register.day-skies.me
Open in
urlscan Pro
2606:4700:10::6816:2dc1
Public Scan
Submitted URL: https://bit.ly/3rLU6EO
Effective URL: https://register.day-skies.me/qsksd/en/?aid=LWx3Ze27D2f1redMd&var4=agn_343&hobj=eyJoc2lkIjogImQwMWNiMTc5MjE0YmI1OGM1YzI3ODM1Zm...
Submission: On January 21 via manual from US
Effective URL: https://register.day-skies.me/qsksd/en/?aid=LWx3Ze27D2f1redMd&var4=agn_343&hobj=eyJoc2lkIjogImQwMWNiMTc5MjE0YmI1OGM1YzI3ODM1Zm...
Submission: On January 21 via manual from US
Summary
This website contacted 9 IPs
in 3 countries
across 12 domains to perform 19 HTTP transactions.
The main IP is 2606:4700:10::6816:2dc1, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is register.day-skies.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.
This is the only time register.day-skies.me was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.
This is the only time register.day-skies.me was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
35.157.74.22
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com
| router.solarsofas.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
day-skies.me
register.day-skies.me api.day-skies.me |
556 KB |
| 5 |
gstatic.com
fonts.gstatic.com |
71 KB |
| 2 |
mdsyzz.com
api.mdsyzz.com |
3 KB |
| 1 |
onesignal.com
cdn.onesignal.com |
3 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
891 B |
| 1 |
day-skies.net
1 redirects
router.day-skies.net |
1 KB |
| 1 |
solarsofas.com
1 redirects
router.solarsofas.com |
482 B |
| 1 |
pardedatl.com
1 redirects
pardedatl.com |
1 KB |
| 1 |
0265331.com
0.0265331.com |
787 B |
| 1 |
findlnk.com
1 redirects
findlnk.com |
887 B |
| 1 |
affforce.com
1 redirects
www.affforce.com |
862 B |
| 1 |
bit.ly
1 redirects
bit.ly |
294 B |
| 19 | 12 |
| Domain | Requested by | |
|---|---|---|
| 8 | register.day-skies.me |
0.0265331.com
register.day-skies.me |
| 5 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | api.mdsyzz.com |
register.day-skies.me
|
| 1 | api.day-skies.me |
register.day-skies.me
|
| 1 | cdn.onesignal.com |
register.day-skies.me
|
| 1 | fonts.googleapis.com |
register.day-skies.me
|
| 1 | router.day-skies.net | 1 redirects |
| 1 | router.solarsofas.com | 1 redirects |
| 1 | pardedatl.com | 1 redirects |
| 1 | 0.0265331.com | |
| 1 | findlnk.com | 1 redirects |
| 1 | www.affforce.com | 1 redirects |
| 1 | bit.ly | 1 redirects |
| 19 | 13 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| day-skies.me |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-09-27 - 2021-09-27 |
a year | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://register.day-skies.me/qsksd/en/?aid=LWx3Ze27D2f1redMd&var4=agn_343&hobj=eyJoc2lkIjogImQwMWNiMTc5MjE0YmI1OGM1YzI3ODM1ZmY1Nzk0ODgzMDE0ZWMxOTkwYTYyZTZhNTE2ZTZkNzU3NjMwYzA4ZjYiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGF5LXNraWVzLm1lIiwgInN1Yl9pZCI6ICIzODMzODU2XzFlZGM5OGY3IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Frame ID: 2FB69C5C7049386938E58EDFCCDB8196
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/3rLU6EO
HTTP 301
https://www.affforce.com/scripts/un981c6l?a_aid=1edc98f7&a_bid=87736db3&chan=Pathor HTTP 301
https://findlnk.com/g?visitorid=9aa8bf5c3f11e20f0253b94b44cd6T9A&refid=1edc98f7&bannerid=87736db... HTTP 302
https://0.0265331.com/click?pid=6&offer_id=418&ref_id=9aa8bf5c3f11e20f0253b94b44cd6T9A_1edc98f7_87... Page URL
-
https://pardedatl.com/link?z=3833856&var=1edc98f7&ymid=6009d9700a5df40001f9df41
HTTP 302
https://router.solarsofas.com/click/k5/LWx3Ze27D2f1redMd?sub_id=3833856_1edc98f7&click_id=376206716729037790 HTTP 303
https://router.day-skies.net/?lp=qsksd&skin=1&sidng=ZZ4zPVVqeRve2kQaZA9OaJz8c2&aid=LWx3Ze27D2f1redMd&var3... HTTP 302
https://register.day-skies.me/qsksd/en/?aid=LWx3Ze27D2f1redMd&var4=agn_343&hobj=eyJoc2lkIjogImQwMWNiMTc5Mj... Page URL
Detected technologies
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://day-skies.me/terms?lang=en
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://day-skies.me/privacy-policy?lang=en
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://day-skies.me/support?lang=en
Title: Support
Title: Support
Search URL Search Domain Scan URL
URL: https://day-skies.me/cookies-policy?lang=en
Title: click here.
