squadcovidstudy.com
Open in
urlscan Pro
13.224.195.20
Public Scan
Effective URL: https://squadcovidstudy.com/
Submission Tags: falconsandbox
Submission: On May 25 via api from US
Summary
TLS certificate: Issued by Amazon on December 8th 2020. Valid for: a year.
This is the only time squadcovidstudy.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-20.fra2.r.cloudfront.net
squadcovidstudy.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
research-eu1.leapcure.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-145.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-194-150.compute-1.amazonaws.com
q.quora.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-114-126.compute-1.amazonaws.com
hn.inspectlet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
leapcure.com
research-eu1.leapcure.com |
801 KB |
5 |
googleapis.com
maps.googleapis.com fonts.googleapis.com |
163 KB |
4 |
tiktok.com
analytics.tiktok.com |
92 KB |
3 |
bing.com
bat.bing.com |
9 KB |
3 |
inspectlet.com
cdn.inspectlet.com hn.inspectlet.com |
70 KB |
3 |
squadcovidstudy.com
1 redirects
squadcovidstudy.com |
2 KB |
2 |
yimg.com
s.yimg.com |
7 KB |
2 |
facebook.net
connect.facebook.net |
35 KB |
2 |
gstatic.com
fonts.gstatic.com |
38 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
88 KB |
1 |
facebook.com
www.facebook.com |
297 B |
1 |
quora.com
q.quora.com |
419 B |
1 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
geojs.io
get.geojs.io |
985 B |
36 | 14 |
Domain | Requested by | |
---|---|---|
7 | research-eu1.leapcure.com |
squadcovidstudy.com
research-eu1.leapcure.com |
4 | analytics.tiktok.com |
squadcovidstudy.com
analytics.tiktok.com |
4 | maps.googleapis.com |
research-eu1.leapcure.com
maps.googleapis.com |
3 | bat.bing.com |
squadcovidstudy.com
bat.bing.com research-eu1.leapcure.com |
3 | squadcovidstudy.com |
1 redirects
squadcovidstudy.com
|
2 | hn.inspectlet.com |
cdn.inspectlet.com
|
2 | s.yimg.com |
squadcovidstudy.com
s.yimg.com |
2 | connect.facebook.net |
squadcovidstudy.com
connect.facebook.net |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.googletagmanager.com |
research-eu1.leapcure.com
|
1 | www.facebook.com |
research-eu1.leapcure.com
|
1 | q.quora.com |
research-eu1.leapcure.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | cdn.inspectlet.com |
research-eu1.leapcure.com
|
1 | fonts.googleapis.com |
research-eu1.leapcure.com
|
1 | get.geojs.io |
squadcovidstudy.com
|
36 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
squadcovidstudy.com Amazon |
2020-12-08 - 2022-01-06 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-09 - 2021-07-09 |
a year | crt.sh |
*.leapcure.com Amazon |
2020-10-28 - 2021-11-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 01 |
2021-04-12 - 2021-10-12 |
6 months | crt.sh |
*.tiktok.com RapidSSL RSA CA 2018 |
2019-11-14 - 2022-01-12 |
2 years | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-05-03 - 2021-06-23 |
2 months | crt.sh |
*.quora.com R3 |
2021-05-09 - 2021-08-07 |
3 months | crt.sh |
hn.inspectlet.com R3 |
2021-03-06 - 2021-06-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://squadcovidstudy.com/
Frame ID: 7FFD228210B6F5818504D41D1ACB7598
Requests: 3 HTTP requests in this frame
Frame:
https://research-eu1.leapcure.com/studies/squadcovidstudy
Frame ID: 284986B19877DF7ED0D2695F9BFC2397
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://squadcovidstudy.com/
HTTP 301
https://squadcovidstudy.com/ Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- headers server /^GitHub\.com$/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- headers server /^GitHub\.com$/i
Amazon Web Services (PaaS) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
GitHub Pages (CDN) Expand
Detected patterns
- headers server /^GitHub\.com$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://squadcovidstudy.com/
HTTP 301
https://squadcovidstudy.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
squadcovidstudy.com/ Redirect Chain
|
877 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
squadcovidstudy.com/ |
97 B 749 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geo.js
get.geojs.io/v1/ip/ |
320 B 985 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
squadcovidstudy
research-eu1.leapcure.com/studies/ Frame 2849 |
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paper-dashboard-cea0f9ad.css
research-eu1.leapcure.com/packs/css/ Frame 2849 |
479 KB 81 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paper-dashboard-734f35ec0dd3df144ec0.js
research-eu1.leapcure.com/packs/js/ Frame 2849 |
2 MB 403 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lc_classic-3dee3876.css
research-eu1.leapcure.com/packs/css/ Frame 2849 |
2 KB 944 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lc_classic-8be78cc082a7afd666fc.js
research-eu1.leapcure.com/packs/js/ Frame 2849 |
1 MB 282 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ Frame 2849 |
