elektriker-sikker.anyflow.no Open in urlscan Pro
188.114.96.12  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response elektriker-sikker.anyflow.no/	492 KB 118 KB	606ms 200ms	Document text/html	188.114.96.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elektriker-sikker.anyflow.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 10c2b329c0e3b55f5475bc70fff1db953dceda81a6d2e5a5f64f9ccfb242eee2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language no-NO,no;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7545189a1eedb50f-OSL content-encoding br content-type text/html date Mon, 03 Oct 2022 10:46:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNY%2BGa%2FrzWrtoj9wzILBXuSCEXNFdXUf8sPQJqE7CryO%2BnUSGa5V4qSKwmsYhltw9YhYhf67%2B2rTSwgQneOh37CU6IkCxDspf1TXb8KH9%2B9bGXD8oM%2B0KpNe8syazNZD79a%2Fgc9tezfBntUb9xc9"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Express
GET H2	200	icon fonts.heyflow.cloud/	571 B 626 B	588ms 164ms	Stylesheet text/css	104.26.0.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/icon?family=Material+Icons Requested by Host: elektriker-sikker.anyflow.no URL: https://elektriker-sikker.anyflow.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8a54c4ddb40cf230eb072b7f414ce69c752a7ea35f55c995f1ed828eda089307 Request headers accept-language no-NO,no;q=0.9 Referer https://elektriker-sikker.anyflow.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 10:46:49 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Oct 2022 10:46:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHowFN4sJsKuOYrkJYxW7dp3vMaCJAv%2Bkmg4owGs4iwofIw7NQEkECi3wncbwbNGRDWhW42%2FP9U%2BcKYP%2FZI5Ew5s%2BRJ90ybO6Jf5eZsgPIB2HHTnUwbhAnFae%2Blh8ncqdBC7zUo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * x-cloud-trace-context b096da22476be793467d28c1e7e67132 cache-control private, max-age=604800 cf-ray 7545189df9e3b50c-OSL
GET H2	200	css fonts.heyflow.cloud/	19 KB 1 KB	582ms 158ms	Stylesheet text/css	104.26.0.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800|ABeeZee:300,400,500,600,700,800&display=swap Requested by Host: elektriker-sikker.anyflow.no URL: https://elektriker-sikker.anyflow.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 2b12f79903171d309b7af1fa4fdd1b7672cdf29eb97746de46619dba77198f66 Request headers accept-language no-NO,no;q=0.9 Referer https://elektriker-sikker.anyflow.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 10:46:49 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Oct 2022 10:46:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2id2C0LTTDO%2Fu6%2BhM9I64L8m3hh2H9fwSTDzciMfHSADInGcbWaUhy1BF2kn5PLfnEoe%2B3ghfC2IHqTxbvJ6PyGdkl3KmDCTf%2BmM67Ekz%2BDbf9NakyVbiz2JxQ%2BU3iDKYuSb0Oo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * x-cloud-trace-context c7fb7ff13101c66a9e373655fbcbf6a8 cache-control private, max-age=604800 cf-ray 7545189df9e4b50c-OSL
GET H2	200	7dfa9230-5f54-435f-9b72-e6de69fa21f6 storage.googleapis.com/builder.zenflow.de/electricans/www/assets/	90 KB 79 KB	648ms 162ms	Image image/png	142.250.180.208 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/builder.zenflow.de/electricans/www/assets/7dfa9230-5f54-435f-9b72-e6de69fa21f6 Requested by Host: elektriker-sikker.anyflow.no URL: https://elektriker-sikker.anyflow.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.180.208 , United States, ASN15169 (GOOGLE, US), Reverse DNS bud02s33-in-f16.1e100.net Software UploadServer / Resource Hash ea89c83417454ae2f107f8a5e81464fb4a9cf48ba09b44309403802dd665fa51 Request headers accept-language no-NO,no;q=0.9 Referer https://elektriker-sikker.anyflow.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 10:46:49 GMT content-encoding gzip x-guploader-uploadid ADPycdsHrwj-4zDnOAGsH0FKgdbu4sBKi3bBxusoTSyupSULy81R05gqgOo8ZQnhYbmCqIN5-fwBb8YJQM8uhIu3mlyEy3JtLk2P x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 79782 last-modified Mon, 03 Oct 2022 09:36:06 GMT server UploadServer etag "fcf61e3f84930e04db182f2b975f692f" vary Accept-Encoding x-goog-generation 1664789765977121 content-type false access-control-allow-origin * x-goog-hash crc32c=Z1eZsQ==, md5=/PYeP4STDgTbGC8rl19pLw== access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 79782 accept-ranges bytes expires Mon, 03 Oct 2022 11:46:49 GMT
