secure.1rw.us
Open in
urlscan Pro
157.230.233.29
Public Scan
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 21st 2021. Valid for: 3 months.
This is the only time secure.1rw.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 157.230.233.29 157.230.233.29 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
6 | 67.208.93.232 67.208.93.232 | 29838 (AMC) (AMC) | |
1 | 142.250.186.74 142.250.186.74 | 15169 (GOOGLE) (GOOGLE) | |
2 | 13.224.193.32 13.224.193.32 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 172.217.16.136 172.217.16.136 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.16.156.243 104.16.156.243 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.225.78.65 13.225.78.65 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 172.67.13.227 172.67.13.227 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.181.238 142.250.181.238 | 15169 (GOOGLE) (GOOGLE) | |
3 | 142.250.74.195 142.250.74.195 | 15169 (GOOGLE) (GOOGLE) | |
2 | 104.22.3.142 104.22.3.142 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 104.21.74.23 104.21.74.23 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
1 | 162.247.242.20 162.247.242.20 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
2 | 35.162.78.228 35.162.78.228 | () () | |
31 | 16 |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-32.fra2.r.cloudfront.net
assets.calendly.com |
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-65.fra2.r.cloudfront.net
cdn.pendo.io |
ASN13335 (CLOUDFLARENET, US)
call.chatra.io | |
chat.chatra.io | |
static.chatra.io |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
chatra.io
call.chatra.io chat.chatra.io static.chatra.io |
278 KB |
6 |
exavault.com
1rw.exavault.com |
1 MB |
3 |
chatra-usercontent.com
uc.chatra-usercontent.com |
77 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
3 |
instana.io
eum.instana.io eum-us-west-2.instana.io |
10 KB |
2 |
calendly.com
assets.calendly.com |
8 KB |
1 |
nr-data.net
bam.nr-data.net |
314 B |
1 |
newrelic.com
js-agent.newrelic.com |
9 KB |
1 |
google-analytics.com
www.google-analytics.com |
20 KB |
1 |
pendo.io
cdn.pendo.io |
131 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
37 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
1rw.us
secure.1rw.us |
14 KB |
31 | 13 |
Domain | Requested by | |
---|---|---|
6 | 1rw.exavault.com |
secure.1rw.us
1rw.exavault.com eum.instana.io |
4 | chat.chatra.io |
call.chatra.io
chat.chatra.io static.chatra.io |
3 | uc.chatra-usercontent.com |
secure.1rw.us
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | eum-us-west-2.instana.io |
eum.instana.io
|
2 | static.chatra.io |
chat.chatra.io
|
2 | assets.calendly.com |
1rw.exavault.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
secure.1rw.us
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | call.chatra.io |
1rw.exavault.com
|
1 | cdn.pendo.io |
1rw.exavault.com
|
1 | eum.instana.io |
1rw.exavault.com
|
1 | www.googletagmanager.com |
1rw.exavault.com
|
1 | fonts.googleapis.com |
1rw.exavault.com
|
1 | secure.1rw.us | |
31 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.1rw.us R3 |
2021-09-21 - 2021-12-20 |
3 months | crt.sh |
*.exavault.com Sectigo RSA Organization Validation Secure Server CA |
2020-03-18 - 2022-03-18 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.calendly.com Go Daddy Secure Certificate Authority - G2 |
2021-02-06 - 2022-03-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.instana.io DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-24 - 2021-12-25 |
a year | crt.sh |
cdn.pendo.io Amazon |
2021-08-29 - 2022-09-27 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-16 - 2022-06-15 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.newrelic.com R3 |
2021-09-17 - 2021-12-16 |
3 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://secure.1rw.us/
Frame ID: D8E520390A637DF010B99C6752514D04
Requests: 4 HTTP requests in this frame
Frame:
https://1rw.exavault.com/
Frame ID: F261DF8982A828AA0F5D820154CFC15C
Requests: 18 HTTP requests in this frame
Frame:
https://chat.chatra.io/?isModern=true
Frame ID: 1A438ABD1569F8A7DA90E8D5774730A8
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
One RockwellDetected technologies
Calendly (Appointment scheduling) ExpandDetected patterns
- https://assets\.calendly\.com/assets/external/widget\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
secure.1rw.us/ |
13 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
1rw.exavault.com/sw/load/ |
266 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
1rw.exavault.com/ Frame F261 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame F261 |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.css
assets.calendly.com/assets/external/ Frame F261 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
assets.calendly.com/assets/external/ Frame F261 |
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.6f5dcf56992f9ec9a56f.css
1rw.exavault.com/ Frame F261 |
160 KB 160 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.6f5dcf56992f9ec9a56f.js
1rw.exavault.com/ Frame F261 |
3 MB 946 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame F261 |
92 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eum.min.js
