money-amulet.654.pl
Open in
urlscan Pro
185.212.150.3
Public Scan
Submission: On October 11 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 11th 2021. Valid for: 3 months.
This is the only time money-amulet.654.pl was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 185.212.150.3 185.212.150.3 | 205455 (GRL-AS) (GRL-AS) | |
39 | 2a03:90c0:41:... 2a03:90c0:41:2801::254 | 199524 (GCORE) (GCORE) | |
1 | 185.212.150.6 185.212.150.6 | 205455 (GRL-AS) (GRL-AS) | |
1 | 88.208.8.86 88.208.8.86 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 31.172.81.190 31.172.81.190 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
43 | 5 |
ASN199524 (GCORE, LU)
febatigr.com | |
cf.just-news.pro | |
viposidn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
febatigr.com
febatigr.com |
505 KB |
3 |
viposidn.com
viposidn.com |
189 KB |
1 |
tomono.com
pixel.tomono.com |
304 B |
1 |
just-news.pro
cf.just-news.pro |
2 KB |
1 |
news-host.pw
pushnginx.news-host.pw |
349 B |
1 |
user-actrk.com
user-actrk.com |
90 B |
1 |
654.pl
money-amulet.654.pl |
12 KB |
43 | 7 |
Domain | Requested by | |
---|---|---|
35 | febatigr.com |
money-amulet.654.pl
|
3 | viposidn.com |
febatigr.com
|
1 | pixel.tomono.com | |
1 | cf.just-news.pro |
money-amulet.654.pl
|
1 | pushnginx.news-host.pw |
money-amulet.654.pl
|
1 | user-actrk.com |
money-amulet.654.pl
|
1 | money-amulet.654.pl | |
43 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
ac-feedback.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
money-amulet.654.pl R3 |
2021-10-11 - 2022-01-09 |
3 months | crt.sh |
febatigr.com R3 |
2021-10-04 - 2022-01-02 |
3 months | crt.sh |
user-actrk.com R3 |
2021-10-06 - 2022-01-04 |
3 months | crt.sh |
pushnginx.news-host.pw R3 |
2021-09-20 - 2021-12-19 |
3 months | crt.sh |
cf.just-news.pro R3 |
2021-10-02 - 2021-12-31 |
3 months | crt.sh |
viposidn.com R3 |
2021-10-04 - 2022-01-02 |
3 months | crt.sh |
*.tomono.com Sectigo RSA Domain Validation Secure Server CA |
2021-05-28 - 2022-06-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://money-amulet.654.pl/
Frame ID: 75112992B7A9F1B8D29FFD7B42AE9BAC
Requests: 43 HTTP requests in this frame
Screenshot
Page Title
Wygrałam 86 milionów w lotto dzięki Money Amulet!Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Report
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
money-amulet.654.pl/ |
55 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
febatigr.com/content/shared/js/ |
94 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.min.js
febatigr.com/content/_presets/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
febatigr.com/content/BDZJc9v2AlVkqzA/css/ |
69 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
media.css
febatigr.com/content/BDZJc9v2AlVkqzA/css/ |
1 KB 698 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
47.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pic3.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pic4.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pic1.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pic2.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amulet_1.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noavatar.png
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
461 B 518 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava1.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava2.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava3.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava4.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava5.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava6.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava7.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava8.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava9.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava10.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava11.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
563 B 620 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava12.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava13.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava14.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ava15.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-2.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-3.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-4.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-5.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-6.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-7.jpg
febatigr.com/content/BDZJc9v2AlVkqzA/img/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie.min.js
febatigr.com/content/shared/js/ |
2 KB 1021 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.2.1.0.min.js
febatigr.com/content/!common_files/js/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sawpp.jpg
user-actrk.com/trk/ |
0 90 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
pushnginx.news-host.pw/ |
29 B 349 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pushwwp.js
cf.just-news.pro/js/fcmjsgo/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialdesignicons-webfont.woff2
viposidn.com/content/BDZJc9v2AlVkqzA/fonts/ |
