sokeloask.xyz Open in urlscan Pro
138.68.80.115  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response sokeloask.xyz/4849373/	8 KB 3 KB	92ms 33ms	Document text/html	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://sokeloask.xyz/4849373/login.php?bank=garanti Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PHP/8.0.30 PleskLin Resource Hash adeca1138b9c1dbc3b0682d4c43c6ff1168eede6b1e96808177a8ba7da30a67a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 2346 content-type text/html; charset=UTF-8 date Wed, 24 Jan 2024 21:04:27 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.0.30 PleskLin
GET H2	200	style.css sokeloask.xyz/4849373/assets/css/	146 KB 16 KB	35ms 34ms	Stylesheet text/css	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://sokeloask.xyz/4849373/assets/css/style.css Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/login.php?bank=garanti Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PleskLin Resource Hash 91df9cadde6f62d90f4d002bf15beb40c67ff55938b829956044b4524cda0773 Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/4849373/login.php?bank=garanti User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT content-encoding br last-modified Fri, 28 Apr 2023 16:37:42 GMT server nginx etag W/"644bf656-24804" x-powered-by PleskLin content-type text/css
GET H2	200	garanti-transformed.png sokeloask.xyz/4849373/assets/images/transparent/	46 KB 46 KB	60ms 59ms	Image image/png	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://sokeloask.xyz/4849373/assets/images/transparent/garanti-transformed.png Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/login.php?bank=garanti Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PleskLin Resource Hash 1273f5a50d06e87ba0af8a2da2b63f272a758ca2f94ebe82faf88577840c2324 Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/4849373/login.php?bank=garanti User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT last-modified Fri, 10 Mar 2023 21:28:18 GMT server nginx etag "640ba0f2-b61b" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 46619
GET H2	200	form-progress.svg sokeloask.xyz/4849373/assets/images/	1 KB 1 KB	36ms 36ms	Image image/svg+xml	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://sokeloask.xyz/4849373/assets/images/form-progress.svg Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/login.php?bank=garanti Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PleskLin Resource Hash ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2 Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/4849373/login.php?bank=garanti User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT last-modified Fri, 10 Mar 2023 18:57:04 GMT server nginx etag "640b7d80-42c" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1068
GET H2	200	inputmask.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/5.0.7/	99 KB 27 KB	82ms 34ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/5.0.7/inputmask.min.js Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/login.php?bank=garanti Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db82ffa65fe7193674430ba62870145e3637005f59077b7dea606d39cf4b0091 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://sokeloask.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5857070 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 26905 last-modified Thu, 30 Dec 2021 22:38:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "61ce34d0-6919" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54ZqehRdQTm6L5%2FibY74%2B1fwkf%2BjNOQ47qgh6eSag%2FMSmisW8PeU74OAUBMfnZ4nbPBo3G05sP1SUcBAwPAvTCyLP7IFK%2FG92Bl%2FPoG5tdvGgTjyghopBQTx6%2FoTuKBt6McajvWOChWOjxPMCLe0rpbf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84ab3a9d2849bbd3-FRA expires Mon, 13 Jan 2025 21:04:27 GMT
GET H2	200	script.js Show response sokeloask.xyz/4849373/assets/js/	162 KB 58 KB	86ms 86ms	Script text/javascript	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://sokeloask.xyz/4849373/assets/js/script.js Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/login.php?bank=garanti Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PleskLin Resource Hash 9ea5de183cb4e7bbfd327d5d5283553f323e60e149bd3ebee310e81c5eda500e Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/4849373/login.php?bank=garanti User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT content-encoding br last-modified Fri, 28 Apr 2023 18:59:18 GMT server nginx etag W/"644c1786-28671" x-powered-by PleskLin content-type text/javascript
GET H2	200	css2 fonts.googleapis.com/	68 KB 2 KB	92ms 36ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7d92579fedf6df824e542db1a10e3f67f3fa9c0d24b8666fa6eaa7468c7695e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 24 Jan 2024 21:04:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 24 Jan 2024 20:43:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 24 Jan 2024 21:04:27 GMT
