![](/screenshots/41367f85-e568-43b8-a0e1-1a4e0424d725.png)
payment.rr.marketing
Open in
urlscan Pro
52.28.1.67
Public Scan
Effective URL: https://payment.rr.marketing/s/rr-marketing
Submission: On January 01 via api from US — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 2nd 2023. Valid for: a year.
This is the only time payment.rr.marketing was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 17 | 52.28.1.67 52.28.1.67 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c1d::5f | 15169 (GOOGLE) (GOOGLE) | |
5 | 99.84.160.31 99.84.160.31 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 52.219.171.34 52.219.171.34 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.120.195.249 34.120.195.249 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
3 | 18.158.104.95 18.158.104.95 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.241.14 162.247.241.14 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
35 | 8 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-1-67.eu-central-1.compute.amazonaws.com
www.payment.rr.marketing | |
payment.rr.marketing |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-31.ord52.r.cloudfront.net
fonts.elopage.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
elopage-storage-production.s3.eu-central-1.amazonaws.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o407470.ingest.sentry.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-104-95.eu-central-1.compute.amazonaws.com
api.elopage.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
rr.marketing
2 redirects
www.payment.rr.marketing payment.rr.marketing |
2 MB |
8 |
elopage.com
fonts.elopage.com api.elopage.com — Cisco Umbrella Rank: 904059 |
143 KB |
6 |
amazonaws.com
elopage-storage-production.s3.eu-central-1.amazonaws.com — Cisco Umbrella Rank: 968326 |
349 KB |
2 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225 |
933 B |
2 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 590 |
40 KB |
1 |
sentry.io
o407470.ingest.sentry.io |
324 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340 |
31 KB |
35 | 7 |
Domain | Requested by | |
---|---|---|
16 | payment.rr.marketing |
1 redirects
payment.rr.marketing
|
6 | elopage-storage-production.s3.eu-central-1.amazonaws.com |
payment.rr.marketing
|
5 | fonts.elopage.com |
payment.rr.marketing
|
3 | api.elopage.com |
payment.rr.marketing
|
2 | bam.nr-data.net |
api.elopage.com
payment.rr.marketing |
2 | js-agent.newrelic.com |
api.elopage.com
payment.rr.marketing |
1 | o407470.ingest.sentry.io |
payment.rr.marketing
|
1 | ajax.googleapis.com |
payment.rr.marketing
|
1 | www.payment.rr.marketing | 1 redirects |
35 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
payment.rr.marketing Sectigo RSA Domain Validation Secure Server CA |
2023-11-02 - 2024-11-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.elopage.com Amazon RSA 2048 M01 |
2023-02-24 - 2024-03-24 |
a year | crt.sh |
*.s3.eu-central-1.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-08-12 |
10 months | crt.sh |
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-02 - 2024-12-02 |
a year | crt.sh |
api.elopage.com Amazon RSA 2048 M01 |
2023-04-10 - 2024-05-09 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-04-13 - 2024-05-14 |
a year | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://payment.rr.marketing/s/rr-marketing
Frame ID: 336244A6AD9B25DC9D6CBE4EFF353B74
Requests: 31 HTTP requests in this frame
Frame:
https://api.elopage.com/hsm
Frame ID: FA92116C3F35FE59AE6AAC4405F320A0
Requests: 3 HTTP requests in this frame
Screenshot
![](/screenshots/41367f85-e568-43b8-a0e1-1a4e0424d725.png)
Page Title
rr-marketingPage URL History Show full URLs
-
https://www.payment.rr.marketing/
HTTP 301
https://payment.rr.marketing/ HTTP 301
https://payment.rr.marketing/s/rr-marketing Page URL
Detected technologies
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.payment.rr.marketing/
HTTP 301
https://payment.rr.marketing/ HTTP 301
https://payment.rr.marketing/s/rr-marketing Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
rr-marketing
payment.rr.marketing/s/ Redirect Chain
|
363 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
46a9c34db9596f9c.css
payment.rr.marketing/_next/static/css/ |
954 KB 167 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a81a23231da6ef13.css
payment.rr.marketing/_next/static/css/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-cdc3d22e1280ad9f.js
payment.rr.marketing/_next/static/chunks/ |
12 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-8cbb90d1953e9520.js
payment.rr.marketing/_next/static/chunks/ |
137 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-f44ccff1bb02e984.js
payment.rr.marketing/_next/static/chunks/ |
118 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-5c236529e9be50b3.js
payment.rr.marketing/_next/static/chunks/pages/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6430-4f9ee40aeb3ea932.js
payment.rr.marketing/_next/static/chunks/ |
139 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5Busername%5D-35d2ad714dd9de7c.js
payment.rr.marketing/_next/static/chunks/pages/s/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
payment.rr.marketing/_next/static/4q-GvSS02zzOXgWN8e0Up/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
payment.rr.marketing/_next/static/4q-GvSS02zzOXgWN8e0Up/ |
91 B 331 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GothaProMed.otf
fonts.elopage.com/woff/gotha-pro-med/ |
46 KB 30 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter-v12-latin-regular.woff2
fonts.elopage.com/woff/inter/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a5da6d633ff97202ab4da764ef0fe0301012c00c36d324d8834586e3fac08c27
