olx.ogl24.pl Open in urlscan Pro
172.67.185.168  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request payu Show response olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/	176 KB 58 KB	210ms 117ms	Document text/html	172.67.185.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.185.168 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f90f2fc71bf74b52f8cb3e438d7547cb1e7ff57935f5525824349a094b008cac Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7fca62d6bd67bfeb-WAW content-encoding br content-type text/html; charset=utf-8 date Sat, 26 Aug 2023 07:33:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BzQZMbhuYOgtRz7Z5kzNjUiJui5NCO6uQeAQxBE7clmswLLVanf1TQH84uhf4S3lqhhjGRVqdbekqeSOJW6dGUwF3eTqiDtMhq2B5VMIvkP3tgz868bK7bhvf2Dmv0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H2	200	all.45d9c61c4331.css olx.ogl24.pl/static/	40 KB 10 KB	140ms 138ms	Stylesheet text/css	172.67.185.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx.ogl24.pl/static/all.45d9c61c4331.css Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.185.168 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 47145161018824891e6bbaec9ee81a5083a6b31e959d1b019640833524d6e0f2 Request headers accept-language pl-PL,pl;q=0.9 Referer https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sat, 26 Aug 2023 07:33:21 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 13 Aug 2023 12:42:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"a09c-189eeeba7f3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blbpBxkzoSLlZOOmHISsbsV4hRqc8ShpXzxLQ02%2B5JhB7yAK9JBFMFDC0ZrFPuKZeymRm07gNyiyoEIahQsHwuVs2d1nd3WR9Qgwh91lPoEDjCEIVNdpp2miaA119OY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7fca62d78e1ebfeb-WAW alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 33 KB	157ms 40ms	Script text/javascript	142.250.185.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f10.1e100.net Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer https://olx.ogl24.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 20:17:41 GMT content-encoding gzip x-content-type-options nosniff age 40540 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33434 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Aug 2024 20:17:41 GMT
GET H2	200	olx.png www.leadsquared.com/wp-content/uploads/2022/03/	2 KB 3 KB	111ms 32ms	Image image/webp	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.leadsquared.com/wp-content/uploads/2022/03/olx.png Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 62982a8122fc60399102627e311a2386f631c8410a82a126a4055fc8b8d98c3f Request headers accept-language pl-PL,pl;q=0.9 Referer https://olx.ogl24.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sat, 26 Aug 2023 07:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 77545 cf-polished origFmt=png, origSize=8260 x-wpe-request-id 21fe2d84b71aa09eee4a61a062989872 content-disposition inline; filename="olx.webp" alt-svc h3=":443"; ma=86400 content-length 2514 cf-bgj imgq:100,h2pri last-modified Fri, 29 Apr 2022 02:40:39 GMT server cloudflare etag "626b5027-2044" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBs%2BZq%2BoVzQqbSmTkj7RAJEbL2TCCp%2FsWdJ93K2T67qwPPZw7IzewWz9FVOaa8iy1cR5JOZZWPa%2FgG%2BmityDc82ZZrtFWVmjNqIZpx2xxQSo%2Bi5ul8MdLAa52I%2BeMsQ53qu7YlI%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7fca62d8dd42fbc2-WAW
GET H3	200	blik.svg olx.ogl24.pl/static/	2 KB 1 KB	98ms 98ms	Image image/svg+xml	172.67.185.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx.ogl24.pl/static/blik.svg Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.185.168 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 08409343cceb460ccc130f464a20e347794b9347939043952964ef65a78563bd Request headers accept-language pl-PL,pl;q=0.9 Referer https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sat, 26 Aug 2023 07:33:21 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 13 Aug 2023 12:42:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"99e-189eeeba203" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCeKXedo962VVlpTHSkvqQrwvrYEOfT2%2BG4z6DM9V3oz%2Bv0w2nqYTARr8EqxcJO47FCmTjMNzh6ZsPj8ARb7m3MpeDMAZQ52%2B1SO1xO3Sa9HDfihaRVTZ83upAmqU08%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 cf-ray 7fca62d8ff16bf65-WAW alt-svc h3=":443"; ma=86400
GET H3	200	load.png olx.ogl24.pl/static/	640 B 1 KB	116ms 115ms	Image image/png	172.67.185.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx.ogl24.pl/static/load.png Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.185.168 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0e1480fb0263b175fe83e27189cd093e9cd4973ead5addeacd3746f82ae4bc74 Request headers accept-language pl-PL,pl;q=0.9 Referer https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sat, 26 Aug 2023 07:33:21 GMT cf-cache-status EXPIRED last-modified Sun, 13 Aug 2023 12:42:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"280-189eeeb90a3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAGp74tONXJ5fXSnoW4XlFqXDnVNKx8wjChmEttoCa%2BMcLY1sbS04IIKKzKkSim7Jb3uKvQKbLCaiV2Y%2B3VWzkZVRhrMhsT4dP0rxjyNPS%2B0dAFReVXjmKT6oEYBhMo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7fca62d92f6abf65-WAW alt-svc h3=":443"; ma=86400 content-length 640
GET H3	200	background_1920x1200.jpg olx.ogl24.pl/static/	59 KB 59 KB	162ms 162ms	Image image/jpeg	172.67.185.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx.ogl24.pl/static/background_1920x1200.jpg Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.185.168 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1dbb56e774834e5cf44bbacfacde7e486ce47b9ce6e77a6113c92450ad255cde Request headers accept-language pl-PL,pl;q=0.9 Referer https://olx.ogl24.pl/ba0b314f-9d23-4203-8feb-b229d84b9454/payu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sat, 26 Aug 2023 07:33:21 GMT cf-cache-status EXPIRED last-modified Sun, 13 Aug 2023 12:42:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"ebe1-189eeeba47f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAWOJQQ3lajeFhFljXU6o1H%2Fe52eIw9kE50UU9wczUDemMypRk28A%2B%2BrUEM6atLcUTNGjaZBgmO2qyN4spqWHwYsCerxLSVIV%2Bt1hQIzA9Mej1LEFCC3qqe%2B%2FUa4wd8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 7fca62d93f82bf65-WAW alt-svc h3=":443"; ma=86400 content-length 60385
