![](/screenshots/693ac986-f7bc-4f6a-a58a-ec204a34700e.png)
fcsvitanok-agrosvit.com.ua
Open in
urlscan Pro
91.239.232.47
Malicious Activity!
Public Scan
Effective URL: https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/?login=&?auth=2&home=1&from=PortalLanding&client-r...
Submission Tags: @ipnigh
Submission: On December 09 via api from GB
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 24th 2019. Valid for: 3 months.
This is the only time fcsvitanok-agrosvit.com.ua was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Allegro (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 28 | 91.239.232.47 91.239.232.47 | 196645 (HOSTPRO-AS) (HOSTPRO-AS) | |
1 | 185.31.25.89 185.31.25.89 | 31621 (QXL-NET-P...) (QXL-NET-POLAND-AS) | |
1 | 185.31.25.90 185.31.25.90 | 31621 (QXL-NET-P...) (QXL-NET-POLAND-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
29 | 5 |
ASN196645 (HOSTPRO-AS, UA)
PTR: skm253.hostsila.org
fcsvitanok-agrosvit.com.ua |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
fcsvitanok-agrosvit.com.ua
2 redirects
fcsvitanok-agrosvit.com.ua |
322 KB |
1 |
gstatic.com
www.gstatic.com |
|
1 |
allegrostatic.pl
ucdn.allegrostatic.pl |
|
1 |
ngastatic.com
ngastatic.com |
5 KB |
29 | 4 |
Domain | Requested by | |
---|---|---|
28 | fcsvitanok-agrosvit.com.ua |
2 redirects
fcsvitanok-agrosvit.com.ua
|
1 | www.gstatic.com |
fcsvitanok-agrosvit.com.ua
|
1 | ucdn.allegrostatic.pl |
fcsvitanok-agrosvit.com.ua
|
1 | ngastatic.com |
fcsvitanok-agrosvit.com.ua
|
29 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
strefamarek.allegro.pl |
inspiracje.allegro.pl |
allegro.pl |
ssl.allegro.pl |
pomoc.allegro.pl |
magazyn.allegro.pl |
biznes.allegro.pl |
kariera.allegro.pl |
poznaj.allegro.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fcsvitanok-agrosvit.com.ua cPanel, Inc. Certification Authority |
2019-09-24 - 2019-12-23 |
3 months | crt.sh |
ngastatic.com DigiCert SHA2 Secure Server CA |
2018-02-20 - 2020-02-25 |
2 years | crt.sh |
*.allegrostatic.pl DigiCert SHA2 Secure Server CA |
2018-01-17 - 2020-01-22 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/?login=&?auth=2&home=1&from=PortalLanding&client-request-id=bcc7c79d-ad79-43ec-9c70-d12e378805d20cDovL3d3dy5hc@
Frame ID: 83906118D2CEFFFD7A89DB58E36FB913
Requests: 30 HTTP requests in this frame
Screenshot
![](/screenshots/693ac986-f7bc-4f6a-a58a-ec204a34700e.png)
Page URL History Show full URLs
-
https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/
HTTP 302
https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1?login=&?auth=2&home=1&from=Por... HTTP 301
https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/?login=&?auth=2&home=1&from=Po... Page URL
Detected technologies
Detected patterns
- script /angular.*\.js/i
![](/vendor/wappa/icons/Backbone.js.png)
Detected patterns
- script /backbone.*\.js/i
Detected patterns
- headers server /^LiteSpeed$/i
![](/vendor/wappa/icons/TrackJs.png)
Detected patterns
- script /tracker\.js/i
![](/vendor/wappa/icons/Underscore.js.png)
Detected patterns
- script /underscore.*\.js(?:\?ver=([\d.]+))?/i
- script /backbone.*\.js/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
30 Outgoing links
These are links going to different origins than the main page.
Title: Strefa Marek
Search URL Search Domain Scan URL
Title: Inspiracje
Search URL Search Domain Scan URL
Title: moda.allegro
Search URL Search Domain Scan URL
Title: sklep Allegro
Search URL Search Domain Scan URL
Title: wystaw przedmiot
Search URL Search Domain Scan URL
Title: moje allegro
Search URL Search Domain Scan URL
Title: kupione
Search URL Search Domain Scan URL
Title: obserwowane
Search URL Search Domain Scan URL
Title: licytujesz
Search URL Search Domain Scan URL
Title: sprzedajesz
Search URL Search Domain Scan URL
Title: sprzedane
Search URL Search Domain Scan URL
Title: wystaw komentarz
Search URL Search Domain Scan URL
Title: komentarze otrzymane
Search URL Search Domain Scan URL
Title: centrum zniżek
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: załóż konto
Search URL Search Domain Scan URL
Title: wyloguj
Search URL Search Domain Scan URL
Title: zaloguj
Search URL Search Domain Scan URL
Title: Polityką Plików Cookies
Search URL Search Domain Scan URL
Title: ×
Search URL Search Domain Scan URL
Title: nie masz konta?
Search URL Search Domain Scan URL
Title: nie pamiętasz hasła?