GET H2	200	esDR31xSG-6AGleN2tWkkA.woff2 fonts.heyflow.cloud/s/abeezee/v22/	17 KB 17 KB	531ms 160ms	Font font/woff2	104.26.0.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/s/abeezee/v22/esDR31xSG-6AGleN2tWkkA.woff2 Requested by Host: fonts.heyflow.cloud URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800|ABeeZee:300,400,500,600,700,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e9b78ce1cbff9e258afa3a91f5b9a0fe64ce792691eda7f66b9eaad19e468e83 Request headers Referer https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800|ABeeZee:300,400,500,600,700,800&display=swap Origin https://elektriker-sikker.anyflow.no accept-language no-NO,no;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 10:46:49 GMT cf-cache-status MISS last-modified Mon, 03 Oct 2022 10:46:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EcLQxAWXRamzrtFBUYvv198PNy5ow0bDVGdFkrP33f94QFYVHOMmsCMm58UwBjiqsIvIdjSzgyChq2siHGqLIMvZhFaMIyskfAVrSkbpA5qZCaDkAkz4jTDgKDE8vuYvNyDP6w%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * x-cloud-trace-context 0ee8df891c8ab268edb78e383ff8366f cache-control public, max-age=604800 accept-ranges bytes cf-ray 754518a19bb30b31-OSL content-length 17072
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.heyflow.cloud/s/lato/v23/	23 KB 23 KB	433ms 63ms	Font font/woff2	104.26.0.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.heyflow.cloud URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800|ABeeZee:300,400,500,600,700,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Request headers Referer https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800|ABeeZee:300,400,500,600,700,800&display=swap Origin https://elektriker-sikker.anyflow.no accept-language no-NO,no;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 10:46:49 GMT cf-cache-status MISS last-modified Mon, 03 Oct 2022 10:46:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxajqsO6bRzCWC8Na7%2BNCtgtQvccrkY5NuCPrXUKToCF9zZK%2FuibVV0OVwjaUZvV5%2FkYDqgTqd5exGOeS9bWJyCgEGs59jJGtAogicwLgNQA8hXRusVPGdqDkTa2IYUO3u%2BdGgQ%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * x-cloud-trace-context d00b69b31cbc127b86b056062db2b927 cache-control public, max-age=604800 accept-ranges bytes cf-ray 754518a19bb50b31-OSL content-length 23580
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.heyflow.cloud/s/lato/v23/	23 KB 23 KB	424ms 55ms	Font font/woff2	104.26.0.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.heyflow.cloud/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.heyflow.cloud URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800|ABeeZee:300,400,500,600,700,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Request headers Referer https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800|ABeeZee:300,400,500,600,700,800&display=swap Origin https://elektriker-sikker.anyflow.no accept-language no-NO,no;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 03 Oct 2022 10:46:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 594179 x-powered-by Express content-length 23040 last-modified Mon, 26 Sep 2022 13:43:50 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nudDYb6kyi0hMmAk9iiIAkxGMZaVPIp2e%2BzGESpoXj9jAEwJZsRRmi7UPRoVzTU5vg%2FZMglsr5lLGZr%2FP3I6jsSMmv1Haz%2BfnW%2Fyt9I6J4E%2BEaKAZGHTHWkRHAsTtHQW%2FPOJEBk%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * x-cloud-trace-context dd180aee5f90f81afd85dc56ee46a418 cache-control public, max-age=604800 accept-ranges bytes cf-ray 754518a19bb40b31-OSL
