dansksecuritysb.com
Open in
urlscan Pro
162.0.224.164
Malicious Activity!
Public Scan
Effective URL: https://dansksecuritysb.com/I/home.php?page=hjeT4AZpORZpWVNN3Tb%2FDNvFRnys%2FrHZ3obA%2B9xyDTl8AALJ4CCHv3Qw0VS0NeZ3GWc7r5Np8A...
Submission: On November 23 via manual from DK
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 20th 2020. Valid for: 3 months.
This is the only time dansksecuritysb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sparkasse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 16 | 162.0.224.164 162.0.224.164 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 1 | 172.67.72.223 172.67.72.223 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:20:... 2606:4700:20::681a:98b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.219.62.38 52.219.62.38 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:816::2003 | 15169 (GOOGLE) (GOOGLE) | |
30 | 7 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server1.barnethost.com
dansksecuritysb.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
mt11-html-images.s3.ap-south-1.amazonaws.com |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
dansksecuritysb.com
2 redirects
dansksecuritysb.com |
1 MB |
4 |
googleapis.com
translate.googleapis.com |
92 KB |
4 |
fontawesome.com
use.fontawesome.com |
88 KB |
3 |
gstatic.com
www.gstatic.com |
4 KB |
3 |
tidiochat.com
widget-v4.tidiochat.com |
235 KB |
1 |
amazonaws.com
mt11-html-images.s3.ap-south-1.amazonaws.com |
3 KB |
1 |
google.com
translate.google.com |
2 KB |
1 |
tidio.co
1 redirects
code.tidio.co |
653 B |
30 | 8 |
Domain | Requested by | |
---|---|---|
16 | dansksecuritysb.com |
2 redirects
dansksecuritysb.com
|
4 | translate.googleapis.com |
translate.google.com
translate.googleapis.com srcdoc |
4 | use.fontawesome.com |
dansksecuritysb.com
use.fontawesome.com |
3 | www.gstatic.com |
dansksecuritysb.com
translate.googleapis.com |
3 | widget-v4.tidiochat.com |
dansksecuritysb.com
code.tidio.co |
1 | mt11-html-images.s3.ap-south-1.amazonaws.com |
dansksecuritysb.com
|
1 | translate.google.com |
dansksecuritysb.com
|
1 | code.tidio.co | 1 redirects |
30 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
translate.google.com |
digital.dansksecuritysb.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dansksecuritysb.com cPanel, Inc. Certification Authority |
2020-11-20 - 2021-02-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-18 - 2021-07-18 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.s3.ap-south-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-01-28 - 2021-04-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://dansksecuritysb.com/I/home.php?page=hjeT4AZpORZpWVNN3Tb%2FDNvFRnys%2FrHZ3obA%2B9xyDTl8AALJ4CCHv3Qw0VS0NeZ3GWc7r5Np8A%2BXETDI4QcqLqep77ja52jCWnVHY9yS2C9Kr%2B7qDvpUkTXZ4IbkaqWNnXfPlhCFAnhLpHmj4xZtaQ%3D%3D
Frame ID: BEB7C6A49E15018EB1AED5A2483C7BA2
Requests: 27 HTTP requests in this frame
Frame:
https://widget-v4.tidiochat.com//1_44_2/static/js/widget.25f149d94e7f5d0c1136.js
Frame ID: 856465C451219EE6D56ED6EECC87E7A1
Requests: 2 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 34EDDA8BAEFD2FFDEFAC9E60D5A17348
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://dansksecuritysb.com/I/index.php
HTTP 301
https://dansksecuritysb.com/I/index.php HTTP 302
https://dansksecuritysb.com/I/home.php?page=hjeT4AZpORZpWVNN3Tb%2FDNvFRnys%2FrHZ3obA%2B9xyDTl8AALJ4CCHv3... Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- html /<div class="[^"]*parbase/i
PHP (Programming Languages) Expand
Detected patterns
- url /\.php(?:$|\?)/i
Java (Programming Languages) Expand
Detected patterns
- html /<div class="[^"]*parbase/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Translate
Search URL Search Domain Scan URL
Title: Financial status
Search URL Search Domain Scan URL
