec Class 3 EV SSL CA - G3 |
2017-10-27 - 2018-06-30 |
8 months | crt.sh |
smetrics.barclays.co.uk Entrust Certification Authority - L1M |
2017-11-27 - 2019-11-27 |
2 years | crt.sh |
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2017-10-19 - 2020-11-25 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://spillajewelry.com/wp-admin/barclays/barclays.htm
Frame ID: 6490.1
Requests: 33 HTTP requests in this frame
Screenshot
Detected technologies
UNIX (Operating Systems) ExpandDetected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
MooTools (JavaScript Frameworks) Expand
Detected patterns
- script /mootools.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Mobile site
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: www.lendingstandardsboard.org.uk
Search URL Search Domain Scan URL
Title: Proud sponsors of the Barclays Premier League
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s41149484568814?AQB=1&ndh=1&t=4%2F11%2F2017%208%3A50%3A27%201%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=https%3A%2F%2Fspillajewelry.com%2Fwp-admin%2Fbarclays%2Fbarclays.htm&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=8%3A30AM&v6=8%3A30AM&c7=Monday&v7=Monday&c8=Weekday&v8=Weekday&c16=%2Fwp-admin%2Fbarclays%2Fbarclays.htm&v36=MembershipID&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/s41149484568814?AQB=1&pccr=true&vidn=2D12862985311266-4000010DE000183D&&ndh=1&t=4%2F11%2F2017%208%3A50%3A27%201%200&ns=barclaysuk&cdp=3&pageName=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&g=https%3A%2F%2Fspillajewelry.com%2Fwp-admin%2Fbarclays%2Fbarclays.htm&cc=GBP&ch=UKRBB&server=bank.barclays.co.uk&events=event20%2Cevent3&c1=onl&c2=onl%3Alogon&v2=New&c3=onl%3Alogon%3ALogonLogin&c6=8%3A30AM&v6=8%3A30AM&c7=Monday&v7=Monday&c8=Weekday&v8=Weekday&c16=%2Fwp-admin%2Fbarclays%2Fbarclays.htm&v36=MembershipID&v39=D%3Ds_vi&v41=onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays&h1=onl%3Alogon%3ALogonLogin&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
barclays.htm
spillajewelry.com/wp-admin/barclays/ |
29 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
barclays-ftb-login.css
bank.barclays.co.uk/ftb/css/scss-compiled/ |
215 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
jq.js
bank.barclays.co.uk/js/jq/ |
273 KB 82 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.js
bank.barclays.co.uk/js/ib/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ib-pre-c1.js
bank.barclays.co.uk/js/ib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.Unlock.js
bank.barclays.co.uk/js/ib/ |
57 B 75 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
mbox.js
bank.barclays.co.uk/touchclarity/ |
28 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
barclays-logo.png
bank.barclays.co.uk/img/logos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
1321077818816-card_number_card.jpg
bank.barclays.co.uk/OLB/A/Content/Images/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
1321077850566-sortcode_account_number_card.jpg
bank.barclays.co.uk/OLB/A/Content/Images/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.Views.Accordion.LoginLinkWithoutAssistCookie.js
bank.barclays.co.uk/js/ib/Views/Accordion/ |
666 B 343 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
1321077819486-FSCS_logo_228_56.jpg
bank.barclays.co.uk/OLB/A/Content/Images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.Controls.Forms.Snippets.js
bank.barclays.co.uk/js/ib/Controls/Forms/ftb/ |
270 B 178 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
LoginTimeoutKeepAlive.js
bank.barclays.co.uk/js/ |
555 B 240 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
premier_league_masthead.jpg
bank.barclays.co.uk/img/logos/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iBarclays.WebAnalytics.js
bank.barclays.co.uk/js/ib/ |
22 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
s_codecookies.js
bank.barclays.co.uk/js/sitecatalyst/ |
51 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ib-pre-c1.js
bank.barclays.co.uk/js/ib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
barclays-logo.gif
bank.barclays.co.uk/img/logos/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-bold-webfont.woff
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-light-webfont.woff
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
login-panel-header-active-arrow.gif
bank.barclays.co.uk/ftb/img/ftb/ |
129 B 129 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ftb-new-login-icons.woff
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
radio-sprite.gif
bank.barclays.co.uk/ftb/img/ftb/ |
860 B 860 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
checkbox-sprite.png
bank.barclays.co.uk/ftb/img/ftb/checkbox/ |
642 B 642 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-regular-webfont.woff
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
side-bar-arrow.png
bank.barclays.co.uk/ftb/img/ftb/ |
224 B 224 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
s41149484568814
smetrics.barclays.co.uk/b/ss/barukprod/1/H.25.1/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax
barclaysbankplc.tt.omtrdc.net/m2/barclaysbankplc/mbox/ |
731 B 749 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-bold-webfont.ttf
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-regular-webfont.ttf
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
expertsans-light-webfont.ttf
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ftb-new-login-icons.ttf
bank.barclays.co.uk/ftb/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-bold-webfont.woff
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-light-webfont.woff
