![](/screenshots/bdebfb75-7703-4bbc-b2d1-bb82be82b067.png)
udkaksaray.com
Open in
urlscan Pro
37.230.106.206
Malicious Activity!
Public Scan
Effective URL: http://udkaksaray.com/cli/f/sms3.php
Submission: On February 02 via manual from FI
Summary
This is the only time udkaksaray.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nordea (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 37.230.106.206 37.230.106.206 | 42807 (AEROTEK-AS) (AEROTEK-AS) | |
13 | 158.233.249.8 158.233.249.8 | 201271 (NORDEA-AS) (NORDEA-AS) | |
1 | 34.107.253.133 34.107.253.133 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 158.233.249.230 158.233.249.230 | 201271 (NORDEA-AS) (NORDEA-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200e | 15169 (GOOGLE) (GOOGLE) | |
44 | 7 |
ASN42807 (AEROTEK-AS, TR)
PTR: srvc49.turhost.com
udkaksaray.com |
ASN15169 (GOOGLE, US)
PTR: 133.253.107.34.bc.googleusercontent.com
policy.cookiereports.com |
ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
udkaksaray.com
udkaksaray.com |
35 KB |
13 |
nordea.fi
solo1.nordea.fi |
29 KB |
2 |
nordea.com
identify.nordea.com |
73 KB |
1 |
gstatic.com
encrypted-tbn0.gstatic.com |
5 KB |
1 |
googleapis.com
ajax.googleapis.com |
31 KB |
1 |
cookiereports.com
policy.cookiereports.com |
23 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
44 | 7 |
Domain | Requested by | |
---|---|---|
18 | udkaksaray.com |
udkaksaray.com
|
13 | solo1.nordea.fi |
udkaksaray.com
solo1.nordea.fi |
2 | identify.nordea.com |
udkaksaray.com
identify.nordea.com |
1 | encrypted-tbn0.gstatic.com |
udkaksaray.com
|
1 | ajax.googleapis.com |
udkaksaray.com
|
1 | policy.cookiereports.com |
udkaksaray.com
|
0 | 887603fc-95d3-4795-a140-3d8f868b4cfb Failed |
udkaksaray.com
|
44 | 7 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
solo1.nordea.fi Entrust Certification Authority - L1M |
2020-10-08 - 2021-10-08 |
a year | crt.sh |
identify.nordea.com Entrust Certification Authority - L1M |
2020-11-20 - 2021-11-20 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://udkaksaray.com/cli/f/sms3.php
Frame ID: E7CA40183CA42E9609C77651E16C1776
Requests: 42 HTTP requests in this frame
Frame:
moz-extension://887603fc-95d3-4795-a140-3d8f868b4cfb/blank.html
Frame ID: A0960F360E61FECEDA51416F27AF934F
Requests: 1 HTTP requests in this frame
Frame:
moz-extension://887603fc-95d3-4795-a140-3d8f868b4cfb/blank.html
Frame ID: 268EB8AAEDDE08733E518E014C1337EB
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/bdebfb75-7703-4bbc-b2d1-bb82be82b067.png)
Page URL History Show full URLs
- http://udkaksaray.com/cli/f/login1.php Page URL
- http://udkaksaray.com/cli/f/sms3.php Page URL
Detected technologies
Detected patterns
- url /\.php(?:$|\?)/i
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Lue tarkemmin uudesta verkkopankista
Search URL Search Domain Scan URL
Title: Kirjaudu uuteen verkkopankkiin
Search URL Search Domain Scan URL
Title: Lue tietoturvaohjeet
Search URL Search Domain Scan URL
Title: Usein kysytyt kysymykset
Search URL Search Domain Scan URL
Title: Henkilötietojen käyttö
Search URL Search Domain Scan URL
Title: Evästeet
Search URL Search Domain Scan URL
Title: evästeitä koskevista periaatteistamme
Search URL Search Domain Scan URL
Title: Tealium
Search URL Search Domain Scan URL
Title: Yksityisyyskäytäntö
Search URL Search Domain Scan URL
Title: VMware, Inc
Search URL Search Domain Scan URL
Title: Yksityisyyskäytäntö
Search URL Search Domain Scan URL
Title: AppDynamics
Search URL Search Domain Scan URL
Title: Yksityisyyskäytäntö
Search URL Search Domain Scan URL
Title: Cisco Systems, Inc.
