www.vvtmed.com
Open in
urlscan Pro
195.238.120.200
Public Scan
Effective URL: https://www.vvtmed.com/
Submission: On February 09 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 4th 2022. Valid for: 3 months.
This is the only time www.vvtmed.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 62.219.84.197 62.219.84.197 | 8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone) | |
14 | 195.238.120.200 195.238.120.200 | 201660 (JETSERVER...) (JETSERVER-LTD) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 3 | 89.187.169.47 89.187.169.47 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
6 | 143.204.101.166 143.204.101.166 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.26.10.16 104.26.10.16 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
30 | 8 |
ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: cpanel-web-lin01.bezeqint.net
www.sclerosafe.com |
ASN201660 (JETSERVER-LTD, IL)
PTR: israel01.intercity.co.il
www.vvtmed.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.shortpixel.ai |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-166.fra50.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
vvtmed.com
www.vvtmed.com |
1 MB |
6 |
cloudfront.net
d10lpsik1i8c69.cloudfront.net |
100 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
20 KB |
3 |
shortpixel.ai
3 redirects
cdn.shortpixel.ai — Cisco Umbrella Rank: 29891 |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
80 KB |
1 |
luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 7611 |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
3 KB |
1 |
sclerosafe.com
1 redirects
www.sclerosafe.com |
444 B |
30 | 9 |
Domain | Requested by | |
---|---|---|
14 | www.vvtmed.com |
www.vvtmed.com
|
6 | d10lpsik1i8c69.cloudfront.net |
www.vvtmed.com
d10lpsik1i8c69.cloudfront.net |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | cdn.shortpixel.ai | 3 redirects |
2 | www.googletagmanager.com |
www.vvtmed.com
|
1 | settings.luckyorange.net |
d10lpsik1i8c69.cloudfront.net
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
www.vvtmed.com
|
1 | www.sclerosafe.com | 1 redirects |
30 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
vvtmed.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
vvtmed.com cPanel, Inc. Certification Authority |
2022-02-04 - 2022-05-05 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-30 - 2022-06-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.vvtmed.com/
Frame ID: 68F8B89E14AAC1645C5479C133552374
Requests: 27 HTTP requests in this frame
Frame:
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=6ea758b
Frame ID: CA6D47E812AA3EA0A5745599910CFE70
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
VVT MEDICAL LtdPage URL History Show full URLs
-
https://www.sclerosafe.com/
HTTP 301
https://www.vvtmed.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Learn more >>
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.sclerosafe.com/
HTTP 301
https://www.vvtmed.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://www.vvtmed.com/wp-content/uploads/2021/08/website-banner.jpg HTTP 302
- https://www.vvtmed.com/wp-content/uploads/2021/08/website-banner.jpg
- https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://www.vvtmed.com/wp-content/uploads/2020/04/home_icon.png HTTP 302
- https://www.vvtmed.com/wp-content/uploads/2020/04/home_icon.png
- https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://www.vvtmed.com/wp-content/uploads/2021/08/vvt-logo-sml.jpg HTTP 302
- https://www.vvtmed.com/wp-content/uploads/2021/08/vvt-logo-sml.jpg
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.vvtmed.com/ Redirect Chain
|
45 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
68 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_69b71c08e43ce8fe8c270c960e5242e1.css
www.vvtmed.com/wp-content/cache/autoptimize/css/ |
546 KB 76 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_2bd5aebbae49ee8c94b8d0ee61c9a522.css
www.vvtmed.com/wp-content/cache/autoptimize/css/ |
1 KB 360 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_7cefc5e68b751878122d572fb1ebe665.css
www.vvtmed.com/wp-content/cache/autoptimize/css/ |
9 KB 750 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_b205aadfc0bc3751cce20908210abc49.css
www.vvtmed.com/wp-content/cache/autoptimize/css/ |
1 KB 456 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.vvtmed.com/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
website-banner.jpg
www.vvtmed.com/wp-content/uploads/2021/08/ Redirect Chain
|
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_icon.png
www.vvtmed.com/wp-content/uploads/2020/04/ Redirect Chain
|
324 B 432 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vvt-logo-sml.jpg
www.vvtmed.com/wp-content/uploads/2021/08/ Redirect Chain
|
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_23523bd91a96384f9c004fffc91014f2.js
www.vvtmed.com/wp-content/cache/autoptimize/js/ |
639 KB 167 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
118 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v17/ |
26 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w.js
