atfcu.salrefi.com Open in urlscan Pro
54.235.166.76  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response atfcu.salrefi.com/	102 KB 46 KB	502ms 248ms	Document text/html	54.235.166.76 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://atfcu.salrefi.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.235.166.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-166-76.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 012a991ee271009493e6d889c70fdcc4b309c7306af1de573f14de48a889f794 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 29 Mar 2023 11:36:14 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	bootstrap-4.2.1.min.css atfcu.salrefi.com/public/	150 KB 150 KB	219ms 112ms	Stylesheet text/css	54.235.166.76 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://atfcu.salrefi.com/public/bootstrap-4.2.1.min.css Requested by Host: atfcu.salrefi.com URL: https://atfcu.salrefi.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.235.166.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-166-76.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 29 Mar 2023 11:36:14 GMT Last-Modified Thu, 10 Jan 2019 16:41:25 GMT Server nginx/1.18.0 (Ubuntu) ETag "5c3775b5-2565e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 153182
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response atfcu.salrefi.com/public/	85 KB 85 KB	441ms 221ms	Script application/javascript	54.235.166.76 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://atfcu.salrefi.com/public/jquery-3.3.1.min.js Requested by Host: atfcu.salrefi.com URL: https://atfcu.salrefi.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.235.166.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-166-76.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 29 Mar 2023 11:36:14 GMT Last-Modified Thu, 10 Jan 2019 16:44:51 GMT Server nginx/1.18.0 (Ubuntu) ETag "5c377683-1538f" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 86927
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	23 KB 7 KB	92ms 36ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=cc657340-811c-41a6-a7cf-701065a2008e Requested by Host: atfcu.salrefi.com URL: https://atfcu.salrefi.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 11:36:14 GMT x-amz-version-id PBHdtxERTX7HUmm2o8dmki0ZTZF0krHp content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id YQHH0XMF6V7XC6JE age 11 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 +LLZHiUPLoqdjI9EThw3FST0pFddG8R9Lvnvdomp9IL1WwAq+hxkzE3qqisN2s/K3L39/PSOimo= last-modified Fri, 17 Mar 2023 01:24:00 GMT server cloudflare etag W/"35755063f184195a50a9c07a2c71693a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjAP49KxnyeavIO7zNCA%2BpsIXIiFXQqnODVByIqoo5nSVeM1Y0FEaANx%2F1hWFz%2Fs9Um7TaWmfLVBA4bL5VqmptgYHJwkwuFLgJ3cQrQVF3BW173Yoy3MVVpz24l8ZPREWBWlRiQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 7af7d061faba3810-FRA
GET H/1.1	200 OK	lock-128x128.png atfcu.salrefi.com/public/	2 KB 2 KB	111ms 110ms	Image image/png	54.235.166.76 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atfcu.salrefi.com/public/lock-128x128.png Requested by Host: atfcu.salrefi.com URL: https://atfcu.salrefi.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.235.166.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-166-76.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash ce6655785ba31a284904f8fd7a0013b9e522ba95b3b125a638e03eb940374da5 Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 29 Mar 2023 11:36:14 GMT Last-Modified Thu, 10 Jan 2019 17:55:16 GMT Server nginx/1.18.0 (Ubuntu) ETag "5c378704-6c2" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1730
GET H/1.1	200 OK	powered_by_salrefi-128x36.png atfcu.salrefi.com/public/	3 KB 3 KB	112ms 111ms	Image image/png	54.235.166.76 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atfcu.salrefi.com/public/powered_by_salrefi-128x36.png Requested by Host: atfcu.salrefi.com URL: https://atfcu.salrefi.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.235.166.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-166-76.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 7bec9c15d0564a17d0cfc16217b3ec2ba45de1a292ea8619bdc43ab3ddf091d2 Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 29 Mar 2023 11:36:14 GMT Last-Modified Thu, 10 Jan 2019 23:23:58 GMT Server nginx/1.18.0 (Ubuntu) ETag "5c37d40e-acf" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2767
GET H/1.1	200 OK	popper-1.14.6.min.js Show response atfcu.salrefi.com/public/	20 KB 21 KB	112ms 112ms	Script application/javascript	54.235.166.76 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://atfcu.salrefi.com/public/popper-1.14.6.min.js Requested by Host: atfcu.salrefi.com URL: https://atfcu.salrefi.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.235.166.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-166-76.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560 Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 29 Mar 2023 11:36:14 GMT Last-Modified Thu, 10 Jan 2019 16:46:16 GMT Server nginx/1.18.0 (Ubuntu) ETag "5c3776d8-51ed" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 20973
GET H/1.1	200 OK	bootstrap-4.2.1.min.js Show response atfcu.salrefi.com/public/	54 KB 55 KB	112ms 112ms	Script application/javascript	54.235.166.76 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://atfcu.salrefi.com/public/bootstrap-4.2.1.min.js Requested by Host: atfcu.salrefi.com URL: https://atfcu.salrefi.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.235.166.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-166-76.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267 Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 29 Mar 2023 11:36:14 GMT Last-Modified Thu, 10 Jan 2019 16:45:21 GMT Server nginx/1.18.0 (Ubuntu) ETag "5c3776a1-d9df" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 55775
GET		container_alRsdCbL.js analytics.stellarstrategic.com/js/	0 0
GET DATA	200 OK	truncated /	37 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9e4793caa249bd9a457e25c078dad1f9982b576666038f032ff84090cf274cb6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	cc657340-811c-41a6-a7cf-701065a2008e Show response ekr.zdassets.com/compose/	414 B 1 KB	276ms 222ms	XHR application/json	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/cc657340-811c-41a6-a7cf-701065a2008e Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=cc657340-811c-41a6-a7cf-701065a2008e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b050d2ec0ab8c1e7bb6350ba1a8f959671a6e67929c32771867638973b2462fe Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://atfcu.salrefi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 11:36:15 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 7af7d065b8cb694b-SEA, 7af7d065b8cb694b-SEA x-runtime 0.003970 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"b050d2ec0ab8c1e7bb6350ba1a8f9596" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uq%2Bsbn6TtXmPrUPQ%2BDirKeCe2VSz6XA8I3a4lEF%2FIfY68T4AqcaduYsl8aNRMqKRx5w1%2BfSKphLepBHRI%2BHnzniTS75%2FXjGsFoaC%2B6%2BdSRA%2FtV%2Btk%2FRM1BvTeywXcshSxOY%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=600, public, stale-while-revalidate=600, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 7af7d065b8cb694b-FRA
GET H2	200	web-widget-framework-17cde1f5c77e14173e98.js Show response static.zdassets.com/web_widget/latest/ Frame 44D5	163 KB 51 KB	41ms 40ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=cc657340-811c-41a6-a7cf-701065a2008e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a7048087ee3d34425fe83c11c4be7e2d880971db05a6f9b45f7e9c7d0713ee3 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 11:36:15 GMT x-amz-version-id sF00I9ZP2P.ZPdpa8jMGTZwYs_mUbya7 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id YJT2AXTDH6TQB309 age 45581 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 x2x4j9bC7GvO3xe7JbmkYKgWmo21L94ocdo+AxWRIYyyY5QpDf9OEnVc1h9cY3ifmO5ZWvtl5DQnWICB4KGzuQ== last-modified Tue, 28 Mar 2023 00:52:42 GMT server cloudflare etag W/"9a22523a174d61325929e2f2b3281227" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgsaPTLxYonZQVoOr3zGj7iwQV9rsW8tOLDcgHTC1EbBEQlEWpGTcqNI%2BOKQrQHwTrd07ml7sXlanSqZb4uz3INCqN3Xxzn%2F3QqYHxibi615ZmI7X4DMDBuyhaJ%2F3DtHu3jUJx4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 7af7d0673ab43810-FRA expires Wed, 27 Mar 2024 00:52:41 GMT
GET H2	404	config Show response oecu.zendesk.com/embeddable/ Frame 44D5	15 B 940 B	406ms 352ms	Fetch text/plain	162.159.138.6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oecu.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27 Security Headers Name Value Strict-Transport-Security max-age=0; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 11:36:15 GMT strict-transport-security max-age=0; content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-68985dcfd4-5tsms x-request-id 7af7d0680faebbd9-FRA x-runtime 0.008552 server cloudflare vary Accept, Origin, Accept-Encoding access-control-max-age 7200 access-control-allow-methods GET access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kJ1E9X7QAjDgHtCTyph4IkTLIFzv738nPO6RkvPAQYrHsgMT1696gqbW2Gc2Mon5rZnFWkO8Fvs96OVqfytDiyg2eqDqZHqKIo4M1DmtLSrWkF%2BMAaCoCH%2B8tpnNlfjrps%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control public, max-age=3600 content-type text/plain; charset=utf-8 cf-ray 7af7d0680faebbd9-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

