scotiabankccolpatria.com Open in urlscan Pro
134.0.10.79  Malicious Activity! Public Scan

URL: https://scotiabankccolpatria.com/
Submission Tags: https://phish.report @phish_report Search All
Submission: On November 28 via api from FI — Scanned from ES

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 23 HTTP transactions. The main IP is 134.0.10.79, located in Spain and belongs to CDMON sistemes@cdmon.com, ES. The main domain is scotiabankccolpatria.com.
TLS certificate: Issued by R3 on November 26th 2022. Valid for: 3 months.
This is the only time scotiabankccolpatria.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

Apex Domain
Subdomains
Transfer
7 agilitycms.com
cdn.agilitycms.com — Cisco Umbrella Rank: 154648
154 KB
7 scotiabankccolpatria.com
scotiabankccolpatria.com
8 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
516 B
1 google.es
www.google.es — Cisco Umbrella Rank: 13723
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 16
501 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
62 KB
0 colpatria.com.co Failed
www.banco.colpatria.com.co Failed
23 8
Domain Requested by
7 cdn.agilitycms.com scotiabankccolpatria.com
cdn.agilitycms.com
7 scotiabankccolpatria.com scotiabankccolpatria.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.g.doubleclick.net www.google-analytics.com
1 www.google.es
1 www.google.com
1 www.googletagmanager.com scotiabankccolpatria.com
0 www.banco.colpatria.com.co Failed scotiabankccolpatria.com
23 8

This site contains no links.

Subject Issuer Validity Valid
*.scotiabankccolpatria.com
R3
2022-11-26 -
2023-02-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni13ecgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2022-03-24 -
2023-04-24
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.es
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://scotiabankccolpatria.com/
Frame ID: CADECE3F3679E5676EF2416ABFC76F53
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Scotiabank Colpatria | Banca virtual

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

23
Requests

96 %
HTTPS

86 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

246 kB
Transfer

659 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
scotiabankccolpatria.com/
29 KB
8 KB
Document
General
Full URL
https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.79 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhct-20.srv.cat
Software
Apache /
Resource Hash
ce96fc13dd78b70ce5c58ed66cbb897a91c1049ff7f4e70c21deb99b5d58f01a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

