www.creditscorerevival.com
Open in
urlscan Pro
198.71.233.204
Public Scan
Submission: On January 18 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 18th 2021. Valid for: a year.
This is the only time www.creditscorerevival.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 198.71.233.204 198.71.233.204 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE) | |
1 4 | 52.44.172.169 52.44.172.169 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 143.204.101.189 143.204.101.189 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a00:1450:400... 2a00:1450:4001:81a::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.84.56.153 104.84.56.153 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
34 | 11 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-71-233-204.ip.secureserver.net
www.creditscorerevival.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-172-169.compute-1.amazonaws.com
www.vcita.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-189.fra50.r.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net |
ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-153.deploy.static.akamaitechnologies.com
c15117557.ssl.cf2.rackcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
creditscorerevival.com
www.creditscorerevival.com |
531 KB |
5 |
gstatic.com
fonts.gstatic.com |
67 KB |
4 |
cloudfront.net
d2ra6nuwn69ktl.cloudfront.net |
150 KB |
4 |
vcita.com
1 redirects
www.vcita.com |
4 KB |
2 |
facebook.com
www.facebook.com |
556 B |
2 |
youtube.com
www.youtube.com |
|
2 |
facebook.net
connect.facebook.net |
92 KB |
2 |
googleapis.com
fonts.googleapis.com |
3 KB |
1 |
rackcdn.com
c15117557.ssl.cf2.rackcdn.com |
4 KB |
34 | 9 |
Domain | Requested by | |
---|---|---|
13 | www.creditscorerevival.com |
www.creditscorerevival.com
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | d2ra6nuwn69ktl.cloudfront.net |
www.vcita.com
d2ra6nuwn69ktl.cloudfront.net |
4 | www.vcita.com |
1 redirects
www.creditscorerevival.com
d2ra6nuwn69ktl.cloudfront.net |
2 | www.facebook.com |
www.creditscorerevival.com
|
2 | www.youtube.com |
www.creditscorerevival.com
|
2 | connect.facebook.net |
www.creditscorerevival.com
connect.facebook.net |
2 | fonts.googleapis.com |
www.creditscorerevival.com
d2ra6nuwn69ktl.cloudfront.net |
1 | c15117557.ssl.cf2.rackcdn.com | |
34 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.secureclientaccess.com |
www.godaddy.com |
www.vcita.com |
live.vcita.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
creditscorerevival.com Go Daddy Secure Certificate Authority - G2 |
2021-01-18 - 2022-02-19 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.vcita.com R3 |
2021-01-11 - 2021-04-11 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA |
2020-02-18 - 2021-05-19 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.creditscorerevival.com/
Frame ID: D1A9DF7D8214817EA9B590619970FF65
Requests: 31 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/sy41imOrHbg
Frame ID: FD48E48FE70CA344936A034A769C5B38
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/wYHA_qStcqE
Frame ID: 8120307484F81971093E230E90DC23D9
Requests: 1 HTTP requests in this frame
Frame:
https://www.vcita.com/api/client_zones/lpnmfn8lxgjn53sr/account/active_engage_gate
Frame ID: 29C3412A2925ED81799E713548FC5308
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: GoDaddy
Search URL Search Domain Scan URL
Title: Powered by vcita
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Schedule now
Search URL Search Domain Scan URL
Title: We'd love to hear from...