analytics.stellarstrategic.com

URL

https://analytics.stellarstrategic.com/js/container_alRsdCbL.js

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery object| form object| _mtm object| d object| g object| s object| zEWebpackACJsonp function| zE function| zEmbed function| employment_status_change function| validate_app_form function| Popper object| bootstrap boolean| zEACLoaded

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			atfcu.salrefi.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: idneg57lh1sru5jlaghktnn0ud

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://analytics.stellarstrategic.com/js/container_alRsdCbL.js Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://oecu.zendesk.com/embeddable/config Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.stellarstrategic.com
atfcu.salrefi.com
ekr.zdassets.com
oecu.zendesk.com
static.zdassets.com
analytics.stellarstrategic.com
104.18.72.113
162.159.138.6
54.235.166.76
012a991ee271009493e6d889c70fdcc4b309c7306af1de573f14de48a889f794
0a7048087ee3d34425fe83c11c4be7e2d880971db05a6f9b45f7e9c7d0713ee3
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
7bec9c15d0564a17d0cfc16217b3ec2ba45de1a292ea8619bdc43ab3ddf091d2
9e4793caa249bd9a457e25c078dad1f9982b576666038f032ff84090cf274cb6
b050d2ec0ab8c1e7bb6350ba1a8f959671a6e67929c32771867638973b2462fe
ce6655785ba31a284904f8fd7a0013b9e522ba95b3b125a638e03eb940374da5
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267