ellediufficio.it
Open in
urlscan Pro
37.9.239.62
Malicious Activity!
Public Scan
Effective URL: https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/
Submission: On October 26 via automatic, source phishtank
Summary
TLS certificate: Issued by RapidSSL RSA CA 2018 on October 30th 2019. Valid for: a year.
This is the only time ellediufficio.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nedbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 44 | 37.9.239.62 37.9.239.62 | 12637 (SEEWEB We...) (SEEWEB Web hosting) | |
39 | 2 |
ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT)
PTR: failover.twico.it
ellediufficio.it | |
www.ellediufficio.it |
Apex Domain Subdomains |
Transfer | |
---|---|---|
44 |
ellediufficio.it
6 redirects
ellediufficio.it www.ellediufficio.it |
270 KB |
39 | 1 |
Domain | Requested by | |
---|---|---|
39 | ellediufficio.it |
6 redirects
ellediufficio.it
|
5 | www.ellediufficio.it |
ellediufficio.it
|
39 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
netbank.nedsecure.co.za |
www.nedbank.co.za |
www.netbankdemo.co.za |
nedbankonlinetrading.nedsecure.co.za |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ellediufficio.it RapidSSL RSA CA 2018 |
2019-10-30 - 2020-11-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/
Frame ID: FDE46E77E591B276FD973F7CA0A9E609
Requests: 39 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ellediufficio.it/0028pending/nedbank.co.za/ Page URL
-
https://ellediufficio.it/wp-includes/pomo/nedbank.co.za
HTTP 301
https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Ruxit (Analytics) Expand
Detected patterns
- script /ruxitagentjs/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Title: Online Security
Search URL Search Domain Scan URL
Title: Apply
Search URL Search Domain Scan URL
Title: NetBank Demo
Search URL Search Domain Scan URL
Title: NetBank User Guide
Search URL Search Domain Scan URL
Title: More About NetBank
Search URL Search Domain Scan URL
Title: Talk to Us
Search URL Search Domain Scan URL
Title: Personal Money Manager
Search URL Search Domain Scan URL
Title: Online Share Trading
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Trusteer Rapport Security
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ellediufficio.it/0028pending/nedbank.co.za/ Page URL
-
https://ellediufficio.it/wp-includes/pomo/nedbank.co.za
HTTP 301
https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/ruxitagentjs_ICA2SVfhjqru_10181191119154660.js HTTP 301
- https://www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/ruxitagentjs_ICA2SVfhjqru_10181191119154660.js
- https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/JQuery.js HTTP 301
- https://www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/JQuery.js
- https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/images/arrow_down.gif HTTP 301
- https://www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/images/arrow_down.gif
- https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/images/arrow.gif HTTP 301
- https://www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/images/arrow.gif
- https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/JQuery.js HTTP 301
- https://www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/JQuery.js
- https://ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/JQuery.js HTTP 301
- https://www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/JQuery.js
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ellediufficio.it/0028pending/nedbank.co.za/ |
104 B 430 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
ellediufficio.it/wp-includes/pomo/nedbank.co.za/ Redirect Chain
|
351 KB 64 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rapi.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
177 B 521 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ruxitagentjs_ICA2SVfhjqru_10181191119154660.js
www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info.css
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 848 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.css
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Nedbank.css
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
70 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JQuery.js
www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
197 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDDialog2016.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
27 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
USSDPolling2016.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
68 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Indemnityflow.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MyFinancialLife.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RTCCutoff.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 857 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DarkHours.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 860 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BankAccountProducts.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NedbankLogoNew.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu_shadow_left.jpg
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
405 B 717 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ResetPassword.js
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login_Top.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
230 B 541 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Left.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
195 B 506 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