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://www.vcita.com/lpnmfn8lxgjn53sr/loader.js HTTP 301
- https://www.vcita.com/widgets/active_engage/lpnmfn8lxgjn53sr/loader?format=js
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.creditscorerevival.com/ |
21 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
www.creditscorerevival.com/wp-includes/css/dist/block-library/ |
50 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.creditscorerevival.com/wp-content/themes/activation/ |
86 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.creditscorerevival.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
www.creditscorerevival.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-upload-e1512055793510.png
www.creditscorerevival.com/wp-content/uploads/2017/11/ |
50 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.min.js
www.creditscorerevival.com/wp-content/themes/primer/assets/js/ |
733 B 777 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skip-link-focus-fix.min.js
www.creditscorerevival.com/wp-content/themes/primer/assets/js/ |
447 B 629 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
www.creditscorerevival.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
www.creditscorerevival.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader
www.vcita.com/widgets/active_engage/lpnmfn8lxgjn53sr/ Redirect Chain
|
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
livesite.js
d2ra6nuwn69ktl.cloudfront.net/assets/ |
177 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sy41imOrHbg
www.youtube.com/embed/ Frame FD48 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wYHA_qStcqE
www.youtube.com/embed/ Frame 8120 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-credit-repair--2400x1298.jpg
www.creditscorerevival.com/wp-content/uploads/2017/02/ |
295 KB 296 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
fonts.gstatic.com/s/cabin/v17/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ClientLoginButton-1.png
www.creditscorerevival.com/wp-content/uploads/2017/11/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
House-family-first-page.jpg
www.creditscorerevival.com/wp-content/uploads/2017/02/ |
90 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1007212576467158
connect.facebook.net/signals/config/ |
241 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
livesite.css
d2ra6nuwn69ktl.cloudfront.net/assets/ |
62 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
26 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.woff
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/ |
64 KB 65 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
active_engage_gate
www.vcita.com/api/client_zones/lpnmfn8lxgjn53sr/account/ Frame 29C3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normal_3dzlwgaahtjmef587mh7utdwaidt5u32.jpg
c15117557.ssl.cf2.rackcdn.com/avatar/image/457859/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
www.vcita.com/tr_pics/ |
43 B 851 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.woff
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery string| vcHost string| vcUrl object| Vcita function| liveSiteLegacyInit function| fbq function| _fbq object| wp object| twemoji object| LiveSite string| big_data_event undefined| lsParam3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: zC0jOFhC2_w |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: lAW1WO1lbSo |
|
.creditscorerevival.com/ | Name: _fbp Value: fb.1.1610989767192.1563703691 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c15117557.ssl.cf2.rackcdn.com
connect.facebook.net
d2ra6nuwn69ktl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.creditscorerevival.com
www.facebook.com
www.vcita.com
www.youtube.com
104.84.56.153
143.204.101.189
198.71.233.204
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81a::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.44.172.169
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0783b9e0cd5a1d4f4c610b360f8b67a2b44f1c38c16f5e265c64bd5e561ce925
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1aab2ef02d979bb919d6ea1faa3dc6d77c65696be26c1ab8a5fe9ec6cc8908a3
2c43222cba531eee262cf9b7de750ebceab70b27747605498cb043685592188b
2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
4eb1f05d23b804c138646e75cb3cefdf9cfbff0a8c101866055daca86000c558
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63e3ee7fa30d1e367fd8bf6cb05c13a50e284f59c7e3a13bbf96e111994bc853
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
83c2ac0f7052858030cd4140d830b3945f096e6f47127b10a9d50c96588c69f4
91b6caa5d6b4590e05ea5d89fde506c70928e830be4205e632c5dcb0a084576e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a71ed6cf7647de65d90b726fd1750253a62af0d539c54f95bbd7364d90df1afd
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
b1649d0c0de9370af171a7fc8b65357e8fa87fcd2c636b91bb8c9f0c47d9d8a9
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
c08a44b9949aba1899b8a664885f7e5b3b7ae360643693a1423b57a625567a5f
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
dde11221ec93f1823aa837c87bd6a9d9ad25c2c0328884ce0609dc03f2a2da10
dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b
e398434eea6bad1b3878e02c4a418647ed6a60a93534756d821152c855e608aa
eb970adea8ce21e7a649c233b8ab88270bbd36322cc95497c1c545455d26d3a1
f67f14d31b5fa1cf3ddc95bd5e53415a08a60d495d930b5f7e2bb070c4613c97
f978082572928582ec241126f39d976ba630d2e4c68a0ac32fe91b29187333ed
fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2