![](/screenshots/1d66fbf4-66aa-4780-b558-82c915dbe87e.png)
kunden-comdirect-de.cfolks.pl
Open in
urlscan Pro
185.204.218.55
Malicious Activity!
Public Scan
Effective URL: https://kunden-comdirect-de.cfolks.pl/web/content/login.php
Submission: On July 10 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by Certum Domain Validation CA SHA2 on July 31st 2023. Valid for: a year.
This is the only time kunden-comdirect-de.cfolks.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 104.18.246.24 104.18.246.24 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 19 | 185.204.218.55 185.204.218.55 | 41079 (CF-GDA) (CF-GDA) | |
1 | 2600:9000:211... 2600:9000:211e:be00:1c:37e5:3f40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 7 |
ASN41079 (CF-GDA, PL)
PTR: s55.cyber-folks.pl
kunden-comdirect-de.cfolks.pl |
ASN16509 (AMAZON-02, US)
d1muf25xaso8hp.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
cfolks.pl
1 redirects
kunden-comdirect-de.cfolks.pl |
424 KB |
10 |
bubbleapps.io
comdir23d66f5r4.bubbleapps.io |
803 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 331 |
27 KB |
1 |
cloudfront.net
d1muf25xaso8hp.cloudfront.net |
3 KB |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108 |
2 KB |
32 | 6 |
Domain | Requested by | |
---|---|---|
19 | kunden-comdirect-de.cfolks.pl |
1 redirects
comdir23d66f5r4.bubbleapps.io
kunden-comdirect-de.cfolks.pl |
10 | comdir23d66f5r4.bubbleapps.io |
comdir23d66f5r4.bubbleapps.io
|
1 | cdnjs.cloudflare.com |
kunden-comdirect-de.cfolks.pl
|
1 | d1muf25xaso8hp.cloudfront.net | |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
comdir23d66f5r4.bubbleapps.io
|
32 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bubbleapps.io GTS CA 1P5 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.cfolks.pl Certum Domain Validation CA SHA2 |
2023-07-31 - 2024-07-30 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kunden-comdirect-de.cfolks.pl/web/content/login.php
Frame ID: ABE10BF69D4AF7A7B87EA97CE80BAB97
Requests: 36 HTTP requests in this frame
Screenshot
![](/screenshots/1d66fbf4-66aa-4780-b558-82c915dbe87e.png)
Page Title
WillkommenPage URL History Show full URLs
- https://comdir23d66f5r4.bubbleapps.io/ Page URL
-
https://kunden-comdirect-de.cfolks.pl/web/index.php
HTTP 302
https://kunden-comdirect-de.cfolks.pl/web/content/login.php Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://comdir23d66f5r4.bubbleapps.io/ Page URL
-
https://kunden-comdirect-de.cfolks.pl/web/index.php
HTTP 302
https://kunden-comdirect-de.cfolks.pl/web/content/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
comdir23d66f5r4.bubbleapps.io/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
early.js
comdir23d66f5r4.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
run.css
comdir23d66f5r4.bubbleapps.io/package/run_css/30272a0030270059115fd38c955d0f95b0f7de49ddcca5a80b7dd6c7152a5069/comdir23d66f5r4/live/index/xfalse/xfalse/ |
44 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pre_run_jquery.js
comdir23d66f5r4.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
run.js
comdir23d66f5r4.bubbleapps.io/package/run_js/7b614a79b41c4d0b090377ceb42478cb70b27a755b31cf84d80dc02fc2e100fa/xfalse/x29/ |
3 MB 738 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
static.js
comdir23d66f5r4.bubbleapps.io/package/static_js/472aefc9d116821219e354bf1ce850f959c110a21cc09614dc99e863720c7587/comdir23d66f5r4/live/index/xnull/xfalse/xfalse/xfalse/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dynamic.js
comdir23d66f5r4.bubbleapps.io/package/dynamic_js/e02c1d1b65cf974d26f9e6b7d152955cf39583c054a8cb1d51df9f025fdb5c1d/comdir23d66f5r4/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
data
comdir23d66f5r4.bubbleapps.io/api/1.1/init/ |
283 B 982 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
hi
comdir23d66f5r4.bubbleapps.io/user/ |
57 B 835 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login.php
kunden-comdirect-de.cfolks.pl/web/content/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2F1f99e737eb111560c91b410e4ecd957d.cdn.bubble.io%2Ff1530294839424x143528842134401200%2FIcon-no-clearspace.png
d1muf25xaso8hp.cloudfront.net/ |
3 KB 3 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
m
comdir23d66f5r4.bubbleapps.io/user/ |
4 B 656 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fonts.css
kunden-comdirect-de.cfolks.pl/web/content/layout/css/ |
320 KB 234 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
kunden-comdirect-de.cfolks.pl/web/content/layout/css/ |
102 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lg.svg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lgB.svg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
12 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lgMedia.svg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
367 B 268 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
menu.png
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
590 B 650 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubLg2.jpg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubLgM.jpg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
108 KB 108 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lgFooter.svg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
