www.heritagepowersol.com Open in urlscan Pro
192.185.183.82  Malicious Activity! Public Scan

28 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request conferma.html Show response www.heritagepowersol.com/	44 KB 9 KB	1421ms 163ms	Document text/html	192.185.183.82 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL http://www.heritagepowersol.com/conferma.html Protocol HTTP/1.1 Server 192.185.183.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-183-82.unifiedlayer.com Software Apache / Resource Hash 9b463c254a06930f783f7f0bea135094994dff5b6d66af421216b9ad01a381ec Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 8987 Content-Type text/html Date Tue, 03 Oct 2023 11:33:10 GMT Keep-Alive timeout=5, max=75 Last-Modified Thu, 11 Feb 2021 00:46:46 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H/1.1	200 OK	footer-icons.css banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/css/	2 B 460 B	1281ms 409ms	Stylesheet text/css	2600:140b:5000::1701:6010 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/css/footer-icons.css Requested by Host: www.heritagepowersol.com URL: http://www.heritagepowersol.com/conferma.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:5000::1701:6010 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.heritagepowersol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 11:33:12 GMT Strict-Transport-Security max-age=15768000 x-content-type-options nosniff Last-Modified Tue, 01 Dec 2020 09:33:42 GMT ETag "2-5b563d2892620" Vary Host x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" Content-Type text/css;charset=utf-8 Connection keep-alive Accept-Ranges bytes Content-Length 2
GET H/1.1	200 OK	hb-login.css banking.bnl.it/hb-login/theme/bnl/css/	7 KB 3 KB	1269ms 384ms	Stylesheet text/css	2600:140b:5000::1701:6010 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://banking.bnl.it/hb-login/theme/bnl/css/hb-login.css Requested by Host: www.heritagepowersol.com URL: http://www.heritagepowersol.com/conferma.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:5000::1701:6010 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Servlet/3.0 Resource Hash 31e77ecae8b2766fbe277dd3dcf6be2c5872d6a5f1836e123b73a6b02c204874 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.heritagepowersol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 11:33:12 GMT Content-Encoding gzip Strict-Transport-Security max-age=15768000 Last-Modified Tue, 20 Jun 2023 10:30:42 GMT x-powered-by Servlet/3.0 Vary Accept-Encoding p3p CP="NON CUR OTPi OUR NOR UNI" Content-Language en-US Content-Type text/css Connection keep-alive Content-Length 2138
GET H/1.1	200 OK	clientlib-redational-page-login.min.css banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/	431 KB 53 KB	3072ms 2181ms	Stylesheet text/css	2600:140b:5000::1701:6010 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/clientlib-redational-page-login.min.css Requested by Host: www.heritagepowersol.com URL: http://www.heritagepowersol.com/conferma.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:5000::1701:6010 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c6c0110847b188f2cb2010d57d69a380811f0e87588d943a216dc644b8aee782 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.heritagepowersol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 11:33:14 GMT Content-Encoding gzip x-content-type-options nosniff Strict-Transport-Security max-age=15768000 Last-Modified Tue, 19 Sep 2023 20:15:10 GMT ETag "6bc7e-605bbea6e5c79" Vary Accept-Encoding x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" Content-Type text/css;charset=utf-8 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding Accept-Ranges bytes
GET H2	200	1024px-Exclamation.svg.png upload.wikimedia.org/wikipedia/commons/thumb/5/5e/Exclamation.svg/	38 KB 39 KB	508ms 134ms	Image image/png	2001:df2:e500:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/5/5e/Exclamation.svg/1024px-Exclamation.svg.png Requested by Host: www.heritagepowersol.com URL: http://www.heritagepowersol.com/conferma.