![](/screenshots/d4a08d0e-80f1-49b4-8723-fe3475df52fc.png)
carlyle.cultureamp.com
Open in
urlscan Pro
65.9.66.58
Public Scan
Effective URL: https://carlyle.cultureamp.com/responses/62e28bd5019f5f0001818368/content/confidentiality
Submission: On July 29 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon on September 17th 2021. Valid for: a year.
This is the only time carlyle.cultureamp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 65.9.66.58 65.9.66.58 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:205... 2600:9000:2057:ce00:f:1a8a:e3c0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 143.204.214.214 143.204.214.214 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2600:9000:214... 2600:9000:214f:fc00:1d:77d4:b40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2600:1901:0:7... 2600:1901:0:7a0b:: | 15169 (GOOGLE) (GOOGLE) | |
3 | 44.242.56.121 44.242.56.121 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 104.18.70.113 104.18.70.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 104.16.53.111 104.16.53.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 8 |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-58.fra56.r.cloudfront.net
carlyle.cultureamp.com |
ASN16509 (AMAZON-02, US)
d1vmr11cgrgrrj.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-214.fra53.r.cloudfront.net
d14ap9xqx3yvr5.cloudfront.net |
ASN16509 (AMAZON-02, US)
d1e7r7b0lb8p4d.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-56-121.us-west-2.compute.amazonaws.com
amplitude.uw2.analytics.cultureamp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
cloudfront.net
d1vmr11cgrgrrj.cloudfront.net d14ap9xqx3yvr5.cloudfront.net d1e7r7b0lb8p4d.cloudfront.net |
2 MB |
8 |
zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1931 ekr.zdassets.com — Cisco Umbrella Rank: 18507 |
420 KB |
8 |
cultureamp.com
1 redirects
carlyle.cultureamp.com amplitude.uw2.analytics.cultureamp.com — Cisco Umbrella Rank: 131699 |
27 KB |
5 |
zendesk.com
cultureamp.zendesk.com — Cisco Umbrella Rank: 175249 |
2 KB |
2 |
bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 1010 |
140 B |
32 | 5 |
Domain | Requested by | |
---|---|---|
7 | static.zdassets.com |
d14ap9xqx3yvr5.cloudfront.net
static.zdassets.com |
7 | d14ap9xqx3yvr5.cloudfront.net |
carlyle.cultureamp.com
d14ap9xqx3yvr5.cloudfront.net |
5 | cultureamp.zendesk.com |
static.zdassets.com
|
5 | carlyle.cultureamp.com |
1 redirects
carlyle.cultureamp.com
d14ap9xqx3yvr5.cloudfront.net |
3 | amplitude.uw2.analytics.cultureamp.com |
d14ap9xqx3yvr5.cloudfront.net
|
2 | sessions.bugsnag.com |
d14ap9xqx3yvr5.cloudfront.net
|
2 | d1e7r7b0lb8p4d.cloudfront.net |
d14ap9xqx3yvr5.cloudfront.net
|
1 | ekr.zdassets.com |
static.zdassets.com
|
1 | d1vmr11cgrgrrj.cloudfront.net | |
32 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cultureamp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cultureamp.com Amazon |
2021-09-17 - 2022-10-16 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA |
2022-04-26 - 2023-04-26 |
a year | crt.sh |
amplitude.uw2.analytics.cultureamp.com Amazon |
2021-12-17 - 2023-01-14 |
a year | crt.sh |
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2022-06-08 - 2022-12-15 |
6 months | crt.sh |
cultureamp.zendesk.com Cloudflare Inc ECC CA-3 |
2022-05-09 - 2023-05-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://carlyle.cultureamp.com/responses/62e28bd5019f5f0001818368/content/confidentiality
Frame ID: 9E9784B6A65AC57A04E01BE7C4E5F162
Requests: 20 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/latest/web-widget-framework-8e45177b7f7d8eb5e2ba.js
Frame ID: D93A5A107872B265F57040172CA5E5E6
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/d4a08d0e-80f1-49b4-8723-fe3475df52fc.png)
Page Title
How your feedback will be displayedPage URL History Show full URLs
-
https://carlyle.cultureamp.com/responses/62e28bd5019f5f0001818368/content/confidentiality?secret=hKMsz35EE_...
