blueelminvestments.updatecapital.com
Open in
urlscan Pro
75.101.184.39
Public Scan
Effective URL: https://blueelminvestments.updatecapital.com/users/sign_in
Submission: On April 06 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 6th 2023. Valid for: 3 months.
This is the only time blueelminvestments.updatecapital.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 75.101.184.39 75.101.184.39 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::200e | 15169 (GOOGLE) (GOOGLE) | |
6 | 99.86.8.175 99.86.8.175 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.92.133.58 52.92.133.58 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.222.149.43 52.222.149.43 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 44.240.173.23 44.240.173.23 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 18.165.183.75 18.165.183.75 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 44.209.97.165 44.209.97.165 | 14618 (AMAZON-AES) (AMAZON-AES) | |
28 | 11 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-184-39.compute-1.amazonaws.com
blueelminvestments.updatecapital.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
ucbei.s3.us-west-2.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-43.cdg52.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-173-23.us-west-2.compute.amazonaws.com
api.segment.io |
ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-75.zrh55.r.cloudfront.net
js.intercomcdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-97-165.compute-1.amazonaws.com
api-iam.intercom.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
updatecapital.com
1 redirects
blueelminvestments.updatecapital.com |
926 KB |
6 |
segment.com
cdn.segment.com — Cisco Umbrella Rank: 1553 |
59 KB |
3 |
intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2392 api-iam.intercom.io — Cisco Umbrella Rank: 2744 |
9 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284 |
20 KB |
2 |
intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2734 |
206 KB |
2 |
segment.io
api.segment.io — Cisco Umbrella Rank: 1132 |
375 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
72 KB |
1 |
amazonaws.com
ucbei.s3.us-west-2.amazonaws.com |
6 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
1 KB |
28 | 9 |
Domain | Requested by | |
---|---|---|
10 | blueelminvestments.updatecapital.com |
1 redirects
blueelminvestments.updatecapital.com
|
6 | cdn.segment.com |
blueelminvestments.updatecapital.com
cdn.segment.com |
2 | api-iam.intercom.io |
js.intercomcdn.com
|
2 | js.intercomcdn.com |
widget.intercom.io
|
2 | api.segment.io |
cdn.segment.com
|
2 | www.google-analytics.com |
blueelminvestments.updatecapital.com
www.google-analytics.com |
1 | widget.intercom.io |
cdn.segment.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.google-analytics.com
|
1 | ucbei.s3.us-west-2.amazonaws.com |
blueelminvestments.updatecapital.com
|
1 | fonts.googleapis.com |
blueelminvestments.updatecapital.com
|
28 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
blueelminvestments.updatecapital.com R3 |
2023-04-06 - 2023-07-05 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
*.segment.com Amazon RSA 2048 M01 |
2023-02-24 - 2024-01-12 |
a year | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon |
2022-09-21 - 2023-08-24 |
a year | crt.sh |
*.intercom.com Amazon RSA 2048 M02 |
2023-02-14 - 2024-03-14 |
a year | crt.sh |
*.segment.io Amazon RSA 2048 M01 |
2023-02-10 - 2024-02-10 |
a year | crt.sh |
*.intercomcdn.com Amazon RSA 2048 M01 |
2023-02-21 - 2024-01-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://blueelminvestments.updatecapital.com/users/sign_in
Frame ID: 941A2CDE96633CCB1A18BD4A2C488D52
Requests: 23 HTTP requests in this frame
Frame:
https://blueelminvestments.updatecapital.com/report_csp_validation
Frame ID: EE407A01840CD90DE9DD02DCC6DD2471
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Blue Elm InvestmentsPage URL History Show full URLs