Title: click here.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3rLU6EO
HTTP 301
https://www.affforce.com/scripts/un981c6l?a_aid=1edc98f7&a_bid=87736db3&chan=Pathor HTTP 301
https://findlnk.com/g?visitorid=9aa8bf5c3f11e20f0253b94b44cd6T9A&refid=1edc98f7&bannerid=87736db3&extra_data1=&extra_data2= HTTP 302
https://0.0265331.com/click?pid=6&offer_id=418&ref_id=9aa8bf5c3f11e20f0253b94b44cd6T9A_1edc98f7_87736db3&sub1=1edc98f7&sub8= Page URL
-
https://pardedatl.com/link?z=3833856&var=1edc98f7&ymid=6009d9700a5df40001f9df41
HTTP 302
https://router.solarsofas.com/click/k5/LWx3Ze27D2f1redMd?sub_id=3833856_1edc98f7&click_id=376206716729037790 HTTP 303
https://router.day-skies.net/?lp=qsksd&skin=1&sidng=ZZ4zPVVqeRve2kQaZA9OaJz8c2&aid=LWx3Ze27D2f1redMd&var3=3833856_1edc98f7&PCTX=376206716729037790&var4=agn_343&sub_id=3833856_1edc98f7&click_id=376206716729037790 HTTP 302
https://register.day-skies.me/qsksd/en/?aid=LWx3Ze27D2f1redMd&var4=agn_343&hobj=eyJoc2lkIjogImQwMWNiMTc5MjE0YmI1OGM1YzI3ODM1ZmY1Nzk0ODgzMDE0ZWMxOTkwYTYyZTZhNTE2ZTZkNzU3NjMwYzA4ZjYiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGF5LXNraWVzLm1lIiwgInN1Yl9pZCI6ICIzODMzODU2XzFlZGM5OGY3IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ== Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/3rLU6EO HTTP 301
- https://www.affforce.com/scripts/un981c6l?a_aid=1edc98f7&a_bid=87736db3&chan=Pathor HTTP 301
- https://findlnk.com/g?visitorid=9aa8bf5c3f11e20f0253b94b44cd6T9A&refid=1edc98f7&bannerid=87736db3&extra_data1=&extra_data2= HTTP 302
- https://0.0265331.com/click?pid=6&offer_id=418&ref_id=9aa8bf5c3f11e20f0253b94b44cd6T9A_1edc98f7_87736db3&sub1=1edc98f7&sub8=
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
click
0.0265331.com/ Redirect Chain
|
220 B 787 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
register.day-skies.me/qsksd/en/ Redirect Chain
|
52 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
10 KB 891 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.799e427e39db087611b8.css
register.day-skies.me/qsksd/assets/ |
144 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
email-decode.min.js
register.day-skies.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 873 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime.799e427e39db087611b8.js
register.day-skies.me/qsksd/assets/ |
1 KB 836 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.799e427e39db087611b8.js
register.day-skies.me/qsksd/assets/ |
620 KB 219 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.799e427e39db087611b8.js
register.day-skies.me/qsksd/assets/ |
96 B 192 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
connection-shadow-cd8d82fa21e609c5a94fa4fbd5d8fa96.png
register.day-skies.me/qsksd/assets/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2
fonts.gstatic.com/s/oswald/v35/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
auto-push.min.js
api.mdsyzz.com/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dKCfQq.js
