www.helicoptertour.cruisehi.com
Open in
urlscan Pro
198.12.243.215
Public Scan
Submission: On June 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R11 on June 17th 2024. Valid for: 3 months.
This is the only time www.helicoptertour.cruisehi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 198.12.243.215 198.12.243.215 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2016 | 15169 (GOOGLE) (GOOGLE) | |
3 | 142.250.185.194 142.250.185.194 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:20:... 2606:4700:20::681a:c2a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 142.250.185.228 142.250.185.228 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.217.18.14 172.217.18.14 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
29 | 15 |
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: _unknown.ip.secureserver.net
www.helicoptertour.cruisehi.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
google.com
cse.google.com — Cisco Umbrella Rank: 4394 www.google.com — Cisco Umbrella Rank: 5 clients1.google.com — Cisco Umbrella Rank: 789 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744 |
309 KB |
6 |
cruisehi.com
www.helicoptertour.cruisehi.com |
183 KB |
3 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 |
197 KB |
2 |
gstatic.com
fonts.gstatic.com |
173 KB |
2 |
gtranslate.net
cdn.gtranslate.net — Cisco Umbrella Rank: 24759 |
7 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355 |
265 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
103 KB |
1 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 112 |
4 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
6 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 122 |
8 KB |
29 | 10 |
Domain | Requested by | |
---|---|---|
6 | www.helicoptertour.cruisehi.com |
www.helicoptertour.cruisehi.com
|
4 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
4 | www.google.com |
cse.google.com
www.google.com |
3 | pagead2.googlesyndication.com |
www.helicoptertour.cruisehi.com
pagead2.googlesyndication.com |
2 | fonts.gstatic.com |
www.helicoptertour.cruisehi.com
|
2 | cdn.gtranslate.net |
www.helicoptertour.cruisehi.com
|
2 | cse.google.com |
www.helicoptertour.cruisehi.com
www.google.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.helicoptertour.cruisehi.com
|
1 | lh3.googleusercontent.com |
www.helicoptertour.cruisehi.com
|
1 | fonts.googleapis.com | |
1 | clients1.google.com |
www.helicoptertour.cruisehi.com
|
1 | i.ytimg.com |
www.helicoptertour.cruisehi.com
|
29 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
cruisehi.com |
www.viator.com |
www.redbubble.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.helicoptertour.cruisehi.com R11 |
2024-06-17 - 2024-09-15 |
3 months | crt.sh |
edgestatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
gtranslate.net E1 |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.googleusercontent.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.helicoptertour.cruisehi.com/
Frame ID: 67E45700D6D14DEA81C1609CC4464AF5
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Hawaii Helicopter Tours | #HawaiiHelicopterTour | Kauai Hawaii Helicopter tour Napali Coast |Detected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Cabin Photos
Search URL Search Domain Scan URL
Title: Hawaii Tours
Search URL Search Domain Scan URL
Title: Excursions Blog
Search URL Search Domain Scan URL
Title: Cruise Merch
Search URL Search Domain Scan URL
Title: napali coast
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Privacy-Terms
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.helicoptertour.cruisehi.com/ |
37 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.helicoptertour.cruisehi.com/sitefiles/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav.css
www.helicoptertour.cruisehi.com/sitefiles/ |
587 B 396 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hqdefault.jpg
i.ytimg.com/vi/4gF0h5EuGAg/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
play-button-icon.png
www.helicoptertour.cruisehi.com/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
157 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse.js
cse.google.com/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dwf.js
cdn.gtranslate.net/widgets/latest/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
your-background-image.jpg
www.helicoptertour.cruisehi.com/sitefiles/ |
127 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406130101/ |
428 KB 145 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.png
cdn.gtranslate.net/flags/24/ |
550 B 946 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
273 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cse_element__de.js
www.google.com/cse/static/element/8fa85d58e016b414/ |
