www.regiehippo.vu.cx
Open in
urlscan Pro
5.135.149.81
Public Scan
Submission: On April 15 via manual from ML — Scanned from FR
Summary
This is the only time www.regiehippo.vu.cx was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 5.135.149.81 5.135.149.81 | 16276 (OVH) (OVH) | |
3 | 194.150.236.236 194.150.236.236 | 44976 (HIWIT_AS) (HIWIT_AS) | |
6 | 2a00:1450:400... 2a00:1450:4001:813::2002 | 15169 (GOOGLE) (GOOGLE) | |
4 | 91.198.105.123 91.198.105.123 | 35393 (EURO-WEB-AS) (EURO-WEB-AS) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:831::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2004 | 15169 (GOOGLE) (GOOGLE) | |
32 | 10 |
ASN16276 (OVH, FR)
PTR: web3.venez.net
www.regiehippo.vu.cx | |
www.venez.fr |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN35393 (EURO-WEB-AS, FR)
www.gambling-affiliation.com | |
static.gambling-affiliation.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138 |
204 KB |
7 |
venez.fr
www.venez.fr |
9 KB |
4 |
gambling-affiliation.com
www.gambling-affiliation.com static.gambling-affiliation.com |
473 KB |
3 |
lemaitreturf.com
www.lemaitreturf.com |
313 KB |
3 |
vu.cx
www.regiehippo.vu.cx |
3 KB |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2 |
2 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 |
5 KB |
1 |
google.fr
adservice.google.fr — Cisco Umbrella Rank: 33510 |
531 B |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 925 |
599 B |
32 | 9 |
Domain | Requested by | |
---|---|---|
7 | www.venez.fr |
www.regiehippo.vu.cx
www.venez.fr |
6 | pagead2.googlesyndication.com |
www.regiehippo.vu.cx
pagead2.googlesyndication.com tpc.googlesyndication.com |
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | www.lemaitreturf.com |
www.regiehippo.vu.cx
www.lemaitreturf.com |
3 | www.regiehippo.vu.cx |
www.regiehippo.vu.cx
|
2 | static.gambling-affiliation.com |
www.lemaitreturf.com
|
2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | www.gambling-affiliation.com |
www.lemaitreturf.com
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.fr |
pagead2.googlesyndication.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
32 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
lemaitreturf.com R3 |
2023-03-28 - 2023-06-26 |
3 months | crt.sh |
venez.fr R3 |
2023-03-17 - 2023-06-15 |
3 months | crt.sh |
www.gambling-affiliation.com Gandi Standard SSL CA 2 |
2022-10-28 - 2023-10-28 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
static.gambling-affiliation.com Gandi Standard SSL CA 2 |
2022-08-22 - 2023-08-22 |
a year | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.google.fr GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Frame ID: CD424D2DF96C88EFCA19782A4EB128D9
Requests: 1 HTTP requests in this frame
Frame:
http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html
Frame ID: 136954CFB9E1F72E9FADF628C146BCCD
Requests: 12 HTTP requests in this frame
Frame:
https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
Frame ID: E11EC84A01A81381B47F99BDB67E38CD
Requests: 7 HTTP requests in this frame
Frame:
http://www.regiehippo.vu.cx/stats-regiehippo.vu.cx.html
Frame ID: 04EA259948F19F4788BCE8246B42DB86
Requests: 1 HTTP requests in this frame
Frame:
https://www.venez.fr/alternate-barre.htm
Frame ID: 4518A87B62A69A9B56FA34F7E1FCFB95
Requests: 4 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: 91B7BBB987424549632D75536FC17AF8
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.regiehippo.vu.cx%2Findex.php%3Fla_page_demandee%3Dpronostics_du_jour&ea=0&wgl=1&dt=1681570512973&bpp=5&bdt=420&idt=256&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&correlator=702525436159&frm=23&ife=1&pv=2&ga_vid=1183885086.1681570513&ga_sid=1681570513&ga_hid=478010044&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=244013905&scr_x=0&scr_y=0&eid=44759837%2C42532185%2C44759876%2C44759927%2C42532089%2C31073787%2C31073822%2C42531705%2C44788443&oid=2&pvsid=4502064882194316&tmod=1128238186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.fqs9odqqii7f&fsb=1&dtd=277
Frame ID: F93B01BAAC47C21BAB4510027E673ACF
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C793EDD4146AD79726DC71EC3B1DCFD7
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A7E965F42F5B62E925157D3A3342116
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
REGIE HIPPODetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
www.regiehippo.vu.cx/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
barre-regiehippo.vu.cx.html
www.regiehippo.vu.cx/ Frame 1369 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