-
https://blueelminvestments.updatecapital.com/
HTTP 302
https://blueelminvestments.updatecapital.com/users/sign_in Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Segment (Analytics) Expand
Detected patterns
- cdn\.segment\.com/analytics\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://blueelminvestments.updatecapital.com/
HTTP 302
https://blueelminvestments.updatecapital.com/users/sign_in Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
sign_in
blueelminvestments.updatecapital.com/users/ Redirect Chain
|
5 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-44d109918d538bea2312d43fa8aff7bc859e046c89a10dcf54e092d281b84d41.css
blueelminvestments.updatecapital.com/assets/ |
319 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dynamic.css
blueelminvestments.updatecapital.com/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
localization.js
blueelminvestments.updatecapital.com/ |
86 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-c3782ee99399ab28a10801966836d86f3132ea817135640cc0ef52fe29a54278.js
blueelminvestments.updatecapital.com/assets/ |
509 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
report_csp_validation
blueelminvestments.updatecapital.com/ |
0 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/n0r4rYl8HzXyWEnipfi9DzgojuN767NT/ |
103 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
blueelminvestments.updatecapital.com/assets/ |
11 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
ucbei.s3.us-west-2.amazonaws.com/static/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-1d76d7745dea592cc469a0b055711221b9c91f8b8dceafd653a145bb717664e5.jpg
blueelminvestments.updatecapital.com/assets/ |
684 KB 684 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 235 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
199 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 268 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
cdn.segment.com/v1/projects/n0r4rYl8HzXyWEnipfi9DzgojuN767NT/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajs-destination.bundle.ccff523783839dc95aac.js
cdn.segment.com/analytics-next/bundles/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schemaFilter.bundle.d0fc84c62e956d168cce.js
cdn.segment.com/analytics-next/bundles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ |
73 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zb8an8tg
widget.intercom.io/widget/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 188 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
api.segment.io/v1/ |
21 B 187 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
report_csp_validation
blueelminvestments.updatecapital.com/ Frame EE40 |
0 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.e4fd5cdb.js
js.intercomcdn.com/ Frame EE40 |
501 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.94ceb524.js
js.intercomcdn.com/ Frame EE40 |
237 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame EE40 |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame EE40 |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| localization function| updateButtonLabels function| expand_all_crm_categories function| hideFileUploadProgress function| getCspNonceValue function| register_distribution_handlers function| load_distribution_data function| registerTableSorter function| unregisterTablesorter function| formatNumber function| formatCurrency function| updateCrmFieldEnable function| change_filter_labels function| closeIframeModal function| resizeIframeModal undefined| expectedFolderToLoad number| filesLength number| uploadedFiles function| $ function| jQuery object| Popper object| bootstrap number| uidEvent function| tippy object| uc object| ActiveStorage object| Highcharts object| HighchartsAdapter function| Sifter object| MicroPlugin function| Selectize string| GoogleAnalyticsObject function| ga object| analytics object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| intercomDeps function| intercomLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| intercomIntegration function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation function| normalize10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.updatecapital.com/ | Name: _gid Value: GA1.2.1550353626.1680816885 |
