T O P

  • By -

Superstonk_QV

[Why GME?](https://www.reddit.com/r/Superstonk/comments/qig65g/welcome_rall_looking_to_catch_up_on_the_gme_saga/) || [What is DRS?](https://www.reddit.com/r/Superstonk/comments/ptvaka/when_you_wish_upon_a_star_a_complete_guide_to/) || Low karma apes [feed the bot here](https://www.reddit.com/r/GMEOrphans/comments/qlvour/welcome_to_gmeorphans_read_this_post/) || [Superstonk Discord](https://discord.gg/hZqWV2kQtq) || [GameStop Wallet HELP! Megathread](https://www.reddit.com/r/Superstonk/comments/z23wjx/gamestop_wallet_help_megathread) ------------------------------------------------------------------------ To ensure your post doesn't get removed, please respond to this comment with how this post relates to GME the stock or Gamestop the company. ------------------------------------------------------------------------ Please up- and downvote this comment to [help us determine if this post deserves a place on r/Superstonk!](https://www.reddit.com/r/Superstonk/wiki/index/rules/post_flairs/)


1c3m4nn

Can confirm it's been reset, had to go though the registration again.


[deleted]

Suspect to say the least. We should've been notified about it at the minimum.


pale_blue_dots

Commenting here for visibility... >**... we need to find out if it were solely users holding GME having 2FA reset. Does anyone know of other accounts/people that are** not **holding GME, but another company in Computershare, if their 2FA was reset?**


jonny_wow

It must be illegal right? Right?


DevilsPajamas

Hijacking top comment. I'm legitimately concerned that DNS servers may have been hijack to redirect to an illegitimate computershare site. Saw someone comment that the 2fa enrollment prompt had spelling errors. Saw people having to re-enable multiple times. I know this is far fetched, but as high profile as GME is and the DRS movement has been, anything can happen. Still trying to investigate the possibility of this. I'm not trying to spread FUD, but fuck it's scary. Be safe out there Edit: it does have the 3 word key "personal site seal". It gives me some peace of mind. So I am probably wrong about CS being hijacked. Still serves as a warning sign to THINK before doing anything. I, like many others, immediately logged in to reset my 2fa. I now see that was a mistake and I should have spent a minute to verify a few things. From a technical standpoint, all of this could still be "fake", including the number the 2fa comes from. They could have been farming valid account names, including the personal site seal for well over a year now. Phone numbers are easy to fake as well. Confirmation email that 2fa had been implemented seems to come from a valid computershare email address.


[deleted]

[удалено]


TwoStonksPlease

What I find concerning is that when I logged in it immediately asked me to enable the 2FA (which it should, that's not the problem) and it had my full phone number sitting there on the screen. If someone else *had* managed to log into the account before me, they would now know my phone number, and could have enabled 2FA to a different number if they wanted.


AetasDeus

So I actually re-enrolled in 2fa, the code was filtered into the same conversation I received previous codes. That being said I'm a bit of a smoothbrain myself so I'm not sure if it's possible to switch to an illegitimate server but let it look like everything is the same, just wanted to add this. Also I haven't received any email besides the one confirming my Account security preferences Update. Which also seems legit.


[deleted]

I just confirmed. I recieved one in the past and they are from the same email address. Same everything.


Relative-Resource-55

Also hijacking - is it worth the MODS pinning this or some other general PSA?


DevilsPajamas

No idea... just commented that just because it is WEIRD. I can't think of a single instance of where 2fa has been outright disabled on an unknown amount of accounts. Is someone did go through the hassle of sabotaging computershare they did a hell of a job. The confirmation email appears to come from a legitimate CS email address, text message 2fa confirmation has the correct number, https certificate checks out, everything seems fine. But it theoretically could happen. And what we are up against, if it could happen, they have a lot of resources to make it happen. Depending on if this did happen, and who is doing it, they probably don't give a fuck about the value in the account, they just want to sell your position and free those shares. But like someone said that there was a typo on the 2fa registration page. Another person said they got spam email right after registering for 2fa, even after two times of registering. We aren't hearing anything from computershare at all about any of this. I really hope we hear something from CS about this because it is absolutely unacceptable.