content-encoding
gzip
content-length
8150
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 17:06:14 GMT
server
Apache
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/
233 KB
62 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53Q7NPL
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2222c29298f2c36a50b3e311b62a95d7fac8cb4e5007313a1b74dbe3199ef4aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 17:06:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62679
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 17:06:14 GMT
canvas-dom-6.0.0.min.css
cdn.agilitycms.com/scotiabank-colombia/canvas/styles/
114 KB
16 KB
Stylesheet
General
Full URL
https://cdn.agilitycms.com/scotiabank-colombia/canvas/styles/canvas-dom-6.0.0.min.css
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mrs/CB8F) /
Resource Hash
1ecfb8042446aa4c6ddbadba37f0198f8a53aa14458fb832129808abc7482ed0
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 17:06:14 GMT
age
560
x-ms-blob-cache-control
public, max-age=1800, s-maxage=1800
x-cache
HIT
content-length
16215
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
surrogate-key
scotiabank-colombia scotiabank-colombia-canvas-styles-canvas-dom-6.0.0.min.css
last-modified
Tue, 19 Jan 2021 13:50:34 GMT
server
ECAcc (mrs/CB8F)
x-aspnetmvc-version
5.2
vary
Accept-Encoding
x-frame-options
SELF
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
expires
Mon, 28 Nov 2022 17:36:14 GMT
fpd2.js
cdn.agilitycms.com/scotiabank-colombia/Colpatria/digital/vendors/uat/
142 KB
46 KB
Script
General
Full URL
https://cdn.agilitycms.com/scotiabank-colombia/Colpatria/digital/vendors/uat/fpd2.js
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mrs/CB41) /
Resource Hash
c1137f6bd91195f0d9d569d2cfec0db245c557e96b6e257eb0d824ec42071585
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 17:06:14 GMT
age
560
x-ms-blob-cache-control
public, max-age=1800, s-maxage=1800
x-cache
HIT
content-length
46618
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
surrogate-key
scotiabank-colombia scotiabank-colombia-colpatria-digital-vendors-uat-fpd2.js
last-modified
Wed, 29 Sep 2021 19:09:34 GMT
server
ECAcc (mrs/CB41)
x-aspnetmvc-version
5.2
vary
Accept-Encoding
x-frame-options
SELF
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
expires
Mon, 28 Nov 2022 17:36:15 GMT
styles.79efb1f6fca6366f.css
scotiabankccolpatria.com/
0
0
Stylesheet
General
Full URL
https://scotiabankccolpatria.com/styles.79efb1f6fca6366f.css
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.79 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhct-20.srv.cat
Software
Apache /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 17:06:14 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1
scotiabank-colpatria-red.svg
cdn.agilitycms.com/scotiabank-colombia/canvas/svgs/logos/
12 KB
12 KB
Image
General
Full URL
https://cdn.agilitycms.com/scotiabank-colombia/canvas/svgs/logos/scotiabank-colpatria-red.svg
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mrs/CB48) /
Resource Hash
2933c5c27784b1869ba9534af1f8ebd72d151dd5a7e581b588d5a36406c8956e
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Mon, 28 Nov 2022 17:06:14 GMT
x-content-type-options
nosniff
age
560
x-ms-blob-cache-control
public, max-age=1800, s-maxage=1800
x-cache
HIT
content-length
11925
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
surrogate-key
scotiabank-colombia scotiabank-colombia-canvas-svgs-logos-scotiabank-colpatria-red.svg
last-modified
Mon, 26 Aug 2019 21:57:13 GMT
server
ECAcc (mrs/CB48)
x-aspnetmvc-version
5.2
x-frame-options
SELF
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
expires
Mon, 28 Nov 2022 17:36:14 GMT
scotiabank-colpatria-symbol-red.svg
cdn.agilitycms.com/scotiabank-colombia/canvas/svgs/logos/
2 KB
3 KB
Image
General
Full URL
https://cdn.agilitycms.com/scotiabank-colombia/canvas/svgs/logos/scotiabank-colpatria-symbol-red.svg
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mrs/CBB1) /
Resource Hash
192acd11e276a8a6131abbf54aa56e6563eaf3203ea4b7394ad2c88227e358b8
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Mon, 28 Nov 2022 17:06:14 GMT
x-content-type-options
nosniff
age
560
x-ms-blob-cache-control
public, max-age=1800, s-maxage=1800
x-cache
HIT
content-length
2556
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
surrogate-key
scotiabank-colombia scotiabank-colombia-canvas-svgs-logos-scotiabank-colpatria-symbol-red.svg
last-modified
Mon, 26 Aug 2019 22:40:52 GMT
server
ECAcc (mrs/CBB1)
x-aspnetmvc-version
5.2
x-frame-options
SELF
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
expires
Mon, 28 Nov 2022 17:36:14 GMT
ScriptResource031e.html
scotiabankccolpatria.com/
0
0
Script
General
Full URL
https://scotiabankccolpatria.com/ScriptResource031e.html?d=4ejzBeCma20vHaNBi-aw0NblYCfCDh44zfCmtkgmX-yBzIqXKbfMlEW_EjiaJjEjhqgYuioyJ1BvTkvHoVBvzW62zskUJSAPVLQz2q6IFwy7deq3VKjEQE8AYwhLxBJ1gP5wkX3lrw9Mg6OT9XROgQfZt5aanpi8jNEJMX_TNFA1&t=ffffffffaa493ab8
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.79 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhct-20.srv.cat
Software
Apache /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 17:06:14 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1
_UtilidadesSitio.js
scotiabankccolpatria.com/Scripts/
0
0
Script
General
Full URL
https://scotiabankccolpatria.com/Scripts/_UtilidadesSitio.js
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.79 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhct-20.srv.cat
Software
Apache /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 17:06:14 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1
runtime.2a66b8c0d0bf625b.js
scotiabankccolpatria.com/
0
0
Script
General
Full URL
https://scotiabankccolpatria.com/runtime.2a66b8c0d0bf625b.js
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.79 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhct-20.srv.cat
Software
Apache /
Resource Hash

Request headers

Referer
https://scotiabankccolpatria.com/
Origin
https://scotiabankccolpatria.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 17:06:14 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1
polyfills.5e2a9ce989a46eb2.js
scotiabankccolpatria.com/
0
0
Script
General
Full URL
https://scotiabankccolpatria.com/polyfills.5e2a9ce989a46eb2.js
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.79 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhct-20.srv.cat
Software
Apache /
Resource Hash

Request headers

Referer
https://scotiabankccolpatria.com/
Origin
https://scotiabankccolpatria.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 17:06:14 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1
main.0ac5554c94554e45.js
scotiabankccolpatria.com/
0
0
Script
General
Full URL
https://scotiabankccolpatria.com/main.0ac5554c94554e45.js
Requested by
Host: scotiabankccolpatria.com
URL: https://scotiabankccolpatria.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.79 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhct-20.srv.cat
Software
Apache /
Resource Hash

Request headers

Referer
https://scotiabankccolpatria.com/
Origin
https://scotiabankccolpatria.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 17:06:14 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1
5498af64-587e-444c-b510-8724601d94ab
https://www.banco.colpatria.com.co/
0
0

