www.heliumdeploy.io
Open in
urlscan Pro
52.17.119.105
Public Scan
Submission: On December 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.
This is the only time www.heliumdeploy.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
www.heliumdeploy.io |
ASN16509 (AMAZON-02, US)
assets-global.website-files.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-64-84-99.txl50.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net
cdn.heapanalytics.com |
ASN16509 (AMAZON-02, US)
assets.website-files.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.73.66.34.bc.googleusercontent.com
client-api.auryc.com |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-25-240.compute-1.amazonaws.com
heapanalytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 6575 assets.website-files.com — Cisco Umbrella Rank: 12427 |
2 MB |
17 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
408 KB |
8 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 71 |
1002 KB |
6 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29 jnn-pa.googleapis.com — Cisco Umbrella Rank: 203 |
49 KB |
4 |
auryc.com
client-api.auryc.com — Cisco Umbrella Rank: 8075 |
1 KB |
4 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248 |
3 KB |
4 |
heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 878 heapanalytics.com — Cisco Umbrella Rank: 784 |
229 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
20 KB |
1 |
ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226 |
3 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89 |
26 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6765 |
455 B |
1 |
shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 1708 |
4 KB |
1 |
uppromote.com
af.uppromote.com — Cisco Umbrella Rank: 506217 |
5 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
74 KB |
1 |
cloudfront.net
d3e54v103j8qbb.cloudfront.net |
31 KB |
1 |
heliumdeploy.io
www.heliumdeploy.io |
9 KB |
73 | 16 |
Domain | Requested by | |
---|---|---|
18 | assets-global.website-files.com |
www.heliumdeploy.io
|
15 | fonts.gstatic.com |
fonts.googleapis.com
www.youtube.com |
8 | www.youtube.com |
www.heliumdeploy.io
www.youtube.com |
4 | jnn-pa.googleapis.com |
www.youtube.com
|
4 | client-api.auryc.com |
cdn.heapanalytics.com
|
3 | googleads.g.doubleclick.net |
1 redirects
www.googletagmanager.com
www.youtube.com |
3 | cdn.heapanalytics.com |
www.heliumdeploy.io
cdn.heapanalytics.com |
2 | www.gstatic.com |
www.youtube.com
www.gstatic.com |
2 | www.google.com |
www.heliumdeploy.io
www.youtube.com |
1 | heapanalytics.com | |
1 | yt3.ggpht.com |
www.youtube.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | www.google.de |
www.heliumdeploy.io
|
1 | assets.website-files.com |
assets-global.website-files.com
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | cdn.shopify.com |
www.heliumdeploy.io
|
1 | af.uppromote.com |
www.heliumdeploy.io
|
1 | www.googletagmanager.com |
www.heliumdeploy.io
|
1 | d3e54v103j8qbb.cloudfront.net |
www.heliumdeploy.io
|
1 | ajax.googleapis.com |
www.heliumdeploy.io
|
1 | www.heliumdeploy.io | |
73 | 22 |
This site contains links to these domains. Also see Links.
Domain |
---|
moken.io |
docs.helium.com |
pre.heliumdeploy.io |
www.facebook.com |
mobile.twitter.com |
www.instagram.com |
www.linkedin.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.heliumdeploy.io R3 |
2023-10-22 - 2024-01-20 |
3 months | crt.sh |
*.website-files.com Amazon RSA 2048 M03 |
2023-09-11 - 2024-10-08 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
af.uppromote.com R3 |
2023-12-18 - 2024-03-17 |
3 months | crt.sh |
cdn.shopify.com E1 |
2023-11-08 - 2024-02-06 |
3 months | crt.sh |
cdn.heapanalytics.com Amazon RSA 2048 M01 |
2023-06-29 - 2024-07-27 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.auryc.com R3 |
2023-11-25 - 2024-02-23 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
heapanalytics.com Amazon RSA 2048 M02 |
2023-11-09 - 2024-12-08 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.heliumdeploy.io/blog/a-guide-to-claiming-your-helium-rewards
Frame ID: 332EEE75B01708E972A2A005FAE85377
Requests: 50 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/opTibscbdmQ
Frame ID: 5606BD51435EEEE4108B281244C3EB27
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
A Guide to Claiming Your Helium Rewards - HeliumDeployDetected technologies
Laravel (Web Frameworks) ExpandDetected patterns
YouTube (Video Players) Expand
Detected patterns
- <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
- googleapis\.com/.+webfont