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/BaPLWq27sACjhpyPqvJHQSoX/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
735bd64541b2112ee8155dd6c993e3aef5129d551f860a09e850134243df066c
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/f7yFZ2EtAGKckXF9WiqAXEoR/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o407470.ingest.sentry.io/api/6599603/envelope/ |
2 B 324 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsm
api.elopage.com/ Frame FA92 |
49 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
view_logs
api.elopage.com/v1/common/ |
37 B 802 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
view_logs
api.elopage.com/v1/common/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-v30-latin-regular.woff2
fonts.elopage.com/woff/roboto/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter-v12-latin-700.woff2
fonts.elopage.com/woff/inter/ |
17 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.ed22a484.woff2
payment.rr.marketing/_next/static/media/ |
134 KB 134 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ESKlarheitElopage-Medium.woff2
fonts.elopage.com/woff/esklarheit-elopage/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1d7118c4412489fdaf90a82d38b7e1110d70adc8626f66e90bf9468bb735d1e9
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/BaPLWq27sACjhpyPqvJHQSoX/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
53e215d09163800e1e706834179dc49b7542824c691d780ff532a522d03e6e33
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/f7yFZ2EtAGKckXF9WiqAXEoR/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5B%5B...slug%5D%5D-15930f4144f266cd.js
payment.rr.marketing/_next/static/chunks/pages/s/%5Busername%5D/%5BproductId%5D/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5B%5B...slug%5D%5D-15930f4144f266cd.js
payment.rr.marketing/_next/static/chunks/pages/s/%5Busername%5D/%5BproductId%5D/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a81a23231da6ef13.css
payment.rr.marketing/_next/static/css/ |
12 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-full-1.249.0.min.js
js-agent.newrelic.com/ Frame FA92 |
73 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
81380ed1db
bam.nr-data.net/1/ Frame FA92 |
40 B 464 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1d7118c4412489fdaf90a82d38b7e1110d70adc8626f66e90bf9468bb735d1e9
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/BaPLWq27sACjhpyPqvJHQSoX/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
53e215d09163800e1e706834179dc49b7542824c691d780ff532a522d03e6e33
elopage-storage-production.s3.eu-central-1.amazonaws.com/variants/f7yFZ2EtAGKckXF9WiqAXEoR/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-rum-1.249.0.min.js
js-agent.newrelic.com/ |
44 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
81380ed1db
bam.nr-data.net/1/ |
40 B 469 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.249.0.PROD object| newrelic function| $ function| jQuery object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __SENTRY__ undefined| __sentryRewritesTunnelPath__ object| SENTRY_RELEASE string| __rewriteFramesAssetPrefixPath__ number| __mobxInstanceCount object| __mobxGlobals number| 2f1acc6c3a606b082e5eef5e54414ffb function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
payment.rr.marketing/ | Name: p_user-session-id Value: 9437a66a-248e-40c9-b30b-24428fb0bb6d |
|
.payment.rr.marketing/ | Name: p_cabinet_profile_type Value: shop |
|
.payment.rr.marketing/ | Name: p_clicker_token Value: naxms79wby |
|
.elopage.com/ | Name: p_cabinet_profile_type Value: shop |
|
.elopage.com/ | Name: p_clicker_token Value: naxms79wby |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.elopage.com
bam.nr-data.net
elopage-storage-production.s3.eu-central-1.amazonaws.com
fonts.elopage.com
js-agent.newrelic.com
o407470.ingest.sentry.io
payment.rr.marketing
www.payment.rr.marketing
151.101.130.137
162.247.241.14
18.158.104.95
2607:f8b0:4004:c1d::5f
34.120.195.249
52.219.171.34
52.28.1.67
99.84.160.31
0008c2c98e97c990c2e696daf45e95d2c08d6ab51010a54bae6574702bee0608
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0834a38638bc21212da63c5160279d961a1a45bf43b4516f6b0a628c78975a94
293596ca987a05b6966614b08a9369eb37ee12a373eed8faf64f188c79c98962
2ceafa0f64eddc92eda451e8c43237dbd6aca2bafa19751b2f4ee4e3149230a3
2f2b80a52b154aff8294c837d6db0940da2a492d5a5f4c3fd3fd26f554bad391
3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566
3e40d54986ad4471cde1ef997711b04095aae271097c6925b20fbad59c5aa7c1
43c5010c80ef052e3ff4b82d9da67356b49f6710ff1aa7176572b42da35ff27f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
4ab097a1bb8d5d55373de78dcf859b3914fd996b7705a8f91b25d40edf11d4f8
50e7ee2a077ef193a6a6b347073006daa1c9b36f30b66461e5283a0983df45b1
685b92856dbd8fd6dba24af472506308edae331c0d16105add815377f762a84c
7893e0bf977b7c6d73fff39aae088a12899c95b7bcbaed372112fc15c9157488
886547af5b417f6ad3bc49f6f3adb0f0b38921cc014a00577809c19c909a65fc
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9954bb4db14388e16e0694e5e675a01069daade9a7af933a2395aa2fce177503
a9f6375548f25c6e2f8ce81799012f52e64bccbca9de501befac6a8e22a2e8bc
ae5a0004f9e770265b2ee0cd98b0004fe99e0a8ed5a04571af4e45026356e12f
bbadf553ad14dc5855eb71e5b018005cbeece19c6a4c9429104ee4e91b5fc3ea
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
d7e7e81fda274af266c697377d5a40a429e01b428cf89cf8848b993e15e9ba19
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e474e5b705043cf9006cb1f416e07c4bc3a631b9752d7e6cca533046204d0749
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ee33ed8995d697538f52dab8c5b527124095be6741185f1caabd47d27a7d68b7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d