GET H2	200	opensans-semibold-webfont.woff static.payu.com/fonts/	89 KB 90 KB	208ms 58ms	Font application/font-woff	13.227.219.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.payu.com/fonts/opensans-semibold-webfont.woff Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/static/all.45d9c61c4331.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-30.ams54.r.cloudfront.net Software nginx / Resource Hash 431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://olx.ogl24.pl/ Origin https://olx.ogl24.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 26 Aug 2023 04:41:51 GMT via 1.1 d2322e4264977966de69a888b2e0eba8.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 10290 x-cache Hit from cloudfront content-length 91168 last-modified Mon, 31 Jul 2023 09:31:58 GMT server nginx etag "16420-601c51a21153c" content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes x-amz-cf-id 6BGcgcsAwuy0mUUW90tZIKrDd2dLTHtq2j5Mj7tiRDPiEcKwQHoqWw== expires Sat, 02 Sep 2023 04:41:51 GMT
GET H2	200	opensans-regular-webfont.woff static.payu.com/fonts/	87 KB 88 KB	304ms 156ms	Font application/font-woff	13.227.219.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.payu.com/fonts/opensans-regular-webfont.woff Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/static/all.45d9c61c4331.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-30.ams54.r.cloudfront.net Software nginx / Resource Hash 9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://olx.ogl24.pl/ Origin https://olx.ogl24.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 17:32:12 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 d2322e4264977966de69a888b2e0eba8.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 223269 x-cache Hit from cloudfront content-length 89576 last-modified Mon, 31 Jul 2023 09:31:57 GMT server nginx etag "15de8-601c51a0e15f2" content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes x-amz-cf-id sXG-T5S8lbRQkKl9lWjFKW36XEQ-uzbtEyemVXbtvMrC78NAWBwO-w== expires Wed, 30 Aug 2023 17:32:12 GMT
GET H2	200	opensans-light-webfont.woff static.payu.com/fonts/	84 KB 85 KB	393ms 245ms	Font application/font-woff	13.227.219.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.payu.com/fonts/opensans-light-webfont.woff Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/static/all.45d9c61c4331.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-30.ams54.r.cloudfront.net Software nginx / Resource Hash 0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://olx.ogl24.pl/ Origin https://olx.ogl24.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 22 Aug 2023 23:46:03 GMT via 1.1 d2322e4264977966de69a888b2e0eba8.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 287238 x-cache Hit from cloudfront content-length 86016 last-modified Mon, 31 Jul 2023 09:31:58 GMT server nginx etag "15000-601c51a1787eb" content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes x-amz-cf-id zZK8Em2F-7a_oa4ZW6CKheYrDSaMyFu2Xvt2A3Y_UNtPhvfo5NNE1Q== expires Tue, 29 Aug 2023 23:46:03 GMT
GET H2	200	PFBeauSansPro-Bold.woff static.payu.com/fonts/	142 KB 142 KB	354ms 207ms	Font application/font-woff	13.227.219.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.payu.com/fonts/PFBeauSansPro-Bold.woff Requested by Host: olx.ogl24.pl URL: https://olx.ogl24.pl/static/all.45d9c61c4331.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-30.ams54.r.cloudfront.net Software nginx / Resource Hash c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://olx.ogl24.pl/ Origin https://olx.ogl24.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sat, 26 Aug 2023 01:05:46 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 d2322e4264977966de69a888b2e0eba8.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 23255 x-cache Hit from cloudfront content-length 145228 last-modified Mon, 31 Jul 2023 09:31:58 GMT server nginx etag "2374c-601c51a2055d4" content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes x-amz-cf-id fnroYenVEsBaeNOrcQss2laknGF4BYaopD3-mF3YkwuqLbcI7yHACA== expires Sat, 02 Sep 2023 01:05:46 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| generateString function| blikPayment function| waitingScreen function| cardPayment function| showOther function| showOther2 function| provideCardData function| changeCurrency1 function| parse function| backToCards function| hideWire function| changeCurrency function| showWire function| showOther3 function| formatString function| isNumberKey function| pay

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
olx.ogl24.pl
static.payu.com
www.leadsquared.com
13.227.219.30
141.193.213.10
142.250.185.74
172.67.185.168
08409343cceb460ccc130f464a20e347794b9347939043952964ef65a78563bd
0e1480fb0263b175fe83e27189cd093e9cd4973ead5addeacd3746f82ae4bc74
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab
1dbb56e774834e5cf44bbacfacde7e486ce47b9ce6e77a6113c92450ad255cde
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae
47145161018824891e6bbaec9ee81a5083a6b31e959d1b019640833524d6e0f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
62982a8122fc60399102627e311a2386f631c8410a82a126a4055fc8b8d98c3f
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8
f90f2fc71bf74b52f8cb3e438d7547cb1e7ff57935f5525824349a094b008cac