www.studentpower.com
Open in
urlscan Pro
130.211.67.69
Malicious Activity!
Public Scan
Effective URL: https://www.studentpower.com/
Submission: On June 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.
This is the only time www.studentpower.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 130.211.67.69 130.211.67.69 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 13.225.78.10 13.225.78.10 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
4 | 2a04:4e42:400... 2a04:4e42:400::720 | 54113 (FASTLY) (FASTLY) | |
3 | 2a02:ec80:300... 2a02:ec80:300:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
1 | 80.73.133.20 80.73.133.20 | 30830 (HSCG-AS) (HSCG-AS) | |
1 | 2606:4700:440... 2606:4700:4400::6812:2998 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:235... 2600:9000:235a:6800:2:49a2:4500:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:600... 2a04:4e42:600::729 | 54113 (FASTLY) (FASTLY) | |
32 | 13 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.67.211.130.bc.googleusercontent.com
www.studentpower.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-10.fra2.r.cloudfront.net
cookiehub.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
assets3.lottiefiles.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
studentpower.com
www.studentpower.com |
7 MB |
4 |
imgix.net
student-power-production.imgix.net |
615 KB |
3 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3915 |
19 KB |
2 |
lottiefiles.com
assets3.lottiefiles.com — Cisco Umbrella Rank: 282443 |
1 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
89 KB |
2 |
cookiehub.net
cookiehub.net — Cisco Umbrella Rank: 41837 |
24 KB |
1 |
mux.com
stream.mux.com — Cisco Umbrella Rank: 28832 Failed |
668 B |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
1 |
grandvision.io
cdn.grandvision.io |
8 KB |
1 |
crossover.nl
crossover.nl |
42 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
96 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
829 B |
32 | 12 |
Domain | Requested by | |
---|---|---|
12 | www.studentpower.com |
www.studentpower.com
|
4 | student-power-production.imgix.net |
www.studentpower.com
|
3 | upload.wikimedia.org |
www.studentpower.com
|
2 | assets3.lottiefiles.com |
cdn.jsdelivr.net
|
2 | cdn.jsdelivr.net |
www.studentpower.com
|
2 | cookiehub.net |
www.studentpower.com
cookiehub.net |
1 | stream.mux.com |
www.studentpower.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.grandvision.io |
www.studentpower.com
|
1 | crossover.nl |
www.studentpower.com
|
1 | www.googletagmanager.com |
www.studentpower.com
|
1 | fonts.googleapis.com |
www.studentpower.com
|
32 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cookiehub.com |
studentpower.medium.com |
www.facebook.com |
instagram.com |
www.linkedin.com |
www.tiktok.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.studentpower.com R3 |
2024-05-24 - 2024-08-22 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
cookiehub.net Amazon RSA 2048 M03 |
2024-02-01 - 2025-02-28 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-12-07 - 2025-01-07 |
a year | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-10-18 - 2024-10-16 |
a year | crt.sh |
crossover.nl R3 |
2024-05-10 - 2024-08-08 |
3 months | crt.sh |
grandvision.io WE1 |
2024-06-14 - 2024-09-12 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.lottiefiles.com Amazon RSA 2048 M01 |
2023-08-25 - 2024-09-22 |
a year | crt.sh |
*.mux.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-02-18 - 2025-03-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.studentpower.com/
Frame ID: 7F15A5148E1FF113CF1FB8F4343C79B1
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Student PowerPage URL History Show full URLs
-
http://www.studentpower.com/
HTTP 307
https://www.studentpower.com/ Page URL
Detected technologies
Alpine.js (JavaScript frameworks) ExpandDetected patterns
- <[^>]+[^\w-]x-data[^\w-][^<]+
- /alpine(?:\.min)?\.js
CookieHub (Cookie compliance) Expand
Detected patterns
- cookiehub\.net/.*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Title: Cookie consent by CookieHub
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: TikTok
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.studentpower.com/
HTTP 307
https://www.studentpower.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.studentpower.com/ Redirect Chain
|
33 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
848 B 829 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
www.studentpower.com/css/ |
4 MB 4 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
106e5566.js
cookiehub.net/c2/ |
75 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
280 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-631afe79e89c052980c71f4f36d76927.js
www.studentpower.com/assets/ |
3 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alpine.min.js
cdn.jsdelivr.net/npm/alpinejs@2.8.2/dist/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie-player.min.js
cdn.jsdelivr.net/npm/@lottiefiles/lottie-player@1.3.1/dist/ |
342 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
student_power.svg
www.studentpower.com/images/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
student_power_inverted.svg
www.studentpower.com/images/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cover-foto.jpg
student-power-production.imgix.net/legacy/ |
276 KB 277 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gradient.png
