domy.myslowice.biz.pl
Open in
urlscan Pro
188.210.220.85
Malicious Activity!
Public Scan
Submission: On April 28 via api from US — Scanned from PL
Summary
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time domy.myslowice.biz.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 188.210.220.85 188.210.220.85 | 50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.) | |
4 | 104.16.85.20 104.16.85.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 89.40.144.178 89.40.144.178 | 50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.) | |
1 | 142.250.185.234 142.250.185.234 | 15169 (GOOGLE) (GOOGLE) | |
2 | 157.240.0.6 157.240.0.6 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.160.150.18 3.160.150.18 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 142.250.185.227 142.250.185.227 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.66.112.40 18.66.112.40 | 16509 (AMAZON-02) (AMAZON-02) | |
30 | 10 |
ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-18821022085.seohost-mail.eu
domy.myslowice.biz.pl |
ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-8940144178.seohost-mail.eu
1z4.net |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-18.fra60.r.cloudfront.net
cdn.intum.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-40.fra56.r.cloudfront.net
assets.sugester.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
myslowice.biz.pl
domy.myslowice.biz.pl |
622 KB |
8 |
gstatic.com
fonts.gstatic.com |
54 KB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
193 KB |
3 |
1z4.net
1z4.net |
42 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
90 KB |
1 |
sugester.com
assets.sugester.com |
3 KB |
1 |
intum.com
cdn.intum.com — Cisco Umbrella Rank: 778033 |
7 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
27 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
962 B |
30 | 9 |
Domain | Requested by | |
---|---|---|
9 | domy.myslowice.biz.pl |
domy.myslowice.biz.pl
|
8 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | cdn.jsdelivr.net |
domy.myslowice.biz.pl
cdn.jsdelivr.net |
3 | 1z4.net |
domy.myslowice.biz.pl
|
2 | connect.facebook.net |
domy.myslowice.biz.pl
connect.facebook.net |
1 | assets.sugester.com |
domy.myslowice.biz.pl
|
1 | cdn.intum.com |
domy.myslowice.biz.pl
|
1 | cdnjs.cloudflare.com |
domy.myslowice.biz.pl
|
1 | fonts.googleapis.com |
domy.myslowice.biz.pl
|
30 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
domyzkeramzytu.com.pl |
sugester.pl |
myslowice.biz.pl |
had.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
domy.myslowice.biz.pl R3 |
2024-04-28 - 2024-07-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
1z4.net R3 |
2024-03-06 - 2024-06-04 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-05 - 2024-05-05 |
3 months | crt.sh |
*.intum.com Amazon RSA 2048 M02 |
2023-08-02 - 2024-08-29 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.sugester.com Amazon RSA 2048 M02 |
2023-06-16 - 2024-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://domy.myslowice.biz.pl/
Frame ID: DCA56CBACFC79C04EB475E960455D820
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Budowa Domów Mysłowice - MyQu.beDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Szczegóły oferty
Search URL Search Domain Scan URL
Title: Szczegóły oferty
Search URL Search Domain Scan URL
Title: Szczegóły oferty
Search URL Search Domain Scan URL
Title: powered by Sugester Forms
Search URL Search Domain Scan URL
Title: Mysłowice
Search URL Search Domain Scan URL
Title: H&D Interactive
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
domy.myslowice.biz.pl/ |
31 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ |
160 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
1z4.net/_data/bs/css/ |
119 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/ |
96 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 962 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/pl_PL/ |
3 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
domy.myslowice.biz.pl/_data/img/logo/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wnetrze-domu-z-keramzytu.jpg
domy.myslowice.biz.pl/_data/img/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keram-smart.jpg
domy.myslowice.biz.pl/_data/img/ |
107 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keram-eko.jpg
domy.myslowice.biz.pl/_data/img/ |
125 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keram-maxi.jpg
domy.myslowice.biz.pl/_data/img/ |
98 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
korzysci-z-domow-keramzytowych.jpg
domy.myslowice.biz.pl/_data/img/ |
46 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dlaczego-wybierac-keramzyt.jpg
domy.myslowice.biz.pl/_data/img/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ |
84 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
cdn.intum.com/0/h/hadimperium/form/7ZzgOttfEq1aaLsgdu/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script-1.0.min.js
1z4.net/_data/bs/js/ |
48 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/pl_PL/ |
