furthertrade.com
Open in
urlscan Pro
2606:4700:3037::6815:5b3e
Malicious Activity!
Public Scan
Effective URL: https://furthertrade.com/supervielle/
Submission: On February 22 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time furthertrade.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Supervielle (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 199.79.62.138 199.79.62.138 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
32 | 2606:4700:303... 2606:4700:3037::6815:5b3e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
33 | 3 |
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: md-plesk-web4.webhostbox.net
janeevtrust.org | |
www.janeevtrust.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
furthertrade.com
furthertrade.com |
697 KB |
2 |
janeevtrust.org
1 redirects
janeevtrust.org www.janeevtrust.org |
681 B |
33 | 2 |
Domain | Requested by | |
---|---|---|
32 | furthertrade.com |
www.janeevtrust.org
furthertrade.com |
1 | www.janeevtrust.org | |
1 | janeevtrust.org | 1 redirects |
33 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
janeevtrust.org R3 |
2022-02-13 - 2022-05-14 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-13 - 2022-07-12 |
a year | crt.sh |
This page contains 11 frames:
Primary Page:
https://furthertrade.com/supervielle/
Frame ID: 0AAF897109CAB4DF06E4B1DFDDE18C5B
Requests: 26 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: 68F4457A3F407F5F0DCF6F3B4E4E06A1
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: 7A2E6DFC33E8BBA9F8A0673BBDA43242
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: 468A5C3200E570BD7463F20F71C47E4E
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: 8F0EB0285E850BD2D147C5E96E5DE364
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: A68873221F9A80110F3D8E9C2122BD2E
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: 5FFF42C36D6E07288797D3F5D2CD64EA
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: D2756458FBB3FF6F3ABCA9A4FF5EB952
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: 862E6BB79DC6BAFEAC2391DB6644B0C7
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: 19EB7530B06283522094CDB14841FE14
Requests: 1 HTTP requests in this frame
Frame:
https://furthertrade.com/logo.prismasystems.com.ar/supervielle/logosupervielle.html
Frame ID: CC958B229B7DC26D279A565872C40CB1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Supervielle Banco - LoginPage URL History Show full URLs
-
https://janeevtrust.org/css/ar/
HTTP 301
https://www.janeevtrust.org/css/ar/ Page URL
- https://furthertrade.com/supervielle/ Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://janeevtrust.org/css/ar/
HTTP 301
https://www.janeevtrust.org/css/ar/ Page URL
- https://furthertrade.com/supervielle/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://janeevtrust.org/css/ar/ HTTP 301
- https://www.janeevtrust.org/css/ar/
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.janeevtrust.org/css/ar/ Redirect Chain
|
119 B 439 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
furthertrade.com/supervielle/ |
742 KB 536 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css4f4f.css
furthertrade.com/fonts.googleapis.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoginNuevo.css
furthertrade.com/supervielle/App_Themes/LoginNuevo/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styleSuperville_Login.css
furthertrade.com/supervielle/App_Themes/Login/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
StyleUI-Dialog.css
furthertrade.com/supervielle/App_Themes/Login/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
furthertrade.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-1.7.2.min.js
furthertrade.com/supervielle/Scripts/ |
93 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
furthertrade.com/supervielle/App_Themes/LoginNuevo/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WebResource8201.js
furthertrade.com/supervielle/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WebResource327a.js
furthertrade.com/supervielle/ |
21 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WebResource7036.js
furthertrade.com/supervielle/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spinner.svg
furthertrade.com/supervielle/App_Themes/LoginNuevo/img/ |
685 B 959 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aes.js
furthertrade.com/supervielle/Scripts/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ruxitagentjs_ICA2SVafhlqru_10189200420175514.js
furthertrade.com/supervielle/ |
152 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 KB 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
194 KB 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
183 KB 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.svg
furthertrade.com/supervielle/App_Themes/LoginNuevo/img/ |
19 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
