banks.vesicash.com
Open in
urlscan Pro
161.35.5.88
Public Scan
Submission: On January 21 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on January 21st 2021. Valid for: 3 months.
This is the only time banks.vesicash.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 161.35.5.88 161.35.5.88 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 172.67.72.223 172.67.72.223 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:20:... 2606:4700:20::681a:98b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 65.9.73.108 65.9.73.108 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 65.9.73.19 65.9.73.19 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 65.9.73.103 65.9.73.103 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 77.55.235.217 77.55.235.217 | 15967 (NAZWA) (NAZWA) | |
1 | 63.33.16.37 63.33.16.37 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:400c:c08::9a | 15169 (GOOGLE) (GOOGLE) | |
32 | 12 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-16-37.eu-west-1.compute.amazonaws.com
in.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
vesicash.com
banks.vesicash.com |
707 KB |
4 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com |
61 KB |
3 |
google-analytics.com
www.google-analytics.com |
19 KB |
3 |
tidiochat.com
widget-v4.tidiochat.com |
235 KB |
2 |
ip2c.org
ip2c.org |
434 B |
2 |
cloudflare.com
cdnjs.cloudflare.com |
86 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
87 B |
1 |
tidio.co
1 redirects
code.tidio.co |
644 B |
1 |
googletagmanager.com
www.googletagmanager.com |
39 KB |
32 | 9 |
Domain | Requested by | |
---|---|---|
16 | banks.vesicash.com |
banks.vesicash.com
|
3 | www.google-analytics.com |
banks.vesicash.com
www.google-analytics.com |
3 | widget-v4.tidiochat.com |
banks.vesicash.com
code.tidio.co |
2 | ip2c.org |
banks.vesicash.com
|
2 | cdnjs.cloudflare.com |
banks.vesicash.com
cdnjs.cloudflare.com |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
banks.vesicash.com
|
1 | code.tidio.co | 1 redirects |
1 | www.googletagmanager.com |
banks.vesicash.com
|
32 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
vesicash.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.linkedin.com |
blog.vesicash.com |
docs.vesicash.com |
meltwater.org |
greenhouse.capital |
ingressivecapital.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
banks.vesicash.com R3 |
2021-01-21 - 2021-04-21 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
ip2c.org R3 |
2020-12-18 - 2021-03-18 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://banks.vesicash.com/
Frame ID: F353D276FB69CA032517CD39B135D3F0
Requests: 31 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5733EB1B3F43D150CD44637E5AA812B9
Requests: 1 HTTP requests in this frame
Frame:
https://widget-v4.tidiochat.com//1_48_0/static/js/widget.42c0d66b33e45751ff47.js
Frame ID: F6B737168013493022AA36ABFDC49F44
Requests: 2 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-v(?:ue)-/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
23 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Solutions
Search URL Search Domain Scan URL
Title: For Marketplace
Search URL Search Domain Scan URL
Title: For Logistics
Search URL Search Domain Scan URL
Title: For Digital Commerce
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Get Started
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Plugins
Search URL Search Domain Scan URL
Title: Documentation
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://code.tidio.co/do7wdstuh5zkq473cfcc49dgf9zj7n9h.js HTTP 302
- https://widget-v4.tidiochat.com/1_48_0/static/js/render.42c0d66b33e45751ff47.js
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
banks.vesicash.com/ |
183 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.d0eafb7.js
banks.vesicash.com/_nuxt/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.app.3478bd7.js
banks.vesicash.com/_nuxt/ |
201 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.app.6b42a7f.js
banks.vesicash.com/_nuxt/ |
626 KB 212 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.0a4a440.js
banks.vesicash.com/_nuxt/ |
392 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.03174e8.js
banks.vesicash.com/_nuxt/pages/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ |
56 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
98 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
render.42c0d66b33e45751ff47.js
widget-v4.tidiochat.com/1_48_0/static/js/ Redirect Chain
|
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtag.js
banks.vesicash.com/ |
215 B 455 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar.js
banks.vesicash.com/ |
441 B 589 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buyer-seller-protection.242a649.svg
banks.vesicash.com/_nuxt/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
complete-transparency.b6d2080.svg
banks.vesicash.com/_nuxt/img/ |
