pedialytesweeps.com
Open in
urlscan Pro
52.86.116.67
Public Scan
Submission: On January 09 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 22nd 2023. Valid for: a year.
This is the only time pedialytesweeps.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 52.86.116.67 52.86.116.67 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 52.239.236.68 52.239.236.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 23.36.163.228 23.36.163.228 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a04:4e42:600... 2a04:4e42:600::396 | 54113 (FASTLY) (FASTLY) | |
1 | 2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9d | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
29 | 12 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-116-67.compute-1.amazonaws.com
pedialytesweeps.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
snippcheck.blob.core.windows.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
windows.net
snippcheck.blob.core.windows.net |
653 KB |
4 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 818 |
142 KB |
4 |
pedialytesweeps.com
pedialytesweeps.com |
96 KB |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2014 |
301 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240 |
89 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
155 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395 |
127 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 4002 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184 |
256 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
185 B |
1 |
redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1770 |
|
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115 |
1 KB |
29 | 12 |
Domain | Requested by | |
---|---|---|
8 | snippcheck.blob.core.windows.net |
pedialytesweeps.com
|
4 | analytics.tiktok.com |
pedialytesweeps.com
analytics.tiktok.com |
4 | pedialytesweeps.com |
pedialytesweeps.com
|
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | connect.facebook.net |
pedialytesweeps.com
connect.facebook.net |
2 | www.googletagmanager.com |
pedialytesweeps.com
www.googletagmanager.com |
2 | cdnjs.cloudflare.com |
pedialytesweeps.com
cdnjs.cloudflare.com |
1 | www.google.de |
pedialytesweeps.com
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | www.facebook.com |
pedialytesweeps.com
|
1 | www.redditstatic.com |
pedialytesweeps.com
|
1 | fonts.googleapis.com |
pedialytesweeps.com
|
29 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.pedialyte.com |
www.facebook.com |
www.instagram.com |
snipp.us |
www.snipp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pedialytesweeps.com Go Daddy Secure Certificate Authority - G2 |
2023-12-22 - 2024-12-22 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 06 |
2023-10-25 - 2024-06-27 |
8 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-10-19 - 2024-01-17 |
3 months | crt.sh |
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-08 - 2024-07-06 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pedialytesweeps.com/
Frame ID: A0650BC3B22011420B866A2A948367A3
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
HomeDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Snipp Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
pedialytesweeps.com/ |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
pedialytesweeps.com/Content/ |
175 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ |
100 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PDL_Logo.png
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CAROUSEL.jpg
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
176 KB 177 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Carousel-2.jpg
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
108 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Carousel-3.jpg
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
322 KB 323 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icon_Activation.png
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icon_Photos.png
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icon_Awards.png
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abbott_logo.png
snippcheck.blob.core.windows.net/files/Pedialyte_Rehydrate_to_Recover_2007317/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
pedialytesweeps.com/bundles/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap
pedialytesweeps.com/bundles/ |
110 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
175 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js,t.async=!0
www.redditstatic.com/ads/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ |
107 KB 108 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
169662294318369
connect.facebook.net/signals/config/ |
131 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
277 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MWZkNjY4MmI1MA.js
analytics.tiktok.com/i18n/pixel/static/ |
376 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 247 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_55404.js
analytics.tiktok.com/i18n/pixel/static/ |
137 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 838 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| dataLayer string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| rdt object| Resources object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| $ function| jQuery string| BLANK_STRING string| EMAIL_REQUIRED string| EMAIL_FRAUD string| EMAIL_BLACK_LISTED string| EMAIL_INVALID string| EMAIL_ERROR string| EMAIL_REGEX string| MSG_THANKS string| MSG_THANKS_AMOE string| MSG_REWARDLIMITREACHED string| MSG_DAILYLIMITREACHED function| displayLoader function| removeLoader function| isFieldBlank function| isDropdownBlank function| validateNumber function| validateIntegerValue function| displayNotificationOnTop function| displayWarningOnTop function| displayError function| removeError function| delayCallback function| getAge function| redirectToUrl object| bootstrap object| respond function| Popper function| Confirmation7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pedialytesweeps.com/ | Name: ASP.NET_SessionId Value: lytlk43pifddcnxujmmrqvon |
|
.pedialytesweeps.com/ | Name: _fbp Value: fb.1.1704836335286.2015270071 |
|
.tiktok.com/ | Name: _ttp Value: 2ajeIWG7jeKNquykfbSh4xXy0AJ |
|
.pedialytesweeps.com/ | Name: _ga Value: GA1.1.789398696.1704836335 |
|
.pedialytesweeps.com/ | Name: _ga_49SJ1367QT Value: GS1.1.1704836335.1.0.1704836335.60.0.0 |
|
.pedialytesweeps.com/ | Name: _tt_enable_cookie Value: 1 |
|
.pedialytesweeps.com/ | Name: _ttp Value: 2K3F-fZmRIRqM7by8HRJgLfY9pv |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
pedialytesweeps.com
region1.analytics.google.com
snippcheck.blob.core.windows.net
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
2001:4860:4802:34::36
23.36.163.228
2606:4700::6811:190e
2a00:1450:4001:803::2003
2a00:1450:4001:827::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::396
52.239.236.68
52.86.116.67
009467e3cab331f459d75e1dbd0df7637e29cb623ff5766dc84b4cb77e8fe7d8
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0d8695304a63572b8cb3568b097669bb1527bcc11b09c0480e03452dcccc3024
14bd86baec6bfe2b75c99abf8db4981a229669be6d5e356a9488a0534647e92f
22914eb7954bfb2a40176b26e5d062665410c02e0f8aa4c5c9920b11decfd14d
2542cd76df29fd9ac4615f66c62bf94aab8585d36d27c4e8af1354a9bf3a4a99
465a695a67f254396cb4639577369fcfda1dc48bf5f853f607b0afc1adb25741
4b56bca0f43fba50fd037e1497c51f39ca3289ffab33dba34fe7c50c4a0d96fe
4b8d981ecde430fd6815d94e528eadca898c2528fd57cb7e7ef373683e61adf4
4e08db50a4416291faae89a251eb885dbf1939eb76bbe4a1a25b603c7093c594
6e3ea5441f07931359eb53493dfb7b3adcef4cad7caa7ee182c0bceeb6c40243
7adbfd9555f212242dc019d072443d852742dd256a1822ed74c65270e5073379
85ad06c0cbfc0b5788592c9c0085b48e524313287ab1e90ab48e62141aff0aa9
90a5d852e7b743833126df2dafc092d4a2a59fd1a4cceb98412eda984dc065a5
a5ad56ad84677977314e7d5461481f5ce75cf0d9f2bc0b9d0d76b008195b474f
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956
be3518bc9ff465a512854b286fc7914ef31f50315de44f5a18a60986b67a3c3e
be8ed3a332a3dacb79d846c36cbf8ddac5ac7c52a3b6a74d46ba9e2c758a8e38
d5c68a34d0f50abe72219325fa1889df9376e0f9a0e24eb9d8c30ed62e163562
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07dd12ef20ebfb59f5dc9f05a543a95db6235b0a1aca6866f3a624d6a210977