ludicrous-trowel.glitch.me
Open in
urlscan Pro
54.165.156.139
Public Scan
URL:
https://ludicrous-trowel.glitch.me/html-file
Submission: On August 03 via manual from US
Submission: On August 03 via manual from US
Summary
This website contacted 9 IPs
in 4 countries
across 9 domains to perform 20 HTTP transactions.
The main IP is 54.165.156.139, located in
Ashburn, United States and
belongs to AMAZON-AES - Amazon.com, Inc., US.
The main domain is ludicrous-trowel.glitch.me.
TLS certificate: Issued by Amazon on January 20th 2019. Valid for: a year.
This is the only time ludicrous-trowel.glitch.me was scanned on urlscan.io!
TLS certificate: Issued by Amazon on January 20th 2019. Valid for: a year.
This is the only time ludicrous-trowel.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 54.165.156.139 54.165.156.139 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 216.200.199.154 216.200.199.154 | 6461 (ZAYO-6461) (ZAYO-6461 - Zayo Bandwidth) | |
| 1 | 108.163.244.35 108.163.244.35 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC) | |
| 2 | 78.140.188.189 78.140.188.189 | 35415 (WEBZILLA) (WEBZILLA) | |
| 2 6 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
| 1 2 | 2606:4700:30:... 2606:4700:30::681f:5b93 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 3 | 78.140.188.188 78.140.188.188 | 35415 (WEBZILLA) (WEBZILLA) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 20 | 9 |
1
54.165.156.139
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-156-139.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-156-139.compute-1.amazonaws.com
| ludicrous-trowel.glitch.me |
1
216.200.199.154
(United States)
ASN6461 (ZAYO-6461 - Zayo Bandwidth, US)
PTR: 216.200.199.154.bpath.com
ASN6461 (ZAYO-6461 - Zayo Bandwidth, US)
PTR: 216.200.199.154.bpath.com
| bdv.bidvertiser.com |
1
108.163.244.35
(Chicago, United States)
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: ecosys.websitehostserver.net
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: ecosys.websitehostserver.net
| ads.greengeeks.com |
2
2606:4700:30::681f:5b93
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| add-extension.xyz |
3
2a00:1450:4001:816::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
yandex.ru
2 redirects
mc.yandex.ru |
95 KB |
| 5 |
shorte.st
cdn.shorte.st api.shorte.st |
121 KB |
| 3 |
google-analytics.com
www.google-analytics.com |
18 KB |
| 2 |
add-extension.xyz
1 redirects
add-extension.xyz |
288 B |
| 1 |
greengeeks.com
ads.greengeeks.com |
15 KB |
| 1 |
bidvertiser.com
bdv.bidvertiser.com |
10 KB |
| 1 |
glitch.me
ludicrous-trowel.glitch.me |
3 KB |
| 0 |
rotumal.com
Failed
rotumal.com Failed |
|
| 0 |
zryydi.com
Failed
ssp.zryydi.com Failed |
|
| 20 | 9 |
| Domain | Requested by | |
|---|---|---|
| 6 | mc.yandex.ru |
2 redirects
ludicrous-trowel.glitch.me
|
| 3 | www.google-analytics.com |
cdn.shorte.st
ludicrous-trowel.glitch.me |
| 3 | api.shorte.st |
cdn.shorte.st
|
| 2 | add-extension.xyz |
1 redirects
ludicrous-trowel.glitch.me
|
| 2 | cdn.shorte.st |
ludicrous-trowel.glitch.me
cdn.shorte.st |
| 1 | ads.greengeeks.com |
ludicrous-trowel.glitch.me
|
| 1 | bdv.bidvertiser.com |
ludicrous-trowel.glitch.me
bdv.bidvertiser.com |
| 1 | ludicrous-trowel.glitch.me | |
| 0 | rotumal.com Failed |
cdn.shorte.st
|
| 0 | ssp.zryydi.com Failed |
cdn.shorte.st
|
| 20 | 10 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| avast.com |
| bandicam.com |
| stream-all.com |
| www.greengeeks.com |
| shorte.st |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| glitch.com Amazon |
2019-01-20 - 2020-02-20 |
a year | crt.sh |
| *.bidvertiser.com COMODO RSA Domain Validation Secure Server CA |
2018-12-01 - 2019-12-01 |
a year | crt.sh |
| *.greengeeks.com AlphaSSL CA - SHA256 - G2 |
2018-06-08 - 2020-06-08 |
2 years | crt.sh |
| *.shorte.st COMODO RSA Domain Validation Secure Server CA |
2018-08-27 - 2019-10-26 |
a year | crt.sh |
| bs.yandex.ru Yandex CA |
2018-10-03 - 2019-10-03 |
a year | crt.sh |
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-02-27 - 2020-02-27 |
a year | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://ludicrous-trowel.glitch.me/html-file
Frame ID: 6AADAF1D98B6B9A11785AEEBBB87DE15
Requests: 17 HTTP requests in this frame
Frame:
https://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=9449922039582&DIF=1&bd_ref_v=ludicrous-trowel.glitch.me&tref=1&win_name=null&docref=&jsrand=9449922039582&js1loc=-&loctitle=make%20money
Frame ID: EB44C238B226C9CBCB7763C32DB89754
Requests: 1 HTTP requests in this frame
Frame:
https://add-extension.xyz/youtube/
Frame ID: D67CA46C6C38D9B8B4A0E07FAE984392
Requests: 1 HTTP requests in this frame
Frame:
https://rotumal.com/4/1241630/
Frame ID: 9E9D73105C4B01A2A3684B8E983EF99C
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Ubuntu
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Ubuntu/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://avast.com/
Title: Avast Free Antivirus Download!
