beta.collection.com.br
Open in
urlscan Pro
2600:9000:261f:d600:c:6fcd:ee80:93a1
Public Scan
Submission: On March 31 via api from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on June 13th 2023. Valid for: a year.
This is the only time beta.collection.com.br was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
beta.collection.com.br |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-5.jfk52.r.cloudfront.net
static.qwary.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.245.55.88.23.clients.your-server.de
www.usetiful.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-37.jfk52.r.cloudfront.net
beta.collection.com.br |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f4.1e100.net
www.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
collection.com.br
beta.collection.com.br |
807 KB |
6 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 753 j.clarity.ms — Cisco Umbrella Rank: 6535 c.clarity.ms — Cisco Umbrella Rank: 1387 |
28 KB |
3 |
usetiful.com
www.usetiful.com — Cisco Umbrella Rank: 67489 |
65 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182 |
73 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
185 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 245 |
763 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
64 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 |
1 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
269 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2777 |
155 B |
1 |
countriesnow.space
countriesnow.space |
4 KB |
1 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
loopedin.io
cdn.loopedin.io — Cisco Umbrella Rank: 710114 |
4 KB |
1 |
qwary.com
static.qwary.com |
320 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 744 |
30 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
31 | 16 |
Domain | Requested by | |
---|---|---|
9 | beta.collection.com.br |
beta.collection.com.br
|
3 | www.usetiful.com |
beta.collection.com.br
www.usetiful.com |
2 | c.clarity.ms | 1 redirects |
2 | j.clarity.ms |
www.clarity.ms
|
2 | www.clarity.ms |
beta.collection.com.br
www.clarity.ms |
2 | connect.facebook.net |
beta.collection.com.br
connect.facebook.net |
2 | www.googletagmanager.com |
beta.collection.com.br
www.googletagmanager.com |
1 | c.bing.com | 1 redirects |
1 | www.google.com |
beta.collection.com.br
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | www.facebook.com |
beta.collection.com.br
|
1 | api.ipify.org |
beta.collection.com.br
|
1 | countriesnow.space |
beta.collection.com.br
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.loopedin.io |
beta.collection.com.br
|
1 | static.qwary.com |
beta.collection.com.br
|
1 | code.jquery.com |
beta.collection.com.br
|
1 | fonts.googleapis.com |
beta.collection.com.br
|
31 | 18 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.collection.com.br Amazon RSA 2048 M01 |
2023-06-13 - 2024-07-11 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.qwary.com Amazon RSA 2048 M03 |
2023-12-01 - 2024-12-30 |
a year | crt.sh |
loopedin.io GTS CA 1P5 |
2024-02-13 - 2024-05-13 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
www.usetiful.com R3 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-09 - 2024-04-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
countriesnow.space GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
ipify.org GTS CA 1P5 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://beta.collection.com.br/
Frame ID: 5AEC8DF4788AD44143DCE8A9F0E65368
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
CollectionDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2B185549FD204A14BAF7607188312A61&RedC=c.clarity.ms&MXFR=228FABCEC64367332F0FBF9DC24369E0 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2B185549FD204A14BAF7607188312A61&MUID=03F484A7C356636A0A0190F4C22D6280
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
beta.collection.com.br/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.947dc38a.js
beta.collection.com.br/assets/ |
91 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
21 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.a504ca59.js
beta.collection.com.br/assets/ |
1 MB 297 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.c744d220.css
beta.collection.com.br/assets/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qwary.sdk.v3.js
static.qwary.com/resources/sdk/ |
319 KB 320 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sidebar.min.js
cdn.loopedin.io/js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
316 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usetiful.js
www.usetiful.com/dist/ |
216 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Logo.e9b1e3fd.svg
beta.collection.com.br/assets/ |
25 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
signin-image-mobile.481b8b32.jpg
beta.collection.com.br/assets/ |
89 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8-account-outline.f6f0de6c.gif
beta.collection.com.br/assets/ |
219 KB 219 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
signin-image.dbcff5e1.jpg
beta.collection.com.br/assets/ |
133 KB 134 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
codes
countriesnow.space/api/v0.1/countries/ |
13 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
22 B 155 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
296181414724285
connect.facebook.net/signals/config/ |
66 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
248 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l259ttpg9r