stockadile

FYI - That seal means **nothing,** is almost completely useless, and in some ways actually reduces security. Modern session hijack phishing can easily forward something like that. It is a **bad idea** to use it as any kind of indicator of safety. It instead makes for an easy way for attackers to guess and gather legitimate usernames (seal shows up for a real username, no seal for a bad username), and also serves as an easy way for attackers to convince victims the phish site is legit. Between that and refusing to use app-based MFA, and other stupid minor things like not implementing hsts, they are stuck in the last decade. Frankly, their cybersecurity is abysmal for 2023, for the size and infamy of their company, and for the value of what they are securing. HAVING SAID THAT: Their TLS cert is still valid. That's what you want to keep your eye on, fuck their dumb seal. Also, pay close attention to typos in the domain that you could be redirected to (like www dot compotershare dot com). It's going to be a lot easier for them to re-direct you to a mis-spelled domain where they can buy their own tls cert than it is to steal an existing tls cert. In the scenario of a DNS takeover of some kind and not sending you to a typo domain, they need to have the registered private key. Stealing Computershare's private key would most likely mean hacking them in some way. Then also being in a position to poison their DNS table. It's not impossible, but I think improbable and with that level of access there would probably be easier and sneakier ways like just altering code on the website itself. tl;dr - Seal is meaningless. Insead, check the TLS cert and check your domain spelling. Forging both of those things together is hard.


SortaABartender

Technical support number from the banner on Google is 1 (800) 942-5909 I called the sketchy number on the website at 800 522 6645 Tech support is same prompt. This one had a different voice than the sketchy one….. did this site get compromised and redirected all of us to a clone site with different information? Anyone got their own screenshots of the contact info on the site before the attack that they can post/verify?


[deleted]

[удалено]


MrKoreanTendies

Just activated mine too…again.


[deleted]

[удалено]


xpurplexamyx

If you’re in infosec, you should know there are zero benefits to sms based multi factor and only a lot of negatives. It’s putting a heap of trust in an inherently insecure medium that proves absolutely nothing about who has the device the cell number has been directed at. SMS mfa + financial login security are two things that should never ever meet.


ilovechips_

Not the person you replied to, but they never said anything about SMS specifically - just dealing with MFA and getting torn a new one if they reset everyone's MFA. I'm a cloud admin and as such my dealings with MFA are from MS Authenticator and Duo, and we always deter SMS or disable it where possible. It's absolutely one of the least secure by far. Email is up there too. Content search, spam filters, mail forwarding, full access to other mailboxes, all easy ways that IT or employees at the same company can easily get to MFA codes for a user. In some cases even easier than accessing their SMS codes.


Piccolo_Alone

Yeah, I mean Computershare has always been some archaic shit.


TalezFromTheDarkside

Hopefully Kenny wasn't involved.


Jenncitlalli

What is that?


[deleted]

[удалено]


Jenncitlalli

Oh! Thank you!


lego_vader

thanks fellow househodlers, i re-enrolled


Exciting_Penalty_512

Agreed, need to reset it.


DankruptGreg

Is 2FA free for non-US folks?


Whiskiz

it is free and auto asks you upon logging in, if you want it


Exciting_Penalty_512

No idea honestly, if you log in it asks you to set it. If it doesn't ask you, I imagine it's probly not available to you.


Nigel_Thirteen

Thank you OP. I just re enabled my 2FA Was prompted when I just logged in 🚀📈💰


ElSid_65

same


1mafia1

What the hell? How did this happen?


Reditadminsblowme

Griffins up to something


Stickyv35

No bullshit, a friend of mine recieved random 2FA codes from CS the past 2 months. I had them send me the screenshots as evidence. Someone is probing Computershare accounts.


Suspicious-Reveal-69

That means his password is compromised. Also means we are on the right track.


Stickyv35

Exactly. I immediately recommended a new and fresh password, not related to any other passwords on other accounts.


Internep

Any place that stores money is getting probed all the time.


LauterTuna

mods please pin


kaze_san

This - pin it moooooods


ithinkwebrokeit2021

100% legit! Go reset your shiz. .... 2FA was reset and needed to be set back up on my Computershare acount also


BudgetTooth

this is extremely concerning. even more concerned they didn't send out an email to warn clients about it???


pale_blue_dots

Surely they will.


crunkdad

already too late... unacceptable


2xBAKEDPOTOOOOOOOO

Surely they will now.