www.studentpower.com/images/ |
159 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2021-11-06_-_Studentpower_119.jpg
student-power-production.imgix.net/legacy/ |
118 KB 119 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Westwing_Logo_03.2021.svg
upload.wikimedia.org/wikipedia/commons/9/9d/ |
18 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dhl-logo.svg
upload.wikimedia.org/wikipedia/commons/3/31/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Unilever.svg
upload.wikimedia.org/wikipedia/en/e/e4/ |
27 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-1408x352.png
crossover.nl/media/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
cdn.grandvision.io/binaries/_ht_1559724827745/content/gallery/nl-pearle/logos/ |
26 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2021-11-06_-_Studentpower_115.jpg
student-power-production.imgix.net/legacy/ |
106 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2021-11-06_-_Studentpower_15.jpg
student-power-production.imgix.net/legacy/ |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eva.jpg
www.studentpower.com/images/stock/ |
104 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bonnie.jpg
www.studentpower.com/images/stock/ |
227 KB 228 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag_english.png
www.studentpower.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag_spain.png
www.studentpower.com/images/ |
363 B 523 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag_netherlands.png
www.studentpower.com/images/ |
343 B 502 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwARZtRSW32.woff2
fonts.gstatic.com/s/dmsans/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
7JrCKPNSdiAnFaULgtnVLrGuCLdrY7xBk9zMtKablQk.m3u8
stream.mux.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lf20_49jvjmi0.json
assets3.lottiefiles.com/packages/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lf20_49jvjmi0.json
assets3.lottiefiles.com/packages/ |
3 KB 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.4.13.css
cookiehub.net/c2/css/ |
45 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
www.studentpower.com/images/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7JrCKPNSdiAnFaULgtnVLrGuCLdrY7xBk9zMtKablQk.m3u8
stream.mux.com/ |
65 B 668 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- stream.mux.com
- URL
- https://stream.mux.com/7JrCKPNSdiAnFaULgtnVLrGuCLdrY7xBk9zMtKablQk.m3u8
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| acbMutationHandler function| acbFfHandler object| cookiehub object| liveSocket object| Alpine object| lottie-player object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| dataLayer1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.studentpower.com/ | Name: _studentpower_key Value: SFMyNTY.g3QAAAACbQAAAAtfY3NyZl90b2tlbm0AAAAYdGNLRWVRNWZWQnhsTjFmN2ZpdDNzTHdmbQAAAAZsb2NhbGVtAAAAAmVu.PLRUNtNHjbZl_769yYahEhox_JI1ogFE_QNEkVsTUT8 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets3.lottiefiles.com
cdn.grandvision.io
cdn.jsdelivr.net
cookiehub.net
crossover.nl
fonts.googleapis.com
fonts.gstatic.com
stream.mux.com
student-power-production.imgix.net
upload.wikimedia.org
www.googletagmanager.com
www.studentpower.com
stream.mux.com
13.225.78.10
130.211.67.69
2600:9000:235a:6800:2:49a2:4500:93a1
2606:4700:4400::6812:2998
2a00:1450:4001:806::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a02:ec80:300:ed1a::2:b
2a04:4e42:200::485
2a04:4e42:400::720
2a04:4e42:600::729
80.73.133.20
248acc4d37c06da4e31070001e3cf8fb014a368f4b10995b99c473637809baed
27dd293c75ab6e9fc2fb186c90e07eaee69307035e07bf2e3499b3585c3157fd
28c2821a7caacbcbe02ed67b796c0e091e6133f87e8bf6d20305de155325e25a
32305ed0b544e5261b7a7ac315ac0792f376bec7d844ab752435fa3b359d0a50
491b3af9038d0dab87a591d21f5de77d7af709b1d7c503ceb4485425a6a1b78a
4aed12a2f31469fc45be1d872ba146017879cdf67a6c6315b29af52dc54393f4
4dbac646fc8602ef53ba94995fff49a3f269a4c544e0240cbda111548a871417
52b34c81a087fe1de2aa984d16f3a7e70f502eb5a6c69c51d88ec0741b0aa0c4
68777180788c30f3b0101e310fe634d33fb42461c05f35b4784ed38c5f67d505
718034d2c74c243e7a850ae457d1303675ef21cd154082c3f903947dd652ad12
7ce0c9c58136f675a787cd51cc38c2f0f3299ac62fae6923c4c239d427b08c53
7d92a28fd30af8184d1300e9575fb7b6654643fe80eb0ae71a84561b4c77b8e4
81c48bbed465f0b49809a43aaf5bf867809946a10939ab943a20af5913d4289f
945be49b55fbf7e9eff0f0054b4ca02190dace8b5610a61959e865a6f99c88cb
9a91c59b41880ca836e0bd81c8d7af9e9e040df3a6a438a67387a24804c7feae
aeed178a287002e32c4a7767dc24b3c732a812cdd42017835055e42db4d2eae1
b65a8eb2522172ea47e76c946733e659381d0727294e04eaf34e19a7f535b965
c70045bf8f5a54d45b2baf9a00846b6a2f72b3ea4b1a6aa4704866789b137ae5
cda49a4ec234ae504df3996055cb232b28f7b2dc7830c2422efb41f29b47ff2e
d49defa61d0a3748ade8089c23987205e646c2968584c557aae877ce39dc653f
db1facf4e485023c645c3cc9e2c8bc384589f16e8da8038796bd4575286e4e7e
dde8964cab8158252754675169b7d2106709a1c324c5b5c1c5de36f42e59f640
de46632367871c8c77e0dd914ba0d20415180a24aabd4d83fcac3b1188cbdef7
ec4ae2056d70cc1665bea086eefd0853292274f2f7516e32b54e9441907b9c9d
ec52a0d2bca7d1e0e9fec35f4d19624cf54c5325a8a8bfe527057eea6196e0f6
ed7eb154aa7a3e9b9df02868e5e4b41370acb54a23ef9ff419bbd1b4591f0a55
ee17c4cfce0650ffc42eeb931e5c9215c3b53069d63979be6c05b6ca639c1a73
f1b6c1c5ccc9307432520464e0dc79c851777e931c65408ff32c75ec7852a93d
fa313343a758a5e51a1daa5f2e918e6af5b4d458ca7324d758d061fa9e97443e
fb8aef6b0e5193f40bb6495b044c1eb51f08234dddb9eea3e65acb788dff4387