0.magic5.biz
Open in
urlscan Pro
188.166.64.127
Public Scan
Effective URL: https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e
Submission Tags: falconsandbox
Submission: On December 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 14th 2021. Valid for: 3 months.
This is the only time 0.magic5.biz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 192.243.59.20 192.243.59.20 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 3.69.1.168 3.69.1.168 | 16509 (AMAZON-02) (AMAZON-02) | |
3 4 | 95.216.71.125 95.216.71.125 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 185.162.10.217 185.162.10.217 | 59729 (ITL-BG) (ITL-BG) | |
3 | 139.45.197.251 139.45.197.251 | 9002 (RETN-AS) (RETN-AS) | |
1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
9 | 188.166.64.127 188.166.64.127 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
17 | 8 |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
randomignitiondentist.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-1-168.eu-central-1.compute.amazonaws.com
venetrigni.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.125.71.216.95.clients.your-server.de
tracker-tds.info |
ASN59729 (ITL-BG, UA)
PTR: vps10770.hosted-by.eurohoster.online
1.sabs-push.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
magic5.biz
magic5.biz 0.magic5.biz |
83 KB |
4 |
tracker-tds.info
3 redirects
tracker-tds.info |
2 KB |
3 |
deefauph.com
deefauph.com |
36 KB |
2 |
randomignitiondentist.com
1 redirects
randomignitiondentist.com |
4 KB |
1 |
rtmark.net
my.rtmark.net |
544 B |
1 |
sabs-push.xyz
1.sabs-push.xyz |
13 KB |
1 |
venetrigni.com
venetrigni.com |
295 B |
17 | 7 |
Domain | Requested by | |
---|---|---|
8 | magic5.biz |
magic5.biz
|
4 | tracker-tds.info |
3 redirects
1.sabs-push.xyz
|
3 | deefauph.com |
1.sabs-push.xyz
deefauph.com |
2 | randomignitiondentist.com | 1 redirects |
1 | 0.magic5.biz |
magic5.biz
|
1 | my.rtmark.net |
deefauph.com
|
1 | 1.sabs-push.xyz | |
1 | venetrigni.com |
randomignitiondentist.com
|
17 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
venetrigni.com Amazon |
2021-07-28 - 2022-08-26 |
a year | crt.sh |
1.sabs-push.xyz R3 |
2021-09-27 - 2021-12-26 |
3 months | crt.sh |
deefauph.com R3 |
2021-11-07 - 2022-02-05 |
3 months | crt.sh |
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA |
2021-11-20 - 2022-11-26 |
a year | crt.sh |
tracker-tds.info R3 |
2021-10-20 - 2022-01-18 |
3 months | crt.sh |
magic1.biz R3 |
2021-12-14 - 2022-03-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e
Frame ID: 237AB4EC5F1B02871332A978B38672D7
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
videoPage URL History Show full URLs
- http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.ph... Page URL
-
http://randomignitiondentist.com/1tyas2v5a3?shu=f7e65e5386d38ffef07d5f5e4e0acb76dc73bc77c6ac49cd5bd9038986c14...
HTTP 302
https://tracker-tds.info/index.php?key=tvxllufqvww9lxefbb1l&SUB_ID_SHORT=033c90404becf4e40795ba9b9466... HTTP 302
https://tracker-tds.info/index.php?key=0fy8mwoxkto2i5yaydnf&clickid=5f9dczwtl17xi9ae HTTP 302
https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-... Page URL
-
https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1
HTTP 302
https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/h... Page URL
- https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e Page URL
- https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&ad=2732712&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&kw=%5B%5D&key=c2c5c7372f32d6b91781836c4ce66e51&scrWidth=1920&scrHeight=1080&tz=1&v=21.1.v.1&... Page URL
-
http://randomignitiondentist.com/1tyas2v5a3?shu=f7e65e5386d38ffef07d5f5e4e0acb76dc73bc77c6ac49cd5bd9038986c14ab0eea1534a6e1904c9708692148eac71887207ca5df8db1b0252483e7fe583bb34bb7eca169db31afad68197f0bd46e32539ec50&pst=1639650366&rmtc=t&uuid=97851483-6350-41ce-9288-476b856c3fde%3A3%3A1&pii=&in=false&key=c2c5c7372f32d6b91781836c4ce66e51&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&scrWidth=1920&...=&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&ad=2732712&kw=%5B%5D&scrHeight=1080&tz=1&v=21.1.v.1&aihgouw=19
HTTP 302
https://tracker-tds.info/index.php?key=tvxllufqvww9lxefbb1l&SUB_ID_SHORT=033c90404becf4e40795ba9b94664d77&cost={payout}&PLACEMENT_ID=29221&CAMPAIGN_ID=525342&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrome&USER_OS=Windows&USER_CARRIER=M247%20Ltd&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&REMOTE_LANGUAGE=15&BANNER_ID=1596187 HTTP 302
https://tracker-tds.info/index.php?key=0fy8mwoxkto2i5yaydnf&clickid=5f9dczwtl17xi9ae HTTP 302
https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e Page URL
-
https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1
HTTP 302
https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/haygenlfgm5dcnjw Page URL
- https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e Page URL
- https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://randomignitiondentist.com/1tyas2v5a3?shu=f7e65e5386d38ffef07d5f5e4e0acb76dc73bc77c6ac49cd5bd9038986c14ab0eea1534a6e1904c9708692148eac71887207ca5df8db1b0252483e7fe583bb34bb7eca169db31afad68197f0bd46e32539ec50&pst=1639650366&rmtc=t&uuid=97851483-6350-41ce-9288-476b856c3fde%3A3%3A1&pii=&in=false&key=c2c5c7372f32d6b91781836c4ce66e51&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&scrWidth=1920&...=&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&ad=2732712&kw=%5B%5D&scrHeight=1080&tz=1&v=21.1.v.1&aihgouw=19 HTTP 302
