kynews.lol
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://kynews.lol/
Submission Tags: scythethephish
Submission: On June 28 via api from RO — Scanned from NL
Summary
TLS certificate: Issued by WE1 on June 26th 2024. Valid for: 3 months.
This is the only time kynews.lol was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 34.120.220.213 34.120.220.213 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 119.8.184.92 119.8.184.92 | 136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS) | |
2 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 35.207.139.8 35.207.139.8 | 15169 (GOOGLE) (GOOGLE) | |
3 | 172.67.70.145 172.67.70.145 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 35.215.89.131 35.215.89.131 | 15169 (GOOGLE) (GOOGLE) | |
1 | 192.0.66.227 192.0.66.227 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
2 | 3.29.251.77 3.29.251.77 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 199.79.52.79 199.79.52.79 | 46309 (TONAQUINT-DC) (TONAQUINT-DC) | |
1 | 104.18.84.107 104.18.84.107 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
36 | 15 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.220.120.34.bc.googleusercontent.com
static.cdns.space |
ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-119-8-184-92.compute.hwclouds-dns.com
gbw.cmpc.fun |
ASN15169 (GOOGLE, US)
firebase.googleapis.com |
ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 8.139.207.35.bc.googleusercontent.com
mayhealthylifestyle.com |
ASN15169 (GOOGLE, US)
PTR: 131.89.215.35.bc.googleusercontent.com
www.dreamingloud.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-29-251-77.me-central-1.compute.amazonaws.com
healthmagazine.ae |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
cdns.space
static.cdns.space — Cisco Umbrella Rank: 637988 |
107 KB |
4 |
googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 3981 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 642 |
1 KB |
3 |
ahealthylifeforme.com
ahealthylifeforme.com — Cisco Umbrella Rank: 992539 |
2 MB |
2 |
fitnessista.com
fitnessista.com |
78 KB |
2 |
healthmagazine.ae
healthmagazine.ae |
15 KB |
2 |
dreamingloud.com
www.dreamingloud.com |
91 KB |
2 |
mayhealthylifestyle.com
mayhealthylifestyle.com |
201 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355 |
|
2 |
cmpc.fun
gbw.cmpc.fun — Cisco Umbrella Rank: 237693 |
13 KB |
1 |
mblycdn.com
alive.mblycdn.com |
125 KB |
1 |
wellandgood.com
www.wellandgood.com — Cisco Umbrella Rank: 243303 |
210 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
88 KB |
1 |
kynews.lol
kynews.lol |
2 KB |
36 | 13 |
Domain | Requested by | |
---|---|---|
13 | static.cdns.space |
kynews.lol
static.cdns.space |
3 | ahealthylifeforme.com | |
2 | fitnessista.com | |
2 | healthmagazine.ae | |
2 | www.dreamingloud.com | |
2 | mayhealthylifestyle.com | |
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | firebaseinstallations.googleapis.com |
static.cdns.space
|
2 | firebase.googleapis.com |
static.cdns.space
|
2 | gbw.cmpc.fun |
static.cdns.space
|
1 | alive.mblycdn.com | |
1 | www.wellandgood.com | |
1 | www.googletagmanager.com |
static.cdns.space
|
1 | kynews.lol | |
36 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
kynews.lol WE1 |
2024-06-26 - 2024-09-24 |
3 months | crt.sh |
*.cdns.space RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2024-05-17 - 2025-05-17 |
a year | crt.sh |
*.cmpc.fun RapidSSL TLS RSA CA G1 |
2023-11-07 - 2024-11-07 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.mayhealthylifestyle.com R3 |
2024-05-01 - 2024-07-30 |
3 months | crt.sh |
ahealthylifeforme.com E1 |
2024-06-05 - 2024-09-03 |
3 months | crt.sh |
*.dreamingloud.com R3 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
wellandgood.com R3 |
2024-04-30 - 2024-07-29 |
3 months | crt.sh |
healthmagazine.ae R3 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
fitnessista.com R10 |
2024-06-24 - 2024-09-22 |
3 months | crt.sh |
mblycdn.com WE1 |
2024-06-16 - 2024-09-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kynews.lol/
Frame ID: 81AC5A27D0EBF6E2B03F50850B7724EB
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
NewsPage URL History Show full URLs
-
http://kynews.lol/
HTTP 307
https://kynews.lol/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://kynews.lol/
HTTP 307
https://kynews.lol/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
kynews.lol/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.axios.b49b59d3.js
static.cdns.space/news/js/ |
34 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle._firebase.0c0ac549.js
static.cdns.space/news/js/ |
42 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.13ece2be.js
static.cdns.space/news/ |
233 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.759044f1.css
static.cdns.space/news/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.17867d3e.js
static.cdns.space/news/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-0c18e3b0.03378cd0.css
static.cdns.space/news/css/ |
0 282 B |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-55ef3d61.577d4403.css
static.cdns.space/news/css/ |
0 1 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-6298d486.03378cd0.css
static.cdns.space/news/css/ |
0 224 B |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.core-js.960643ae.js
static.cdns.space/news/js/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-0c18e3b0.c3d22bae.js
static.cdns.space/news/js/ |
0 1005 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-55ef3d61.cb8318da.js
