bdowhd82kpw.tulisku.my.id
Open in
urlscan Pro
2606:4700:3036::6815:5ad
Malicious Activity!
Public Scan
Submission: On April 07 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on February 21st 2024. Valid for: 3 months.
This is the only time bdowhd82kpw.tulisku.my.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
ASN13335 (CLOUDFLARENET, US)
site-assets.fontawesome.com |
ASN32934 (FACEBOOK, US)
z-p3-static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 11706 |
1 MB |
4 |
fontawesome.com
site-assets.fontawesome.com — Cisco Umbrella Rank: 61079 |
1 MB |
3 |
icons8.com
img.icons8.com — Cisco Umbrella Rank: 33435 |
2 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
23 KB |
1 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
fbcdn.net
z-p3-static.xx.fbcdn.net — Cisco Umbrella Rank: 88424 |
2 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332 |
29 KB |
1 |
filebagasarya.com
filebagasarya.com |
12 MB |
1 |
cloudbootstrapcdn.com
cloudbootstrapcdn.com |
633 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 759 |
83 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2959 |
7 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 750 |
11 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38 |
1 KB |
1 |
tulisku.my.id
bdowhd82kpw.tulisku.my.id |
7 KB |
0 |
statically.io
Failed
cdn.statically.io Failed |
|
36 | 15 |
Domain | Requested by | |
---|---|---|
15 | i.ibb.co |
bdowhd82kpw.tulisku.my.id
|
4 | site-assets.fontawesome.com |
bdowhd82kpw.tulisku.my.id
site-assets.fontawesome.com |
3 | img.icons8.com |
bdowhd82kpw.tulisku.my.id
|
3 | cdnjs.cloudflare.com |
bdowhd82kpw.tulisku.my.id
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | z-p3-static.xx.fbcdn.net |
bdowhd82kpw.tulisku.my.id
|
1 | cdn.jsdelivr.net |
bdowhd82kpw.tulisku.my.id
|
1 | filebagasarya.com |
bdowhd82kpw.tulisku.my.id
|
1 | cloudbootstrapcdn.com |
bdowhd82kpw.tulisku.my.id
|
1 | code.jquery.com |
bdowhd82kpw.tulisku.my.id
|
1 | stackpath.bootstrapcdn.com |
bdowhd82kpw.tulisku.my.id
|
1 | unpkg.com |
bdowhd82kpw.tulisku.my.id
|
1 | fonts.googleapis.com |
bdowhd82kpw.tulisku.my.id
|
1 | bdowhd82kpw.tulisku.my.id | |
0 | cdn.statically.io Failed |
bdowhd82kpw.tulisku.my.id
|
36 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tulisku.my.id GTS CA 1P5 |
2024-02-21 - 2024-05-21 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
unpkg.com GTS CA 1P5 |
2024-04-01 - 2024-06-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
cloudbootstrapcdn.com E1 |
2024-02-22 - 2024-05-22 |
3 months | crt.sh |
ibb.co R3 |
2024-02-07 - 2024-05-07 |
3 months | crt.sh |
1004834818.rsc.cdn77.org R3 |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
filebagasarya.com GTS CA 1P5 |
2024-02-26 - 2024-05-26 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-15 - 2024-04-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bdowhd82kpw.tulisku.my.id/
Frame ID: 83365087920ED209CB710C6039435A3B
Requests: 36 HTTP requests in this frame
Screenshot
Page Title
UndanganDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bdowhd82kpw.tulisku.my.id/ |
30 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
site-assets.fontawesome.com/releases/v6.1.1/css/ |
486 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
21 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boxicons.min.css
unpkg.com/boxicons@2.0.9/css/ |
62 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ |
69 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.js
code.jquery.com/ |
282 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slide-spin.js
cloudbootstrapcdn.com/9.1.2/ |
228 B 633 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofilwa.jpg
i.ibb.co/GTsfFFZ/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
audio-wave.png
img.icons8.com/fluency-systems-filled/48/undefined/ |
334 B 860 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
audio-wave--v1.png
img.icons8.com/material/48/undefined/ |
207 B 728 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bahan1.gif
filebagasarya.com/img/bahanweb/Wa/ |
12 MB 12 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bahanutama1.jpg
i.ibb.co/fCHTz5P/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofil1.jpg
i.ibb.co/r3tjFQg/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofil2.jpg
i.ibb.co/NCsG4Kx/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofil3.jpg
i.ibb.co/cDhH2H2/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofil4.jpg
i.ibb.co/QFvTZMh/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofil5.jpg
i.ibb.co/znjRnBR/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofil6.jpg
i.ibb.co/Qbnbrvh/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofil7.jpg
i.ibb.co/XyKzzCL/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotocewekwa8.jpg
i.ibb.co/GWQcyxc/ |
150 KB 151 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot-480.png
i.ibb.co/RTp7tMt/ |
165 KB 166 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot-481.png
i.ibb.co/pdydfWp/ |
578 KB 579 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot-482.png
i.ibb.co/gT6K7YD/ |
128 KB 128 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook_white.png
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lOol7j-zq4u.svg
z-p3-static.xx.fbcdn.net/rsrc.php/yz/r/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
audio-wave.png
img.icons8.com/fluency-systems-filled/48/undefined/ |
334 B 858 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofilwa.jpg
i.ibb.co/GTsfFFZ/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wbga.png
cdn.statically.io/gh/AlexHostX/another/main/walxa/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-light-300.woff2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/ |
415 KB 415 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/ |
321 KB 322 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/ |
380 KB 381 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fotofrofilwa.jpg
i.ibb.co/GTsfFFZ/ |
19 KB 20 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.statically.io
- URL
- https://cdn.statically.io/gh/AlexHostX/another/main/walxa/wbga.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| setSlider function| salxhw function| login0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bdowhd82kpw.tulisku.my.id
cdn.jsdelivr.net
cdn.statically.io
cdnjs.cloudflare.com
cloudbootstrapcdn.com
code.jquery.com
filebagasarya.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
img.icons8.com
site-assets.fontawesome.com
stackpath.bootstrapcdn.com
unpkg.com
z-p3-static.xx.fbcdn.net
cdn.statically.io
104.17.24.14
104.18.11.207
169.197.85.95
172.67.132.220
172.67.195.69
2606:4700:3036::6815:5ad
2606:4700:4400::ac40:93bc
2606:4700::6811:f9cb
2607:f8b0:4006:80b::200a
2607:f8b0:4006:816::2003
2a02:6ea0:c400::12
2a03:2880:f212:1ca:face:b00c:0:1cc9
2a04:4e42:600::485
2a04:4e42:600::649
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
16b6cd19f7d749d71547c232906e000c3bca337bf148a237fde81726371eb129
1de49d552ee0c2e9e2238b5af8a885eca8802fd7115580aa91b55f3d5e66a011
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
264ad558865772e5e895a30306b32e51a92a9ccf755c5c9ed047d3bf67d71ff7
2bf74abb3d0e160a0c475aa2f69b319f2f50206c87980059bd82f3b5994a3b97
32431ec09878b36e29a49d979a58c8288e0a12e0c33b435dbc17e350bfb55295
32b4a54bfb0c8ea7c8fe79483915079fd817bb3d1205d294b1bbb1f298fd5335
3e72889a1ca2eb1b419b306967ff9ed98b5cdafc4ba00b5cabce658631351e31
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7
515954fe1dc163277d36b51f79fe56265f6b6cf79f99e307bbf6e52b477b9c87
52b62519ceec4397f8ddf1990a938c7950724c37d66c2faf8198efae2e29b64e
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
58774c7dcb0cc80970b7e5fafc55650151fc7728243671a2252325bbd1715639
65a3c30f79af1aa7fbf5744f60d717167636e445e1eb16418671c420150c216f
725ab9561fef3a3b13b12bad8c5e3f5cf637b200cc2bfbadbeea1584c9b37e0d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f7b7112145ba0eeaa8586b9d48cf3c1f1a1a7c047b2dd4acbfd5dab9e7bd224
8175390199dda0890eeaee148424894664ab04bd98afc4a5b7f6cb807f017101
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
b236143c01c41a875e202185502d713c02d24030ff9c85faff1126e583bf5d6c
bde313568e43d8c962907f8368bab3d9da73574ca03a5f0d66f4336ddfe1ddf6
cbc337f69abb9666e63c5500d3c2f1b41f3220b4d6da04b7925d5dc133360cb9
d0382ec747b787d3ab1d161754f07238ab26ab1f822ab39e30d2e3c4a15fff06
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
fc0f03d69764509844c499e44a78980b03073d9d08d7c19a0eac3aa92eb2627c