OPTIONS H2	204	onEvent europe-west1-niro-tracking.cloudfunctions.net/	0 0	530ms 105ms	Preflight text/html	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://europe-west1-niro-tracking.cloudfunctions.net/onEvent Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://elektriker-sikker.anyflow.no Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://elektriker-sikker.anyflow.no alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Mon, 03 Oct 2022 10:46:49 GMT function-execution-id 8cjxuthid86d server Google Frontend vary Origin, Access-Control-Request-Headers x-cloud-trace-context 83fae6551463c3ea4c2a68e4f9c53415 x-powered-by Express
POST H2	200	onEvent Show response europe-west1-niro-tracking.cloudfunctions.net/	2 B 124 B	139ms 138ms	XHR text/plain	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://europe-west1-niro-tracking.cloudfunctions.net/onEvent Requested by Host: elektriker-sikker.anyflow.no URL: https://elektriker-sikker.anyflow.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://elektriker-sikker.anyflow.no/ accept-language no-NO,no;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Mon, 03 Oct 2022 10:46:50 GMT content-encoding gzip server Google Frontend etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" x-powered-by Express vary Origin content-type text/plain; charset=utf-8 access-control-allow-origin https://elektriker-sikker.anyflow.no x-cloud-trace-context 3a723e38f023ce5d99782df5734566b7 cache-control private function-execution-id dwnzc7yk6j4f alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22
POST H2	200	onEvent Show response europe-west1-niro-tracking.cloudfunctions.net/	2 B 190 B	121ms 119ms	XHR text/plain	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://europe-west1-niro-tracking.cloudfunctions.net/onEvent Requested by Host: elektriker-sikker.anyflow.no URL: https://elektriker-sikker.anyflow.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://elektriker-sikker.anyflow.no/ accept-language no-NO,no;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Mon, 03 Oct 2022 10:46:50 GMT content-encoding gzip server Google Frontend etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" x-powered-by Express vary Origin content-type text/plain; charset=utf-8 access-control-allow-origin https://elektriker-sikker.anyflow.no x-cloud-trace-context 1da02fc0f483a314f92806493b3af81b cache-control private function-execution-id bo2778l3dlgm alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22
OPTIONS H2	204	onEvent europe-west1-niro-tracking.cloudfunctions.net/	0 0	523ms 104ms	Preflight text/html	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://europe-west1-niro-tracking.cloudfunctions.net/onEvent Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://elektriker-sikker.anyflow.no Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://elektriker-sikker.anyflow.no alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Mon, 03 Oct 2022 10:46:49 GMT function-execution-id 6n7n513gxe1x server Google Frontend vary Origin, Access-Control-Request-Headers x-cloud-trace-context ba675a7ac3a187e5f4f5c294e56c2fb5 x-powered-by Express

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| heyflow object| windowConstants object| regeneratorRuntime function| Awesomplete function| Cleave function| onLessReady object| Client object| dataLayer

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

elektriker-sikker.anyflow.no
europe-west1-niro-tracking.cloudfunctions.net
fonts.heyflow.cloud
storage.googleapis.com
104.26.0.240
142.250.180.208
188.114.96.12
216.239.36.54
10c2b329c0e3b55f5475bc70fff1db953dceda81a6d2e5a5f64f9ccfb242eee2
2b12f79903171d309b7af1fa4fdd1b7672cdf29eb97746de46619dba77198f66
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
8a54c4ddb40cf230eb072b7f414ce69c752a7ea35f55c995f1ed828eda089307
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e9b78ce1cbff9e258afa3a91f5b9a0fe64ce792691eda7f66b9eaad19e468e83
ea89c83417454ae2f107f8a5e81464fb4a9cf48ba09b44309403802dd665fa51