HTTP 302
https://carlyle.cultureamp.com/responses/62e28bd5019f5f0001818368/content/confidentiality Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://carlyle.cultureamp.com/responses/62e28bd5019f5f0001818368/content/confidentiality?secret=hKMsz35EE_YHGynGIokNBm5ONcKAIQ
HTTP 302
https://carlyle.cultureamp.com/responses/62e28bd5019f5f0001818368/content/confidentiality Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
confidentiality
carlyle.cultureamp.com/responses/62e28bd5019f5f0001818368/content/ Redirect Chain
|
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
d1vmr11cgrgrrj.cloudfront.net/7834392/css/ |
17 B 345 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response-d9cf11997ecdf5385dfa.bundle.css
d14ap9xqx3yvr5.cloudfront.net/assets/ |
2 MB 213 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-7321aa7b0196b77b5712.bundle.css
d14ap9xqx3yvr5.cloudfront.net/assets/ |
52 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commonDll-d9306a42cd392542d58d.bundle.js
d14ap9xqx3yvr5.cloudfront.net/assets/ |
2 MB 380 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response-8ae8af3855fa0b6fccd0.bundle.js
d14ap9xqx3yvr5.cloudfront.net/assets/ |
4 MB 858 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinner-16x16-light-8a1bfd29a8b8e31de99e3265a36cd39d.gif
d14ap9xqx3yvr5.cloudfront.net/assets/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CA-logo-coral-f070a47e1214ff7ae60af66d7037ca72.svg
d14ap9xqx3yvr5.cloudfront.net/assets/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo
carlyle.cultureamp.com/account/5e1ccb3facc0b30023cee668/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter-medium.woff2
d1e7r7b0lb8p4d.cloudfront.net/fonts/inter/ |
104 KB 105 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter-regular.woff2
d1e7r7b0lb8p4d.cloudfront.net/fonts/inter/ |
98 KB 98 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amplitude
carlyle.cultureamp.com/my/profile_data/ |
265 B 975 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sessions.bugsnag.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
sessions.bugsnag.com/ |
21 B 140 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-frontend-locales-en-messages-js-83cd26903a8a380577e6.bundle.js
d14ap9xqx3yvr5.cloudfront.net/assets/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zendesk
carlyle.cultureamp.com/my/profile_data/ |
2 B 701 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
amplitude.uw2.analytics.cultureamp.com/ |
7 B 262 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
amplitude.uw2.analytics.cultureamp.com/ |
7 B 260 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
amplitude.uw2.analytics.cultureamp.com/ |
7 B 263 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
708c6963-7824-48a1-981a-f7cdd2be2676
ekr.zdassets.com/compose/ |
388 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-framework-8e45177b7f7d8eb5e2ba.js
static.zdassets.com/web_widget/latest/ Frame D93A |
169 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
cultureamp.zendesk.com/embeddable/ Frame D93A |
863 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-classic-5cfa662.js
static.zdassets.com/web_widget/latest/classic/ Frame D93A |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-9252-5cfa662.js
static.zdassets.com/web_widget/latest/classic/ Frame D93A |
657 KB 189 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-7339-5cfa662.js
static.zdassets.com/web_widget/latest/classic/ Frame D93A |
466 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
cultureamp.zendesk.com/ Frame D93A |
0 461 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
cultureamp.zendesk.com/ Frame D93A |