Title: Avast Free Antivirus Download!
Search URL Search Domain Scan URL
URL: https://bandicam.com/
Title: Free Screen Recorder By Bandicam!
Title: Free Screen Recorder By Bandicam!
Search URL Search Domain Scan URL
URL: https://stream-all.com/
Title: Nice videos from cute cats to Nice Videos!
Title: Nice videos from cute cats to Nice Videos!
Search URL Search Domain Scan URL
URL: https://www.greengeeks.com/track/sustainableweb/cp-default
Search URL Search Domain Scan URL
URL: https://shorte.st/?utm_source=ludicrous-trowel.glitch.me&utm_medium=overlay&utm_campaign=bottom
Title: Shorte.st
Title: Shorte.st
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://mc.yandex.ru/watch/49239574?wmode=7&page-url=https%3A%2F%2Fludicrous-trowel.glitch.me%2Fhtml-file&charset=utf-8&browser-info=ti%3A10%3Ans%3A1564856454582%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190803202055%3Aet%3A1564856455%3Aen%3Awindows-1252%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A478353050%3Ahid%3A64124893%3Ads%3A1%2C204%2C142%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A398%3Awn%3A12746%3Ahl%3A2%3Agdpr%3A14%3Av%3A1684%3Awv%3A2%3Ast%3A1564856455%3Au%3A1564856455391146317 HTTP 302
- https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=https%3A%2F%2Fludicrous-trowel.glitch.me%2Fhtml-file&charset=utf-8&browser-info=ti%3A10%3Ans%3A1564856454582%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190803202055%3Aet%3A1564856455%3Aen%3Awindows-1252%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A478353050%3Ahid%3A64124893%3Ads%3A1%2C204%2C142%2C1%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A398%3Awn%3A12746%3Ahl%3A2%3Agdpr%3A14%3Av%3A1684%3Awv%3A2%3Ast%3A1564856455%3Au%3A1564856455391146317
- https://add-extension.xyz/youtube HTTP 301
- https://add-extension.xyz/youtube/
- https://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=https://ludicrous-trowel.glitch.me/html-file&cp.locked=0&cp.proxy=1&cp.quarantine_status=&cp.vno=1&cp.enc_url=&cp.type=overlay&cp.asid=3b75e96801e6805e8dc878cae9b96e0f5012671d HTTP 302
- https://rotumal.com/4/1241630/
- https://mc.yandex.ru/watch/49239574?page-url=https%3A%2F%2Fludicrous-trowel.glitch.me%2Fhtml-file&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1564856454582%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190803202110%3Aet%3A1564856470%3Aen%3Awindows-1252%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A93%3Arn%3A906848381%3Ahid%3A64124893%3Ads%3A%2C%2C%2C%2C%2C%2C%2C3059%2C8%2C%2C%2C%2C3414%3Agdpr%3A14%3Av%3A1684%3Awv%3A2%3Ast%3A1564856470%3Au%3A1564856455391146317%3App%3A823294630 HTTP 302
- https://mc.yandex.ru/watch/49239574/1?page-url=https%3A%2F%2Fludicrous-trowel.glitch.me%2Fhtml-file&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1564856454582%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190803202110%3Aet%3A1564856470%3Aen%3Awindows-1252%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A93%3Arn%3A906848381%3Ahid%3A64124893%3Ads%3A%2C%2C%2C%2C%2C%2C%2C3059%2C8%2C%2C%2C%2C3414%3Agdpr%3A14%3Av%3A1684%3Awv%3A2%3Ast%3A1564856470%3Au%3A1564856455391146317%3App%3A823294630
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
html-file
ludicrous-trowel.glitch.me/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BidVertiser.dbm
bdv.bidvertiser.com/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
00010015.gif
ads.greengeeks.com/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
link-converter.min.js
cdn.shorte.st/ |
116 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tag.js
mc.yandex.ru/metrika/ |
350 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1
mc.yandex.ru/watch/49239574/ Redirect Chain
|
152 B 714 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
bidvertiser.dbm
bdv.bidvertiser.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
BidVertiser.dbm
bdv.bidvertiser.com/ Frame EB44 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