static.cdns.space/news/js/ |
0 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-6298d486.782bfd42.js
static.cdns.space/news/js/ |
0 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.core-js.960643ae.js
static.cdns.space/news/js/ |
14 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
summary
gbw.cmpc.fun/v1/tc/a/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
summary
gbw.cmpc.fun/v1/tc/a/ |
13 KB 13 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:178708903326:web:91deef4e9bd2b80d6cd28f/ |
265 B 383 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:178708903326:web:91deef4e9bd2b80d6cd28f/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
installations
firebaseinstallations.googleapis.com/v1/projects/enetwork-71ebd/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
installations
firebaseinstallations.googleapis.com/v1/projects/enetwork-71ebd/ |
623 B 676 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
249 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
83 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pexels-karolina-grabowska-6660116-1024x683.jpg
mayhealthylifestyle.com/wp-content/uploads/ |
91 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Asparagus-Lemon-Tart-11.jpg
ahealthylifeforme.com/wp-content/uploads/2014/04/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Toddler-Day-Care-Essentials-1-560x967.jpg
www.dreamingloud.com/wp-content/uploads/2022/08/ |
91 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.gif
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/img/ |
26 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
robust-health-1-300x258.jpg
healthmagazine.ae/wp-content/uploads/2024/06/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
veg-soup-1024x576.jpg
mayhealthylifestyle.com/wp-content/uploads/ |
110 KB 111 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Baked-Egg-with-Ricotta-Thyme-Parsley-683x1024.jpg
ahealthylifeforme.com/wp-content/uploads/2017/04/ |
89 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
164-Cancer-treatment-and-prevention-with-Dr.-Katie-Deming-MD.jpg
fitnessista.com/wp-content/uploads//2024/06/ |
78 KB 78 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Marvellous-mocktails-Kadey.jpg
alive.mblycdn.com/uploads/al/2024/05/ |
125 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
164-Cancer-treatment-and-prevention-with-Dr.-Katie-Deming-MD.jpg
fitnessista.com/wp-content/uploads//2024/06/ |
78 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Toddler-Day-Care-Essentials-1-560x967.jpg
www.dreamingloud.com/wp-content/uploads/2022/08/ |
91 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
robust-health-1-300x258.jpg
healthmagazine.ae/wp-content/uploads/2024/06/ |
15 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Asparagus-Lemon-Tart-11.jpg
ahealthylifeforme.com/wp-content/uploads/2014/04/ |
2 MB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| __INITIAL_STATE__ object| webpackJsonp object| dataLayer function| gtag function| wlog object| google_tag_manager object| google_tag_data object| gaGlobal3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.kynews.lol/ | Name: _ga Value: GA1.1.1378522783.1719589331 |
|
.kynews.lol/ | Name: _ga_FQL1Y4C7MY Value: GS1.1.1719589331.1.0.1719589332.0.0.0 |
|
.mblycdn.com/ | Name: __cf_bm Value: pJj5vqysjiTVE80q7vyzAcycEpYmQMH3dqszRWBUhdk-1719589332-1.0.1.1-PSJjsPn9OQBwY8PsICVQw47jtFeN1xHF.2P6B979VRdDOOIj1CVd1xGlbVPd5bxSPXDuEIwycgQTQ3Urohu9XA |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ahealthylifeforme.com
alive.mblycdn.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fitnessista.com
gbw.cmpc.fun
healthmagazine.ae
kynews.lol
mayhealthylifestyle.com
region1.google-analytics.com
static.cdns.space
www.dreamingloud.com
www.googletagmanager.com
www.wellandgood.com
104.18.84.107
119.8.184.92
172.67.70.145
192.0.66.227
199.79.52.79
2001:4860:4802:34::36
2a00:1450:4001:801::200a
2a00:1450:4001:806::2008
2a00:1450:4001:812::200a
2a06:98c1:3120::3
3.29.251.77
34.120.220.213
35.207.139.8
35.215.89.131
02389c6fb6a2153e773ff649bf6d0a31a93cfffb5af8fdb1016d0e0cb182f5d3
05c569affa6e40b1775e47649a29a326fc5abbe88c6624d7de63a67f644a485e
06c293f9ec2c10ebafb1c867c30742b79076379cfe50fdca9d682638adb615ef
0e6b9f3b429c4f32416512d550800959102a4937e620cbd804bdd1619c71e2eb
1d65f5cc42ec1d7086b09e8c98a7763ad6c0e00be15b2bf7fa27dc37c73963e2
1f631ea266636ac49ba7a5f9d50be1f65183736195400e0123a8b6a77a9f68dc
2b52caddecc00d834db84af3ea143970d26ed06ba594d5cf340b9c8f77d4c3ce
2ee59d5adf610ae82959690ba2c835a2f15cbbb50fcd115121841ae6cc295267
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
5624b94f48b1ad5a8718376e01023538518c4ff9b3851d749d8ce3bf1c6d1075
62f56d138c99c8105966d4f1d998bf622aea2ceeb4d1e4d6d078feca305b3fb4
81cfd5a6139bef8ca4a6119ce20e9f674fc1c92fcc6a09dc4cdb7a9b4c10cb71
9e650aced720f0bf9e626d41104c4ca3ea762f431c6e79a2f1128f1fd3d453ca
ac002ad8cbe431acbd92a5d8fa77cf48b52e8aa27ca86523e8c2bb4b48f533fc
adcbe3a2c3d3abb8273907c1f441444ac143a4b3dae9afdbadedf40d2a48102b
adf1620b1096f4d714b77248b55aa9f23c6d51cdc72fb9ab5e6e2ac2df82a1b4
b80027ecb0fb6e5ab15c2b2ca8650792275b147c42fe49b0ff50b047a02bdeee
c77b1b73c48fd7c0587cc12dc0c4b7ab68e77c0ae4718b0b50ecf7b3c099590a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1dba1b2288b4a9d28afb0872430356f8affc145569bf381e7ec46e3d10e8b1
ecca21d29891d8a2205f4c6921218c7ab109f8885968a40f3d6c2e18172e1058
f48b65c44db4c09b8c03d3dbf478fbb9824587c421c846d8f3f8ffcb6f439d06