eum.instana.io/ Frame F261 |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pendo.js
cdn.pendo.io/agent/static/ff5e84c5-2978-4f6a-59fb-b691896103aa/ Frame F261 |
420 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatra.js
call.chatra.io/ Frame F261 |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame F261 |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F261 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F261 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F261 |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get-branding-by-account
1rw.exavault.com/ Frame F261 |
273 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
chat.chatra.io/ Frame 1A43 |
1023 B 914 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
453511728fcf4541382be1af2ea115e1003022ab.css
static.chatra.io/jscss/ Frame 1A43 |
81 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meteor_runtime_config.js
chat.chatra.io/ Frame 1A43 |
620 B 610 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c54ee7601905187cb2b6ace26dc5b536c3da217f.js
static.chatra.io/jscss/ Frame 1A43 |
830 KB 250 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1A43 |
44 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1A43 |
215 B 0 |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
897270d91eac7842bdfb091f4b71db26.png
1rw.exavault.com/content/view/logo/ Frame F261 |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1A43 |
82 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1A43 |
90 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1A43 |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info
chat.chatra.io/sockjs/ Frame 1A43 |
79 B 422 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info
chat.chatra.io/sockjs/ Frame 1A43 |
79 B 458 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
uc.chatra-usercontent.com/33ac5c52-9525-439c-9543-c19d9750717e/-/resize/200x200/ Frame 1A43 |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
uc.chatra-usercontent.com/77a2b0da-87da-4c95-80ec-7876ec22ebb0/-/crop/358x358/97,158/-/preview/-/resize/200x200/ Frame 1A43 |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
uc.chatra-usercontent.com/b23c2528-d600-463a-9d46-16983a84835e/-/resize/200x200/ Frame 1A43 |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-885.min.js
js-agent.newrelic.com/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8dfb545e3d
bam.nr-data.net/1/ |
57 B 314 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
eum-us-west-2.instana.io/ Frame F261 |
0 190 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
eum-us-west-2.instana.io/ Frame F261 |
0 190 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require string| queryString0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1rw.exavault.com
assets.calendly.com
bam.nr-data.net
call.chatra.io
cdn.pendo.io
chat.chatra.io
eum-us-west-2.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
secure.1rw.us
static.chatra.io
uc.chatra-usercontent.com
www.google-analytics.com
www.googletagmanager.com
104.16.156.243
104.21.74.23
104.22.3.142
13.224.193.32
13.225.78.65
142.250.181.238
142.250.186.74
142.250.74.195
151.101.194.137
157.230.233.29
162.247.242.20
172.217.16.136
172.67.13.227
35.162.78.228
67.208.93.232
02e5dc716951fa6d2ae8e18ea06ac4efa4c2af0b63b45f4e70b8ae604597c71b
07a1291c4c61ec804d2dcdd5d1085593c99ab729ea78c55b2a8b588ecf300ca8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1aad04b1546c60b48e589ccc3d50e74902223bdf8a7ea1c630caa53c85c7fe5a
1e0fb312914ea7ebc2c7bbb1ac27bd6b6a26b2e56b95b13c4fd9c97c5a6f5fb2
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3ef1f35dba8c73d124c0b01211f4da3277c39f1ad2f25d02f4beb62c876e215e
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
57270fb41cbaf15e4651172395a8cc97cdbaa58df8b90a46ad922c2176a852f2
5ce5d40ff7b8317c006368025c503ea686183a77f5330e53e55ce62171398feb
68abde2eb47328db67f9b2af5daa72131bd0c04f27bc1606b97c08abba5e9afb
78722aeda843c966758269d8ce7ecc79727fbd106bbff38390f056b704db39e3
79a9d6946a7fdc733e599e519d79d984573249b6253077f8fab4601a8767d3cc
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
9874ff8f4e42a8301b5ab7f952ae9934b7d95a4cb51cb4c7caac2e1787c93649
9ddbafb0fcf05772d8a59c79a9c023edf3e19a96acf759d8d1cc59fda86d6c6e
9f15459a203dda8ec3f2a08cc8bef28ca66d0030ac54e8491d420c0c3f56bad9
9f4cae72a14641dd80013bad4cdd5f5556c9a901060ffc80b0a489d2d3af4361
a14a2265bdb8a50153d9ea5082882b92911ad19fb6ee72daa62a4c3ea06c0493
a7212dc715a020b6bcb66d94f0ed9d2c382f98f1d5a877ea83842c00562f4912
aac4767bf29fde4596498975e7b3835e1b20aeb2ac3f0f7d2fe60da64dc93029
b91ad6bff62274948d270a110654b119302101c37f28ae7875de1a6e3fe2c26e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c234008dd16f9be0fd67752fab36832e286887f07ba5fd1dcda9f4b42ec4fe08
c54adca065423572d6ba5de23636229a0e84f745f3dc0af88f39e04ebb8a3b96
c99fca5300e797265246346dad4affeeaeddef2f2150ad6d863578e675bb405a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d4d4d9860597f777c1bbba0e2b6304e09f6fb47c66dfd96c546ff3b509e0fb73
d72fe48350b82bd31bd6c6b8e90811d971f483c9722af13005cb7539a0c0a2fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2272ed432573b9cd73bad94fd7caf4c25bb93f83efa78036591e4c57df1d279
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62