covesting.io
Open in
urlscan Pro
104.20.4.12
Public Scan
Submission: On April 26 via manual from IL
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 9th 2018. Valid for: 6 months.
This is the only time covesting.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 104.20.4.12 104.20.4.12 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 172.217.22.104 172.217.22.104 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 172.217.16.174 172.217.16.174 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 185.60.216.19 185.60.216.19 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 104.109.66.166 104.109.66.166 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 64.233.166.155 64.233.166.155 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 172.217.16.164 172.217.16.164 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.22.99 172.217.22.99 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 185.60.216.35 185.60.216.35 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 93.184.220.110 93.184.220.110 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 5 | 87.250.251.119 87.250.251.119 | 13238 (YANDEX) (YANDEX) | |
2 | 104.16.53.111 104.16.53.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 2 | 104.16.83.55 104.16.83.55 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 104.16.36.13 104.16.36.13 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
23 | 12 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
covesting.io |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f104.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f174.1e100.net
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-66-166.deploy.static.akamaitechnologies.com
chimpstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: wm-in-f155.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f164.1e100.net
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f99.1e100.net
www.google.nl |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
assets.zendesk.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
support.covesting.io |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
v2.zopim.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
v2assets.zopim.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
covesting.io
covesting.io support.covesting.io |
240 KB |
5 |
yandex.ru
1 redirects
mc.yandex.ru |
37 KB |
2 |
zopim.com
1 redirects
v2.zopim.com |
241 KB |
2 |
facebook.com
www.facebook.com |
390 B |
2 |
facebook.net
connect.facebook.net |
28 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
14 KB |
1 |
zopim.io
v2assets.zopim.io |
77 KB |
1 |
zendesk.com
assets.zendesk.com |
629 KB |
1 |
google.nl
www.google.nl |
109 B |
1 |
google.com
1 redirects
www.google.com |
183 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
164 B |
1 |
chimpstatic.com
chimpstatic.com |
488 B |
1 |
googletagmanager.com
www.googletagmanager.com |
20 KB |
23 | 13 |
Domain | Requested by | |
---|---|---|
6 | covesting.io |
covesting.io
|
5 | mc.yandex.ru |
1 redirects
covesting.io
|
2 | v2.zopim.com | 1 redirects |
2 | support.covesting.io |
assets.zendesk.com
|
2 | www.facebook.com |
covesting.io
|
2 | connect.facebook.net |
covesting.io
connect.facebook.net |
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
1 | v2assets.zopim.io |
covesting.io
|
1 | assets.zendesk.com |
covesting.io
|
1 | www.google.nl |
covesting.io
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | chimpstatic.com |
covesting.io
|
1 | www.googletagmanager.com |
covesting.io
|
23 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssl404855.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-03-09 - 2018-09-15 |
6 months | crt.sh |
support.covesting.io Let's Encrypt Authority X3 |
2018-03-14 - 2018-06-12 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://covesting.io/
Frame ID: DDBE053FA469F4DADDDD49981DC54650
Requests: 19 HTTP requests in this frame
Frame:
https://assets.zendesk.com/embeddable_framework/main.js
Frame ID: 186D3306106036CB5BFD284EF162B54
Requests: 3 HTTP requests in this frame
Frame:
https://v2assets.zopim.io/DjdORD9w84Xh5b2FwFMfYObCNK6fbOlx-concierge?1522079455709
Frame ID: FA1EE77A982A9ABB80BFE9FE1E4E5902
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Zendesk Chat (Live Chat) ExpandDetected patterns
- script /v2\.zopim\.com/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
Yandex.Metrika (Analytics) Expand
Detected patterns
- script /mc\.yandex\.ru\/metrika\/watch\.js/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1631275211&t=pageview&_s=1&dl=https%3A%2F%2Fcovesting.io%2F&ul=en-us&de=UTF-8&dt=Covesting%20-%20Cryptocurrency%20Trading%20Platform%20You%20Can%20Trust.%20Join%20Beta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=93432466&gjid=74036804&cid=497308336.1524735131&tid=UA-107235846-1&_gid=445534558.1524735131&_r=1>m=G4dK3GTGP6&z=2089582130 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-107235846-1&cid=497308336.1524735131&jid=93432466&_gid=445534558.1524735131&gjid=74036804&_v=j67&z=2089582130 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107235846-1&cid=497308336.1524735131&jid=93432466&_v=j67&z=2089582130 HTTP 302
- https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107235846-1&cid=497308336.1524735131&jid=93432466&_v=j67&z=2089582130&slf_rd=1&random=2271009054
- https://mc.yandex.ru/watch/48085781?wmode=7&page-url=https%3A%2F%2Fcovesting.io%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180426093211%3Aet%3A1524735131%3Aen%3Autf-8%3Av%3A1082%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A888496351%3Ahid%3A629863654%3Ads%3A0%2C22%2C71%2C1%2C0%2C0%2C0%2C237%2C0%2C%2C%2C%2C332%3Awn%3A62623%3Ahl%3A2%3Ast%3A1524735131%3Au%3A1524735131396010146%3At%3ACovesting%20-%20Cryptocurrency%20Trading%20Platform%20You%20Can%20Trust.%20Join%20Beta HTTP 302
