col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co
Open in
urlscan Pro
152.32.192.238
Malicious Activity!
Public Scan
URL:
https://col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/index/index/auth
Submission: On June 30 via automatic, source openphish — Scanned from DE
Submission: On June 30 via automatic, source openphish — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 33 HTTP transactions.
The main IP is 152.32.192.238, located in
Central, Hong Kong and
belongs to UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK.
The main domain is col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on June 28th 2023. Valid for: a year.
This is the only time col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co was scanned on urlscan.io!
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on June 28th 2023. Valid for: a year.
This is the only time col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SMBC (Financial)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 26 | 152.32.192.238 152.32.192.238 | 135377 (UCLOUD-HK...) (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED) | |
| 7 | 54.238.215.181 54.238.215.181 | 16509 (AMAZON-02) (AMAZON-02) | |
| 33 | 2 |
26
152.32.192.238
(Central, Hong Kong)
ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)
ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)
| col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co |
7
54.238.215.181
(Tokyo, Japan)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-215-181.ap-northeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-215-181.ap-northeast-1.compute.amazonaws.com
| ib.smbc.co.jp |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 26 |
barclayis.co
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co |
266 KB |
| 7 |
smbc.co.jp
ib.smbc.co.jp |
102 KB |
| 33 | 2 |
| Domain | Requested by | |
|---|---|---|
| 26 | col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co |
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co
|
| 7 | ib.smbc.co.jp |
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co
|
| 33 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| direct.smbc.co.jp |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.barclayis.co AlphaSSL CA - SHA256 - G4 |
2023-06-28 - 2024-07-29 |
a year | crt.sh |
| ib.smbc.co.jp Cybertrust Japan SureServer CA G4 |
2022-10-04 - 2023-10-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/index/index/auth
Frame ID: 31878C4D682E9F837802C96DD9B13A1D
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
SMBCダイレクトログイン : SMBCダイレクトDetected technologies
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://direct.smbc.co.jp/aib/aibgsjsw5001.jsp?_gl=1*19wavtl*_ga*NjI3MDUyOTE1LjE2ODcyMzA3MzU.*_ga_9DML3Z544L*MTDPe21gqq1Sd7E1c6sCZsgrTu9TqurWF5v3NC4wLjA.&_ga=2.262823628.1175829556.1687230735-627052915.1687230735#main-area
Title: 本文へ
Title: 本文へ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
auth
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/index/index/ |
203 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
direct.css
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
23 B 225 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.4.1.min.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common_rwd.css
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
330 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header_TOP.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
66 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
30 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jsbn.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rsa.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aes.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pwc.json
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
476 B 770 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ct
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
4 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
directib-incisw2.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
18 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ico_blank_01.svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
914 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo_smbc_01.svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo_06.svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ico_help_01.svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
526 B 820 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ico_help_01(1).svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
526 B 820 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ico_blank_01(1).svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
914 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ico_blank_01(2).svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
914 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ico_close_01.svg
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
499 B 794 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common_rwd.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