www.clarity.ms/tag/ |
668 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
data.json
www.usetiful.com/api-space/ |
14 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
data.json
www.usetiful.com/api-space/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 269 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10845494930/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.26/ |
60 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
j.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/10845494930/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 465 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
beta.collection.com.br/ |
20 KB 13 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
j.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal object| dataLayer function| $ function| jQuery function| qwClose function| qwClearHighlights function| qwPreviewOperationsOnClose function| qwCreateCloseButton function| qwCreateFrame function| qwGetURLWithParameter function| qwIsUrlValid function| setViewPosition function| initializeLunch function| createLunchButton function| qw_positionLuncher function| addLogoToLuncher function| qw_showMicroSurveyDialog function| qw_lunchMicroSurveyDialogSurvey function| qw_showMicroSurvey function| qw_lunchMicroSurvey function| showVideoThumbnail function| createVideosSmallThumbnalButton function| createVideoThumbnailLargeButton function| qw_lunchVideoSurvey function| qw_positionVideoLuncher function| showInlineScreen function| lunchInlineScreenSurvey object| $qw_iFrameLoading object| $qw_iFrameLoadingContainer object| $qwaryBranding undefined| $detached_frame string| qw_logoSVG boolean| qw_mobileView_v1Sdk object| qwary object| device function| html2canvas function| UAParser function| jQwary object| defaultQwarySettings object| li_sidebar function| clearImmediate function| setImmediate function| fbq function| _fbq string| _Productstash_APP_URL string| _Productstash_API_URL string| _Productstash_CDN_URL string| _Productstash_LAST_SEEN function| frameLoaded object| LoopedIn object| google_tag_manager object| google_tag_data number| gtmPageLoadId object| _fbq_gtm_ids function| clarity object| USETIFUL string| usetiful_instance object| usetiful_activeTriggersOnElements object| usetiful_activeListeners object| usetiful_intervals object| GooglebQhCsO object| usetiful_isAboutToRefresh object| usetifulTags13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.collection.com.br/ | Name: _gcl_au Value: 1.1.1015945068.1711907811 |
|
.collection.com.br/ | Name: _fbp Value: fb.2.1711907810801.94950335 |
|
www.clarity.ms/ | Name: CLID Value: cceac8eacb2f40a6b97fdc166d2420c8.20240331.20250331 |
|
.collection.com.br/ | Name: _clck Value: p53hh8%7C2%7Cfkj%7C0%7C1551 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.collection.com.br/ | Name: _clsk Value: unuz7e%7C1711907811345%7C1%7C1%7Cj.clarity.ms%2Fcollect |
|
.bing.com/ | Name: MUID Value: 03F484A7C356636A0A0190F4C22D6280 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 03F484A7C356636A0A0190F4C22D6280 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 03F484A7C356636A0A0190F4C22D6280 |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
beta.collection.com.br
c.bing.com
c.clarity.ms
cdn.loopedin.io
code.jquery.com
connect.facebook.net
countriesnow.space
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
j.clarity.ms
static.qwary.com
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.usetiful.com
142.250.65.228
142.251.41.2
172.67.130.18
172.67.194.59
172.67.74.152
18.173.219.5
18.238.49.37
20.110.205.119
20.85.30.134
23.88.55.245
2600:9000:261f:d600:c:6fcd:ee80:93a1
2607:f8b0:4006:80e::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200a
2620:1ec:46::40
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::649
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
2323918c968f88f7824d1391806958de07015a04ff7771b6999119924136b2ff
2e3c00b2fde40d0cb957453245c68918fde90a125216ad5e696d2065f7885063
419b2994460acda1d12e6501f761599094b7100ffc9adc4cdd93ad939fea4188
481b8b32c6394b96267ee2f06fb7169272cf35db05677c83e05124fa1fc75894
58223f851e86be98c90076daeca347bccc74b9420331b3c2513a3180f60e0d4f
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d
740706a958d08a1c80fe7dc7f51d362e662f285389e4d9dc861af9e23e131b81
7ccc12724be40035cb9c77d4537bdbb48751d594351b1734c47c472ed298e120
800f6a1503dc221a97d27fdb6c586bc08986f4498502ee6681889dabe526c0ba
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89d5936ab002f05939467c4b54821fdbbec6a84a89276e509ec88d2fcd8a1028
8e395e4e3d12458184b56b5056d4cbbb9b928ebd0e99e13e99b2ed526f75ec3b
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ba687926eb33cdfb71eefe5c147348068f0becc47d4d3c09dd53d319d5b3167e
c718fd51857533e9b523d5fc5c1184b85e68a035f20442b6dffa91ab7881b27e
c744d220664c34cd6bd68cf35140dfb53567e290e1d28db0288a7e32b4f35aca
dbcff5e1cda29b69c1197fb864b42fdb937d2b95e0362926ff26a3670efcdc31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43555998bdeede4202af3d02ee2ceadfe855491438df03332eda6349e8e5135
e495486402eab02d91324d66b6e8d87af8bd681ab336cd755b4eb2a332862d9f
e9b1e3fdc02d881a82cdfc798b790e4525e481da15f483ebf3ab684bf2f21049
edaf361dd2fa45353bca59ee9db8b187ed8f8556bd2d0c884611771a1295e1a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f0de6c122c245f6bcb6b8605b0b729d4cd3c4a0808fa80a0474b4f928c9801
fb109ab1efddfd65f11987feb70d3ab3f33b777ce8dff3951fe0261a42d4366d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e