587 B 898 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logonButton.jpg
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SubmitButton.jpg
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CancelButton.png
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Right.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
197 B 508 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login_Bottom.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
233 B 544 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Top.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
244 B 555 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner_1.jpg
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keyboard.jpg
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Promo_Bottom.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
247 B 558 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alertIcon.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
754 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EntrustLogo.gif
ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_down.gif
www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/images/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.gif
www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/images/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JQuery.js
www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
JQuery.js
www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.ellediufficio.it
- URL
- https://www.ellediufficio.it/wp-includes/pomo/nedbank.co.za/Logon_data/JQuery.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nedbank (Banking)73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| event function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| openclose object| rn_img1on object| rn_img1off object| rn_img2on object| rn_img2off function| showtip function| hidetip function| transfer_on_confirm function| GetPage function| MaxFrameHeight function| OnLoad function| rHarvest function| $ function| jQuery function| DP_jQuery_1603717619728 object| USSDDialog object| USSDDialog1 function| SetNonceValue object| USSD object| USSD1 object| INdemnity object| IndemnityDialog object| MFL object| MFLDialog object| RTC object| RTCDialog object| Dark object| DarkHourDialog object| BankProduct object| BankProductDialog string| ApplicationPath string| GlobalBrand object| $this object| AJAXPageDisable function| LoadScript function| CreateNamespace object| jsCommon function| ProcessResetPasswordAjaxUSSD string| controlPrefix object| divErrorMsg function| AjaxErrorRetrievingResetPasswordUSSD function| EnableNewAndConfirmPassword object| Nedbank string| sizeOfUpperFrame undefined| warningWin object| UndoValidateChanges object| ValidateCtrlParms object| ValidateCtrlIds object| ValidateTableParms object| ValidateTableIds object| BrowserDetect string| versionNum function| ContentInit function| ContentResize object| framesCommon object| logonForm boolean| hasSubmitStarted undefined| LoadTime undefined| SubmitTime function| PageGetSubmitTime function| PageGetLoadTime function| ValidateAndReset function| ValidateAndResetSubmit function| ProcessResetPasswordSubmitAjax function| AjaxErrorRetrievingResetPasswordSubmit function| CancelResetPassword function| ProcessResetPasswordAjax function| AjaxErrorRetrievingResetPassword0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ellediufficio.it
www.ellediufficio.it
www.ellediufficio.it
37.9.239.62
01b9e3d492b3d1db028325365a9b5b11e830d6a8529be61b2d0f753493d401cf
1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c
1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046
3da91d9500d71d6a5e2e60144ed51a9e1eee1cd7063deb142e712bee7eef3bf5
43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf
443ffea27d512002cf9c6cf790db768319ccb4166114522d7851586db9d12b37
45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979
5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4
5f5077cb7cdffe7e22862fbe4b9594099092cf655df8d7df889fcb0a2d8e0fe8
62471790d0060b5dddc736451f2e865a9b08d37091484580ae079d5c2ede4b5e
6cf3f6c6a740c8eb99295946b2f5b6164ee09546b7b699e2937ed54b298dfa32
6d677c61f637349c0276377b14971926c11e24786d26c8ed808849d0698dcdee
6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917
71b1e6fa4eacd771334533831e6b1c176ebc05b66661c9bdb01022ac4be0d7bb
7ffc63987f91ebf7d27b5789c91907d6bca04278b158c0f30d9d742c4e9782cd
87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6
928467469f822dbe0038a53377e89d4d00589ba7da6e16afb11b50976563101c
9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050
a63fd9e18d3dbf8a5e90f695bcf8d33ef712ca44ff1b9486cb6195aabb1e0331
a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70
b6d564c22df601ee79a04d8f4c90319ba14fd99fef56580af4a25918aca6b07a
bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc
d2919555fdb4f3645266b00678a2a7a8f3a5d4047b652781c16b88fd2bbc1129
d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2
d93d5de642569242af13f59efe0fb4fc7bfaae83b01eb84966183c15fffc8f1d
de7f53c8184a04810a790a15853dd914c224bdc3e0c8e3aaa60d9725eaf90b73
df5748e607e020b5bb09d92ba17f78d1e0cd09971b3914eef217630081b9c195
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62c0b776499966ea573a244c18721ac7c15899e4dcfa920d6907156562754b9
ebb0ba7aa25cb9abfa0dc4826b657c092aa4d64bdcebe0a4ee43bbe5488b0d53
ed8a49539c2ab401f972799e4bf8335ab8a61d61491223e309cab74ee04f5c3c
f0e2239da7b8d3fc80082552032446a3a6d853f6a095b7f8e12c91fd0f6ec859
f59b7978885e1ce59874d8b42ecdeeaf96eaecbe4eaa3299748805ec6c8cc5bb
f750d92809d696eb13ca24509b99ec79fbcd4854b2b8ddfd85eec23e2c108a8f