Title: Transactions
Search URL Search Domain Scan URL
Title: Recipient data
Search URL Search Domain Scan URL
Title: Collective order templates
Search URL Search Domain Scan URL
Title: Direct debit
Search URL Search Domain Scan URL
Title: Standing order
Search URL Search Domain Scan URL
Title: Upload files
Search URL Search Domain Scan URL
Title: Outstanding orders
Search URL Search Domain Scan URL
Title: Transfer
Search URL Search Domain Scan URL
Title: Express Euro payment
Search URL Search Domain Scan URL
Title: International payment - Send money abroad
Search URL Search Domain Scan URL
Title: Change PIN
Search URL Search Domain Scan URL
Title: Change Password
Search URL Search Domain Scan URL
Title: Login Details
Search URL Search Domain Scan URL
Title: IBAN & BIC
Search URL Search Domain Scan URL
Title: Your details
Search URL Search Domain Scan URL
Title: Using cards abroad
Search URL Search Domain Scan URL
Title: Multi-banking settings
Search URL Search Domain Scan URL
Title: Mailbox
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://dansksecuritysb.com/I/index.php
HTTP 301
https://dansksecuritysb.com/I/index.php HTTP 302
https://dansksecuritysb.com/I/home.php?page=hjeT4AZpORZpWVNN3Tb%2FDNvFRnys%2FrHZ3obA%2B9xyDTl8AALJ4CCHv3Qw0VS0NeZ3GWc7r5Np8A%2BXETDI4QcqLqep77ja52jCWnVHY9yS2C9Kr%2B7qDvpUkTXZ4IbkaqWNnXfPlhCFAnhLpHmj4xZtaQ%3D%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://code.tidio.co/wvyxkmnmmy8maotmumxty5rwsaemlus1.js HTTP 302
- https://widget-v4.tidiochat.com/1_44_2/static/js/render.25f149d94e7f5d0c1136.js
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
home.php
dansksecuritysb.com/I/ Redirect Chain
|
21 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
render.25f149d94e7f5d0c1136.js
widget-v4.tidiochat.com/1_44_2/static/js/ Redirect Chain
|
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
internetfiliale.min.aeec56afd4b7104d19300e893384e93f.css
dansksecuritysb.com/I/login/harry/ |
507 KB 507 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
internetfiliale.min.98630468a03ed305dde096af0888b296.js
dansksecuritysb.com/I/login/harry/ |
345 KB 345 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
45af7dd434.js
use.fontawesome.com/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop.png
dansksecuritysb.com/I/login/logos/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.png
dansksecuritysb.com/I/login/logos/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
druck.png
dansksecuritysb.com/I/login/logos/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element.js
translate.google.com/translate_a/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
android_app_btn.png
mt11-html-images.s3.ap-south-1.amazonaws.com/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img1.jpg
dansksecuritysb.com/I/images/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img2.jpg
dansksecuritysb.com/I/images/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img3.jpg
dansksecuritysb.com/I/images/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
45af7dd434.css
use.fontawesome.com/ |
1 KB 684 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pictos-if.woff
dansksecuritysb.com/I/login/harry/internetfiliale/fonts/ |
96 KB 96 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Sparkasse_web_Rg.woff
dansksecuritysb.com/I/login/harry/internetfiliale/fonts/ |
39 KB 39 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
translate.googleapis.com/translate_static/js/element/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Sparkasse_web_Bd.woff
dansksecuritysb.com/I/login/harry/internetfiliale/fonts/ |
39 KB 39 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SparkasseHead_web_Rg.woff
dansksecuritysb.com/I/login/harry/internetfiliale/fonts/ |