299 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero.jpg
domy.myslowice.biz.pl/_data/img/ |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
99 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/ |
128 KB 128 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v21/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v21/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v21/ |
5 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v21/ |
5 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
progress_bar-67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da.gif
assets.sugester.com/assets/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
1z4.net/_data/bs/favicon/D/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)86 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| FB function| $ function| jQuery function| getUrlParam function| validateHostForCaptcha function| date_from function| date_to function| form_active object| IntumFormOptions boolean| errors function| lavina_form_submit_4542 number| uidEvent object| bootstrap function| HeadingBlink function| HeadingBlinkingEvent function| HeadingRemoveLetter function| HeadingTypeLetter function| HeadingType function| HeadingTypingEvent object| action_panel object| action object| cookies object| copy undefined| today object| gallery_buttons undefined| gallery_button_ID undefined| gallery_modal undefined| gallery_modal_close undefined| gallery_modal_previous undefined| gallery_modal_next undefined| gallery_modal_img undefined| gallery_imgs object| hours_items undefined| hours_modules undefined| date undefined| hours_item_active object| nav_offcanvas string| data_nav undefined| nav_links undefined| nav_track undefined| nav_track_links undefined| isScrolling undefined| bs_offcanvas object| navbar_progress undefined| background undefined| processScroll object| panel_share undefined| page_lang undefined| text_start undefined| window_location_href undefined| window_location_hostname undefined| heading undefined| heading_text undefined| text undefined| text_clipboard undefined| panel_share_list_facebook undefined| panel_share_list_linkedin undefined| panel_share_list_sms undefined| panel_share_list_email undefined| panel_share_list_whatsapp undefined| panel_share_list_copy_to_clipboard undefined| clipboard object| scroll_top object| heading_blinking number| speed_typing number| speed_removing object| heading_typing object| toast_button undefined| toast_button_button object| toast_leave undefined| body object| toast_scroll undefined| toast_scroll_show_attempts undefined| showToastScroll undefined| current_attempts object| toast_time function| getCookie function| addCookie function| cookieAlert undefined| clickPrev undefined| clickNext undefined| updateNavTrack undefined| showToastOnLeave function| ClipboardJS function| Glide object| __buffer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1z4.net
assets.sugester.com
cdn.intum.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
domy.myslowice.biz.pl
fonts.googleapis.com
fonts.gstatic.com
104.16.85.20
104.17.25.14
142.250.185.227
142.250.185.234
157.240.0.6
18.66.112.40
188.210.220.85
3.160.150.18
89.40.144.178
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06f1a6e2a7bf9211ad40cbede2ac9ae2ae2ba43abb4d291200e4322158eb48cc
150e76fa4a0cd284098c1ac358c950305fe0bc4a292734fcf460d49269c66078
26fd27fb6bb1dc4c64a687124cc328a5ed13d89155dbfcd218eda64a45835174
2bcb15b901cd682beef3876887c50b9567a63fc6d1864277099816d5da1c846e
354fa3fe013c44bf4e986532c26c963799fad8ac61393d016a675ee0bfd67ab9
3d52320b7513a9e20df42e02b61709b91a5c2c2a25708225c664eb4639f3b0fd
4c9bca0388183d206578a3b33f040e70a2eb5bb5962e96e3371e016ce6928dda
5121e1d8d8b046bc47f3c92b1a348c6f27ee9e4100959a8e32017377deb121cd
616b4aeaed932452e151e99c9e9faa0b5eddc96e61f0b9a8c7ba9fd23f8a2fb9
620ec7947095b6f875ce7694812120d60ef68ae4d44a9762a4b370a42b8d06ad
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
6e84b65d1f924ccf49bdc27ab9b7b768676ebcb13e08aef6d80a834b43f9d750
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7a29f30a3c3ceeae04a182d014611530c451b9022bf0adaf89e924cf06b7a79a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f9b546b55e07413f55795c2ddab501f5b00d8d53b9003b70019edf46c19cf1a
7fba888a3ae51511d6593f6a40bf44977eaea03a29adf1d7729d805f03325627
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9450a63e49e65ff96ae55bd7324288ffbf038db5a3caff84977f6b792ee904fc
9c2de72144fe1ea03a2a6400cdc92a9c627fdd00a866962e27a506c8ce67b315
a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189
bacd70afda7da1deac2bbd49b5717a4dd133bcd59c379525d705b8492f678e95
bb459d34a0a16957017ce9cc010d1e89b995fe3f8bf184114d970940662ec30b
bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48
e0722249aa7868ae1debbf593a4589bf6fce0674f267548de7d72ae3666699c6
e17f24a27d03d34666deb06f34397eaee2032772fa84d071747c6e78eba16261
ebf4b42e9e061052fb7884265262e93415aa56ac59d3fdf792dd88ad0a6ff073
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3