Scotia_W_Rg.woff2
cdn.agilitycms.com/scotiabank-colombia/canvas/fonts/
25 KB
25 KB
Font
General
Full URL
https://cdn.agilitycms.com/scotiabank-colombia/canvas/fonts/Scotia_W_Rg.woff2
Requested by
Host: cdn.agilitycms.com
URL: https://cdn.agilitycms.com/scotiabank-colombia/canvas/styles/canvas-dom-6.0.0.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mrs/CB98) /
Resource Hash
369dae9b784f42b61aa8ba56463340dd5a97306ef64ec64febb2522b9de25fd8
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.agilitycms.com/scotiabank-colombia/canvas/styles/canvas-dom-6.0.0.min.css
Origin
https://scotiabankccolpatria.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Mon, 28 Nov 2022 17:06:14 GMT
x-content-type-options
nosniff
age
559
x-ms-blob-cache-control
public, max-age=1800, s-maxage=1800
x-cache
HIT
content-length
25416
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
surrogate-key
scotiabank-colombia scotiabank-colombia-canvas-fonts-scotia_w_rg.woff2
last-modified
Tue, 07 Jan 2020 15:22:48 GMT
server
ECAcc (mrs/CB98)
x-aspnetmvc-version
5.2
x-frame-options
SELF
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
expires
Mon, 28 Nov 2022 17:36:15 GMT
Scotia_W_Headline.woff2
cdn.agilitycms.com/scotiabank-colombia/canvas/fonts/
26 KB
26 KB
Font
General
Full URL
https://cdn.agilitycms.com/scotiabank-colombia/canvas/fonts/Scotia_W_Headline.woff2
Requested by
Host: cdn.agilitycms.com
URL: https://cdn.agilitycms.com/scotiabank-colombia/canvas/styles/canvas-dom-6.0.0.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mrs/CB5E) /
Resource Hash
0299d84932272c27070990b34b9bc2373c3e86117a840156f02b03826c1a4a14
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.agilitycms.com/scotiabank-colombia/canvas/styles/canvas-dom-6.0.0.min.css
Origin
https://scotiabankccolpatria.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Mon, 28 Nov 2022 17:06:14 GMT
x-content-type-options
nosniff
age
532
x-ms-blob-cache-control
public, max-age=1800, s-maxage=1800
x-cache
HIT
content-length
26916
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
surrogate-key
scotiabank-colombia scotiabank-colombia-canvas-fonts-scotia_w_headline.woff2
last-modified
Tue, 07 Jan 2020 15:22:42 GMT
server
ECAcc (mrs/CB5E)
x-aspnetmvc-version
5.2
x-frame-options
SELF
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
expires
Mon, 28 Nov 2022 17:36:14 GMT
Scotia_W_Bd.woff2
cdn.agilitycms.com/scotiabank-colombia/canvas/fonts/
26 KB
26 KB
Font
General
Full URL
https://cdn.agilitycms.com/scotiabank-colombia/canvas/fonts/Scotia_W_Bd.woff2
Requested by
Host: cdn.agilitycms.com
URL: https://cdn.agilitycms.com/scotiabank-colombia/canvas/styles/canvas-dom-6.0.0.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mrs/CB4B) /
Resource Hash
ae0f0e39d37b8b6ed48f42d9c4a872e3c23b2d956547ea1301e2c6e09a11afa2
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.agilitycms.com/scotiabank-colombia/canvas/styles/canvas-dom-6.0.0.min.css
Origin
https://scotiabankccolpatria.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Mon, 28 Nov 2022 17:06:14 GMT
x-content-type-options
nosniff
age
532
x-ms-blob-cache-control
public, max-age=1800, s-maxage=1800
x-cache
HIT
content-length
26508
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
surrogate-key
scotiabank-colombia scotiabank-colombia-canvas-fonts-scotia_w_bd.woff2
last-modified
Tue, 07 Jan 2020 15:22:39 GMT
server
ECAcc (mrs/CB4B)
x-aspnetmvc-version
5.2
x-frame-options
SELF
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
expires
Mon, 28 Nov 2022 17:36:13 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53Q7NPL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 15:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6086
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 28 Nov 2022 17:24:49 GMT
collect
www.google-analytics.com/j/
2 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=169665972&t=pageview&_s=1&dl=https%3A%2F%2Fscotiabankccolpatria.com%2F&ul=en-us&de=UTF-8&dt=Scotiabank%20Colpatria%20%7C%20Banca%20virtual&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=987650814&gjid=1977469065&cid=363218202.1669655175&tid=UA-22948901-24&_gid=1166112862.1669655175&_r=1&gtm=2wgb9053Q7NPL&z=779234345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://scotiabankccolpatria.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 17:06:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://scotiabankccolpatria.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=%5Bobject%20Object%5D&cid=363218202.1669655175&jid=66150753&gjid=971449335&_gid=1166112862.1669655175&_u=aGDAgEABAAAAAGAGK~&z=1393196754
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://scotiabankccolpatria.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Nov 2022 17:06:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://scotiabankccolpatria.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=169665972&t=event&ni=1&_s=1&dl=https%3A%2F%2Fscotiabankccolpatria.com%2F&ul=en-us&de=UTF-8&dt=Scotiabank%20Colpatria%20%7C%20Banca%20virtual&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Load%20Time&ea=%2F&el=1.4&ev=1&_u=aGDAgEABAAAAACAGK~&jid=66150753&gjid=971449335&cid=363218202.1669655175&tid=%5Bobject%20Object%5D&_gid=1166112862.1669655175&gtm=2wgb9053Q7NPL&cd1=GA1.2.363218202.1669655175&cd2=1669655175289.2ewmhcnc&cd3=2022-11-28T17%3A06%3A15.289%2B00%3A00&z=169747860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51824
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
72 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22948901-24&cid=363218202.1669655175&jid=987650814&gjid=1977469065&_gid=1166112862.1669655175&_u=YEBAAEAAAAAAACAAI~&z=1147544598
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://scotiabankccolpatria.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Nov 2022 17:06:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://scotiabankccolpatria.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22948901-24&cid=363218202.1669655175&jid=987650814&_u=YEBAAEAAAAAAACAAI~&z=1928166022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 17:06:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.es/ads/
42 B
501 B
Image
General
Full URL
https://www.google.es/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22948901-24&cid=363218202.1669655175&jid=987650814&_u=YEBAAEAAAAAAACAAI~&z=1928166022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://scotiabankccolpatria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 17:06:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.banco.colpatria.com.co
URL
blob:https://www.banco.colpatria.com.co/5498af64-587e-444c-b510-8724601d94ab