whitney.woff
furthertrade.com/supervielle/App_Themes/LoginNuevo/fonts/ |
17 KB 18 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
keyboard.svg
furthertrade.com/supervielle/App_Themes/LoginNuevo/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame 68F4 |
145 B 576 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame 7A2E |
145 B 580 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame 468A |
145 B 586 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame 8F0E |
145 B 588 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame A688 |
145 B 580 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame 5FFF |
145 B 580 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame D275 |
145 B 589 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame 862E |
145 B 582 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame 19EB |
145 B 589 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
close.svg
furthertrade.com/supervielle/App_Themes/LoginNuevo/img/ |
307 B 775 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
capitalize.svg
furthertrade.com/supervielle/App_Themes/LoginNuevo/img/ |
231 B 733 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
delete.svg
furthertrade.com/supervielle/App_Themes/LoginNuevo/img/ |
434 B 806 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logosupervielle.html
furthertrade.com/logo.prismasystems.com.ar/supervielle/ Frame CC95 |
145 B 583 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rb_bf63753zss
furthertrade.com/ |
145 B 588 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rb_bf63753zss
furthertrade.com/ |
145 B 579 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Supervielle (Banking)129 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone function| $ function| jQuery object| CryptoJS object| dT_ object| dtrum function| reloadAtTop object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| WebForm_OnSubmit object| Page_Validators object| ctl00_MainHolder_UserRequiredFieldValidator undefined| ctl00_MainHolder_PasswordRequiredFieldValidator boolean| Page_ValidationActive function| ValidatorOnSubmit object| form object| button object| username object| password object| keyboardButton object| keyboardClose object| keyboard object| keyboardKey object| keysWritten object| keysWritten2 undefined| headerLinks function| post function| setUp function| checkInput function| encrypt function| generateKey function| onClickLogin function| bindClickLogin function| bindShowKeyboardButton function| bindCloseKeyboardButton function| bindUsernameInput function| bindPasswordInput function| bindKeyboardKeys function| isIE11 function| initializeCarrousel function| bindButtonWithKeyEnter function| fixIE11Styles function| initialize object| __cfQR boolean| __cfRLUnblockHandlers6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
furthertrade.com/ | Name: dtCookie Value: -10$LGCO3E43EUF0PG1JH9QS37J1HM7P96NP |
|
furthertrade.com/ | Name: rxVisitor Value: 16455305977812E0N43CR58CCONRTOU4RFD5QH7BE17IC |
|
furthertrade.com/ | Name: dtSa Value: - |
|
furthertrade.com/ | Name: dtLatC Value: 108 |
|
furthertrade.com/ | Name: rxvt Value: 1645532399810|1645530597784 |
|
furthertrade.com/ | Name: dtPC Value: -10$330597777_405h-vOAECEOQUQRQVLJWURNKPKRUMWSDHUKUP-0 |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
furthertrade.com
janeevtrust.org
www.janeevtrust.org
199.79.62.138
2606:4700:3037::6815:5b3e
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
2d7fa3033ab91b13d74dd2e73f2564cfab5d2762936bbf43aa14eb7e2aa992c0
39f9bfed0d20819da773066a07a7f0540506f9152e556e395f1c4eb8ff9f9830
4bac7f4764602aca4a1afcc59d497ab0cfccfc599384e03cb3ec5bc2ace5037d
4bf3d8b72472a133b00af94dde599348ea6e1d2ee81e72d6ea27db2c9c8db7f1
4ee07c5fc3fae77e83514b902a8ce465d2ade2ff24c92cb309117a8efa2d5ac8
7a5294ff6e6e775c0e9f9008cd5fdc4ee0f68584f83ffec53a69195d286cb535
7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4
8e5f2262f557379293755a3f05b60f24c042a463bb33ec98a8a7380c44216cd2
95be6353693dbe116eaf7ed4417fe8a67f838193871834b82b7a10b1f6305ebf
a0a28d71883d6791d7feb6c8ba3ca3fb089994f4cf111a34ed78ae803a638c3b
aeaa9e7c8c70d2ce5431cfdf5387e4a96fd55ff14fadd4420cf7cfe6adf01aa1
b55988391ca2ca38cf562ade5cebd83640acc4ab3623c669b971813d8e6de12b
b5a6216ca83d6d639bcbd7069f4c89450e57b1f25a1fe2c4b1c96ff3041b954b
b810963d632adcde8365a24ee1feff31d982fe4713227f9ef995a50274ae4952
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
dd3f2f9784cfd255f527a471a0497ded6accc58dbd6c4ca299e43bfc028e4764
e4434312e3f7e06358bc37e1cd8896a9c2aacdfc6de4e5da9fe5efbb9ffbc146
f14e2bf3b951de6f3eb2bada7eda792034c4d0d93afb07d33c81c47407d85afa
f1bb0de35273f27870ad0e441075c449984d206a24b7911da4645fe20d935b5d
f94d38456b59dc8683fb724cc8415297985ff5f7c7cdebd7f56d3d4b46c8365d
fd1e8dd814b725515f6522497fc42fd64f2f138450c940d8208fb5b35488b0a4