Search URL Search Domain Scan URL
Title: Yksityisyyskäytäntö
Search URL Search Domain Scan URL
Title: Adobe Inc.
Search URL Search Domain Scan URL
Title: Yksityisyyskäytäntö
Search URL Search Domain Scan URL
Title: Google LLC
Search URL Search Domain Scan URL
Title: Yksityisyyskäytäntö
Search URL Search Domain Scan URL
Title: Microsoft Internet Explorer (IE)
Search URL Search Domain Scan URL
Title: Google Chrome
Search URL Search Domain Scan URL
Title: Safari
Search URL Search Domain Scan URL
Title: Firefox
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://udkaksaray.com/cli/f/login1.php Page URL
- http://udkaksaray.com/cli/f/sms3.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
login1.php
udkaksaray.com/cli/f/ |
117 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nordeapn4134.css
solo1.nordea.fi/nsp/css/ |
64 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logoprint.gif
udkaksaray.com/cli/f/general/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new_nordea_logo.gif
solo1.nordea.fi/nsp/general/images/ |
987 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headline_netbank.gif
solo1.nordea.fi/nsp/dev/fullsize/htmlcss/fi_FI/images/ |
827 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.min.js
udkaksaray.com/cli/f/js/jquery/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IncorrectInput.gif
udkaksaray.com/cli/f/general/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pi4_Netbank-fi-launch-186X130-FI.jpg.jpg
udkaksaray.com/web_elements/images/web/local/fi3/fi/Picture/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ic4_icon_popup.gif
udkaksaray.com/web_elements/images/web/common/content/All/Icon/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ic4_icon_arrow.gif
udkaksaray.com/web_elements/images/web/local/fi3/All/Icon/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt.gif
udkaksaray.com/cli/f/general/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tealium_FI.js
udkaksaray.com/cli/f/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
createPageTitleAndContentGroup_WT.js
udkaksaray.com/cli/f/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f09f6a78_panel-fi.js
policy.cookiereports.com/ |
120 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_left_on.gif
solo1.nordea.fi/nsp/general/images/ |
146 B 731 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_right_on.gif
solo1.nordea.fi/nsp/general/images/ |
374 B 959 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_left.gif
solo1.nordea.fi/nsp/general/images/ |
383 B 968 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_right.gif
solo1.nordea.fi/nsp/general/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabC_background.gif
solo1.nordea.fi/nsp/general/images/ |
54 B 638 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabC_left.gif
solo1.nordea.fi/nsp/general/images/ |
231 B 816 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabC_right.gif
solo1.nordea.fi/nsp/general/images/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabC_left_on.gif
solo1.nordea.fi/nsp/general/images/ |
173 B 757 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabC_right_on.gif
solo1.nordea.fi/nsp/general/images/ |
627 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bar1_bg.gif
solo1.nordea.fi/nsp/general/images/ |
180 B 765 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
createPageTitleAndContentGroup_WT.js
udkaksaray.com/cli/f/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
sms3.php
udkaksaray.com/cli/f/ |
23 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
identify.nordea.com/assets/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
udkaksaray.com/assets/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images
encrypted-tbn0.gstatic.com/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
udkaksaray.com/assets/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
udkaksaray.com/assets/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
udkaksaray.com/assets/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no-connection-83f79e2367a313b468986e12a237c346.svg
udkaksaray.com/assets/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
empty-3857ebe69f653487f8c9d99adde4657f.svg
udkaksaray.com/assets/images/ |
1000 B 1000 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
blank.html
887603fc-95d3-4795-a140-3d8f868b4cfb/ Frame A096 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