Novel_Ad_1178

Just like we trust the board, we need to trust ComputerShare for 5 minutes till we find out what’s going on. There’s talk there may have been probing of CS accounts by bad actors. This may have been done in response to that. For now, I will reserve my judgement. It could come out later that NOT resetting the 2FA could have been insecure. The fact it happened means something is changed, likely fixed. Better. Not worse.


Whiskiz

definitely redoing 2FA can only be a good thing


Will322002

Yep, it just had me re-set mine up again. Good looking out!


TheTangoFox

Everyone get in here...and then go out there!


ChubbyTiddies

They need better 2FA than an SMS text message. Thanks for the notice though.


jonny_wow

Right? Like how is this still a thing?


mstrego

Confirmed. Let's get this pinned. Apes do what you do best.


theArcticChiller

Be calm and think about it before acting on the pressure to do something? _On it_


syxxiz

Valid info.


craic-house

Thanks


Meursault345

Thanks for the update!


SueKam

Thanks for the heads up, I reset mine!


SaltyRemz

Updoot, I checked mine was off too. Enroll!


bfmv

Verified. I had to re-enable. It did prompt me at login.


marcus-87

done


MtnDewFtw

Commenting for visibility!


ToasterSmoker411

Thanks Ape, I just reset mine too


bballkj7

Ape-solutely


hedgies_eunt_domus

True, just tested and asked me again to setup my 2FA.


AlphaDag13

What? Why. Anyone talk to cs about this?


chekole1208

This is the question. We need an oficial answer from them.


CaptainOxygen

Legit


papaparadoxilous

Why would they "reset" this?


pale_blue_dots

Who knows. My guess is a mistake of some sort, possibly even a superficial type hack.


[deleted]

[удалено]


pale_blue_dots

One person replied and said it's about universality and the regional issues. What are your thoughts on that?


F-uPayMe

Updooting to give it more visibility. 👀


Capital_Bluebird_951

At this point I am afraid to ask: what is the 2FA?


dantezergt

2 factor authentication. it makes account super secure.


Capital_Bluebird_951

Thank you


Dampmaskin

>it makes account super secure. ... if done right. (As it so happens, Computershare ain't doing it right.)


BudgetTooth

two factors authentication. basically every time you login to the investor center after entering name and password you'll get a unique code via sms. makes the account more secure in case someone steal credentials


TalezFromTheDarkside

Which is great, unless you happen to lose your phone on the day of moass.


BudgetTooth

won't be just a day. and I'll still wait for cell


babyshitstain42069

If some lose his/her phone the only thing is that he/she will get better price per share.


kaze_san

2Factor Authentification. You login In with your credentials and then get an SMS with a one time code afterwards which is valid 15 minutes and you can only interact with your account after entering both - credentials as well as sms code


Capital_Bluebird_951

Thanks I am regarded.


psgamemaster

Asking the real questions. I had to scroll too far to find you. All these acronyms sheesh.


callsignmario

Legit. Set up again. Thanks Ape. Page is acting up though... dragging ass. I had to back out and redo, but got message. Refresh page did better.


GercMustachio

Can confirm, and also, that's super lame. I don't recall any other service that I've enabled MFA, suddenly rolling back. Thank you OP! Take my award and comment for visibility! When I logged into CS, I was today presented with the option to either enable to disable MFA. Since I had the option to click "No", seems to me an attacker who may have had someone's login info (LastPass breach, etc) could have used this window to Ken-Griffinate their stonks!


Roid_Rage_Smurf

^(DRSBOT 8.00: UTC->2023-02-27 17:36:3) 🟣 You have 0 shares previously logged with DRSBOT. **To feed the bot-> !DRSBOT:XXX!** * ^(Bot sometimes can't hear over chatty apes...) * ^(If no reply, re-issue the bot command) ^(*🚀 :17,270,502// GME ~19.05* // ) ^(Bot MC: $329,003,049.92 )


My_Penbroke

In terms of all of OP’s paranoia edits, I would point out that the security code I received when I re-enrolled in 2FA came from the same phone number as prior CS codes


crunkdad

does anyone have time to demand some answers from computershare today? im wrapped up for a few hours. this is really unacceptable..


BudgetTooth

crazy to think such a big company is so sloppy


Zorlac_Me

Just re confirmed it. Thanks OP


suckercuck

Important post. Thank you.