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Heap (Analytics) Expand
Detected patterns
- heap-\d+\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: 🚀 Get 5K $Mobile Free - Sign Up for Moken 🚀
Search URL Search Domain Scan URL
Title: https://docs.helium.com/wallets/helium-wallet-app/
Search URL Search Domain Scan URL
Title: Estimator
Search URL Search Domain Scan URL
Title: î ˆ
Search URL Search Domain Scan URL
Title: î Š
Search URL Search Domain Scan URL
Title: î Œ
Search URL Search Domain Scan URL
Title: î ‹
Search URL Search Domain Scan URL
Title: î €
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 52- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
a-guide-to-claiming-your-helium-rewards
www.heliumdeploy.io/blog/ |
32 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heliumdeploy-staging.c35f9864c.css
assets-global.website-files.com/638a5641611a9f6a7c66c219/css/ |
360 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
638a74efc4293454ca70dac2_helium-deploy-logo.svg
assets-global.website-files.com/638a5641611a9f6a7c66c219/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
638a5641611a9f3dc566c24f_icon-1-post-about-dark-template.svg
assets-global.website-files.com/638a5641611a9f6a7c66c219/ |
729 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
638a5641611a9f28f466c252_icon-2-post-about-dark-template.svg
assets-global.website-files.com/638a5641611a9f6a7c66c219/ |
422 B 870 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe65b903c47140cea8775_Screenshot%202023-05-01%20at%2012.18.23%20PM-p-1600.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
46 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36976ad64cb49a09f1e_c933ad7f.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
631 KB 633 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36a56fdc32b0776fcb6_308fcb38.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36a263d2c8aa837a476_674352c4.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36a203e292a4768c902_75672e76.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
136 KB 137 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36af42bf504ec5ee1e2_176422b1.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36a1de51edaa40ddd99_9234b6e9.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
81 KB 82 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36abed517557d726429_0b69fe6e.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
251 KB 252 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36a8e58f95703232c2f_aad6681e.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
136 KB 136 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644fe36a04cbd9e4b3bc0c40_a609206f.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
61 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6553b4953691c303b8540cc3_Screenshot%202023-11-14%20at%2012.55.05%E2%80%AFPM-p-500.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
638a5641611a9f234f66c350_icon-3-blog-categories-dark-template.svg
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
868 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64f63edb66f2a16851343632_Screenshot%202023-09-04%20at%204.31.47%20PM-p-500.png
assets-global.website-files.com/638a5641611a9f819b66c21f/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heliumdeploy-staging.118a50d15.js
assets-global.website-files.com/638a5641611a9f6a7c66c219/js/ |
2 MB 375 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
205 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking_third_party.js
af.uppromote.com/ |
3 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpIcon.png
cdn.shopify.com/s/files/1/0584/2419/7302/files/ |
3 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
81 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-1529424147.js
cdn.heapanalytics.com/js/ |
120 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opTibscbdmQ
www.youtube.com/embed/ Frame 5606 |
92 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
638a5641611a9ff3b366c266_icons-dark-template.woff2
assets.website-files.com/638a5641611a9f6a7c66c219/ |
4 KB 5 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v24/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v24/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-player.css
www.youtube.com/s/player/d23221b6/ Frame 5606 |
366 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5606 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5606 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame 5606 |