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/ftb-new-login-icons.woff
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-regular-webfont.woff
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-bold-webfont.ttf
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-regular-webfont.ttf
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/expertsans-light-webfont.ttf
- Domain
- bank.barclays.co.uk
- URL
- https://bank.barclays.co.uk/ftb/fonts/ftb-new-login-icons.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Barclays (Banking)155 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| escapeRegExp function| replaceAll function| ftbLabelClick function| selectBoxFix function| $ function| jQuery function| DP_jQuery_1512377427618 function| DateInput function| ftbIE8Fixes function| ftbClearPlaceholders string| _tc string| _tc_extra string| _trk_mbox_name object| mboxFactoryDefault object| iBarclays function| mboxDefine boolean| _ccpCat3 string| mboxCopyright object| TNT number| mboxVersion object| mboxFactories function| mboxLoadSCPlugin function| mboxTrack function| mboxTrackLink function| tt_Log function| tt_Redirect object| cmid function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxBarclaysCookieConsent object| reason function| mboxScPluginFetcher function| mboxVizTargetUrl undefined| f function| LoginTimeoutKeepAlive object| loginTimeoutKeepAliveInstance string| s_account function| getElementsByClassName function| getTextContent object| dcs2sc function| scFixed function| scFixed1Tag function| scAppendWholeTag function| scLowRankTag function| scProductsTag function| scSetLinkNameTag function| scCombinedP123 function| scRemap boolean| scCallDone function| tagPageView function| tagAjaxContent function| tagQueryContents function| setFromClickTagsFTB function| scLinkTrack function| scLinkTrackError function| dcsMultiTrack function| scMeta function| scSetInitial function| scSetDerived function| isLoginPage function| isHomePage function| scSetHelpCardButtons function| scCleanUpEvents function| scLoginPagesTracking function| scCleanUp function| scSetValidationErrorMessage function| fireLoadEvent function| scSetErrorMessage function| scSetErrorServiceMessage function| scSetImpressions function| scSetLOGIN_METHOD function| scSetLOGIN_MECHANISM function| scSetLoginEvents function| scSetDeepLink function| scSetdcsuri function| scSetProducts function| scSetView function| getProp34 function| scSetPurchaseTracking function| scSetActivityTracking function| scSetLoginReg function| scSetPageName function| isMultipleSavedUsers function| scSetEvents function| scSetDcsvid function| scBarclaysCookieConsent function| scMapTag function| scSetTag function| scAddTag function| scUpdateLinkTrack string| scBasePageName string| scTakeoverPageName function| scSaveBasePageName function| scRestoreBasePageName function| scSaveTakeoverPageName function| scRestoreTakeoverPageName number| duplicateSCRequestThreshold undefined| lastRequestEvent undefined| lastRequestSelector undefined| lastRequestTime function| scIsDuplicateRequest function| transposeWindowTitle object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq string| j string| s_tnt string| k object| s_i_barclaysuk string| mboxName string| TCSegment string| tnt_extra object| mboxCurrent8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.spillajewelry.com/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
.spillajewelry.com/ | Name: s_ppv Value: -%2C100%2C100%2C1200 |
|
.spillajewelry.com/ | Name: s_cc Value: true |
|
.spillajewelry.com/ | Name: ttc_evar3 Value: 1512377427772 |
|
.spillajewelry.com/ | Name: s_visit Value: 1 |
|
.spillajewelry.com/ | Name: mbox Value: check#true#1512377488|session#1512377427652-915695#1512379288|PC#1512377427652-915695.26_30#1520153428 |
|
.spillajewelry.com/ | Name: s_nr Value: 1512377427771-New |
|
.spillajewelry.com/ | Name: prevPage Value: onl%3Alogon%3ALogonLogin%3AStep1YourDetailsLoginMyBarclays |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bank.barclays.co.uk
barclaysbankplc.tt.omtrdc.net
smetrics.barclays.co.uk
spillajewelry.com
bank.barclays.co.uk
157.83.124.232
216.55.185.101
63.140.43.21
66.117.29.11
0d6ec264e5e95a96c4946c8e19e343c7b9eae478e2e1bb66bb4687dce9d498e5
205d60ad39b9dc1a39ff98e8834b78c233e03cecce7cd3b0205488d9b4972321
2c4bbb1ff78fcd5c8b997030bed88174cf63b0d9aaeb2911988e35b0136c53c4
36e4565e767c4307245f59bef61cc3c8aebb33262e04bd2a2c4f876387d4ddd6
3a059a66277e8a87067c50187849c9f65817c72873f8c71785d08f4023a6b9f3
3f714ff706dac639d945ad700edb81c49b83fb570ccaa0c83d0da549ac6e98c0
4443260f173a9227f2afb899b9e4337b364bcf78df56c322d6c19e4a6edf01d6
4710f88c657b9ce094b80cf825b3c4c981499501de33ded45929dcdcede6e6f8
56750037c9793c90b789f338dc5117da9fe0d38d220633bad034d2ae3682ebc7
56fc91ca8fe529b8ad24de819ec63015e2ab48b146d917537552ff9a46b27710
57ab67ac4ba7a87aeb13ef126842854ace4a226232138fb6b7f8f13ed4925f47
59a6bc47d6fbedcd40ad7ec0f2a45f4e24e4f4e69ba2f11926975fca7334e1db
5aa9eb84540df9c6f43f3981b94e798bf5dacd1129558c7293be37799b7fdcff
6ee1441c9f75388b957221fbc58d686c840012e845ed6e43b9a1cf85ac003e6d
71182ea40b9cc96fd288f8d5d2bdd0834a0bebc6d15cdabfc03170494b93a819
84c858297d140080df2011346dee575ec7c5f0a7d016a50f21f7cbfb2cd998f0
8f77dddaa61efbc75efc49c99ab0d2c56d55b39ef2c199db41bcacd3c887368c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aeb4c6bbb4361d94725a1de7512d192bcdf49b7448ccb6ddc60918015adea0a5
af05f228e3f1106781aad44a0e8f12b500dfbb99e530a9ff91234bd0d4cdc495
cd13acb0c15e1e82a8da9dc9f725c467c19447a35552e0e53bee429e6c364bea
d0060cbe7b7e1348fd897b9c2b80fdc0c2c549d9774d3f691a7eb443bd5c6466
f51a690cbcebd49b227619be7c33b9d6f57366e00c880dd8e004168a01a27e97