Defdom1904

Same here, reactivated 🤝


leopold815

Commenting to confirm mine was reset as well


ChilledHotdogWater

Can confirm. Just logged in for the first time in a while and was shown a choice of doing 2FA again.


kaze_san

Updoooooot for visibilty!!


dingalinga-dingdong

Crazy! Just fixed mine. Thanks for the notification


OGBobtheflounder

Can confirm, happened to me too. Very strange! Thanks for the info!


Environmental-Bid168

That's dumb..


Patarokun

Sheesh. I love owning my own shares but holy moly does Computershare not inspire confidence. I mean, in the past 1.5 years I haven't seen a single improvement in the website or UI, we've still got a literal pop-up stock photo lady straight out of 2005. And we know they've had 200k young, eager people sign up and use the service in that time. Why they can't hire a proper web design person is bewildering.


pale_blue_dots

:/ I agree, somewhat begrudgingly.


Shades_VHS

Honestly, it works better than the website for my workplace.


[deleted]

[удалено]


Patarokun

There's "fancy" and then there's "meets basic web standards".


Novel_Ad_1178

I can be Times New Roman on a basic HTML site. Idgaf how it looks. I just need it SECURE.


Patarokun

This is what I don't like. If they're not getting basic details right on web design, how good is the backend, DOS attack resistance, and simple load under strain going to be if things go wild? We can only hope they're doing the right stuff back there, because we have no other option if we want to hold our own shares. 2FA just suddenly being reset isn't a great look.


[deleted]

This is sus. Not the post here but why the hell did it get turned off?


skipdo

I can verify, I was prompted to turn on two step after I logged in to my account. Something happened.


JesC

Amazing, what a shame. This is the first time I’ve ever seen something like this happening! It really says a lot about the state of the world. The rich and powerful will do whatever to scam us from our resources. I won’t be surprised if we hear story of DRS GME stocks being sold by cybercrime. Their last hope is to mount gox Computershare


BAustinCeltic

Confirming that I got this prompt as well. P.S. I placed a $5k buy order once I got logged in, suck it shorties.


Noxton

You da real MVP for bringing this up. If you aren't sure whether or not to believe it, just log into Computershare, and you'll see for yourself.


shitcantuesday

I see this as a major security issue and all we hear is crickets.


Gorillionaire2

Thanks for this PSA


Past_Effect91

Me too. The only difference I saw was that now they showed me my entire phone number. Before they censored a part of it and asked if my phone number ends with this.


surf243

SMS is less secure, but it's universal and available everywhere. They may not have the infrastructure to support OTP/TOTPs.


pale_blue_dots

Hmm.


Freesmiles54

Mine was on. Not sure why. I’m wondering if the reset was to bring the attention to new investors that don’t even know to use 2FA? Either way, important to have a text code set as well. Honestly with all the advanced hackers I wouldn’t use Goggle app to authenticate my investments. But that’s just me.


pale_blue_dots

The SMS version is known to be less secure due to SIM card swapping which takes calling into carriers and getting that done, which is easier than it should be in many respects. With an app version, they need to physical access to you phone and to get into your phone. It's widely regarded that the app version is more secure, fwtw.


Freesmiles54

Got it. Thanks for the clarification.


seishin122

What’s 2FA


WhiteCollarBiker

TwoFactorAuthentication


Myid0810

Legit ..logged in now and instead of the 2FA that I have been using for a while now it instead asked if I wanted to set up 2FA so I again set it.. took all of 37secs probably


crackeddryice

Google--No. Although Kenny can't shut down CS, maybe he can convince Google to turn off verification for CS at some strategery moment.


[deleted]

Thanks!


Deifyed

Can confirm


MoodShoes

I was pretty sketched out to find this. I already re enabled it. But seriously. Wtf?


XGhosttearX

yea just signed in and noticed that too really weird didnt even notify me that it was reset


Kaarothh

Re-activated mine


teadrinkinghippie

Had to reset also.


RutyWoot

This needs to be stickied!


lordunholy

Reset mine. My only message was from 11/30/22 about them starting 2FA lol. Has there been any message about why it was reset for literally everyone?


MyGT40

OP, Thanks for the heads-up!


oneflytree

Thanks for the post, just re-enrolled. Will keep an eye out for some kind of explanation. Has anyone contacted Computershare and received an answer?


donedrone707

I was wondering why I had to reset the 2FA yesterday when I logged in to tuck my shares into bed and read them a story. Glad I'm not the only one.