2 KB 782 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mest_logo.c42906a.svg
banks.vesicash.com/_nuxt/img/ |
18 KB 14 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
greenhouse.c61a0b3.svg
banks.vesicash.com/_nuxt/img/ |
30 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hiil-logo.c99f6a7.svg
banks.vesicash.com/_nuxt/img/ |
16 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1026990.js
static.hotjar.com/c/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
835 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gordita%20Regular.8f8fc88.otf
banks.vesicash.com/_nuxt/fonts/ |
169 KB 90 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gordita%20Medium.2a23af3.otf
banks.vesicash.com/_nuxt/fonts/ |
171 KB 90 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gordita%20Bold.78dd252.otf
banks.vesicash.com/_nuxt/fonts/ |
170 KB 91 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ |
75 KB 75 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.bee5282d182403f57b1d.js
script.hotjar.com/ |
222 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5733 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s
ip2c.org/ |
16 B 217 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s
ip2c.org/ |
16 B 217 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.42c0d66b33e45751ff47.js
widget-v4.tidiochat.com//1_48_0/static/js/ Frame F6B7 |
815 KB 222 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/1026990/ |
152 B 305 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 68 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tururu.mp3
widget-v4.tidiochat.com// Frame F6B7 |
7 KB 8 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| SENTRY_RELEASE object| tidioChatApi function| hj object| _hjSettings object| __NUXT__ object| webpackJsonp object| google_tag_manager object| dataLayer object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady string| GoogleAnalyticsObject function| ga object| $nuxt object| google_tag_data object| gaplugins object| gaGlobal object| gaData9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.vesicash.com/ | Name: _gat Value: 1 |
|
.vesicash.com/ | Name: _gid Value: GA1.2.2095815544.1611227570 |
|
banks.vesicash.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.vesicash.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.vesicash.com/ | Name: _ga Value: GA1.2.1642213992.1611227570 |
|
.vesicash.com/ | Name: _hjFirstSeen Value: 1 |
|
.vesicash.com/ | Name: _gat_gtag_UA_134595327_1 Value: 1 |
|
.vesicash.com/ | Name: _hjid Value: a0336555-36a2-4655-a4b1-cca5395a1fd3 |
|
.vesicash.com/ | Name: _hjTLDTest Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banks.vesicash.com
cdnjs.cloudflare.com
code.tidio.co
in.hotjar.com
ip2c.org
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
widget-v4.tidiochat.com
www.google-analytics.com
www.googletagmanager.com
161.35.5.88
172.67.72.223
2606:4700:20::681a:98b
2606:4700::6810:125e
2a00:1450:4001:800::200e
2a00:1450:4001:816::2008
2a00:1450:400c:c08::9a
63.33.16.37
65.9.73.103
65.9.73.108
65.9.73.19
77.55.235.217
1144c1dd7f3ee70c0d96a253872642ee511eafce982afbfa9d6f05e09c4fc6cc
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1a2cf89a2ac9f77680cd8c7d668e3b99e9c3d64dc0cab15bba0e65d64828ba86
2ae1c4925d90875d2cdf25b75a9bf0051569a35d0a73fe266d735d9a6372bbb8
39d5ae4e2f4e82e1b837e982b644598a09dafc6183b30c5cac368c8aee79672c
4099b7fe6669ed40e52ca2c6b0b738a580a294b1ddb71550cf70358077a52f81
4d4cfec64e332fdf34a57c589543529b0ff1ed9ba76decbba71fd50df760dcc9
56a69bf60af6593fb502ee8fd22bc0f3cff758c16054c6f1f779b8e9f3bc8c88
5bab49f7a5ee406e0229c26b073ad715b465aa31bc047d1e8aa5dc436deef3c4
5c0630ffd8ac71995b1dd98c9e1d78ec3ed7b425ff474c6ecd185a8dd9f5fa3f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dce103fcca9a204ad32651d1c7f5772f7e4168ce31952e2aa6c565355cf4600
7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01
7f81f803a7d5de11898bb713785e7bcf85d6ee47eba2612ec30160e1ca9c335d
872f7cedf82c31b518f86fff674fa12c11b78dac37f35e377739d2eb6323b281
87f0055a0b17b6d30048684fe4392b7bd87da88e53fa9632c469180adf202931
92b46f0e49ca4996152107cdd94579888b00ca2f9aacd2b1be5e624a776952e7
97de9d883edeaf7629b569fa0b909726973eec9905c7fba5f194dc5ecd3f1b70
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a12840c38b44d2585cb21225b2e582547644cc3ab01a148f1d24f7f0c435cc05
a43f2ee56162325825142b73fcd484c6a60436c28e0e37506bd30e789429a25f
a9f421c64ef59d5043d18b8d14d0572868a3c1cc8f1b881934b49d0690e0ca25
aac914c03410d7a6529225a28ee77438eb0f301b22708da6d65576367d5812db
b0c49a5b6a68b632cb69b5cb945ae2c431e32e040f311f539a4ddf4423f4bb3b
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
ca2ac18b1dcc2e3f3d884a611aca999e3dd0b2e6fcb71229a9a6479bbc65ef3a
d41d25d683e99158d895bf85b945cc76104be96a21cbddf726e5be0b21e27fc6
d6def7689024f56a64c45ca433a2a0ad1c14410bc188e67aebf18773517677bf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ff5cdb002dfed564f8b7d66b7c73c23bd0079df4d1c808ca0e64b40d007212fb