d10lpsik1i8c69.cloudfront.net/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
settings.luckyorange.net/ |
3 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.vvtmed.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strip1HR.jpg
www.vvtmed.com/wp-content/uploads/2020/06/ |
284 KB 284 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strip3cHR.jpg
www.vvtmed.com/wp-content/uploads/2020/06/ |
179 KB 179 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
strip2HR.jpg
www.vvtmed.com/wp-content/uploads/2020/06/ |
233 KB 233 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame CA6D |
287 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ |
277 B 620 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
d10lpsik1i8c69.cloudfront.net/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d2053198-accc-4042-af94-5e5da7ceadd1
https://www.vvtmed.com/ Frame CA6D |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
404cd217-bdfc-4bd7-9917-aad5ab9d9928
https://www.vvtmed.com/ Frame CA6D |
30 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
82 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| $ function| jQuery object| dataLayer function| gtag object| google_tag_manager object| PojoA11yOptions object| Pojo object| elementorFrontendConfig object| google_tag_data string| GoogleAnalyticsObject function| ga number| __lo_site_id function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData boolean| __lo_csr_added function| pojoOnloadReCAPTCHACallback object| MasterSliderIntegration object| html5 object| Modernizr function| yepnope object| skrollr function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Pojo_Anchor_Links_Manager object| averta function| package boolean| _mobile boolean| _touch function| parseQueryString object| matched object| browser function| CSSTween object| CTween object| EaseDic function| MSAligner function| Controller function| MSSliderEvent function| MSSlide function| MSSlideController function| MasterSlider function| MSViewEvents function| MSBasicView function| MSFadeView function| BaseControl function| MSArrows function| MSThumblist function| MSBulltes function| MSScrollbar function| MSTimerbar function| MSCircleTimer function| MSSlideInfo object| wp object| webpackChunkelementor object| __core-js_shared__ object| core object| elementorModules function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| regeneratorRuntime object| elementorFrontend string| _jcsspfx string| _csspfx boolean| _cssanim boolean| _css3d boolean| _css2d object| WTW_Watcher object| LO object| _loq8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.vvtmed.com/ | Name: _ga Value: GA1.2.5292344.1644367661 |
|
.vvtmed.com/ | Name: _gid Value: GA1.2.1269273643.1644367661 |
|
.vvtmed.com/ | Name: _gat_gtag_UA_167209620_1 Value: 1 |
|
.vvtmed.com/ | Name: _gat_UA-167209620-1 Value: 1 |
|
.vvtmed.com/ | Name: _lo_uid Value: 322396-1644367660989-02b4f71ab822227d |
|
.vvtmed.com/ | Name: _lorid Value: 322396-1644367660989-4d4b29ef66037326 |
|
.vvtmed.com/ | Name: _lo_v Value: 1 |
|
.vvtmed.com/ | Name: __lotl Value: https%3A%2F%2Fwww.vvtmed.com%2F |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.shortpixel.ai
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
settings.luckyorange.net
www.google-analytics.com
www.googletagmanager.com
www.sclerosafe.com
www.vvtmed.com
104.26.10.16
143.204.101.166
195.238.120.200
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:811::200e
2a00:1450:4001:828::200a
62.219.84.197
89.187.169.47
08fdc71af486c64ef65b6389f4650e914ed8578553f3fe540d8eceea6a9b0e67
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
139f4d0128eeb9c25dace48e2db5be22d297778aaeec2e12e9cf8b09d36403da
1b2bf2bfc299f27a5efb5120a5c3e90098fd8fd9442ca3265187597b96ea3ff3
1dadd0400b27d3ac9c96cee93dca44697a0ce50178ceba94b64c865e8b79c432
23e5ab946c4f28645c1f498e81933f3c5d1f9cfac6ac758e4eea56003b5bce33
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
53fd542a71353806072db703068c17ffe1087217b02815e0e306419422d503f6
5cf27e0e31db874d77562c910f5a0eca1f37b32fde3dd4c2c5503a560ce40921
5ef343dc91102039253f7840d5d58be2c531b70cb0243930e8f0a26d68dec13f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
655f9cbe75c1c5210189d35ebbedda6cfc19f5834ec742aeb8e666339ed4eca2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
93bc0f2bba68576aa27a9fe0bdc8fdbcc2b21f281c5c4555d71e49bd27f46f4c
95417835dbebc3da7a4b95b09d8d73facdabca0e35ae35e57e176622c2eaf5ec
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
98be668c43acf0e4a6990967b2968d96dc5c21febba000a26d1efdaaa03d6033
991a9a4f6c0af977b00e7199908b984d2dad7b73b4a54abd84bdd5b229443f2b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ba4d8ac92c8dc2b231430b48134cd63e217d20e269f93b2dc2b93de4083cd9ed
bb6167fc65cf82f4f801e6f07f4ed3d16af090462887f5f1b4bae2eb719b41aa
cd790f1cb1c31ed742bab6ddd658fdb841a5416a75d0bf3d3374145bcf1afaf9
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
e16211af05a7c2fcda5590404c64ec7335f3e1977ee684330ceae3ae2739691e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fcf3841d76921ae8b1d60348ad74b4f82c1f87240b3c60e09490910e0f9e779c