booking.paintnsip.no
Open in
urlscan Pro
34.243.24.182
Public Scan
Submission: On February 28 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 27th 2020. Valid for: 3 months.
This is the only time booking.paintnsip.no was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
booking.paintnsip.no |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 179.75.90.34.bc.googleusercontent.com
static.hotjar.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 106.27.204.35.bc.googleusercontent.com
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-156-77.eu-west-1.compute.amazonaws.com
api.paintnsip.no |
ASN15169 (GOOGLE, US)
PTR: 149.48.90.34.bc.googleusercontent.com
vars.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
paintnsip.no
booking.paintnsip.no api.paintnsip.no |
826 KB |
3 |
google-analytics.com
2 redirects
www.google-analytics.com |
18 KB |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
72 KB |
2 |
gstatic.com
fonts.gstatic.com |
16 KB |
2 |
facebook.com
www.facebook.com |
396 B |
2 |
google.de
www.google.de |
218 B |
2 |
google.com
2 redirects
www.google.com |
362 B |
2 |
doubleclick.net
2 redirects
stats.g.doubleclick.net |
326 B |
2 |
facebook.net
connect.facebook.net |
142 KB |
2 |
bing.com
bat.bing.com |
8 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
51 KB |
1 |
googleapis.com
fonts.googleapis.com |
683 B |
32 | 12 |
Domain | Requested by | |
---|---|---|
13 | booking.paintnsip.no |
booking.paintnsip.no
|
3 | www.google-analytics.com |
2 redirects
www.googletagmanager.com
|
2 | api.paintnsip.no |
booking.paintnsip.no
|
2 | fonts.gstatic.com |
booking.paintnsip.no
|
2 | www.facebook.com |
booking.paintnsip.no
|
2 | www.google.de |
booking.paintnsip.no
|
2 | www.google.com | 2 redirects |
2 | stats.g.doubleclick.net | 2 redirects |
2 | connect.facebook.net |
booking.paintnsip.no
connect.facebook.net |
2 | bat.bing.com |
www.googletagmanager.com
booking.paintnsip.no |
2 | www.googletagmanager.com |
booking.paintnsip.no
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | fonts.googleapis.com |
booking.paintnsip.no
|
1 | static.hotjar.com |
www.googletagmanager.com
|
32 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
booking.paintnsip.no Let's Encrypt Authority X3 |
2020-02-27 - 2020-05-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-01-16 - 2020-04-15 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
api.paintnsip.no Let's Encrypt Authority X3 |
2020-02-27 - 2020-05-27 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://booking.paintnsip.no/
Frame ID: B4E321D0921C1F11A92C6A5205E997E6
Requests: 31 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2707702139F920D28B04C3B2B8F36BCF
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Hotjar (Analytics) Expand
Detected patterns
- script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=601130601&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&ul=en-us&de=UTF-8&dt=Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=202650038&gjid=412613486&cid=1845253581.1582848233&tid=UA-109231851-1&_gid=2058600596.1582848233&_r=1>m=2wg2j0K99K7SS&z=1396175736 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_gid=2058600596.1582848233&gjid=412613486&_v=j81&z=1396175736 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736&slf_rd=1&random=255156013
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=601130601&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&ul=en-us&de=UTF-8&dt=Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=1359874442&gjid=1330588173&cid=1845253581.1582848233&tid=UA-109231851-1&_gid=2058600596.1582848233&_r=1>m=2ou2j0&z=2086185051 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_gid=2058600596.1582848233&gjid=1330588173&_v=j81&z=2086185051 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051&slf_rd=1&random=2791654964
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
booking.paintnsip.no/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
75 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9.22d6b5ec.chunk.css
booking.paintnsip.no/static/css/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.efb0671c.chunk.css
booking.paintnsip.no/static/css/ |
100 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9.a6c0b334.chunk.js
booking.paintnsip.no/static/js/ |