register.day-skies.me/s/891798/ |
364 KB 185 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info
api.day-skies.me/ |
864 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
704 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
91fa9009-6f48-40d2-8771-bfeb17edd96e
api.mdsyzz.com/rest/v1/p-apps/get-id/ |
129 B 790 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| languageOptions object| config object| errorCodes object| webpackJsonp function| jQuery function| $ object| Landify function| _ boolean| __MOCKS__ object| OneSignal object| _at function| InitializePush function| myDomain function| getLocation function| CheckImageAndReplace function| httpGetAsync function| getUrlVars function| getUrlParam object| dftp function| N033 function| u0oo function| h0qq function| D0FF function| x5EE2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| register.day-skies.me/ | Name: session_id Value: 6230573181af4b909b803a0e4d8fb905 |
|
| .day-skies.me/ | Name: __cfduid Value: d910ab9b567492ef1d77dcbf93de83eec1611258225 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.0265331.com
api.day-skies.me
api.mdsyzz.com
bit.ly
cdn.onesignal.com
findlnk.com
fonts.googleapis.com
fonts.gstatic.com
pardedatl.com
register.day-skies.me
router.day-skies.net
router.solarsofas.com
www.affforce.com
206.54.165.132
2606:4700:10::6816:2cc1
2606:4700:10::6816:2dc1
2606:4700:3031::ac43:d424
2606:4700:3032::6815:4068
2606:4700:3033::ac43:8723
2606:4700:3036::ac43:a73e
2606:4700:3037::ac43:c36c
2606:4700::6812:e234
2a00:1450:4001:809::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:820::2003
35.157.74.22
67.199.248.10
032814cf4be1a49b079a1c3c0aceda71a8aecb63c4a4a65d01e0a632b4b2a476
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260a2db2fff7dd292f1bded37a1c9ba769d73785e0eb85933239c5c43ca02050
2cd0d78851b71ad945050f6b015117d026c235434369e8be9e165bca3c817f9a
2f25a02e8f59210e41063e0be3d2d24616c05f70b106b2c1151524433d107af0
3cf83a84593728f4ca402a12f80b41f9770fa3e56eeb4933472c07118194cfd3
40ab705b3347cd8471bb3412dc2a897f520c53b0ed6c5cebaf4759d41574ba23
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5337902dd9d2f3d04c799e8dd157b0d2b97e72b0ff2be4757c1610c765f77924
65d507e797b63c5fea32a42c2accbf35516ceee3f887f42e116d629848939481
693d9290654ead2c8070f6bb22f1c1bd87df22ec1154e3b9b4e7e6679577cd60
7812b663b4392f0aec08359708348017b96c73941e2139c7c3ad78f9ab25e6aa
7b3efb0f42001f6fa9e1ab9b257fd64a2222483f33b91775ba364dc6452ed667
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
85fa9e5326734323c23f53bde7fc015ccf182202f01e9563d49a198e4b91bd2f
91f4f1aa2437cf886a484ac410eab84dfe059d24ec6249c52f50509e756b730c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a84788d7a071639f0b8008d64d040bfe4d2a3b576a31e58d052d6dfcaa16f93f
b3b07b86a2c00881b39bfd05c8906626c452b3683ef362116b93f0bf1f273261
bb34f5749fafdb3d0a2693cf95f295232b028d27ffaafc6332cfd766acc7a905
bb80f00ec956008846e43bd1fe142941f4323db5253c47449644061ea2c9596a