- https://mc.yandex.ru/watch/48085781/1?wmode=7&page-url=https%3A%2F%2Fcovesting.io%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180426093211%3Aet%3A1524735131%3Aen%3Autf-8%3Av%3A1082%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A888496351%3Ahid%3A629863654%3Ads%3A0%2C22%2C71%2C1%2C0%2C0%2C0%2C237%2C0%2C%2C%2C%2C332%3Awn%3A62623%3Ahl%3A2%3Ast%3A1524735131%3Au%3A1524735131396010146%3At%3ACovesting%20-%20Cryptocurrency%20Trading%20Platform%20You%20Can%20Trust.%20Join%20Beta
- https://v2.zopim.com/?DjdORD9w84Xh5b2FwFMfYObCNK6fbOlx HTTP 302
- https://v2.zopim.com/bin/v/widget_v2.246.js
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
covesting.io/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.4015095b16e234f646ce.bundle.js
covesting.io/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inline.25707dccd6e2b4e6298d.bundle.js
covesting.io/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.dab969d888fcf37e5933.bundle.js
covesting.io/ |
178 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.4ebbcb133d1c8e9a2237.bundle.js
covesting.io/ |
896 KB 189 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
52 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fbevents.js
connect.facebook.net/en_US/ |
40 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
54d28f4415187243289f972e3.js
chimpstatic.com/mcjs-connected/js/users/9f0950ca2abf333a9bc82b096/ |
50 B 488 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga-audiences
www.google.nl/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
169420700305128
connect.facebook.net/signals/config/ |
57 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 246 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
covesting.io/ |
26 B 393 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
assets.zendesk.com/embeddable_framework/ Frame 186D |
2 MB 629 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ |
99 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
support.covesting.io/embeddable/ Frame 186D |
316 B 951 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/48085781/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 349 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/48085781/ |
152 B 695 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
support.covesting.io/ Frame 186D |
0 366 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
widget_v2.246.js
v2.zopim.com/bin/v/ Redirect Chain
|
1 MB 240 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
DjdORD9w84Xh5b2FwFMfYObCNK6fbOlx-concierge
v2assets.zopim.io/ Frame FA1E |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ |
44 B 144 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer object| TradingView function| webpackJsonp object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| gaplugins object| gaGlobal object| gaData object| __zone_symbol__popstatefalse boolean| ngDevMode object| platform object| ng object| __zone_symbol__hashchangefalse function| zEmbed function| zE function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| $mcSite function| $zopim function| __zone_symbol__ON_PROPERTYunload object| __zone_symbol__unloadfalse object| __zone_symbol__beforeunloadtrue object| __zone_symbol__unloadtrue object| Ya object| __zone_symbol__messagetrue object| __zone_symbol__hashchangetrue object| __zone_symbol__scrolltrue object| __zone_symbol__resizetrue object| __zone_symbol__focustrue object| __zone_symbol__blurtrue object| yaCounter48085781 object| __zone_symbol__loadtrue string| __$__GEO object| __zone_symbol__beforeunloadfalse object| __zone_symbol__offlinefalse object| __zone_symbol__onlinefalse object| __zone_symbol__clickfalse object| __zone_symbol__scrollfalse object| __zone_symbol__keypressfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.covesting.io/ | Name: _gid Value: GA1.2.445534558.1524735131 |
|
.covesting.io/ | Name: _ga Value: GA1.2.497308336.1524735131 |
|
.covesting.io/ | Name: _ym_uid Value: 1524735131396010146 |
|
.covesting.io/ | Name: _gat_UA-107235846-1 Value: 1 |
|
.covesting.io/ | Name: _ym_visorc_48085781 Value: w |
|
.covesting.io/ | Name: _ym_isad Value: 2 |
|
.covesting.io/ | Name: __cfduid Value: dc195ef3eade2086e0e24baa44b34793f1524735130 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.zendesk.com
chimpstatic.com
connect.facebook.net
covesting.io
mc.yandex.ru
stats.g.doubleclick.net
support.covesting.io
v2.zopim.com
v2assets.zopim.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
104.109.66.166
104.16.36.13
104.16.53.111
104.16.83.55
104.20.4.12
172.217.16.164
172.217.16.174
172.217.22.104
172.217.22.99
185.60.216.19
185.60.216.35
64.233.166.155
87.250.251.119
93.184.220.110
0087c0936a6ba41eed9512611a676284065e90326dc14da27d7c97d100cfb47a
01140a034bb9592cf09d880b23d72e92ded869bbd6102caaed3d47a1d1577bf7
0259af4061f7c117a693c77c82d9e93e06aa00f29a940fa65685a446ba14f50c
092c8e8c28b246ae8e2e55aae8952c9321faa846303051b6031acaef214bb8b2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f494732a816fefc105aa78eb9e6054a2edc828cdc77c9bba496094e16d7307
19b116b7f5f033c326b4bd2ccc1934f49a385a7d69e1a0ca0cae89ac913be12a
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
222e916ba13f40e47b9307221204c88d366af2d70e3f0fe13ecf4187344421db
4b6e4246c18361151b400a68a70c9bc6f388d6c22096d672c6f0100319fad1fa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
65e9d9f3db8cfee0204ac8e22dd4ffdcf5646b39ac60e59b25ec4df226e63622
6814b406012b79ad973f06e7afb6410efb6ae9d42ce43cdb908e9ffb9d435dd1
76efa5737b51dcb19235de34f55e64b91b5d15d8dc6f06d427160e38689fd13f
7f48985f45ca3fd61bbd2705501cbf2d32e12d177026ff0d5b804b1744db9f15
a0bf582b23c22921896831d939fdc85c3065aa1e4d8e2d23884487b3dc350934
a4c9a6b8045aa64ce840fbb2d1a1e9b8ce41c9a79210451158d01afa3ec8d926
da6069e17dc95533ae8ba9fe2b400b1a329e69ba9b08c41ef513870caa674ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f