0 290 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de-de-json-5cfa662.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame D93A |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-chat-sdk-5cfa662.js
static.zdassets.com/web_widget/latest/classic/ Frame D93A |
202 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pv
cultureamp.zendesk.com/frontendevents/ Frame D93A |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pv
cultureamp.zendesk.com/frontendevents/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| AUTH_TOKEN string| ACTION string| COMPONENT string| CONTROLLER string| LOCALE string| resourceBaseUrl object| treasureDataSettings function| commonDll object| CultureAmp object| webpackJsonp function| bugsnag function| setImmediate function| clearImmediate object| regeneratorRuntime object| jQuery1124008328689135492628 object| BrowserDetect boolean| ie boolean| firefox object| $window object| $document object| $body boolean| TOUCH_DEVICE boolean| showAjaxSpinner function| applyFocusVisiblePolyfill object| React object| __SVG_SPRITE__ object| __AMPLITUDE__ function| $ object| Select2 object| ONLINE boolean| enableBugsnag object| bugsnagClient function| dismissPopovers object| Flash object| $modal object| zEState object| analyticsConnectorInstances object| zESettings object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
carlyle.cultureamp.com/ | Name: secret_62e28bd5019f5f0001818368 Value: hKMsz35EE_YHGynGIokNBm5ONcKAIQ |
|
.cultureamp.com/ | Name: _murmur_session_all Value: 2d234727949aa771bae09a4032884427 |
|
.cultureamp.com/ | Name: amp_6cfe80 Value: 0cc13a67-b6a5-41d7-8a08-fb2b1f76baf4.ODk0MzE4ZDEtNzRiOC00MmZjLTg3MjgtMDZjNWEwNTFjMTg0..1g93rgdtf.1g93rgfi3.0.3.3 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=16070400; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amplitude.uw2.analytics.cultureamp.com
carlyle.cultureamp.com
cultureamp.zendesk.com
d14ap9xqx3yvr5.cloudfront.net
d1e7r7b0lb8p4d.cloudfront.net
d1vmr11cgrgrrj.cloudfront.net
ekr.zdassets.com
sessions.bugsnag.com
static.zdassets.com
104.16.53.111
104.18.70.113
143.204.214.214
2600:1901:0:7a0b::
2600:9000:2057:ce00:f:1a8a:e3c0:21
2600:9000:214f:fc00:1d:77d4:b40:21
44.242.56.121
65.9.66.58
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d64fdfa6c7a7372d39f5e10c5f2c749fa23d4527b458a2d7567ce0c96ef2854
0da8d0f80c3f40a30dd1312f72310122c385224c96d617c4c246a96148004d6a
18f07cbf0e8530a8c568dbec67cc63640fb062764fe1b43872063813b6921d92
1a1a80c775ee8d35c6ff59608c74bfa25f9d6be69adda2f73938f79fa2ae08e8
427053273a0df30c0dc37074fcaa5cda49c01a8bc9a315b15ea1666365eb7a58
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46585c39ead598ad99c233568c3509f89fd29ebd8a03a4f22ed1e83e34cb5ef6
4aa0f79d692bd605df45c83223cc89689153ded7dc40d82c8ddd62144c107f9d
6540bc0e609238e4324f74e2dbb182b6303d2f15123f12a04ece7abf41c3c09e
66dfd00f4c68fdbad43f5b8fc3cc70452608766e369a9583b620778473492cb8
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
77677cd3d62f53fce403b743c6ab0dfacf6109cfa5f2c511a57b0779222c76de
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
a3878d7a4119b2c2112f6cf5bb937b5ba10644b615e0ffe8bd202d68f04b5bab
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b326ac06af7d7e110680e40f5ab9ecedd4d228ea0b44fc20d4e4d9f9b14f19cb
bf2bbc0ca1c56cd2e5f88e551a7e2e57e968b385c61c54fc6b67317d2768f7d3
c259eb18ccebb0ca46cb467bc13618a5c5ae921cacdda77804ffc57a4b204abe
c6d4956b4bc06b737eb7a0ed07008f444855a570e442bbe89b788b9ee8a50453
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
d831ff64ee271d3f726da41537819c5987a736a50353ac526a97250cf35c493f
e0d3de65c76c21ed34a46bfa6058c8cb684dff0bf696a05e5ce7735131ba4339
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95704045e2b001c379d443347c35f8785c69c669c515317d2cab59a9f5af868
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12