|
.updatecapital.com/ | Name: _gat Value: 1 |
|
.updatecapital.com/ | Name: _ga_818M7X7EHG Value: GS1.1.1680816884.1.0.1680816884.0.0.0 |
|
.updatecapital.com/ | Name: _ga Value: GA1.1.209039233.1680816885 |
|
.updatecapital.com/ | Name: ajs_anonymous_id Value: 0237985c-8722-4916-833a-f7a60f14004c |
|
.updatecapital.com/ | Name: ajs_user_id Value: Blue-Elm-Investments- |
|
.updatecapital.com/ | Name: intercom-id-zb8an8tg Value: 1e740fe1-4aba-49b0-a24d-4a650adda624 |
|
.updatecapital.com/ | Name: intercom-device-id-zb8an8tg Value: 3ee6c21d-54b9-4f3b-89dd-6719d6d923fc |
|
blueelminvestments.updatecapital.com/ | Name: _uc Value: qmQMgrokSEzBvoo8K6sF4NEnfXvvBpV3XOPlluzVibrGp1M7i3mtvChdnotqxUxAYtGwIqKE659%2F9x3GwBePFJnQ%2FJV0MXzjaolAR43XPXngBkCxxluId0xs2moDqURgirxaavsFhrejnSConbs9yUcapHSTbXkO820UXE8gThMXB3XBAy578fEm8Xlst6uzwc1mFUEL5x2a5WnRvYhKZvTndPU%2Fimz1aF5K1zzIR%2BguhQVB%2FZvvGP2QECCEpWVibjxg0%2FEh6CSlwsNXs3e5hgACQN%2Fu5fZu3MoQMxWRyprFg3BYy7XW--YKRG%2BjX%2FTXpCy75K--anO5CDlKW5cPOoc4d4YnTw%3D%3D |
|
.updatecapital.com/ | Name: intercom-session-zb8an8tg Value: cERtcVB3TFZBa1NhQ05XcWVkbDV3azhsazhoMGVDOEZ5WURremFGRzRuTGY5WXA2TUkrcDl2RGhhL0FlendrSS0tNUJydGpOUE9nWmRYYnlLRGVhYnI0dz09--7bc8a54e7ed6d8955750166b6d6d5633a2408685 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; frame-src 'self' https: youtube.com www.youtube.com; object-src 'none'; connect-src 'self' https: wss: *.intercom.io intercom.io; script-src 'self' https: cdnjs.cloudflare.com cdn.segment.com 'nonce-/Vy09b0GLbyfLUnkPG/tnQ=='; script-src-elem 'self' https: cdn.segment.com 'unsafe-inline'; style-src 'self' https: 'unsafe-inline' cdnjs.cloudflare.com; report-uri /report_csp_validation |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
api.segment.io
blueelminvestments.updatecapital.com
cdn.segment.com
fonts.googleapis.com
js.intercomcdn.com
region1.google-analytics.com
ucbei.s3.us-west-2.amazonaws.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
18.165.183.75
2001:4860:4802:32::36
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
44.209.97.165
44.240.173.23
52.222.149.43
52.92.133.58
75.101.184.39
99.86.8.175
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1aaa5157edbade615091a80937091d18b4e450ee28fb8f6b2311b54b5d209606
1c9ae1855c34eb319f84fea25622f2a827afa598c063bd6b0700b2431db0c31e
346122b7a3362b919bc15f0a65b2b1110240f67fe0fa8b07f460d15388d008ff
3982c24bb13d6583920e417a209367179f0a42754dd243fa749982d0983c5fed
408d2930453ce0ffbc535f5215aa795a29a5f7f679a256a388fd4e830f61de03
47a6920a55ff7203e9d7e914b6be5a161981d740dafeb750ca9fadbaa92638ae
4e95752aa0e7592eca71f78edb0048abdd08ffd7a2dad0fb09953ad9e0c01478
4fd31a6d0899fb920d2c15ca389d737c5e2dbe2584d19d4b1536df1d0303ad46
5905c9e8b62d2891fd21045c664b54472523e3b97b6880242d342faba4b2fd5b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a
6c6844f908aa997266ac623d7f88aa68eff97633ee30f7346d5f190deb44e3cb
750db7772150d83ffef6522af8b1a779c408f0b5bccd0909e7c5073f9aafb091
7b5f2ac4f952c3b3faac16c32f10925773f19140ee9aef3d39579fccecf9640a
7d4bdf548f552b60686f13b28da23d0d7795e2d22447b6b5e1fb58989b6a18bf
a072f4efeae13b4ee79436cb8b3d84c4c5808c0961edf8687c188370ba25186c
a5013f256913edab0e2357ee622c8b4e871d0367d7bd6b4475ecd189cd98ab9b
a5c47f2f92ae73531bd3eb0befbe5da8dd1a7c921476a322e6c82e66249669f3
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
c4da3f647f48e9f291317181954238ad70cf26bb4c9e04168e2e52861e94c2fc
c73709ee84e5a25057d6acc2cd55bbb3afe8aecc234644ff8994b68348e6ae00
e28a44f05465881891ed02e04f286084a8fdb361d81e1877ea4f612f05dcddaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3