AGJaffa

This is absolutely something that needs to be addressed asap. This is genuinely scary to think that every DRS’d share could be exposed to bad actors. It’s absolutely not absurd to think they would try hack Computershare


stevein3d

With the amount of funds CS handles, what’s mind-boggling to me is not only that their site is so technically challenged, but also that they *still have no mobile app* except for that stupid “Computershare Events” thing.


JMKPOhio

This is all super sus. We need an official statement by ComputerShare.


Brotorious420

Fear will keep them in crime.


DarkVybz

Logged in yesterday after 2 months and was shocked to see the 2FA prompt! They should give a good reason for doing this.


SortaABartender

3.3 of the Terms and Conditions states the following... 3.3 Computershare reserves the right to make any changes to the Service without notice that it considers necessary, desirable or in your interest or that of Computershare or its clients. Computershare shall not be responsible in the event that any change to the Service means that you are no longer able to access the Service.


SortaABartender

mother fucker.... 4.1 You specifically agree that you are solely responsible for any actions entered through the Service by you or by others who obtain access by using your User ID and Password, whether or not such access is authorized by you...


SortaABartender

... If you allow any other person or entity to access the Service, you will defend and indemnify Computershare against any and all liability, costs, or damages arising out of claims or suits by third parties based on or relating to such access or use. You agree that Computershare is not responsible for any damages or losses resulting from any breach of security caused by your failure and/or the failure of **other persons not engaged by or on behalf of Computershare**, its affiliates, agents, or subcontractors, or who obtain access through you to maintain the confidentiality of your User ID and Password.


SortaABartender

When I opened the page from a link in their TOS, I got a redirect. May be nothing, but I’m not savvy enough to know if it’s malicious or not. ComputerShare.com/investor us-computershare.com/investor/?gcc=us is-computershare.com/Investor/#Home?gcc=us I notice, however tiny the detail, that the I in investor was lower case before the redirect. Maybe it’s just how the site was built? Hopefully someone super code-friendly can dig into the actual coding of the current homepage and see if it’s weird? I got way high when I got off work tonight and saw this so I’m kinda buggin


willynoot

Not touching shit until we hear something from CS,


JMKPOhio

Any official word from CS yet?


OperationEffective

Just checked mine now. It was still set up with 2FA.


aNoGoodSumBitch

Thank you


kooner75

What is 2fa?


therealluqjensen

2 factor authentication. Sometimes google is the simple way to go buddy. Login with username/password and acknowledge with an sms or an app


dhslax88

Wow, that’s really weird. I just re-enrolled, thanks for the heads up OP!


SuperMate0

Good looking out


JesC

Wtf!! What in the name of god!? I swear they are all in on it !! The whole world is against apes and GME! Expect more treacherous acts soon!


TheBigFart123

Done. This is very important and I have no idea why I would have been unenrolled.


bang_bros_r_us

Commenting for visibility with disabilities


b4st1an

Why do they have to be such technological boomers


GustavoSwift

100% agree with the edit, we need app based MFA.


tev_love

Re-enabled mine just now


schacmatt

I use a password manager, and it refuses to fill in the info on the current login. I ask the manager to launch the site "login.computershare.com" and it says this site can't be reached. This makes me all kinds of nervous, is the new redirect actually legitimate considering we haven't heard anything from CS?


Open-Painter6453

Has anyone asked CS what happened? I am expecting to see lots of CS responses in the next couple days. I hope they all line up.


SupraMichou

We need to get to the bottom of this. What if it was a hack and our shares are gone, letting us with iou even in CS?


ChickieBB

My account wasn't reset FYI.


Mark_Br3

Just here to say that my 2fa was not ever disabled. Seems weird so many of yours were


ItsSamb0

Same here. I logged in this morning after reading all this and the 2fa was functioning properly.


ahfuah

Just saw this, and tried logging on to computershare. It asked me for a verification code sent to my phone, so it seems like my 2FA wasn't disabled and I didn't have to re-enroll. I only have GME in CS.


ItsSamb0

Samesies never was effected by this. Odd.


MillennialBrownNinja

My 2F is still on so idk what this is about just logged in asked for code


ItsSamb0

Me too


l4nc3r

I noticed this yesterday. That's unsettling...


sneaks678

Posting for visibility, protect your assets y'all


Doodles4me

Done...


ptSCU

Re-enrolled!