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| MPFingerprintV2 object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
scotiabankccolpatria.com/ Name: UUID
Value: 2012251e76e77e8964abeb10f78b6e61
.scotiabankccolpatria.com/ Name: _ga
Value: GA1.2.363218202.1669655175
.scotiabankccolpatria.com/ Name: _gid
Value: GA1.2.1166112862.1669655175
.scotiabankccolpatria.com/ Name: _gat_UA-22948901-24
Value: 1
.scotiabankccolpatria.com/ Name: _dc_gtm_objectObject
Value: 1

7 Console Messages

Source Level URL
Text
javascript error URL: https://scotiabankccolpatria.com/
Message:
Not allowed to load local resource: blob:https://www.banco.colpatria.com.co/5498af64-587e-444c-b510-8724601d94ab
network error URL: https://scotiabankccolpatria.com/styles.79efb1f6fca6366f.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://scotiabankccolpatria.com/ScriptResource031e.html?d=4ejzBeCma20vHaNBi-aw0NblYCfCDh44zfCmtkgmX-yBzIqXKbfMlEW_EjiaJjEjhqgYuioyJ1BvTkvHoVBvzW62zskUJSAPVLQz2q6IFwy7deq3VKjEQE8AYwhLxBJ1gP5wkX3lrw9Mg6OT9XROgQfZt5aanpi8jNEJMX_TNFA1&t=ffffffffaa493ab8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://scotiabankccolpatria.com/Scripts/_UtilidadesSitio.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://scotiabankccolpatria.com/runtime.2a66b8c0d0bf625b.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://scotiabankccolpatria.com/main.0ac5554c94554e45.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://scotiabankccolpatria.com/polyfills.5e2a9ce989a46eb2.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.agilitycms.com
scotiabankccolpatria.com
stats.g.doubleclick.net
www.banco.colpatria.com.co
www.google-analytics.com
www.google.com
www.google.es
www.googletagmanager.com
www.banco.colpatria.com.co
134.0.10.79
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
0299d84932272c27070990b34b9bc2373c3e86117a840156f02b03826c1a4a14
192acd11e276a8a6131abbf54aa56e6563eaf3203ea4b7394ad2c88227e358b8
1ecfb8042446aa4c6ddbadba37f0198f8a53aa14458fb832129808abc7482ed0
2222c29298f2c36a50b3e311b62a95d7fac8cb4e5007313a1b74dbe3199ef4aa
2933c5c27784b1869ba9534af1f8ebd72d151dd5a7e581b588d5a36406c8956e
369dae9b784f42b61aa8ba56463340dd5a97306ef64ec64febb2522b9de25fd8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3
ae0f0e39d37b8b6ed48f42d9c4a872e3c23b2d956547ea1301e2c6e09a11afa2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c1137f6bd91195f0d9d569d2cfec0db245c557e96b6e257eb0d824ec42071585
ce96fc13dd78b70ce5c58ed66cbb897a91c1049ff7f4e70c21deb99b5d58f01a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629