64 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Caulis.smbc_v2.min.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layer.js
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/layer/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
print.css
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/statics/ |
32 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r.js
ib.smbc.co.jp/js/ |
30 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NotoSansJP-Regular.otf
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/fonts/noto_sans_jp/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jsbn.js
ib.smbc.co.jp/js/ |
38 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rsa.js
ib.smbc.co.jp/js/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aes.js
ib.smbc.co.jp/js/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pwcload.js
ib.smbc.co.jp/js/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pwc.json
ib.smbc.co.jp/js/ |
476 B 579 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.js
ib.smbc.co.jp/js/ |
0 87 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layer.css
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/layer/theme/default/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
.svg%22){kind=link}
.svg){kind=link}
.svg){kind=link}
.svg%22){kind=link}
.svg){kind=link}
.svg){kind=link}
.svg%22){kind=link}
.svg){kind=link}
.svg){kind=link}
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SMBC (Financial)220 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery number| gaE7XL41_sh function| nd_shtml function| Ah3_sh object| z_sh object| wo_sh boolean| ije_sh boolean| ije9_sh boolean| ije10_sh string| zM_sh function| uw_sh function| ep_sh string| yM_sh function| ct44_shtml object| scpt_sh function| dec_shtml function| Ct44_shtml string| m_shtml function| rr_sh function| nd_sh object| nk_sh string| ua_sh number| pa_sh boolean| mac_sh function| at1_sh function| as_sh function| loginAction function| pwcObj function| pwcExec boolean| lge_sh undefined| lxE_sh boolean| kon_sh function| fJ_sh boolean| fas_sh boolean| goog_sh string| gPwcHost function| uuid number| gPRSeed function| XULElement function| addFakePropertyNames function| fakeGetOwnPropertyDescriptor function| dnre function| lgin string| gPWDone number| gPRSeed2 number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| RSAPublicKey object| UTF8 object| Base64 object| Hex function| ASN1Data object| RSA object| CryptoJS function| sb_loader object| directib boolean| disableOsFlg boolean| popupFlagSW2 object| keyboardNumIndex object| keyboardCharIndex object| displayKeyNumArray object| displayKeyCharArray number| displayKeyFlgSW2 object| targetNamesSW2 string| targetNameSW2 object| targetLengthSW2 object| useKeyboard string| useKeyboardId string| useKeySuffix string| SSOAddParameter string| pageId undefined| Cookies undefined| _ function| privateCookies function| privateLodash object| _cpaq function| calcCursorPosition function| removeCursor string| rhinoserver string| jsUrlA string| jsUrlB string| jsUrlC string| jsUrlD string| jsUrlE string| jsUrlF function| calcParam function| header_5001a function| header_5001b function| header_5001c function| header_5001d function| header_5001e function| header_5001f object| layer string| n function| lixian function| PWCOBJ string| key string| iv undefined| contents_info function| DC function| LDS function| EXS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co/index/index/ | Name: de_dai Value: b1caf2d7-cdac-4a30-9ecc-37ee18b7cb7f |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
col3jmowwuxgaqvszjpnh8pyhsal.barclayis.co
ib.smbc.co.jp
152.32.192.238
54.238.215.181
0077d2cf80625b9e60928898c741d7532ebcd7d82b57b50e95204547752b2b42
1005b2bf35b332ee9a5723ce0e5d3999d633c2807a5d067bd41b0023f567d2c7
1642399cd40814b0d94b21f65cfd601706d08a34f99e3c4b323429484480866d
2a7739f06e82afb914d14fb1b5314a88173f5959c7a6a858cf7ebe57e57a69df
30a991205b1185de8a33cb94c0a3dcb164897ef8d1c873bb0029778cbf684dba
34e169addd9fe376397a67c36c8444a443f8f91acc728727863d8082bcf3b5b5
3c49f193edfc22e2f9828f7c1b512ab5210f03b0daf590d994371eca9bd0e815
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
45c350bf6a6216ef3e6e6446cfc88dd082a6ba3d3c62c3f1d4f9f715cc12bf58
485e5bfbda7308d10582d03f7dc04ede5efe692df0ced5bcad7cb5071d7c3b69
5162ad12128b70622da92d88a157c786843be72e5bfdcc78cab49a9dcab1e672
531d4f7def2187d8834ba4626c7d2ab9c06f2d6a8b3ef0847ce9ca341bfe9581
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6
6cf09e852b4e49af43868dc27386be4591f25b7f92d720948d7166fa38cc72a3
75014d8bd8f6c771d599fbbad282fe085bdfb8fff2d600fadd7b68b7b09635cb
794a8451958635ae295689499311a6208eff440ace9b1118ea4b7555b672aa85
96d563f66c9c5fb718ae3005738480f67c121259431b49120b7e115dace72091
9a23eba59caafd8cd779ae71458fbd6558393cf24d66c28fa5af84153e76070a
a1fde4b8323379bfb80273547d08f78329dde1ea5fdd4eee285208d7cfc45dfd
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
d773f4aa54c10a6330b1fe811f066b6ba19095107a6e62c37f9bbf7e9891f95b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb30484ee0a88fd628076d13cd085aaf1ac6bc943f9c12309a4b65f281129dc
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a