blank.html
887603fc-95d3-4795-a140-3d8f868b4cfb/ Frame 268E |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
564d0ff0f3578b7128a458ef269b286a.jpg
identify.nordea.com/assets/ |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
c233a817ad142919d728ebf4c8b3d54c.woff2
identify.nordea.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2
identify.nordea.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bb0a855a4f155c9c835a419f38c85653.woff2
identify.nordea.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e18bb962ed5dc6adc929833b78251735.woff
identify.nordea.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
837ba80d0ba906e8c20d2f2342790992.woff
identify.nordea.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8303da27eb3496a604f280ca8f3b4388.woff
identify.nordea.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 887603fc-95d3-4795-a140-3d8f868b4cfb
- URL
- moz-extension://887603fc-95d3-4795-a140-3d8f868b4cfb/blank.html
- Domain
- 887603fc-95d3-4795-a140-3d8f868b4cfb
- URL
- moz-extension://887603fc-95d3-4795-a140-3d8f868b4cfb/blank.html
- Domain
- identify.nordea.com
- URL
- https://identify.nordea.com/assets/c233a817ad142919d728ebf4c8b3d54c.woff2
- Domain
- identify.nordea.com
- URL
- https://identify.nordea.com/assets/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2
- Domain
- identify.nordea.com
- URL
- https://identify.nordea.com/assets/bb0a855a4f155c9c835a419f38c85653.woff2
- Domain
- identify.nordea.com
- URL
- https://identify.nordea.com/assets/e18bb962ed5dc6adc929833b78251735.woff
- Domain
- identify.nordea.com
- URL
- https://identify.nordea.com/assets/837ba80d0ba906e8c20d2f2342790992.woff
- Domain
- identify.nordea.com
- URL
- https://identify.nordea.com/assets/8303da27eb3496a604f280ca8f3b4388.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nordea (Banking)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| GetMessageByChannelID function| GetSystemStatusUrl function| GetQueryStringParams function| success function| error function| parseSystemStatusToolResponse function| autoTab function| formSubmit number| formSubmitted function| toggleRadioButton string| currDate string| currTime string| invoiceNumber string| pageId object| utag_data string| tealium_url undefined| _tag function| call_webtrends function| addLoadEvent function| create_Tealium_tags object| _cookiereports function| $ function| jQuery function| justdoit function| create_WT_tags object| cookieTable object| elm1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
udkaksaray.com/ | Name: d9d2d2597b03978892fdb29ba1ee1650 Value: 3d76740305297d732d4eb34ee92a86ce |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
887603fc-95d3-4795-a140-3d8f868b4cfb
ajax.googleapis.com
encrypted-tbn0.gstatic.com
identify.nordea.com
policy.cookiereports.com
solo1.nordea.fi
udkaksaray.com
887603fc-95d3-4795-a140-3d8f868b4cfb
identify.nordea.com
158.233.249.230
158.233.249.8
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
34.107.253.133
37.230.106.206
0418589b166ace440d1803124f08b913868e0929bd14e1951f4383347cc6a149
0c890d3ab9c18caca77a012366dbf880a06eabd93fb066a12ded4dca005f3a16
20b64bed9c688786e32515b5ae1d05692cce12fd8ce2c9313f84a3c0fedbadf7
227c81c6cd528f9fc78e6cf95787737d899133791092d591485de13a306dc6bb
35def5406cfa802d28edb7ea4bedea9a52590a230fda05008c7d7f50fee03a67
416c43c7789970ffa77271a78cb9ea02eebf7191fdcc4d15d13501c9cdb30c0d
4313ac7ef8101848558c691f423fed35650f4420835460aa7fb5880ea9172de3
44a89d72c65a0becbc9458eada2156301143c423095decd950303d7a44128131
4ea8c5d1cfe47987cbcef1d45925812c57bfe450f148fb5f97d6771ae8befeaa
5dd358892efe04d5013be059df15be67ec2e2baf532584c5678d3f30d8e29951
5fa97e7af939a00dfad7f6bbc8f267a5efee19f08e88794ccf585c06f23b0227
6d5df1b9d359ce4c4fab0a34e3a16f051a311cd4a984ae2a1c63d6826fce2a22
81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163
836393ac52708bd75b2e1c88defb51faa58f0fdfa374d57d2529e0a6554882ff
a6862835b321ceba2b9c159f9677d7b73b83f529aaaf7077d21c0324c0c84eee
afa364466000fd40797a1f566c025d6306131179d284aeee1a24825b6f594397
c52420b71e624dbd9e17fd88a0b97df1ba38d3c92a43592a251c0bd62fa0825c
cd640ec6972da2912796f181f490b0e5ddf151a378ff448f9dd820f589951247
f22d3649d56bf8c49dee3bbf8a167d3ac450016273d8fcccdb6772fc4f062c12
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc2c3b723631f2dcd5777133c97c2aaee28ea7bc9a498680e7fc8b4afee262e6