393 KB 106 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.89ca486d.chunk.js
booking.paintnsip.no/static/js/ |
101 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
65 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1493928.js
static.hotjar.com/c/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
439545033114078
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 683 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.e483a7fd5848d79df4ee.js
script.hotjar.com/ |
401 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.090ccad3.chunk.css
booking.paintnsip.no/static/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.a693bc3d.chunk.js
booking.paintnsip.no/static/js/ |
110 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
17.fc99fb8b.chunk.js
booking.paintnsip.no/static/js/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_full_white.c650625c.png
booking.paintnsip.no/static/media/ |
112 KB 112 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_small_white.1d4437f1.png
booking.paintnsip.no/static/media/ |
152 KB 152 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
auth
api.paintnsip.no/api/v1/ |
0 737 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
singleImg.de50397a.png
booking.paintnsip.no/static/media/ |
118 KB 118 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
groupImg.66c64a95.png
booking.paintnsip.no/static/media/ |
138 KB 138 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
businessImg.8d945bea.png
booking.paintnsip.no/static/media/ |
119 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2707 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
auth
api.paintnsip.no/api/v1/ |
97 B 657 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga object| uetq function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET object| webpackJsonp object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| regeneratorRuntime object| __SENTRY__6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.paintnsip.no/ | Name: _hjid Value: a15960ba-caf9-4b42-9887-b94c5a81fe37 |
|
.paintnsip.no/ | Name: _gid Value: GA1.2.2058600596.1582848233 |
|
.paintnsip.no/ | Name: _gat_gtag_UA_109231851_1 Value: 1 |
|
.paintnsip.no/ | Name: _ga Value: GA1.2.1845253581.1582848233 |
|
.paintnsip.no/ | Name: _gat_UA-109231851-1 Value: 1 |
|
.paintnsip.no/ | Name: _fbp Value: fb.1.1582848232821.1981675850 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.paintnsip.no
bat.bing.com
booking.paintnsip.no
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.243.24.182
34.90.48.149
34.90.75.179
35.204.27.106
52.18.156.77
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11eb12077dba75a2ad5bdaff14a77ffda5e6eb6ac1bce5089c50d3039f20fab2
21d69b8d88ac3788415e394c3902f9a6226d7131745918c0bf2f1db1aebb8d51
273fd19de81356de004a20ae95823fe1c516a6a06d93d485c330c40984e5facd
2e1c6a485a5ca680669cc1f0c0b2163bb10f5d7add4ab4181d66227b8bc4eb43
341baf37cb7e9df007fb8687dea6f4940e8d9866bec90c934ef1e930dc7bb339
3a4dd128fb27d36a35255b3f4f9b9873ccb14757c41d3c9fc2b8f35e441831e8
409852b0f1d83e5455c33065d13d9a28544b5872639bc014e262652b7598844e
4585112a2875bc18afb3fa188a407aefcd4dafa4b7b833fe3f873aece15429b1
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
57804c5158a4a8441244b594c04862112117b0d273d8b6943d080946f982929b
59ffbab9edac193a36a58346c6502825617214d4e93343d233bfcd6790239c41
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6331625efd847d2cbe4d02f117d919e0b2d522381b7468f880a045eac1d209f7
6f7f3857aaf901f919a5ee2f2d80b4f83778a4018d842efa96ddadd0cf969bc8
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
a15f208a31717b34eddd6ed9fe1f61c8168f4c736405486991a7308f810d4a3d
b9d039989adf7691374cf42bc87c35df57694b86f272c9b7eb6dcb8accbc4324
cbf569c8871ddad9a42184e7f63bbf00cc1e7fc93179cad23ebced7d12dd09bf
d46a29fa231afef6140365b24aa9a0a9db93fb9f1e56f212122925d557f618cb
d893ae57111bbb32f76f3780e78e7cda8bfdaf2508562c4019ced89f7bb1a38d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e947c07568fb7b194b79b4819f5836be603882b63694a523ac3aee5f3e8eb426
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed5f22aeb35b863ca50f0bef346c372fdb58264bff0add67025b7c32a005cf46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fda0172df975b173db362f9eccdaf3239c37bfa61505b228cd36e8c0760f7712