110 KB 110 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.b4130d9ff4208cc87ff6d649fd1dc064.png
viposidn.com/content/BDZJc9v2AlVkqzA/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
viposidn.com/content/BDZJc9v2AlVkqzA/fonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star.ico
febatigr.com/content/!common_files/images/ |
1 KB 1 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v2
pixel.tomono.com/ac/ |
68 B 304 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| acrum_extra boolean| domain_has_valid_cert boolean| show_gdpr_warning boolean| is_adlt boolean| is_our_click boolean| dpush boolean| dsopush string| back_url object| img string| lang_locale string| ccode string| ip_ccode boolean| iew function| _typeof function| $ function| jQuery function| pushwru_onsubscribed function| loadScript boolean| newScheme boolean| oldScheme undefined| asiaGeo boolean| g_popupShown function| pushw_webpushsub string| pushw_targeting function| move_next function| hide_warn function| get_params function| getOption function| send_push_pixel function| show_pushwru_show_v_2 function| show_pushwru_show_v_3 function| show_pushwru_show function| get_same_location_with_push function| adc_clearFooter object| months_localized object| days_localized function| AdcLandDate function| getLocalizedEntity function| dtime_nums function| dtime function| dtimes function| Cookies function| Fingerprint2 function| addPixel function| addFingerprintToForms object| adcTitleChange object| jQuery112406861502959751076 boolean| sawpp function| askPermission function| subscribeUser function| urlBase64ToUint8Array object| pushw_paramswp function| pushwru_param function| pushwru_getSubscriptionOrTokenSentToServer function| pushwru_setSubscriptionSentToServer function| pushwru_paramwp function| pushwru_sendSubscriptionToServer function| pushwru_SubscribeWebpush function| pushru_on_subscribed function| pushru_on_subscribe_fail object| link string| fingerprint3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
money-amulet.654.pl/ | Name: previous_uniq Value: 1633960857 |
|
money-amulet.654.pl/ | Name: adc_163856727044233 Value: 1 |
|
money-amulet.654.pl/ | Name: randDate Value: 1631368857574 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cf.just-news.pro
febatigr.com
money-amulet.654.pl
pixel.tomono.com
pushnginx.news-host.pw
user-actrk.com
viposidn.com
185.212.150.3
185.212.150.6
2a03:90c0:41:2801::254
31.172.81.190
88.208.8.86
09b62b01bcd5380a849aac6298fb9b526c9391f436d3860cf5374f7a587a8445
10b532c7f5f060757870a5242648f774bbb506663b37dced21487f365a295c63
163b8f33c783b68be2bed844139a5acdc1de657fe5e7b14b36faa57f014a42bd
1b9f6f69e7a500819ea1558050a4085cf8d7e67295ab1a4185d03a22d92ae02a
2143b1d5c246ebcced78ef20b7c2554dcd09be22f0a9e2fd5e8017e8387532d3
2194c674751b8228cc5b0988c53e4e660a0f8e491481d78e9f4dbad711b23d3a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b716fe48b141fd249636a84dc7e14fb1e9a266959a5d4e765031304d4aa33ef
2f9e555922cd07f5efb425b306c9fd23a56359991fddc11ad289539541d3a242
3a10af52f358bbc7f20ac6f6466e6cb19d6f5b86381af9defad8af0d0a8e2ddf
42d238fdf59b79f94e4b1da3051cf03b5fa5a851c50bdbfbab07de3e261b420e
4a934c1ec27d7eed7403a92a45207b38e8b40e52e8653ae17655845282cc3fef
522293cc55c069a059d2add731be7d1d71cb0bdaf4ad9c8d036afa6c6f341da7
5950ce327ce1c399aff60ebc1593759e85dc1a85f90503dc390576ff53c4905f
5a7ee7805b42de0fb0eb9619ef39ef186911c0e52d85a1611532c77bec5089b6
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
656ed4a30c05c776f81b4387cad95f2ac8043cfefe797b3a8da5ad045304d185
694771ad3576f978116d68625c80d16ea564565aad3d7585213eb9062925c3d4
6e01a0c532da45ec83550be4c82dffeee2e49398ea4c96886620a82fdc7a126c
70138853e230af66671dda35167f6676c0558a4e52c7e401847c5f3a7a5def68
78691721cea2c428e03e7f318b0ad9dafd2530f9cfc0279d1968156dc625838b
84d0e7ed3379ef01042eb0e7db11caae4bc6b0de5291a217e5baebbefc151dc4
89d8e2c8c460dbb856aa8fc5ec2a7cef4af421daea7730fae0822a1eec584679
8b34c44569a9e1be79e84d11e0f089fea3c7a58ae30768f640d7e2f8595bbff0
9459031b241b3c1024dcebbc46a28df701e3a0cd49fbe57aebfcb327a48d8f5b
9dd8c27db13f43eec5e52f8d7c875bac9612a00438bf4f631baa7bbc74d29f96
ac388b1663922dd35f39145f72993043e9c81adc7d401aa5969bdf17c2d0a40f
b5b4662cb5c65d675f014170c6c5909fac8094785b07efe4410bab77054bbab3
b634deb0f0217a01a40cfc29149f6ee352955c1a806b12656a16d31fec9df706
b6c65ab685234e744044e9b94c2a52db31b84c54ff3a00044aa188012ad61365
b6e3120009c3aaf2def87f7156666242605c69d7470b4aa3dd5d4b669a965d16
c6f9f243c18af6b61c53032b9a53ef9e6b6fec3ab917bd01d6d615f0568995f6
c97dff775b86a09924baecf59d7effc515a36cba603b34408f9b306c8a436d72
cf9fbc98e37eaa0efc800c69fbbcd237b0247f33ca476b01e16f4980b97cd84a
d116a038748631732812400f92bf9b7517f499d0c8ab0de1f60704541db5513c
d637cd587cb27525ff34e909a10ee00d8f62eb284414ec8c74a15cdf2505b14f
dbe443f8e4f631169176d16a482618cc9a7c16f6e0a1eb6f970cdeb4e96684cd
e17fc4667558aff45ce3e9a31bc31e559c339d02b16155ec36c1a5afa956c7ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8a99abcf513ddf8597ebd0ed5f5e827f0acda1af4d965c5300111204a8b7c2
edfc9e2e64ad3322d2a366e8aa3f7d8b8dd9188ded1512b5382abcf00d9660e0
f092b718bdffe09d665051ab9c3f67e95dc6761c69f88b5fd76a23be0d2f85d0
fa6026cd1b77da2c3f66225d97f48548742cfcf14c87e37e14262a8584f771bb