vxhsvarygv.4pu.com Open in urlscan Pro
212.8.247.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vxhsvarygv.4pu.com/yeap11.php
Submission: On October 22 via manual (October 22nd 2020, 6:00:40 am UTC) from JP

Summary HTTP 9 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 212.8.247.18, located in Russian Federation and belongs to RUWEB, RU. The main domain is vxhsvarygv.4pu.com.

This is the only time vxhsvarygv.4pu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	212.8.247.18 212.8.247.18		49189 (RUWEB) (RUWEB)
4	2606:4700::68... 2606:4700::6810:125e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003		15169 (GOOGLE) (GOOGLE)
9	4

3 212.8.247.18 (Russian Federation)

ASN49189 (RUWEB, RU)
PTR: newdb2.hostname

vxhsvarygv.4pu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cloudflare.com cdnjs.cloudflare.com	103 KB
3	4pu.com vxhsvarygv.4pu.com	11 KB
1	gstatic.com fonts.gstatic.com	10 KB
1	googleapis.com fonts.googleapis.com	422 B
9	4

	Domain	Requested by
4	cdnjs.cloudflare.com	vxhsvarygv.4pu.com cdnjs.cloudflare.com
3	vxhsvarygv.4pu.com	vxhsvarygv.4pu.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	vxhsvarygv.4pu.com
9	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://vxhsvarygv.4pu.com/yeap11.php
Frame ID: 8CF0E36C1FD2C257391A9529B18B93E2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

67 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

124 kB
Transfer

453 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request yeap11.php Show response
vxhsvarygv.4pu.com/ 36 KB
11 KB 160ms
129ms Document
text/html 212.8.247.18
RUWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://vxhsvarygv.4pu.com/yeap11.php
Protocol: HTTP/1.1
Server: 212.8.247.18 , Russian Federation, ASN49189 (RUWEB, RU),
Reverse DNS: newdb2.hostname
Software: nginx /
Resource Hash: a754ddc45c220058aad372fc8f5367ddaada20eb08c8cf9eb1a6e94dcbd27add

Request headers

Host: vxhsvarygv.4pu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 22 Oct 2020 06:00:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding

GET
H2 200 bootstrap.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/css/ 120 KB
15 KB 25ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/css/bootstrap.css
Requested by: Host: vxhsvarygv.4pu.com
URL: http://vxhsvarygv.4pu.com/yeap11.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d83d1ae3cbc212a2df745bc4ce666e96f394685d1f16c880945b3170eb385d4

Request headers

Origin: http://vxhsvarygv.4pu.com
Referer: http://vxhsvarygv.4pu.com/yeap11.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 06:00:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32271
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14257
cf-request-id: 05f07dfaa4000005e4a8a45000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
etag: "5eb04010-1dfe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603346424"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e60ff71093105e4-FRA
expires: Tue, 12 Oct 2021 06:00:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 437 B
422 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Expletus%20Sans

Requested by

Host: vxhsvarygv.4pu.com
URL: http://vxhsvarygv.4pu.com/yeap11.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e7bad007215d8867018cbd6653129e1b6d62d7c19e13d332dc29842ae4d01ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://vxhsvarygv.4pu.com/yeap11.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 06:00:24 GMT
server: ESF
date: Thu, 22 Oct 2020 06:00:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Oct 2020 06:00:24 GMT

GET
H2 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/ 236 KB
59 KB 26ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.js
Requested by: Host: vxhsvarygv.4pu.com
URL: http://vxhsvarygv.4pu.com/yeap11.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9427fe2df51f7d4c6bf35f96d19169714d0b432b99dc18f41760d0342c538122

Request headers

Origin: http://vxhsvarygv.4pu.com
Referer: http://vxhsvarygv.4pu.com/yeap11.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 06:00:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 34872
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60187
cf-request-id: 05f07dfaa4000005e4b48ba000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: "5eb03ec4-3b1de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603346424"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e60ff71093205e4-FRA
expires: Tue, 12 Oct 2021 06:00:24 GMT