- https://tracker-tds.info/index.php?key=tvxllufqvww9lxefbb1l&SUB_ID_SHORT=033c90404becf4e40795ba9b94664d77&cost={payout}&PLACEMENT_ID=29221&CAMPAIGN_ID=525342&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrome&USER_OS=Windows&USER_CARRIER=M247%20Ltd&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&REMOTE_LANGUAGE=15&BANNER_ID=1596187 HTTP 302
- https://tracker-tds.info/index.php?key=0fy8mwoxkto2i5yaydnf&clickid=5f9dczwtl17xi9ae HTTP 302
- https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e
- https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1 HTTP 302
- https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/haygenlfgm5dcnjw
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
1tyas2v5a3
randomignitiondentist.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stats
venetrigni.com/ |
40 B 295 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
1.sabs-push.xyz/ Redirect Chain
|
36 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
deefauph.com/pfe/current/ |
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
97 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
zone
deefauph.com/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 544 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zone
deefauph.com/ |
693 B 981 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
tracker-tds.info/nlp/ Redirect Chain
|
105 B 372 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
haygenlfgm5dcnjw
magic5.biz/go/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon1.png
magic5.biz/img/13/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon2.png
magic5.biz/img/13/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon3.png
magic5.biz/img/13/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon4.png
magic5.biz/img/13/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon5.png
magic5.biz/img/13/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon7.png
magic5.biz/img/13/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon8.png
magic5.biz/img/13/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
0.magic5.biz/ |
32 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
378 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
377 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
randomignitiondentist.com/ | Name: u_pl Value: 29221 |
|
randomignitiondentist.com/ | Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyOTIyMSwiayI6ImMyYzVjNzM3MmYzMmQ2YjkxNzgxODM2YzRjZTY2ZTUxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjY4NiwicGlkIjo2NzI2LCJhbiI6ZmFsc2UsImxhbiI6ZmFsc2UsImNpZCI6MTksImFpZCI6MjgsInB0Ijo0LCJwayI6IjF0eWFzMnY1YTMiLCJjcGtzIjp7ICIzNCI6ImI4MjIwNDA0YzM0OGQzMDUyZjRkZDFiNzQ2ODgzNTBjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTUwOTQ3MCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjExNTM5OSwiYm4iOiJDaHJvbWUiLCJidiI6Ijk2Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NTcsImMiOiJERSIsIm4iOiJHZXJtYW55In0sImEiOnRydWUsImNyIjp7Im4iOiJNMjQ3IEx0ZCJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNvY2NlcmhvY2tleWZhbnMuY29tL3BhZ2UucGhwP2hhc2g9YmFiYTM2In19.hPsmVJ6iHWPmxG_Diat0evqV2zF-uqJfPnz-RVUoBIo |
|
randomignitiondentist.com/ | Name: cjs Value: t |
|
venetrigni.com/ | Name: uid_id2 Value: 97851483-6350-41ce-9288-476b856c3fde:3:1 |
|
randomignitiondentist.com/ | Name: uid_id2 Value: 97851483-6350-41ce-9288-476b856c3fde:3:1 |
|
randomignitiondentist.com/ | Name: pdhtkv Value: true |
|
randomignitiondentist.com/ | Name: uncs Value: 1 |
|
randomignitiondentist.com/ | Name: pdhtkv28 Value: true |
|
randomignitiondentist.com/ | Name: uncs28 Value: 1 |
|
tracker-tds.info/ | Name: uclick Value: zwtl17xi |
|
my.rtmark.net/ | Name: ID Value: 3dd7ad619b094bde9c5934aabeea9f84 |
|
tracker-tds.info/ | Name: uclickhash Value: zwtl17xi-zwtl17ib-wj-0-wj-lp4p-dz-c8dbab |
|
.magic5.biz/ | Name: uuid Value: 95684744-6ec8-4348-959a-18d15e9b5085 |
|
.0.magic5.biz/ | Name: uuid Value: 95684744-6ec8-4348-959a-18d15e9b5085 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0; includeSubdomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.magic5.biz
1.sabs-push.xyz
deefauph.com
magic5.biz
my.rtmark.net
randomignitiondentist.com
tracker-tds.info
venetrigni.com
139.45.195.8
139.45.197.251
185.162.10.217
188.166.64.127
192.243.59.20
3.69.1.168
95.216.71.125
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
37d183e39adc50dac79b10f3991111d12c7fbf316ba4f84e60830319cf886ff5
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
445b9db367cd1663fb3516d8396e106c27963ee2862d4cbcbdc7209f46724398
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
96d201cb7188f7da899b05726dfc66c7c9e3bbc9f748323697dda65dfffe7cbd
9ac66a91a224fcafac5c2f14c223679bee15173cc73f5c924b28f15ccb23a389
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c764dca0719360d1becfc00bc8bb990698cf1df73e49a4b8eac9a2f9d297f17d
c785f430cad390993d5571ddec8f25de66111c9aaf4eece360b8ed41ea6824d7
d00641ee14b2eddb6a47a61021bd2b664ab13bd761fee4b2e8bca7f132fdd2bc
d6b942e73e8fbc1fe72938913e824f2abe1572170d2a9375565617a106295543
d86155cfc24d65d1533e8a4833e65f6a44b058a3cfba66908bb0b5fc00349454
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
efd781d8a554d84c2dd0f2cb70c5e7c0ef790d3cb93dcf85894a4c024662fd05
f3f33eb9df2cb87a1a67d76abcf7a90279a3b73b899e4379085d60627a255603
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e