136 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 2849 |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-6d5c430ee182da8c5ba5ee8cc7f2e1af.png
research-eu1.leapcure.com/packs/media/images/ Frame 2849 |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 2849 |
9 KB 937 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gtm.js
www.googletagmanager.com/ Frame 2849 |
160 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-pattern-e5e95496c7c5d6cfa3bad77ea2b34967.png
research-eu1.leapcure.com/packs/media/images/ Frame 2849 |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 2849 |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 2849 |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inspectlet.js
cdn.inspectlet.com/ Frame 2849 |
209 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 2849 |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ Frame 2849 |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ Frame 2849 |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ Frame 2849 |
113 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ Frame 2849 |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
q.quora.com/_/ad/2919f3e6ac8a4eb389c17dc307742741/ Frame 2849 |
43 B 419 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10147724.json
s.yimg.com/wi/config/ Frame 2849 |
2 B 494 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
1623523057908413
connect.facebook.net/signals/config/ Frame 2849 |
40 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26342626
bat.bing.com/p/action/ Frame 2849 |
0 128 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ Frame 2849 |
0 149 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 2849 |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.js
analytics.tiktok.com/i18n/pixel/ Frame 2849 |
140 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
analytics.tiktok.com/i18n/pixel/ Frame 2849 |
56 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ Frame 2849 |
0 559 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
1353353679
hn.inspectlet.com/ginit/ Frame 2849 |
192 B 627 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pdata
hn.inspectlet.com/ Frame 2849 |
35 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame 2849 |
85 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame 2849 |
280 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 2849 |
62 B 83 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| geoip1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.leapcure.com/ | Name: __insp_dct Value: 38 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556952 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
bat.bing.com
cdn.inspectlet.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
hn.inspectlet.com
maps.googleapis.com
q.quora.com
research-eu1.leapcure.com
s.yimg.com
squadcovidstudy.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.224.195.20
2.16.186.145
2606:4700:10::6816:39f5
2606:4700:20::681a:164
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200a
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
3.220.114.126
3.224.194.150
35.158.156.43
041d14e4ad5430ff2f0cb10afb3045e2456ef40bd691558eaa7efc1de415f1ed
064dc1b3a9f05b63bd8fca4173a520b8c1f2414754150a28da705e7efc156bd9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1263873281d4b491561c971e8bbfdc9ed3efff22ebec4d8cc93fa5bc67b4f46b
12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3
1867714b05665c95f78a1f1f48a1209f8fd70a21726f02f137346f1c4e24e829
1ddcf0c64f4a82f34ab32cc0f9873e9e20b4dc61ae26bd12b9f5c6baa532e438
2137a352a69ffcefc013b136214ec2a5011758684ec6c3bad0735ce34bb5a95a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
324887467981cfbb809150babb1bc03f5ae434a39aabf73790d14976b8c20a75
3b23aa28612e1639960515215b69eae30b7622b5d1e95549e4ba02bd10702e4a
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bce5c5127b32b5c2973f08893d8e267faaf9e8707d14f5c6c5f30e1d1e885a5
62b2a297226700e5a7b34e2216f7e0d9c43d24f0afd7df3b09f05346a95ca34a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e44b9596bd11c9d0332e7f9a729f2488b67d3f458c4297e079b3e96c7011296
6ee1782ccfcb87e7ee54cccaaf7085a40c43ccffa25a1c8096f589ae666fef7c
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
7bda39a33b013558a4589e1a2e30ceb6de8c1e5d77681da10f25ca84f953f126
7cbcc9a1cb64e9a1ea2d4199c27be0eaf60a3b0326b37365e7a216f92905ce1b
7df2956ed00db03398ece8701993ffe197533d1750d3cb1e64f9bcec0ea7ca95
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8d39eefd67db444950a133a02086692066db6941974c8567cd3a279af7a8e13b
ae2d4d6887bff6f54dbee0f82fbde784b16b693f75521e8f0fac18ff50c585a9
b3d21b9765efb4cd82acb83ee2696bb4cd6c0599d9fe885ce4238335ffa4c7ef
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bba409bed2b280d5c3c50f57c45c22908b741079ee90d89fd00261d5df284e13
c96d4c95b85e1884665415a0ff4d68e6a2f97810d3a4b0ebf9b3ef4cd8164437
cb483c51adc7c3f1d798b1c23a5e37a4b5e42b033d55c30675c0713227fa0f94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855