app.oraqai.com Open in urlscan Pro
34.130.176.193  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response app.oraqai.com/patient/	2 KB 2 KB	302ms 37ms	Document text/html	34.130.176.193 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.oraqai.com/patient/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.130.176.193 Toronto, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 193.176.130.34.bc.googleusercontent.com Software nginx/1.23.1 / Express Resource Hash 0f75ff179bf94f34cf4a6402bf8602c6e9bcdca74b7c5d6b57199f97dc380824 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Headers * Access-Control-Allow-Methods * Access-Control-Allow-Origin * Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 08 Feb 2024 13:36:13 GMT ETag W/"9ed-Jm54mHOLeCnozj3fGf+NfxDl+3A" Server nginx/1.23.1 Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By Express
GET H2	200	html2canvas.min.js Show response cdn.jsdelivr.net/npm/html2canvas@1.0.0-rc.5/dist/	161 KB 43 KB	65ms 26ms	Script application/javascript	151.101.193.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/html2canvas@1.0.0-rc.5/dist/html2canvas.min.js Requested by Host: app.oraqai.com URL: https://app.oraqai.com/patient/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cbdc553a0981a8f1f0767007ca2e4e4d2002c2c347947c7e2152391d55477d03 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 08 Feb 2024 13:36:13 GMT x-content-type-options nosniff content-encoding br age 5568632 x-jsd-version 1.0.0-rc.5 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 43952 x-served-by cache-fra-eddf8230089-FRA, cache-yul12821-YUL x-jsd-version-type version etag W/"283a1-6294MoeX71aHa6BBnG2F72mjrPk" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	css2 fonts.googleapis.com/	7 KB 796 B	110ms 43ms	Stylesheet text/css	142.251.179.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;500;600&display=swap Requested by Host: app.oraqai.com URL: https://app.oraqai.com/patient/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.179.95 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f95.1e100.net Software ESF / Resource Hash 5c67777e859ba4ffabd0a44c84c2eb71e19ac7388cf0fc51c82115993c3b8abc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 08 Feb 2024 13:36:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 08 Feb 2024 13:36:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 08 Feb 2024 13:36:13 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	109ms 42ms	Stylesheet text/css	142.251.179.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: app.oraqai.com URL: https://app.oraqai.com/patient/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.179.95 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f95.1e100.net Software ESF / Resource Hash 452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 08 Feb 2024 13:36:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 08 Feb 2024 13:36:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 08 Feb 2024 13:36:13 GMT
GET H2	200	v2.js Show response js.hsforms.net/forms/embed/	481 KB 154 KB	78ms 39ms	Script application/javascript	104.16.140.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/embed/v2.js Requested by Host: app.oraqai.com URL: https://app.oraqai.com/patient/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.140.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d36723abef18616fa3fd4ca645638b74a655be246b374b909aaea89245d645ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator age 390 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4662/bundles/project-v2.js&cfRay=851b70183ec336a6-YYZ x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"901e54a14df8fb921f61ad1626d78aec" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.4662/bundles/project-v2.js date Thu, 08 Feb 2024 13:36:13 GMT x-amz-version-id Sy9z64wPMCabKXuNCQ40uKHrSWHQMm__ via 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 529ae0ee-cacb-4ea6-8edd-4562525f4e79 x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 529ae0ee-cacb-4ea6-8edd-4562525f4e79 last-modified Wed, 07 Feb 2024 11:39:14 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgmtzGNVYTJ86pSPspe%2Fg3rd%2BNtnPQzoNnIfa9%2BM68xhVmQxuTLUu37Tqj5zfSVV7wdrHt%2B31BK6DPF1jFkOG0IN%2BaKiILR6WnAOwuiwrmjMYbUktZdo5avkcFHOFM%2F1"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-748b697-qr57v cf-ray 852442a438a36e0a-YUL x-amz-cf-id dQuNtZwJHQuk9R--HnaV5JbuBP2abZgVI8pScIa0gmtx05omAPtdug==
GET H/1.1	200 OK	bundle.js Show response app.oraqai.com/static/js/	9 MB 2 MB	76ms 76ms	Script application/javascript	34.130.176.193 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.oraqai.com/static/js/bundle.js Requested by Host: app.oraqai.com URL: https://app.oraqai.com/patient/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.130.176.193 Toronto, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 193.176.130.34.bc.googleusercontent.com Software nginx/1.23.1 / Express Resource Hash 06b225c0fb87282d0f8dd7d2a3dd6979d92f8809ff05f67ae478ed7949e9fee7 Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/patient/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Thu, 08 Feb 2024 13:36:13 GMT Content-Encoding gzip Server nginx/1.23.1 X-Powered-By Express ETag W/"93808a-qcoCclsCGjg1v0cxOPwt97khPIk" Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers *
GET H/1.1	200 OK	src_pages_v1_auth_LogInComponent_tsx.chunk.js Show response app.oraqai.com/static/js/	47 KB 8 KB	40ms 39ms	Script application/javascript	34.130.176.193 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.oraqai.com/static/js/src_pages_v1_auth_LogInComponent_tsx.chunk.js Requested by Host: app.oraqai.com URL: https://app.oraqai.com/static/js/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.130.176.193 Toronto, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 193.176.130.34.bc.googleusercontent.com Software nginx/1.23.1 / Express Resource Hash 148385089f31687fb5536017be235355548856b4a6e231da80b75b10e54d6b35 Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/patient/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Thu, 08 Feb 2024 13:36:14 GMT Content-Encoding gzip Server nginx/1.23.1 X-Powered-By Express ETag W/"ba87-NJHEtUdFCUJQuJ7gSgDGQkIS6+k" Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers *
GET H/1.1	200 OK	src_pages_v1_patient_auth_Login_tsx.chunk.js Show response app.oraqai.com/static/js/	16 KB 6 KB	78ms 37ms	Script application/javascript	34.130.176.193 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.oraqai.com/static/js/src_pages_v1_patient_auth_Login_tsx.chunk.js Requested by Host: app.oraqai.com URL: https://app.oraqai.com/static/js/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.130.176.193 Toronto, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 193.176.130.34.bc.googleusercontent.com Software nginx/1.23.1 / Express Resource Hash 21e826321569054cf9d50d82ce61e999491bfd1c7c86f1c75ff9b53cb202b309 Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/patient/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Thu, 08 Feb 2024 13:36:14 GMT Content-Encoding gzip Server nginx/1.23.1 X-Powered-By Express ETag W/"3faf-YL6qY4pmvhq/PBzsjduV7vQMxOA" Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	client Show response accounts.google.com/gsi/	206 KB 80 KB	167ms 98ms	Script application/javascript	172.253.115.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: app.oraqai.com URL: https://app.oraqai.com/static/js/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.84 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f84.1e100.net Software ESF / Resource Hash 49003edf417b7531ac27bce16596b3e067cf71057220e76ef6d3bc59f64dbdec Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-jMnxVhDtfdHyx2rNQOzCjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 13:36:15 GMT content-security-policy script-src 'report-sample' 'nonce-jMnxVhDtfdHyx2rNQOzCjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Thu, 08 Feb 2024 13:36:15 GMT
GET H/1.1	200 OK	googleIcon.71bb499730b6ebc9efbd333e2532a65d.svg app.oraqai.com/static/media/	3 KB 1022 B	67ms 64ms	Image image/svg+xml	34.130.176.193 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://app.oraqai.com/static/media/googleIcon.71bb499730b6ebc9efbd333e2532a65d.svg Requested by Host: app.oraqai.com URL: https://app.oraqai.com/patient/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.130.176.193 Toronto, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 193.176.130.34.bc.googleusercontent.com Software nginx/1.23.1 / Express Resource Hash 8a52a6977305d073be87e099d4d4697945c547e672f928ae6e98a6eacb9c482e Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/patient/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Thu, 08 Feb 2024 13:36:15 GMT Content-Encoding gzip Server nginx/1.23.1 X-Powered-By Express ETag W/"bf2-rTfQaoxZ8FoG2G4K4Ax7uU4Aj+g" Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type image/svg+xml Access-Control-Allow-Origin * Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers *
GET H/1.1	200 OK	patient_banner.6fb938621f7584c50b62.png app.oraqai.com/static/media/	74 KB 74 KB	70ms 68ms	Image image/png	34.130.176.193 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://app.oraqai.com/static/media/patient_banner.6fb938621f7584c50b62.png Requested by Host: app.oraqai.com URL: https://app.oraqai.com/patient/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.130.176.193 Toronto, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 193.176.130.34.bc.googleusercontent.com Software nginx/1.23.1 / Express Resource Hash 6ea97272845cfe7aa81bbdedfa42a28d9e4b0f27ab8d30c1a1fc2fd1320a3e13 Request headers accept-language en-CA,en;q=0.9 Referer https://app.oraqai.com/patient/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Thu, 08 Feb 2024 13:36:15 GMT Server nginx/1.23.1 X-Powered-By Express ETag W/"12763-I0ruX3feGYw7sW6EAwWg53I0jw8" Access-Control-Allow-Methods * Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers * Content-Length 75619

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| html2canvas object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady function| webpackHotUpdateoraq_web object| webpackChunkoraq_web object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected boolean| __EMOTION_REACT_11__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| Pusher object| default_gsi object| _F_toggles object| google object| closure_lm_826683

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://app.oraqai.com/patient/login(Line 8) Message: Unrecognized Content-Security-Policy directive 'Welcome'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
app.oraqai.com
cdn.jsdelivr.net
fonts.googleapis.com
js.hsforms.net
104.16.140.206
142.251.179.95
151.101.193.229
172.253.115.84
34.130.176.193
06b225c0fb87282d0f8dd7d2a3dd6979d92f8809ff05f67ae478ed7949e9fee7
0f75ff179bf94f34cf4a6402bf8602c6e9bcdca74b7c5d6b57199f97dc380824
148385089f31687fb5536017be235355548856b4a6e231da80b75b10e54d6b35
21e826321569054cf9d50d82ce61e999491bfd1c7c86f1c75ff9b53cb202b309
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
49003edf417b7531ac27bce16596b3e067cf71057220e76ef6d3bc59f64dbdec
5c67777e859ba4ffabd0a44c84c2eb71e19ac7388cf0fc51c82115993c3b8abc
6ea97272845cfe7aa81bbdedfa42a28d9e4b0f27ab8d30c1a1fc2fd1320a3e13
8a52a6977305d073be87e099d4d4697945c547e672f928ae6e98a6eacb9c482e
cbdc553a0981a8f1f0767007ca2e4e4d2002c2c347947c7e2152391d55477d03
d36723abef18616fa3fd4ca645638b74a655be246b374b909aaea89245d645ba