53 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-embed-player.js
www.youtube.com/s/player/d23221b6/www-embed-player.vflset/ Frame 5606 |
322 KB 96 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame 5606 |
2 MB 769 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/307681249/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.js
cdn.heapanalytics.com/js/replay/5523-HD-20-prod-heap/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
releasesettings
client-api.auryc.com/ |
2 B 169 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
releasesettings
client-api.auryc.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/307681249/ |
42 B 340 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/307681249/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
googleads.g.doubleclick.net/pagead/ Frame 5606 Redirect Chain
|
100 B 220 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 5606 |
29 B 495 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5606 |
86 KB 40 KB |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remote.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame 5606 |
116 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js
www.google.com/js/th/ Frame 5606 |
50 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sddefault.jpg
i.ytimg.com/vi/opTibscbdmQ/ Frame 5606 |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 5606 |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0jNZha4SjFYkPsybOSRwM6JuboG6OiuX-Q5PiBkB0AupAPvv-ilt79jwKSc7YyraSKUs-8o8sQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5606 |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5606 |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
www.youtube.com/ Frame 5606 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 5606 |
50 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5606 |
90 B 134 B |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
auryc.lib.js
cdn.heapanalytics.com/js/replay/libs/latest/ |
695 KB 186 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteconfig
client-api.auryc.com/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
siteconfig
client-api.auryc.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
5b995108-8ccf-47de-ac32-4a5aa8e1a63c
https://www.heliumdeploy.io/ |
85 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 261 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a1c07b89-9055-419f-b6a9-453ed8109b36
https://www.heliumdeploy.io/ |
85 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log_event
www.youtube.com/youtubei/v1/ Frame 5606 |
28 B 54 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| WebFont object| heap object| __WEBFLOW_CURRENCY_SETTINGS function| $ function| jQuery function| tram object| Webflow object| process function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| __AURYC_JSLIB_PATH__ object| aurycReadyCb object| auryc object| aurycEventPropertiesCb boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig string| scaShopUrl string| scaAffDomain undefined| sca_ref function| scaParseQueryString function| scaSetCookie function| scaGetCookie function| getAjax string| query object| qs object| chatbox number| text1_i string| moniqueText number| text2_i string| moniqueText2 number| speed function| typeWriter function| loadRealChat function| launchAurycEventMarker object| aurycBehaviorAPI object| aurycRecordAPI object| aurycFeedbackAPI10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: MXHuD7g1ROs |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: IM-dgbmDqYQ |
|
.heliumdeploy.io/ | Name: _gcl_au Value: 1.1.616821580.1703037833 |
|
af.uppromote.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Imp1UHJiUkRBV0gxeFFTKzlYNkZTcmc9PSIsInZhbHVlIjoiRUVaNEZFU3NMN1FvZ3d3T1NldGlJWnNZMG9rMGJYZHl3OEdoVTNuQWszc2hLbW9XWm5rb1wvZmZQcUI5ZUZzME8iLCJtYWMiOiIyMjk1M2U0MzM2MTYxNWFiYTRhYzhjODA5NzIzMjljNGVlYWNiNjEzMjllZGU0MGYzY2U1NmExMDU2ZTUzNWNhIn0%3D |
|
af.uppromote.com/ | Name: laravel_session Value: eyJpdiI6IlFMclZBbytTblp3bThcL1hcL1FwbDd0Zz09IiwidmFsdWUiOiJ4d3lNaWRkTzZpNm9INDhhNTV0YnBOMTE2aTlvSHhWVlpzTjFMcWx3eHNYb3d1ZE1Xbms2WGtFQ2piYVg4M1hhVURmZGgxSU9IZDNlNndXV1RvUnREQXBcL3BFSHlaK1NsdVJiaVVSblFuaGVodFwvZFBJb0ozNkdoUytxRWhjWUpFIiwibWFjIjoiZjVjYjQ0NmUzNmE3YmQ5MDc0NjhhYWM4N2U2MzIwMzJlZGNkMDNkMWZjMDUyZDkwNjcyNDczOThlYjYxZTgxNyJ9 |
|
.heliumdeploy.io/ | Name: _hp2_id.1529424147 Value: %7B%22userId%22%3A%222683620927998565%22%2C%22pageviewId%22%3A%224973787334324600%22%2C%22sessionId%22%3A%228020525375682039%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.heliumdeploy.io/ | Name: userty.core.p.6a20fb Value: __2VySWQiOiIxOGFjZGU5NjQ1YTkzNjMzNzg0YmEzYTYyYjJhMTI0MSJ9eyJ1c |