www.lemaitreturf.com/lespros2/regiehippo/ Frame E11E |
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stats-regiehippo.vu.cx.html
www.regiehippo.vu.cx/ Frame 04EA |
0 192 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js
www.venez.fr/js/ Frame 1369 |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
separateur90.gif
www.venez.fr/images/ Frame 1369 |
82 B 388 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1369 |
137 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head.jpg
www.lemaitreturf.com/lespros2/regiehippo/ Frame E11E |
106 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
www.gambling-affiliation.com/cpm/ Frame E11E |
339 B 540 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v=3e1WTNw9BsOjWjpueZWyfA-QfRAYAVR9KwU7Hi.0ne-L8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s=
www.gambling-affiliation.com/cpm/ Frame E11E |
338 B 539 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arpl.jpg
www.lemaitreturf.com/lespros2/regiehippo/ Frame E11E |
199 KB 200 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alternate-barre.htm
www.venez.fr/ Frame 4518 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
barre90.gif
www.venez.fr/images/ Frame 1369 |
110 B 416 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
120x60.gif
www.venez.fr/images/ Frame 4518 |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js
www.venez.fr/js/ Frame 4518 |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
barre90.gif
www.venez.fr/images/ Frame 4518 |
110 B 416 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame 1369 |
347 KB 117 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 91B7 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
25995.gif
static.gambling-affiliation.com/uploads/ads/ Frame E11E |
207 KB 208 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
54291.gif
static.gambling-affiliation.com/uploads/ads/ Frame E11E |
264 KB 264 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ Frame 1369 |
377 B 599 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.fr/adsid/ Frame 1369 |
107 B 531 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ Frame 1369 |
107 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame F93B |
436 B 410 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1369 |
15 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1369 |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C793 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 5A7E |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame C793 |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A7E |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame C793 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 1369 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 boolean| credentialless object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.vu.cx/ | Name: __gads Value: ID=43f80e917262a3fd-22eb963b99dd00d1:T=1681570513:RT=1681570513:S=ALNI_Mbi5c6SYBe6WFlH6FEgYuWcCbTK6g |
|
.vu.cx/ | Name: __gpi Value: UID=00000bd6857fc0e1:T=1681570513:RT=1681570513:S=ALNI_MZmWyOosK8QSUcUi9tmaHzmMhYhjg |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.fr
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.gambling-affiliation.com
www.google.com
www.lemaitreturf.com
www.regiehippo.vu.cx
www.venez.fr
194.150.236.236
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
5.135.149.81
91.198.105.123
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3dc6e0c2fb80e09c9a597029403750d983ae97e8a6d778ba94c06554c0614e9c
3f44b03b22b2bcd2dd4d387cc6b8eedc02d2de00a87d160b42ab31beba5f6a70
4521dbb3f23be72508cc11b8fa98bcb04fd4384990ad43006fad3d5fc14fa0c9
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
51c07b146e33299f1dd5f951bb68eb7a89a8e3d739230f7bd8aea23af54d49e9
52572c2e333117cc073dc20c2ec5c31b68a890389436050b49864d76431c25e6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa903efdecad266dd30da6dac7b03a8dd589d701473ab5b51b00fb9f4e17b3f8
c06838cc3ead05dd7251dcc7fcbfdaf895e45fa9bd0c7b5cd9bc33e99d5b2c23
c8155f5b4c20427cc50c7bb61dd53edd65436b8436db698ecd84f48e4de8109b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccecc75cb14d645db1925ae18a2600cfebe0ee87dfc336f6ca68bfeafabdb501
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95f5912cbec5539c314a2a2e7e12af38167ffc9381770a0e5b38d0d98ac7416
e9d31713cab127b2bb9142ffd17400e68e8dcabd829bb13ac9048a508294fc7c
ec1008d7a866c954faf372e3cfe0dd8433b6bcee144f71ee13d18412e6f134d5
f602c3d794e453b8f185d2a6aeabfc4cf6d6c59e2e0eb3876bd43d263dedbbeb
f73d9de6192185fba01a1ceb92f65c1f25177e491e823fbfc6d64693e9346d71