trade.analystq.com
Open in
urlscan Pro
2606:4700:10::ac43:1a10
Public Scan
Submission: On May 25 via manual from PH
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2020. Valid for: a year.
This is the only time trade.analystq.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2606:4700:10:... 2606:4700:10::ac43:1a10 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:a823 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2600:9000:21f... 2600:9000:21f3:c000:1c:ef9f:ccc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:252f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2.16.186.211 2.16.186.211 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 6 | 84.53.140.72 84.53.140.72 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
32 | 10 |
ASN13335 (CLOUDFLARENET, US)
trade.analystq.com | |
analystq.com |
ASN15169 (GOOGLE, US)
ajax.googleapis.com | |
fonts.googleapis.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-211.deploy.static.akamaitechnologies.com
cdn.livechatinc.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a84-53-140-72.deploy.static.akamaitechnologies.com
api.livechatinc.com | |
secure.livechatinc.com | |
accounts.livechatinc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
pandats.com
nfp.pandats.com |
1 MB |
9 |
livechatinc.com
1 redirects
cdn.livechatinc.com api.livechatinc.com secure.livechatinc.com accounts.livechatinc.com |
245 KB |
6 |
analystq.com
trade.analystq.com analystq.com |
16 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
3 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
31 KB |
1 |
maxmind.com
js.maxmind.com |
2 KB |
1 |
cloudflare.com
ajax.cloudflare.com |
4 KB |
32 | 7 |
Domain | Requested by | |
---|---|---|
10 | nfp.pandats.com |
ajax.cloudflare.com
nfp.pandats.com |
5 | trade.analystq.com |
trade.analystq.com
ajax.cloudflare.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | cdn.livechatinc.com |
trade.analystq.com
secure.livechatinc.com |
2 | accounts.livechatinc.com |
1 redirects
cdn.livechatinc.com
|
2 | secure.livechatinc.com |
cdn.livechatinc.com
|
2 | fonts.googleapis.com |
nfp.pandats.com
secure.livechatinc.com |
2 | api.livechatinc.com |
cdn.livechatinc.com
|
1 | js.maxmind.com |
ajax.cloudflare.com
|
1 | ajax.googleapis.com |
ajax.cloudflare.com
|
1 | ajax.cloudflare.com |
trade.analystq.com
|
1 | analystq.com |
trade.analystq.com
|
32 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
analystq.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-05 - 2021-08-05 |
a year | crt.sh |
ajax.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-11 - 2022-08-16 |
2 years | crt.sh |
*.pandats.com Go Daddy Secure Certificate Authority - G2 |
2020-12-10 - 2022-01-11 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
*.maxmind.com Sectigo RSA Organization Validation Secure Server CA |
2020-10-07 - 2021-11-06 |
a year | crt.sh |
livechat.com DigiCert SHA2 Secure Server CA |
2021-04-20 - 2022-04-25 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://trade.analystq.com/
Frame ID: 002EB1FA5A2EF02FF9B61DE657BDD011
Requests: 25 HTTP requests in this frame
Frame:
https://secure.livechatinc.com/licence/11886996/v2/open_chat.cgi?license=11886996&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 589E7F74CB1FFFC948AD6BBBE2FC80A0
Requests: 6 HTTP requests in this frame
Frame:
https://accounts.livechatinc.com/static/postmessage.html
Frame ID: 27F5C6F503787DC3579988A3CC4B8D0E
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Risk Warning
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://accounts.livechatinc.com/customer?license_id=11886996&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F11886996%2Fv2%2Fopen_chat.cgi&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F11886996%2Fv2%2Fopen_chat.cgi&state=%40livechat%2Fcustomer-auth HTTP 302
- https://accounts.livechatinc.com/static/postmessage.html
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
trade.analystq.com/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
trade.analystq.com/css/ |
33 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
analystq.com/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
nfp.pandats.com/analystq/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
trade.analystq.com/js/ |
3 KB 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip2.js
js.maxmind.com/js/apis/geoip2/v2.1/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-redirect.js
trade.analystq.com/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
switch_day.svg
trade.analystq.com/images/ |
2 KB 777 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
cdn.livechatinc.com/ |
84 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.css
nfp.pandats.com/analystq/ |
2 KB 749 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.7383697481a4a6424ce5.css
nfp.pandats.com/analystq/ |
527 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.8dc19700d80028a5a0b0.js
nfp.pandats.com/analystq/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.4949262c8f62046a1c59.js
nfp.pandats.com/analystq/ |
38 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ |
263 B 461 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.eb54c7e0ba2d1aff853f.js
nfp.pandats.com/analystq/ |
107 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
24 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.9dc235fdbf826c9ac961.js
nfp.pandats.com/analystq/ |
1 MB 378 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_configuration
api.livechatinc.com/v3.3/customer/action/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open_chat.cgi
secure.livechatinc.com/licence/11886996/v2/ Frame 589E |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
localization.en.0.f18dd4d9fb0b965b3781bba9707f6877_ca1d294ef015e1235d3eab462082d9d9.js
secure.livechatinc.com/licence/11886996/v2/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.eeba706854db9302ab60.js
nfp.pandats.com/analystq/ |
3 MB 569 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
css
fonts.googleapis.com/ Frame 589E |
5 KB 709 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.119fa325.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 589E |
397 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.b852ca6e.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 589E |
367 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ Frame 589E |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ Frame 589E |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmessage.html
accounts.livechatinc.com/static/ Frame 27F5 Redirect Chain
|
553 B 493 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nfp-files-manifest.json
nfp.pandats.com/analystq/ |
607 B 1009 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
nfp.pandats.com/analystq/locales/ |
34 B 437 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __cfQR undefined| isLoggedIn boolean| isMobile boolean| isPluginMobile string| siteDomain string| langPath string| siteLang string| brandURI string| tradeRoomPage string| deployEnv boolean| isPHP function| checkloginState string| _lang object| geoip2 function| $ function| jQuery object| forexEvents function| depositSuccessCallback function| depositFailCallback function| signupSuccessCallback function| signupFailCallback function| loginSuccessCallback function| loginFailCallback function| logoutCallback function| appInitCallback function| themeChangeCallback function| changeThemeColorCHKBX object| ljs object| _nfpFilesManifest object| __lc boolean| __cfRLUnblockHandlers boolean| __lc_inited object| LC_API object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| global function| ProChart_Loader object| __zone_symbol__messagefalse object| __zone_symbol__beforeprintfalse object| __zone_symbol__afterprintfalse object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__beforeunloadfalse function| _ object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| runPlugin object| __zone_symbol__resizefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.livechatinc.com
ajax.cloudflare.com
ajax.googleapis.com
analystq.com
api.livechatinc.com
cdn.livechatinc.com
fonts.googleapis.com
fonts.gstatic.com
js.maxmind.com
nfp.pandats.com
secure.livechatinc.com
trade.analystq.com
2.16.186.211
2600:9000:21f3:c000:1c:ef9f:ccc0:93a1
2606:4700:10::ac43:1a10
2606:4700::6810:252f
2606:4700::6810:a823
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
84.53.140.72
0bf5698428edc2e7757875ced07247bf13010712ca20cbf2b25dbc1c26264063
10a9e293e7d434da1a7dc727d7e443c0fd0aa96abe76766d7ff177a076b63056
1a9992498cd23a54e0e998a1cd9d51b16b68488e5ea1b3a93de63de73eaf1278
2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1
322a56ce4dc74d894a23bda2bdd58f8f037b320f7fd625946a54a12060711edd
34a1adc0772cb4f8434fa87d95839b9c9645c719515c6702712817d8ede89717
35c24d9d5806c084a3589b431effef3d85b8815faf76b8c505fafd04fcfa71a1
3ec29eb097c84729fc20e324aa30c40faf7c0b48e128506a509a3ec7d48f00d8
3f2296fc1af54692bd56501bf9156cae1da8028424f9dbf8b00e5f40b6c3a4d9
42eb296e5db0b6ae2330d5faa40affe3d3750bb284f8c5590521a9acde0cb533
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
52717126e0ab7eed679f3f5de0d9d1a39ce46e5e68ae0a3deee4103c73ea90f9
598e154440a671cb4624ce12a933a3cb9edf62d90e510fa7cefe13dfe98acc0b
5f569c2f2330d40a608f94a10d9abed22bd2f2bdc8f80d058a12ec0c944ed629
62efe516acf592f73e50a938486a633731c483821cfc6948707d30ca11fd7c31
663a710ad35301a676c34a1d5aec9fceaa69bf10d94416c74cd8192979ab9426
7062305c8153bd8d108b5f1714c28eb25efc1c01350497abc3661f6b34345580
7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
7deeff0e7dec5f0a3e8e3aae9c2cab1077f3f790884210482999558e0d322bb2
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
99cd6ff67c1c3e6712d458ad3ed34d3f84d9bcadcdd149ce8adf36237fb3eceb
b44a43a62ea0b87d7262ff76ff7bbea4f11343b72ad2cfe0285a1bdc19cdb7a5
ba807c49d44c6d4b8cfad939f5c031797c8d60c3cee68fa7388f2188cbe4fba9
c1b3e0ed06172ae34baacd560c059e3e9798be96f68fc5a0ec0c211a422e616d
c5702f29abbbac4cacf0888fb79e78eb28f22485c213d7d2dd9add95a3420070
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e0aeac2c2a4987f311e77f9b33e34273ae73f6fa2d187cb5fb598605a50c5faa
f97180bdbf72cecc93e6a7eb1841989e1dc05c21698ccb18ca3b23194f374ef9
fa4812a609185762bca0303ae305767d0f11eaf07ac74776a55678189bb7cede