|
.heliumdeploy.io/ | Name: userty.core.s.6a20fb Value: __SI6MTcwMzAzOTYzNDM5NCwic2lkIjoiNTgzYWFiZGIxY2FmMjRjZjNiMjVlMTc0NTJmZGFlMDUiLCJzdCI6MTcwMzAzNzgzNDM5NCwicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ |
|
.heliumdeploy.io/ | Name: _hp2_ses_props.1529424147 Value: %7B%22ts%22%3A1703037833321%2C%22d%22%3A%22www.heliumdeploy.io%22%2C%22h%22%3A%22%2Fblog%2Fa-guide-to-claiming-your-helium-rewards%22%7D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
af.uppromote.com
ajax.googleapis.com
assets-global.website-files.com
assets.website-files.com
cdn.heapanalytics.com
cdn.shopify.com
client-api.auryc.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heapanalytics.com
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.heliumdeploy.io
www.youtube.com
yt3.ggpht.com
13.32.27.116
18.64.84.99
206.189.254.86
23.227.60.200
2600:9000:20e8:de00:12:9e5f:cac0:93a1
2600:9000:211e:9200:11:3b84:d200:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:803::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2008
2a00:1450:4001:827::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2016
2a00:1450:4001:831::2003
34.66.73.214
52.17.119.105
52.207.25.240
078dbb8063078fcfb604273fdd6bad45d01b09af15fc3bc125b4df5cce8db33b
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
17a8237745394a34e2429481013ad780f6ad14106cd19253099048c1005c249b
1dc2df9eb579cd3aaaeff8ee2bfc92a0d5bf65e94c3a594780bccb9a7eb6d2bc
2ab0ff7299db30af9b61d7701121c559f998304f44f87c59e75ac486f161e178
2c31daae8b67df28286a285cba84cafe86ff3d2a9043bb26deb93d41156de489
2df6ec600ef1afd493502783f8c5aa690100965e2bb46a722424ff4a882cb189
2e421d8ad275750dde03e17c01ddf87ecd6814818f9ad3c13ae9126f614b6809
2f6b4efd4f9829b073e1cc9145ad0421af890ef79b67344026e552f74100c202
333a1a9f27784b7dfb4de68469f0eb899473d3cd936bdbdf2e3ecd767c65e3b8
3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c89ca4cf846d533ad38869fba59b5ebfaeff2606732be4334274480331d653a
3c9f933d72a7bd02697d7107a9f1ab3d66cba302fc93adb24b1d826f44a99e45
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41ae329040ade483983ce9b61b7ce3771c650bb7b6834341e553c638f96cc29c
48ba17106d3de39921cbf921ed50210b1fc3446dba8173d1dd8b362fabc167ff
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fe4d23d795e816f7a06cfb3aebc31bbe00d2b4e9ce7a69909831243b9692480
53d04c8caac055eede539ebdc479040bca34df99212fa67924a691cacf149cc9
561059c261697cd920b167462fb7e2503902bad2064ce684b283eace027b4b2b
57983147568d3e3755a6a893a7130bbe42a9de82bef9ca24b1e9f688a3c788a3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f817cdbffa182e098ad3a220c6b60567903773267e63b112759b5ad922d5439
663d9768a1171f7d48a220177c198ff0311bb6f9ea8522a07957bba70b3813c6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
7253b093b9094b44ea7eca54cbf384f8082c8a11f254ddecf546c9bdb69c38ec
7fc15a5d7c5f3c833c76b8c190cb8740a2ee017d98956caaa61a6c7dc0c445f7
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83ed7bbc09f5e700cf3ff491151055fb389f77b05dc2f5df67628220305b69ad
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8eaf105a08cff140518db5742ab46d44e56a38e8e91d792da15642a1c3529993
9091438fd57dd1badacbc1134f0b57e97ef082a26a546fa031ff6bb3f8101143
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91b6ad57151207133e1e61c15c7c1b37a498ceedb95772c191f57170f57963bb
935253e3dc9f258c6aa03b13710772cbd54b9f969c0a64206bbe92534597fb71
9aea2a99ba5b63a622547830c19e398b80aefaff2fc489155f83b2d5843ff842
9eee7f12dca45ee16110e91f81fffd8a3eddce374452dd7212b8819b8af22614
a13d6414e74991e5ae05e65d11c91881151230ad3ad66576a2cb56585b443afe
a3f8b102afabf801166ebf78ba3009d89d5def6b07c94d4d0ea89ced11a95c31
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b104e242e4b08e9fce2257dd5a4058cd724a4eaccf1f6948f533978f4596caa7
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
b43d0a290130aa75dc7f2460f89e642519a7766ef078dfd0a555608fbd0a196c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da4ab370ac5e942981e98b8f1039d0c6fec980694665382db11b81a8b95eb44b
dcf47c8429634907be9d2c04284e338794e96901e1d1786d4ca97909021d73c5
deea8c1857498a22d5d52c2f19a0cdc5e0e0e02b089b33ad7e3d196fbabf9589
dfbd6849a6367c579045c8f7c45c0a71bb5b0fe59b98f89b6d19234f91266cb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2fa3d97684dc7200c64622af3588e7733e82e14f63d29faefe8004f85aa26b
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f6a0988af05a4189f58b5fcbb2eb57d85042bde70c0fbaf640bed71e0397906b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d