Search URL Search Domain Scan URL
Title: Regulaminu Allegro
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: O nas
Search URL Search Domain Scan URL
Title: Allegro dla firm
Search URL Search Domain Scan URL
Title: Praca
Search URL Search Domain Scan URL
Title: Poznaj Allegro
Search URL Search Domain Scan URL
Title: Centrum Pomocy
Search URL Search Domain Scan URL
Title: Mapa strony
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/
HTTP 302
https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1?login=&?auth=2&home=1&from=PortalLanding&client-request-id=bcc7c79d-ad79-43ec-9c70-d12e378805d20cDovL3d3dy5hc@ HTTP 301
https://fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/?login=&?auth=2&home=1&from=PortalLanding&client-request-id=bcc7c79d-ad79-43ec-9c70-d12e378805d20cDovL3d3dy5hc@ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/ Redirect Chain
|
102 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-built.min-fa4f387dce.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
99 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-private.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
73 B 105 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
underscore-21d245cbaf.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-16d4bd2210.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
82 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
backbone-801cf4a3a2.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transition-732886619a.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
563 B 312 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tooltip-66c86962e6.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popover-5a5527c6c5.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
2 KB 688 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-frontend.css
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
136 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__pl.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
207 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
145 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-ui-router.min.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-bootstrap-tpls.min.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
129 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-gettext.min.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-cookies.min.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
1 KB 830 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cart-client.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
21 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.min.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
646 B 324 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-recaptcha.min.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
2 KB 970 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
1 KB 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
allegro-e4f5c821.svg
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
2 KB 947 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require-8229947c40.js
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/Allegro_files/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker.js
ngastatic.com/s4c/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
133 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-logo.png
fcsvitanok-agrosvit.com.ua/wp-admin/oWa/67d337c105c0cb65131ce29f3d4fcbc1/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-built.min-fa4f387dce.js
ucdn.allegrostatic.pl/headerService/static/scripts/dist/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__pl.js
www.gstatic.com/recaptcha/api2/r20160321131308/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Allegro (Banking)42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| sas object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd object| angular number| ng339 function| CartClient string| cm.analytics.object function| cm object| html5 object| Modernizr function| yepnope function| requirejs function| require function| define function| headerJS object| headerJSModuleConfig function| _ object| Backbone object| ___grecaptcha_cfg boolean| __google_recaptcha_client function| $ function| jQuery object| recaptcha object| grecaptcha1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
fcsvitanok-agrosvit.com.ua/ | Name: PHPSESSID Value: 7hp0o9g64feb6ub66r4kblsj47 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fcsvitanok-agrosvit.com.ua
ngastatic.com
ucdn.allegrostatic.pl
www.gstatic.com
185.31.25.89
185.31.25.90
2a00:1450:4001:81f::2003
91.239.232.47
0aaed67784a58be18816ad55fe69b4508ea3dd79da534dd73f2067e4f909cf4c
113906c48cf18e9e7511e1d380dfc541d5d2a391e3373efe45ae2ae58230d687
1251c34a7fd58fbdbc9fe83a10756f8357c2573c9fc9a72cc7ba7c66108ab821
160927dbb11b4cc3ec38a25a7a9ae12b1ebddc8bc2143128538a151c574f8192
1b24cdcd2a45bf837792de26879333c2e2eebaca17751c12d1d3915fadbd0417
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
2e147d3a4f3688406fd938137014a8db60ebaed422794bbbb86e7df5a937e532
47c24b4abb6ce04c00be0c86844c719c2abf94567c5db2606439a943632e0f4f
4fff8e85855ad20ff67f5c0b550f0ef07a4bfd2a5137015ac6afc2d9235740ac
6516bf482d22fce45956bf9f880c174eda9ad64c26ca85db7a56c628a9118327
77866615aa9c0bf3117ef277948f487800bac809abcafb62c0689062717112fa
854547d45d43067b8bb230f0a1ed763f30c473f263eb4d1cad77d26a2c4b405b
89772c6efac91e77c131890affa6e7e51cf03b6d257fb5eecc2c622f4ca7612b
8b5b3ce152e0ace4adff10b1ff27716225bf0157590960c1bf85bec6c0cb6947
8bbbbcb0fbbf08ac83c0172d5e94c53f08d1a214567d01b9a6d15e731a4b4d0f
8d4cac0d30141348b02852292a110dce2412055f06c8956aa55572d5ec6a3627
8df702c7d32b6fe3978d790ae38f031863095abc76f600d1137eaef4458ecdce
95c17ab7683fb50856f4b2532e84481dc24e79fda0bc21f297521b8974955abd
9e6a796a67a6c6015a1f29c52ce5cc25837d264391fa8f97aab52d1bd3c78753
a106776f67a6c94c2eef49bbf83ef6d458e4f163943a35dbbd64d2ab0023c4da
a8983a2304f7060a330f6b10332f892623abe2bfb9e144dfa9cc639a52d039b5
bc7dfd15d3e461b9d8d2cab85c79b9a73c120afebe0b6d32c21413b417431ce3
bf1bed85fdb9dd616aa82f872ca3847b6303c4c710efbb7b836c8dac3011bcae
c8f045e9e77d4288870ace00441530861d831a1bb479723b15c4722df206727c
caa3d73a4067cf98ff271cc9ce5c826f7dadf8afe4df67be2330133f872c73e8
d848cd971824fe137db8f2b802bb11e406459e7ba9ffb4e91fd62a022c693ca3
e8fe014210c4be665bdd071553b639bcbd1bfff8bca1c01ca7299aa3e8b28b3b
eedc2d51e33228a54f7c739844f1115e5ad47f6ade1a39fb1113c80dcd7d7f04