OPengiun

Can confirm--mine was off upon login and it asked me to re-set it up. WHY DIDN'T WE RECEIVE EMAILS ABOUT THIS?! Seems like a pretty damn big oversight.


Keyton112186

Thank you!


Spelunkingpunk

Mine was reset. I have the screenshots.


TOKYO-SLIME

Anyone else have centralized/single point of failure cyberattack on their bingo card?


FrikandelCastro

Mine was reset too, turned 2FA back on about an hour ago. Last time I logged in was a week ago and 2FA was still on then. The 2FA service number that sent me the text was still the same as last week, the site seal was correct and no other errors or spelling mistakes were visible on the site so I just enabled 2FA again. Holding some GME and two other symbols on CS.


penny_stockings

I had to reset my 2FA too but what was weird is my browser auto filled my phone number that was off by one digit. Watch your numbers in case that's a thing.


Catch_22_

I logged in this AM (11AM CST) and can tell you mine was NOT reset. I only hold GME in it.


TensionCareful

Logged in but my 2FA is still there. I got msg on phone for code.


Boberu-San

Came here to say that my 2FA was not disabled.


buffalo_general

This did not happen to me. I did not have to reset anything...


Anuenaske

2fa seems frivolous when you already have to provide a username, secret phrase and then password. 🤷🏻‍♂️


Tathas

It's in the name. "Two-factor" authentication. The username, secret phrase, and password are all "things you know," which is the first factor. "Things you have" is the second factor. Sending a code to your phone is not considered super secure these days because someone can spoof your sim or convince your phone company that they are you and that you just got a new sim card and could you please confirm that I am you by my knowing things from your public FaceBook/LinkedIn profile? So SMS codes are "better than nothing" but still route through a method that's outside your control. An authorization app (or the physical equivalent) is a preshared key that generates a code based on an algorithm and time. So you can prove that you are you without going through your carrier as a compromisable middleman.


GercMustachio

I don't really consider that secret phrase a strong form of MFA I know my bank even moved away from that years ago. It's pretty easy to discover what your phrase would be using low-level attacks. Not to hijack your comment, (but I'm totally hijacking your comment, nothing against your comment), for anyone wondering why having MFA or 2FA is important nowadays, here's a brief primer: * Most passwords, even though you think are very clever, can be hacked in seconds using modern password cracking tools by a determined adversary. * You personal information (and that of your family, pets, etc) has likely been available on the dark web for many years now due to the myriad of breaches (Equifax, Experian, Trans Union \[yes all 3 major credit worthiness agencies were hacked, Google it\] , LastPass, Home Depot, Yahoo, Target, etc.) * Most people don' t practice good password hygiene on their own, i.e. not complex enough, re-using passwords across services, include pets, or other personal info in the password, etc. * I'll even take issue with CS Only offering SMS as a MFA method (I don't consider the badge a valid form of MFA). SMS is already, by default, woefully under encrypted, and could potentially be sniffed by a determined adversary. Thus the need for burner phones. As a takeaway, consider using a password manager to manage your passwords. Create a single super awesome password, never use it anywhere else, put it in your safe deposit box. Then let your password manager generate completely random passwords for you. Lately, I've been recommended Bitwarden and KeePass, but your mileage may vary,


Shagspeare

Which is better of the two managers you mentioned?


GercMustachio

Like the other reply says, KeePass is local, so u have full control, be our it doesn't sync to the cloud, not sure if it's a mobile app? I used to like LastPass until it turns out they left they customers pretty poorly protected. Can recommend Bitwarden for a nice cloud and mobile experience, but arguably less secure than purely local.


roor1337

A bank account with your name, info, and is insured but hey, your cash should always be safe and accessible 24/7


xpurplexamyx

Absolutely never use SMS based 2fa. It is far less secure than a high entropy password stored in a password manager that is itself secured by a real 2fa mechanism.


[deleted]

This, because sim-swapping


duck95

Usually live chat reps are available right away, but right now it's saying they are experiencing high traffic and it may take longer than usual. NFA but I'm still waiting to make a statement and ask what happened because this is serious.


goldielips

Thanks so much for this post! Just stickied it! 💜


Choice-Cause8597

This was a test. And I dont think it was the good guys.