286 KB 94 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
default+de.css
www.google.com/cse/static/element/8fa85d58e016b414/ |
41 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
default.css
www.google.com/cse/static/style/look/v4/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async-ads.js
cse.google.com/adsense/search/ |
183 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
clear.png
www.google.com/cse/static/css/v2/ |
1018 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generate_204
clients1.google.com/ |
0 117 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-7107726769785118
fundingchoicesmessages.google.com/i/ |
197 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxWZiElDPeGSu5r4KtSsHkWW9gTI02aBH-OAJB6BUqTI6Qvu6yCdsBP2EfEuGeOwAAtUmaSgrSVBxedqPaSVMEQvJ228ZSujg8W3-IGJMThA6xSxg86KHLNZvgtf-_ozicqSKSoBxQ==
fundingchoicesmessages.google.com/f/ |
402 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
109 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Zosgvbsrcq5U8dVuiuYMoo8aeV5GCL7SulS1mYURduacpvVb_q06LKLYAosgDj6MRJJ6WXg3GCOOU30ugLBzbmrHoZmeUPf1inOx3jTHpzqExd_4L-UccA=h60
lh3.googleusercontent.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ |
125 KB 126 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVHdmDxvgviKVVzRrB6th2r0tH0MfeGD4SARQ_HUpy65oZxKIkNMrGTvl9s9qduoSMtImTB8libMXeeH9JaP4RV2oV2iJdSyCfZM82GpVEMNY_eQ6_vFeaNnlEcsYcmcW-eDDIEtg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVHdmDxvgviKVVzRrB6th2r0tH0MfeGD4SARQ_HUpy65oZxKIkNMrGTvl9s9qduoSMtImTB8libMXeeH9JaP4RV2oV2iJdSyCfZM82GpVEMNY_eQ6_vFeaNnlEcsYcmcW-eDDIEtg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
308 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
157 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fav1.png
www.helicoptertour.cruisehi.com/playbuttons/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 265 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage object| adsbygoogle object| gtranslateSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| doGTranslate function| googleTranslateElementInit2 object| __gcse object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run number| googleNDT_ number| googleAltLoader object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZWVkMzBkZGQxMmU1ZGY4MWxvYWRlcl9qcw== string| ZWVkMzBkZGQxMmU1ZGY4MWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_manager object| dataLayer object| googletag function| onYouTubeIframeAPIReady object| gaGlobal2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cruisehi.com/ | Name: _ga_7NH0DB4EVC Value: GS1.1.1718854523.1.0.1718854523.0.0.0 |
|
.cruisehi.com/ | Name: _ga Value: GA1.1.697203704.1718854524 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.gtranslate.net
clients1.google.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i.ytimg.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.google.com
www.googletagmanager.com
www.helicoptertour.cruisehi.com
142.250.185.194
142.250.185.228
172.217.18.14
198.12.243.215
2001:4860:4802:34::36
2606:4700:20::681a:c2a
2a00:1450:4001:800::2016
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::200e
058781574f184e7f1d3ba207bb5c3d3913d38db88705d5754bc43bcb2df69855
071355167db135302cecbc9a86fec45c8860f209da03910f58f15879d392102b
10777f0585ed5993f10890ab332e9e9c090e48894ad58b0e468a56c7115b9c95
2b6e5daa2f6357ed1995a49143438055a8e91c798e17f0d40132fe2b04bddec8
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
352f1d912386f51cf59e7ea9d800267d83ae5b6aca68c4b464a99339042c6dd3
3b1d39247297521d165fb6840babad7f5b2b49528bed01877b5c2c350c4806a6
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5f6e94cecd1a40df47417c30488a05108f8151a64eee2f89763d00b3198550c1
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
7532f6ff38b9a1208339ec80f6bf9581c1fee8c7589733f47256233e18fba116
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
95d00071a41de0edb172171a0bbfd244cb17a521917d451060ce3dc47f1ad938
95dcd9d39d66dcdf28d1d2ce9b594bf65aa43ecd61b23c40cab8dae4dab9ee47
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a86983301135233222ffcc6ffa7f35efccec836471ba9e0d3c33d11276beb6cb
a94faa0a847e8891b7e7e1da63f3c01c2de270e7c31f5fb37c0b112ccb8c38e5
b501617189ab4ef79703c1ee195777933db589298f2b7f5e223dab3ffa6d6ff2
b69c03e1c7ef95dff02409ffcf0f6594977fbf18448ecbaa1f000b7780e29106
d214cfb8c98a41a6f8deaa14f175ec8ff8ba90731353377b93011615d603c317
d4a23fb96edbad690073915e98da22e68e2cb6be3f26ec5bf5f7c2bae6ab192f
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e215e7859bedc2842cc72318a4e7d9d9d9ed1685ba9c78d9655f484958f99835
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6be9d2243c91752899f15751fe317b5bbdd1305ca943bc679e77c2daf9efa28
fb95e952563e2231f5c1e539f088c41dac05cfae624fe54fe9818b17e5b9491d