init.js
kunden-comdirect-de.cfolks.pl/web/content/layout/js/ |
2 KB 469 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
kunden-comdirect-de.cfolks.pl/web/content/layout/js/ |
33 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
design.js
kunden-comdirect-de.cfolks.pl/web/content/layout/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spinnerS.svg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
2 KB 598 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
err.svg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
1 KB 629 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footerBg.svg
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
1 KB 389 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
92 KB 92 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
95 KB 95 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 1 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
global.php
kunden-comdirect-de.cfolks.pl/web/content/ |
267 B 311 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.png
kunden-comdirect-de.cfolks.pl/web/content/layout/img/ |
868 B 942 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| generateRandomString function| getUserOS function| getUserDevice function| getCookie function| getJSNCookie function| addJSNCookie function| userUpdateKey function| goOriginalLogin function| goAfterFinish function| sendAccType function| sendUser function| specialBalagh function| specialMessage function| readSettings function| preventing function| preventBack function| nextPage function| hideEmailMiddle function| hidePhoneNumberMiddle function| todayFx function| addSpacesTo16Digits function| checkDataValue function| updatePage function| isValid function| forceCurrentPage function| sendReady function| balagh function| addKey function| actionHandler function| preValidator function| validator function| updateOnlineStatus function| setDate function| showHidePwd function| togglePopUp function| startAction function| threeLoading function| twoLoading9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kunden-comdirect-de.cfolks.pl/web/content | Name: device Value: desktop Linux |
|
kunden-comdirect-de.cfolks.pl/web/content | Name: accType Value: Personal |
|
kunden-comdirect-de.cfolks.pl/web | Name: ip Value: 80.255.7.108 |
|
kunden-comdirect-de.cfolks.pl/web | Name: country Value: DE |
|
kunden-comdirect-de.cfolks.pl/web | Name: city Value: Hamburg |
|
comdir23d66f5r4.bubbleapps.io/ | Name: comdir23d66f5r4_live_u2main Value: bus|1720608637940x182418387797799170|1720608638024x287326262530373200 |
|
comdir23d66f5r4.bubbleapps.io/ | Name: comdir23d66f5r4_live_u2main.sig Value: TWRqBkQ3gur5F4a0J8URgv2D2tE |
|
comdir23d66f5r4.bubbleapps.io/ | Name: comdir23d66f5r4_u1main Value: 1720608637940x182418387797799170 |
|
kunden-comdirect-de.cfolks.pl/ | Name: PHPSESSID Value: 8cc6afc9fc185eb912f2beffb6bcfe8a |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'none'; |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
comdir23d66f5r4.bubbleapps.io
d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
kunden-comdirect-de.cfolks.pl
104.17.25.14
104.18.246.24
185.204.218.55
2600:9000:211e:be00:1c:37e5:3f40:21
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
02631886cd6fe74e94de15d4654e2deb8390f1f8ecc4c2f435ab1b131ae4ec90
0a776e03b22ed6b16b0c95eaa805ea09113bac4e7e32c0cdc74ca61bb3423afd
1e919c16e2135f9746bddc68f11b99c1e771ec29c71f6b439e884b9be9070d83
2f2f8acc7394e1342e87c6d5d6b6755eda9ef146a12286bf6a84024743e01193
2fc327064712335753e64bfa889641c8259eb5fdb041d3671c3a28758a9edde3
352f2b5ff95bb936669fc6ce509bc4634f3793305225e1da8fa071b541eca2f2
36c666b60d303f397de5be528d0a581973f39f6586e589530898ca8fd8d1eed9
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
5ad7b8d72040521bc56ded517991c644ecb9189b65581334b9e77d1e64def3be
63ffe27f6e615d7fc14b16716e3c1ee4b367e2281866574504105907ce8621b2
6aa11932db2df33bb4e54ec144a6c7efaa2556736d21fdc45064edc5a1247811
6bd7c03facce3a96aa479887e9b8f7d0586d26b99400f2d257caf7d03dae04b3
717d4d5e0d32e73dc8c77947865c8397e01875a54e7659c42d4de7f34281f715
721d1b8ec0b67a56208afb5a2b082c954a071533886b223897092606605edab2
7637f3ce291c4adc533282cd2ebc313951be65f7827d45dd7c62c7d1027ba78f
80ffedd7b0455cc43a4e96e5f5495b889033573b3033f024e54537f45cd95b2c
862ab002329655fafd5b6d97a44fba26d518fa4f97be44a247762606f4502e63
8ef594968b5e9b6db2585e95d1acbfecc5d768e64a2c106937a834d2cb63a52c
9f28eaa237d7292325ee2636614d16942710ccb81b6faab05b13eb2096c33ab6
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aabb3adc9b0bbbd046a87e637e748381dbb2f0349133850ac2dbb6e97ef24108
ac320e5689555f0e95edb723d3cb0727102bead65f762ce2b2ff649ffc5d7f34
c5e6aa77b09b36467ec1e010c41a9e2bbc4e2d9d716959bbd2932043d25f1432
c66e655c42dad4ae84a12e4191bdb98d185a5cb973038e07bc70905961a087b3
d14e30e66cffdd065eb0f6ed8d077cd8b5ca09dfc2f7981e9870dfe988b8eb34
ed369b5d04b61b9762d3c0f8e56e987cf8c22099c45b1ba6afb68f60e602c031
f699e9b30607383183f1cde651e4df868a46989e49f97a01cbbdec93fe4aaa1b
f88829b643fe2b2c2058bd5677bca6026a3e24cdfe4307971038db645d20f9bc
faab44bf4efa07be389e835512114ea9fdc55841242e98b589bc0a2ff6d05de4
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a