add-extension.xyz/youtube/ Frame D67C Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
ssp.zryydi.com/bid/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sh-overlay.css
cdn.shorte.st/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
0dcd3da5ac03016ecbc321ca7f9149a3
api.shorte.st/start-adsession/ |
74 B 850 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3b75e96801e6805e8dc878cae9b96e0f5012671d
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ |
464 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 104 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
rotumal.com/4/1241630/ Frame 9E9D Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1
mc.yandex.ru/watch/49239574/ Redirect Chain
|
43 B 444 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
11
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/3b75e96801e6805e8dc878cae9b96e0f5012671d/ |
15 B 790 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 104 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bdv.bidvertiser.com
- URL
- https://bdv.bidvertiser.com/bidvertiser.dbm?pid=512795&bid=1277387&RD=38056962749764&DIF=2
- Domain
- bdv.bidvertiser.com
- URL
- https://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=9449922039582&DIF=1&bd_ref_v=ludicrous-trowel.glitch.me&tref=1&win_name=null&docref=&jsrand=9449922039582&js1loc=-&loctitle=make%20money
- Domain
- ssp.zryydi.com
- URL
- https://ssp.zryydi.com/bid/?tag_id=90&sub_id=0dcd3da5ac03016ecbc321ca7f9149a3&url=https%3A%2F%2Fludicrous-trowel.glitch.me%2Fhtml-file&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1564856458003
- Domain
- rotumal.com
- URL
- https://rotumal.com/4/1241630/
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| Ya object| yaCounter49239574 function| T8CC function| r311 object| shortest function| shortestApplication function| shortestMonetization function| domready object| bean function| reqwest string| popns object| ShortestPop string| BDVHDRFUNCS number| statechanged object| bdvscripts object| myScript string| myScriptSrc undefined| docscripts undefined| bdvfound undefined| docscripts_index undefined| tmpScriptSrc string| queryString string| dec_pid string| dec_bid number| doppdano object| mybvD string| nocachen undefined| bvdbgwrbnr undefined| bvdbimgbnr object| _mq number| BDVADCNT object| bdvcheckBody string| ifrdom object| _anmq string| BDVINJFUNC string| loctitle number| tref string| win_name string| docref string| currjs1loc string| trcref number| locfoundmeta string| bvlockeywords object| bvkwarray object| bvmeta number| bvx number| bvy undefined| bvtttilemx undefined| kw2try undefined| gapp object| bdvmntppchk object| bdvmntsldchk string| bdvbnr2_rnd object| bdvfrstobjwrp object| bdvsndobj object| params string| method function| getQuerystring3 function| bdvfixqs function| bdvbnrsetCookie function| bdvbnrgetCookie function| bdv_setifrmsize function| bdvprocess number| sndmx1277387 function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
add-extension.xyz
ads.greengeeks.com
api.shorte.st
bdv.bidvertiser.com
cdn.shorte.st
ludicrous-trowel.glitch.me
mc.yandex.ru
rotumal.com
ssp.zryydi.com
www.google-analytics.com
bdv.bidvertiser.com
rotumal.com
ssp.zryydi.com
108.163.244.35
216.200.199.154
2606:4700:30::681f:5b93
2a00:1450:4001:816::200e
2a02:6b8::1:119
54.165.156.139
78.140.188.188
78.140.188.189
081f2f83acc9a4dddf175b4e7e1ff0ce9b1b3de4ed8a5e9c8c8cc8e45858ff6e
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01
52fdcf0bc37976202dce21aa2d538012baedeb7ca7014e1acb4b37c100f4c732
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d724b8c26ff23dd25f2b67099baa32e30119efe6bcf9551f329b48f19746bd6
6f2ccfc7be1cda44f3c4bf03e3a7ffbb7a8eb2e24a9d67537c30575795342162
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a2644fef3bf2824ae3589878f256bf554e1bdaaf60f65a9a3b786671b1db4e9f
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
e7cef30a32532c95b27ce5a739e89135c7fbbea2f14c061a1ce369a4cc27c59e