GET H2	200	css2 fonts.googleapis.com/	21 KB 1 KB	89ms 33ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 97905f9f0fc5f65a8900ec1f7f73ff292811d0dd319327e976514ee6bac4c915 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 24 Jan 2024 21:04:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 24 Jan 2024 20:48:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 24 Jan 2024 21:04:27 GMT
GET H2	200	edkkds.svg sokeloask.xyz/4849373/assets/images/	9 KB 9 KB	34ms 34ms	Image image/svg+xml	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://sokeloask.xyz/4849373/assets/images/edkkds.svg Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PleskLin Resource Hash 39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691 Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/4849373/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT last-modified Fri, 10 Mar 2023 18:57:02 GMT server nginx etag "640b7d7e-222a" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 8746
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	71ms 22ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://sokeloask.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 23 Jan 2024 23:31:50 GMT x-content-type-options nosniff age 77557 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Jan 2025 23:31:50 GMT
GET H2	200	button-right.126.svg sokeloask.xyz/4849373/assets/images/	448 B 621 B	30ms 29ms	Image image/svg+xml	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://sokeloask.xyz/4849373/assets/images/button-right.126.svg Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PleskLin Resource Hash 14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4 Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/4849373/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT last-modified Fri, 10 Mar 2023 18:57:12 GMT server nginx x-accel-version 0.01 etag "1c0-5f69054347200" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 448
GET H2	200	arrow-left.126.svg sokeloask.xyz/4849373/assets/images/	393 B 566 B	32ms 32ms	Image image/svg+xml	138.68.80.115 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://sokeloask.xyz/4849373/assets/images/arrow-left.126.svg Requested by Host: sokeloask.xyz URL: https://sokeloask.xyz/4849373/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.68.80.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PleskLin Resource Hash 945f7d25e8f885da3c77668f74ecacefa894dc535ac048f57a56e2b2fc2560df Request headers accept-language de-DE,de;q=0.9 Referer https://sokeloask.xyz/4849373/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 21:04:27 GMT last-modified Fri, 10 Mar 2023 18:56:58 GMT server nginx x-accel-version 0.01 etag "189-5f690535ed280" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 393
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	35 KB 35 KB	100ms 52ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://sokeloask.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 23 Jan 2024 23:38:31 GMT x-content-type-options nosniff age 77156 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35328 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:00:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Jan 2025 23:38:31 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BDDK (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Inputmask function| default function| _0x29df51 function| _0x5330c0 function| _0x319c50 function| _0x35d290 function| _0x557935 function| _0x1a557a function| _0x40960b function| _0xf78fb0 function| _0x289a function| _0x494c function| _0x4ca9d2 function| _0x185439 function| _0x450d6e

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sokeloask.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: rgr9s02pdcntormuae96t1l2i4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
sokeloask.xyz
138.68.80.115
2606:4700::6811:180e
2a00:1450:4001:806::200a
2a00:1450:4001:831::2003
1273f5a50d06e87ba0af8a2da2b63f272a758ca2f94ebe82faf88577840c2324
14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4
39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
7d92579fedf6df824e542db1a10e3f67f3fa9c0d24b8666fa6eaa7468c7695e4
91df9cadde6f62d90f4d002bf15beb40c67ff55938b829956044b4524cda0773
945f7d25e8f885da3c77668f74ecacefa894dc535ac048f57a56e2b2fc2560df
97905f9f0fc5f65a8900ec1f7f73ff292811d0dd319327e976514ee6bac4c915
9ea5de183cb4e7bbfd327d5d5283553f323e60e149bd3ebee310e81c5eda500e
adeca1138b9c1dbc3b0682d4c43c6ff1168eede6b1e96808177a8ba7da30a67a
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
db82ffa65fe7193674430ba62870145e3637005f59077b7dea606d39cf4b0091
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2