GET
H/1.1 404
Not Found style.css
vxhsvarygv.4pu.com/tpl_files/ 0
0 85ms
73ms Stylesheet
text/html 212.8.247.18
RUWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://vxhsvarygv.4pu.com/tpl_files/style.css
Requested by: Host: vxhsvarygv.4pu.com
URL: http://vxhsvarygv.4pu.com/yeap11.php
Protocol: HTTP/1.1
Server: 212.8.247.18 , Russian Federation, ASN49189 (RUWEB, RU),
Reverse DNS: newdb2.hostname
Software: nginx /
Resource Hash

Request headers

Referer: http://vxhsvarygv.4pu.com/yeap11.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 06:00:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found logo.png
vxhsvarygv.4pu.com/tpl_files/ 95 B
95 B 93ms
92ms Image
text/html 212.8.247.18
RUWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vxhsvarygv.4pu.com/tpl_files/logo.png
Requested by: Host: vxhsvarygv.4pu.com
URL: http://vxhsvarygv.4pu.com/yeap11.php
Protocol: HTTP/1.1
Server: 212.8.247.18 , Russian Federation, ASN49189 (RUWEB, RU),
Reverse DNS: newdb2.hostname
Software: nginx /
Resource Hash: 7515369ed9f495084de0b4f38aa04cbcad477a44bd0b2becd0658513d5a574ee

Request headers

Referer: http://vxhsvarygv.4pu.com/yeap11.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 06:00:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/js/ 27 KB
7 KB 11ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/js/bootstrap.min.js
Requested by: Host: vxhsvarygv.4pu.com
URL: http://vxhsvarygv.4pu.com/yeap11.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Request headers

Origin: http://vxhsvarygv.4pu.com
Referer: http://vxhsvarygv.4pu.com/yeap11.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 06:00:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 35098
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6456
cf-request-id: 05f07dfabb000005e4650b7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
etag: "5eb04010-6cae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603346425"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e60ff71296f05e4-FRA
expires: Tue, 12 Oct 2021 06:00:24 GMT

GET
H2 200 RLp5K5v5_bqufTYdnhFzDj2ddf4YuoMtXHs.woff2
fonts.gstatic.com/s/expletussans/v14/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/expletussans/v14/RLp5K5v5_bqufTYdnhFzDj2ddf4YuoMtXHs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Expletus%20Sans

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86225d1a722e46085cbc9ab9f40174aaa553fa44e106a4a74bb5ed9dfd953eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://vxhsvarygv.4pu.com
Referer: https://fonts.googleapis.com/css?family=Expletus%20Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:53:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 19:38:46 GMT
server: sffe
age: 65201
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9936
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:53:43 GMT

GET
H2 200 glyphicons-halflings-regular.woff
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/fonts/ 23 KB
23 KB 10ms
9ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/fonts/glyphicons-halflings-regular.woff
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc5dd9cf420eefb86d6bf881ddd2b8f77f83975405911050f7b0ca081dc41d1

Request headers

Origin: http://vxhsvarygv.4pu.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.0.3/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 06:00:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 34798
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23004
cf-request-id: 05f07dfaf4000005e43f9c4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
etag: "5eb04010-5afc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603346425"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e60ff718a4b05e4-FRA
expires: Tue, 12 Oct 2021 06:00:24 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
vxhsvarygv.4pu.com
212.8.247.18
2606:4700::6810:125e
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
2cc5dd9cf420eefb86d6bf881ddd2b8f77f83975405911050f7b0ca081dc41d1
3e7bad007215d8867018cbd6653129e1b6d62d7c19e13d332dc29842ae4d01ba
4d83d1ae3cbc212a2df745bc4ce666e96f394685d1f16c880945b3170eb385d4
7515369ed9f495084de0b4f38aa04cbcad477a44bd0b2becd0658513d5a574ee
9427fe2df51f7d4c6bf35f96d19169714d0b432b99dc18f41760d0342c538122
a754ddc45c220058aad372fc8f5367ddaada20eb08c8cf9eb1a6e94dcbd27add
e86225d1a722e46085cbc9ab9f40174aaa553fa44e106a4a74bb5ed9dfd953eb
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada