auth-payment-dnb.com
Open in
urlscan Pro
91.215.85.14
Malicious Activity!
Public Scan
Effective URL: https://auth-payment-dnb.com/pages
Submission: On August 21 via api from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 15th 2023. Valid for: 3 months.
This is the only time auth-payment-dnb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DNB (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 25 | 91.215.85.14 91.215.85.14 | 200593 (PROSPERO-AS) (PROSPERO-AS) | |
3 | 23.192.162.128 23.192.162.128 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
8 | 2a02:26f0:480... 2a02:26f0:480:d::210:f153 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
35 | 4 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-192-162-128.deploy.static.akamaitechnologies.com
www.dnb.no |
ASN20940 (AKAMAI-ASN1, NL)
media.web.dnb.no |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
auth-payment-dnb.com
1 redirects
auth-payment-dnb.com |
2 MB |
11 |
dnb.no
www.dnb.no — Cisco Umbrella Rank: 497182 media.web.dnb.no |
241 KB |
35 | 2 |
Domain | Requested by | |
---|---|---|
25 | auth-payment-dnb.com |
1 redirects
auth-payment-dnb.com
|
8 | media.web.dnb.no |
auth-payment-dnb.com
|
3 | www.dnb.no |
auth-payment-dnb.com
|
35 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dnb.no |
www.facebook.com |
www.youtube.com |
www.finansportalen.no |
Subject Issuer | Validity | Valid | |
---|---|---|---|
auth-payment-dnb.com R3 |
2023-08-15 - 2023-11-13 |
3 months | crt.sh |
www.dnb.no Buypass Class 3 CA 2 |
2023-02-15 - 2024-02-15 |
a year | crt.sh |
secure6s.scene7.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-31 - 2024-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth-payment-dnb.com/pages
Frame ID: AB9AF45A246DD99A84AAA92A35A75595
Requests: 43 HTTP requests in this frame
Screenshot
Page Title
DNB - Bank fra A til ÅDNB LogoFacebookYouTubeDNB LogoPage URL History Show full URLs
-
https://auth-payment-dnb.com/
HTTP 302
https://auth-payment-dnb.com/pages Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+data-react
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Til hovedside for Bedrift
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Vilkår for bruk
Search URL Search Domain Scan URL
Title: Personvern
Search URL Search Domain Scan URL
Title: Prisliste
Search URL Search Domain Scan URL
Title: Sammenlign våre priser med andre selskaper på Finansportalen.no
Search URL Search Domain Scan URL
Title: DNB Logo
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://auth-payment-dnb.com/
HTTP 302
https://auth-payment-dnb.com/pages Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pages
auth-payment-dnb.com/ Redirect Chain
|
690 KB 97 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DNBMono-Regular-322db7bbbe1d833cb61311e4f598b3fb.woff2
auth-payment-dnb.com/front_end/front_end_files/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DNB-Medium-8e57bfcd9fcbc6f0e1160901cf7f1e98.woff2
auth-payment-dnb.com/front_end/front_end_files/ |
35 KB 35 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DNB-Regular-54d35ae78c18491c35feab30a836875a.woff2
auth-payment-dnb.com/front_end/front_end_files/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
launch-8488bfbf9669.min.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
472 KB 472 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webpack-runtime-05de2e2b2278feb5b5ec.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
11 KB 11 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
framework-6e71a3b4ce8819bcc95f.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
146 KB 146 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8c94476aecfffef8bb188161ebc5955ec9aac41a-9aee942ebbe4c14c1461.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
16 KB 16 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-a6bb29d2b3c0b82def15.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
436 KB 436 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4dac51ed-c8f08d4fc9de0aed8be2.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
5 KB 5 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
00807f14-9a67d062f80f5b52a523.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
3 KB 3 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
37dc44cf-1933343ea4831467f752.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
4 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
commons-ca36e7482dfd2250dddd.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
366 KB 367 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0fc3c4a8f185e162f83bd622b3a7b1f7a9af6b1e-aa9cd65ffe6d025c2315.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
48 KB 48 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6c807ca94f492cc305c804dfd6b1b21072506fd7-77e57abbac9367c79317.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
4 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1b5fb0fb09aab7235821e5ad4cd986d2f0614c02-5da940779cc056094b60.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
9 KB 9 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7818b5d681c7130e158100257c9f6821f6f47f18-02142e55054d02e37132.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
13 KB 13 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
component---src-templates-home-page-template-index-js-780d5d932bb8cc45e456.js.download
auth-payment-dnb.com/front_end/front_end_files/ |
8 KB 8 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-data.json
www.dnb.no/web/page-data/index/ |