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:df2:e500:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/9.1.4 / Resource Hash da1f39bd6d46749c3ddc4897ca8abcf419a0d3340e0814fc702e7c81bf49ba8d Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.heritagepowersol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 10:41:23 GMT strict-transport-security max-age=106384710; includeSubDomains; preload x-content-type-options nosniff nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} age 3107 x-cache-status hit-front x-cache cp5029 hit, cp5029 hit/2 server-timing cache;desc="hit-front", host;desc="cp5029" content-length 38971 x-client-ip 2a00:1633:128:4::3 x-object-meta-sha1base36 hta14w03na16xvjd2aup7pid11u8rt5 last-modified Sun, 14 Feb 2016 22:10:27 GMT server ATS/9.1.4 etag 60be513155e21c3150e58201c27c739c report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	trasparenza_BNL-1.jpg banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/footer/	19 KB 20 KB	1627ms 372ms	Image image/jpeg	2600:140b:5000::1701:6010 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/footer/trasparenza_BNL-1.jpg Requested by Host: www.heritagepowersol.com URL: http://www.heritagepowersol.com/conferma.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:5000::1701:6010 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.heritagepowersol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 11:33:12 GMT Strict-Transport-Security max-age=15768000 Last-Modified Mon, 08 Feb 2021 11:49:46 GMT ETag "4ccd-5bad1c43effc8" Vary Host,Accept-Encoding x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 19661
GET H/1.1	200 OK	clientlib-redational-page-login.min.js Show response banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/	562 KB 562 KB	1448ms 442ms	Script application/javascript	2600:140b:5000::1701:6010 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/clientlib-redational-page-login.min.js Requested by Host: www.heritagepowersol.com URL: http://www.heritagepowersol.com/conferma.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:5000::1701:6010 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 39ee9c24fc5de48ccd7b43124717bc928e115d801e4208cf6a35779be2d86042 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.heritagepowersol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 11:33:12 GMT Strict-Transport-Security max-age=15768000 x-content-type-options nosniff Last-Modified Tue, 19 Sep 2023 20:15:12 GMT ETag "8c826-605bbea89f714" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" Content-Type application/javascript;charset=utf-8 Connection keep-alive Accept-Ranges bytes Content-Length 575526
GET H/1.1	200 OK	bnl_payoff_transparent.png banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/	2 B 466 B	1954ms 692ms	Image image/png	2600:140b:5000::1701:6010 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/bnl_payoff_transparent.png Requested by Host: www.heritagepowersol.com URL: http://www.heritagepowersol.com/conferma.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:5000::1701:6010 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.heritagepowersol.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 11:33:13 GMT Strict-Transport-Security max-age=15768000 x-content-type-options nosniff Last-Modified Tue, 01 Dec 2020 09:33:44 GMT ETag "2-5b563d2af7ab9" Vary Host x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" Content-Type image/png;charset=iso-8859-1 Connection keep-alive Accept-Ranges bytes Content-Length 2
GET H/1.1	200 OK	bnl_logo_transparent.png bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/	11 KB 12 KB	1985ms 505ms	Image image/png	2600:140b:5000::1701:6010 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/bnl_logo_transparent.png Requested by Host: banking.bnl.it URL: https://banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/clientlib-redational-page-login.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:140b:5000::1701:6010 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language jp-JP,jp;q=0.9 Referer https://banking.bnl.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 11:33:16 GMT Strict-Transport-Security max-age=15768000 Last-Modified Thu, 24 Feb 2022 09:50:42 GMT ETag "2d9a-5d8c083ef177b" Vary Host,Accept-Encoding x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" Access-Control-Allow-Origin https://bnl.it Content-Type image/png Cache-Control max-age=1200 Connection keep-alive Accept-Ranges bytes Content-Length 11674 Expires Tue, 03 Oct 2023 11:53:15 GMT
GET		bnpp-sans.woff banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/	0 0
GET		bnpp-sans.ttf banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