44 KB 44 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.25f149d94e7f5d0c1136.js
widget-v4.tidiochat.com//1_44_2/static/js/ Frame 8564 |
814 KB 222 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.jpg
dansksecuritysb.com/I/images/ |
122 KB 122 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
element_main.js
translate.googleapis.com/element/TE_20200506_00/e/js/element/ |
238 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ |
825 B 915 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ |
910 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
l
translate.googleapis.com/translate_a/ Frame 34ED |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tururu.mp3
widget-v4.tidiochat.com// Frame 8564 |
7 KB 7 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sparkasse (Banking)50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| SENTRY_RELEASE object| tidioChatApi object| IF6 function| getQueryParamValue string| IF6_lightbox_closeicon_text function| overlayShow function| overlayClose function| setSessionTimeout function| focusBankingFormularElement function| SLURI function| moveBContent function| refreshServerTimeout function| showCountdownLayer function| refreshClientTimeout function| tick function| updateHeaderLoginIfPresent function| countdownShow function| callBreakHtml function| editTeaserRef function| pagenav_statistics_send function| pagenav_statistics function| pagenav_scroll function| pagenav_scroll_window function| $ function| jQuery object| FontAwesomeCdnConfig string| cssUrl object| IF function| googleTranslateElementInit2 object| google function| GTranslateFireEvent function| doGTranslate boolean| bcarouselAttached number| clientTimeoutInMinuten number| serverTimeoutInMinuten number| showLayerInSekunden number| timeoutID number| clientTimeout number| serverTimeout object| closure_lm_4202760 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.tidio.co
dansksecuritysb.com
mt11-html-images.s3.ap-south-1.amazonaws.com
translate.google.com
translate.googleapis.com
use.fontawesome.com
widget-v4.tidiochat.com
www.gstatic.com
162.0.224.164
172.67.72.223
23.111.9.35
2606:4700:20::681a:98b
2a00:1450:4001:816::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81c::200e
52.219.62.38
07c4beebb1b29134027e0a45ea8b1de8c9e0477f5c74687187ef73e1f3d324ec
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1e59a5aa81989b9fc0b6b6ecd7ac2f86f73aa962729a1c7c2d7e5c328619580c
260508c63cf26dc77b1de1dda523fb50885c654a6ddfe1c5283fb2b9220cfef0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b57420bce3dcfb57e9c5a6572273fc94f5e2f4ceaa84ace19ed1d273612792d
31c0f149bf40574f11afc1e5a83b55047c2888010570adac73fa801b4a81a858
463d320f57b87d42cabd82c26af68728aa524f180aff12ceede763eecbbbd0ca
4cad2065d66cb34046e52623efbc56752f2899a29a3362e7072894ff611bb9a2
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6063324d5b0f8c322c98c7540bdaed0371b6a12cd10ec0a0618e8f7b3295f4ce
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
80cfc390f534ca8d75ac161e82639486b1ee24b30c402af8bcc89d113ff343eb
88badc0afa60d79304198a1f2b26742b05f54101d19b88bc6d6df9f995956802
89df9172235ef1131c4678f4bf86aab70b42e540affd6e26051bc4f533d4f4e4
a9ad5dac2a400c1fb324e09df57325568e98772618ff818ca5344b171c834aa2
b1253baca7c49eed84e4237a2e2c6416272fd666654ad8720413c825c38fba2f
b90265de7130a52ea3ff9eb053a0f4247bfae61ea8f7ed222074f1a0388e449e
bcdbe394c66466641f45015dcadeea937e7ca53f43e92c20317257a99c9d7298
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dc74b6a88268eba8852a6222e66665cb0032a932c4be01b5fcb9d3f0e0cab604
e124d2ee4937293c9e133300243be148ca87cfda5062830ec77cd26ea102bafd
e3a096177fdb67dc609921050caec415a389d683674be529f2ba91f6e5514638
e4897bb8731b280f3244555a784fbc241c00bfcba73f76347c5f07ca9b851738
fdd26d0ff960cda5d9c170f1b0e4e9dd06c5813690b59c0e03ea7d7a9ac3d695