43 KB 13 KB |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2675871136.json
www.dnb.no/web/page-data/sq/d/ |
356 B 3 KB |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-data.json
www.dnb.no/web/page-data/ |
50 B 2 KB |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.js
auth-payment-dnb.com/js/cntdjs/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.js
auth-payment-dnb.com/js/cntdjs/ |
23 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cntd.js
auth-payment-dnb.com/js/cntdjs/ |
3 KB 911 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.js
auth-payment-dnb.com/js/shared/ |
2 KB 662 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
online_status.js
auth-payment-dnb.com/js/shared/ |
998 B 405 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
420 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
414 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
439 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
472 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
433 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
567 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
588 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
557 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DNB-Bold-b402be656a707d3bbdcfe490893c5b5a.woff2
auth-payment-dnb.com/front_end/front_end_files/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3293608:Square-1
media.web.dnb.no/is/image/dnbbank/ |
101 KB 101 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4821373:Square-1
media.web.dnb.no/is/image/dnbbank/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4739733:Square-1
media.web.dnb.no/is/image/dnbbank/ |
10 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2242186:Square-1
media.web.dnb.no/is/image/dnbbank/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3792434:Square-1
media.web.dnb.no/is/image/dnbbank/ |
23 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3617589:Tall-1
media.web.dnb.no/is/image/dnbbank/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pensjonskonto_ung_dame:Tall-1
media.web.dnb.no/is/image/dnbbank/ |
16 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3514149:Tall-1
media.web.dnb.no/is/image/dnbbank/ |
29 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DNB (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| urlroot string| uniqueid function| $ function| jQuery object| controller string| url function| custom_callback1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth-payment-dnb.com/ | Name: PHPSESSID Value: 9d9ce33eece6309e194a14ebcc0965b7 |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth-payment-dnb.com
media.web.dnb.no
www.dnb.no
23.192.162.128
2a02:26f0:480:d::210:f153
91.215.85.14
01d11de2ba4f7b8d01df373b64444891079407bec21e12f06450dab6b994a918
0bc8476eda97fbd6cabaa4d22f26582c7316b55857965c435236432a00f336fe
30d93d80da7252191a3d81e2b3075c358c9c0287387f59b1336b82f283e158e5
35cfb3351e1f7c5d7eebfc403c1699c9072cdf1974eefa4f7d77a1bf08a71e7a
35e32a05742e720c3ae2ac39caa68e77e9e168b25ec0c28af82b5312ef457fa0
39a166e7553dee41d7db543f70168517ac09f496738a716f70197af40a26f29a
3a31ea184cc94a6f7d3df0a3c73593536987f4c0c24816149ac5e529de0169c4
3a8e481255020e2a9ca6f604bc8bbff9bcbc0a48e24ba3e3c138b89ea81c4e24
3ecb373bdbed2716344882dd200fe8ea887a5256bf623d3d6507272fa7ebb69f
3f48b2461f74f158fe81b9362076ef2b5ae9076ca8b1d41756132afefd616bf6
40cdfc60ba5aa8e48a87f590eba6ec16e7a3d07cb4fa4ae571a6172a95a65453
4aeb0831070510552176b708d5fb0de33d2f4be323b8bc33604bafbc8501df34
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5065a175ff87ead7916a5069cb486c7ddd2a452c841a3b10026e1c8d848804f6
52988316d42c69f58ef1f39643f4bea2c8393dc982c6de3f9aca1d42ea846d83
570faecaf6ee6b525f6864829988fe8ac600c50499302fc570f028f57dea5efa
5a385ce913bdb147538eb20ccd48958c39f932643b324a13c83a631e4d2bc9d4
5afa958db0c1af42cb71d4bb3af127800e7d7440308ac210a5c404ce1e9bc827
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
663fd38a787173dec752a13b2df9a75bd86231ba97fef9467ec9b5045fb71cc9
677177dc5796d4454420849697892b7c2a431b771de26486e337343b48d4e9f8
6fafe5f87dbcf048395267c2f4217d9b82f860c53e288ab541a99536fc76ffc1
772f611c70482eb68e6bea18fb6fd90f04f0bca555891adb9bd6d1bbb39a6147
786f20e4d559d50ed0e0cbe95e241aea97c25cf969bbc56b145929d03accb992
791cfc19a75d468c81a3bd7ba09ae504159528ad82dde0b2b2f5060b3f5f72cd
7af828a4f6da76ef3a077d378cb646827d8ce75c26402b5ca4efd8ffc2665311
8de0867ecd744dcd54f3f04500551d7ac09654525e20d7c084cad497215a7c8f
90ac3f6bbb385437a6b41ccb8bacb9e0562f498abe77d7161cf3e9fa482df5af
922e68cfa7b52b21a7ec23f70b17d9e2873b1477dc1ff1472bd17a3f203241f4
98776a19bcb7d46d11c331ec129acdba6aef34cfcd8d5c6db1d1e406cb7cbe44
9976395378f5ba1b2707b89e4b117c0e265a60cba771c362f6dd07a932c66d90
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
aaa373047aa9ac618da1b910ac213381c4bf9e8afdc421f946a9cde4341106de
b093123730cf524cee27c75b0b81005235aa7d825d8be186bae45a3a0c8ad915
b9bef1a9b9a7ddd3ceefba8c5dc62e06f15baef8e2a589a6a5f77a70b60907ed
bdbca2ea06f3eef529dfb4c0c1f21a14a89e4c1322bc9c2080f40076304cfe52
d9aba4b3d1ae394e1d4d66bde75fb50c4b0339f2a400d52bd6538b746e48d89a
debf1052e1829f4dee4c9cf77a4c2ae125fd1803896c96dff1e0a46bb763d8d3
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
e7e6269f5017a1db6a89f9d725a15089a536408f527f270e110a65aec6a13b65
ee0feae9d6f0057e9b1adf65af8cb5123012a7ad2680eb6fe3dd6113fe214a9c
fed5bb594d254f9a783e3e0fe99856b3ddb9711544627aca0061d02537b2f699
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e