banking.bnl.it

URL

https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.woff

Domain

banking.bnl.it

URL

https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| sfAxes1 string| sfAxes2 string| sfAxes3 string| sfAxes4 string| sfSiteId string| sfCookieErrorPage string| sfCustomerDacLevel string| userWelcomeBoxConfigurationURL string| dialogTemplate function| createNotifyDialog function| createGenericDialog function| showDialog function| showDialogOnTop function| wrapPopupContent object| HBNotify object| bnpp undefined| urlAnalyticScriptBody undefined| urlAnalyticScriptHead undefined| analyticsScript undefined| s undefined| urlCelebrusScript undefined| celebrusScript function| loadGtmCommon undefined| viewportSize undefined| slidingDimension function| _dimensions function| getFooterBodyHeight function| setHambMenuBodySize function| parenthesisFix function| pageSetup function| setHeaderVariables function| setFooterVariables function| setContactsVariables function| goTo function| showModalOriginal function| showModal function| addCssOpenCta function| addScriptOpenCta function| launchEventOpenCta function| admittedFormPages function| showContattiModal function| isSmallDevice function| openCurrentBranch function| animateHamburgerMenu function| hamburgerMenuIn function| hamburgerMenuOut function| loadHamburgerMenuAdditionalItems function| getMobileOperatingSystem function| isiOS function| isAndroid function| animateMore function| verticalTap function| trackCode undefined| currentNode undefined| currentBackNode undefined| currentVertical function| node function| initSitemap function| getCurrentNode function| getCurrentVertical function| getHamburgerMenuSitemap function| updateSitemap function| getNodeById function| forward function| back function| getHamburgerMenuBack function| printNode function| isEven function| isOdd function| getHamburgerMenuBody function| findNodeByLabelKey function| getVerticalsNode function| getFooterSitemap function| resetSitemap function| animateAccordion function| initLegalModule function| initializeShareModule function| initializeShareButton function| initializeC2aShareButton undefined| uniqID undefined| iframeApiAddress undefined| useHttps undefined| tag undefined| scriptSrc undefined| firstScriptTag undefined| player function| stopVideo function| applyCarousel undefined| tileCode function| generateTiles function| isExternalLink function| applyTileTemplate function| animatePageInjector function| initializeInjectedComponent function| injectContentMultipageInjector function| initializeMultipageInjector function| injectContentTabPageInjector function| initializeTabPageInjector function| linkContatti function| sanitizeValue undefined| navigationConfig undefined| wcmFSSOContextPath function| dynamicSelfAppointmentInit function| buildHTMLSelfAppointmentContainer function| prepareHTMLSelfAppointmentContainer function| downloadSelfAppointmentAppCss function| downloadSelfAppointmentAppJS function| existSelfAppointmentCTA function| downloadSelfAppointmentAppJSCompleted function| OptanonWrapper function| getOTCookie function| processConsents function| $ function| jQuery function| DP_jQuery_1696332794918 object| OpenAjax function| _badParm function| _valPub function| _valSub function| _cacheIt function| _TopicMatcher function| _isCaching function| _copy object| PageBus boolean| mCustomScrollbar object| jQuery111102681709404415866

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://www.heritagepowersol.com/conferma.html(Line 11) Message: The value "" for key "initial-scale" is invalid, and has been ignored.
rendering	warning	URL: http://www.heritagepowersol.com/conferma.html(Line 11) Message: The value "" for key "maximum-scale" is invalid, and has been ignored.
rendering	warning	URL: http://www.heritagepowersol.com/conferma.html(Line 11) Message: The value "" for key "minimum-scale" is invalid, and has been ignored.
javascript	error	URL: http://www.heritagepowersol.com/conferma.html Message: Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.woff' from origin 'http://www.heritagepowersol.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.heritagepowersol.com/conferma.html Message: Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.ttf' from origin 'http://www.heritagepowersol.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.bnl.it
bnl.it
upload.wikimedia.org
www.heritagepowersol.com
banking.bnl.it
192.185.183.82
2001:df2:e500:ed1a::2:b
2600:140b:5000::1701:6010
24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9
31e77ecae8b2766fbe277dd3dcf6be2c5872d6a5f1836e123b73a6b02c204874
39ee9c24fc5de48ccd7b43124717bc928e115d801e4208cf6a35779be2d86042
4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
9b463c254a06930f783f7f0bea135094994dff5b6d66af421216b9ad01a381ec
c6c0110847b188f2cb2010d57d69a380811f0e87588d943a216dc644b8aee782
da1f39bd6d46749c3ddc4897ca8abcf419a0d3340e0814fc702e7c81bf49ba8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855