urlscan.io logo urlscan.io
SecurityTrails logo

corona.luki.io Open in urlscan Pro
99.86.3.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://corona.luki.io/
Effective URL: https://corona.luki.io/
Submission: On March 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 99.86.3.102, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is corona.luki.io.
TLS certificate: Issued by Amazon on March 23rd 2020. Valid for: a year.
This is the only time corona.luki.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 99.86.3.102 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.201.110 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 99.86.3.17 16509 (AMAZON-02)
1 2a04:4e42:9::720 54113 (FASTLY)
21 9
6    99.86.3.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-102.fra6.r.cloudfront.net
corona.luki.io
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    143.204.201.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-110.fra53.r.cloudfront.net
www.craft.do
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    99.86.3.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-17.fra6.r.cloudfront.net
res.luki.io
1    2a04:4e42:9::720 (Ascension Island)

ASN54113 (FASTLY, US)
images.unsplash.com
Domain Requested by
6 corona.luki.io 1 redirects corona.luki.io
5 res.luki.io
4 fonts.gstatic.com corona.luki.io
2 www.google-analytics.com www.googletagmanager.com
1 images.unsplash.com
1 www.googletagmanager.com www.craft.do
1 unpkg.com corona.luki.io
1 www.craft.do corona.luki.io
1 fonts.googleapis.com corona.luki.io
21 9

This site contains links to these domains. Also see Links.

Domain
www.craft.do
www.google.com
Subject Issuer Validity Valid
corona.luki.io
Amazon		 2020-03-23 -
2021-04-23		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.craft.do
Amazon		 2019-11-29 -
2020-12-29		 a year crt.sh
ssl714328.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-18 -
2020-08-26		 6 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.luki.io
Amazon		 2019-06-22 -
2020-07-22		 a year crt.sh
imgix2.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-11 -
2020-07-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://corona.luki.io/
Frame ID: FA9B90B6410BE76B7B9DB10B82B124E3
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://corona.luki.io/ HTTP 301
    https://corona.luki.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

21791 kB
Transfer

22294 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://corona.luki.io/ HTTP 301
    https://corona.luki.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
corona.luki.io/
Redirect Chain
  • http://corona.luki.io/
  • https://corona.luki.io/
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://corona.luki.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-102.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
c266e2a3db87efbf97a0a91a27b2b265bb17dc5b5fb66c18fed30c2beb41b7cb

Request headers

:method
GET
:authority
corona.luki.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
date
Tue, 24 Mar 2020 07:55:20 GMT
x-amzn-requestid
f3d2f506-a6ef-4f6e-b7b1-639d4df8c0d1
x-amzn-remapped-content-length
5458
x-amzn-remapped-connection
close
x-amz-apigw-id
J4p0GG1pIAMFwHw=
cache-control
max-age=60
x-powered-by
Express
x-amzn-trace-id
Root=1-5e79bce6-1f8ceb40d83449b08350d8f8;Sampled=0
x-amzn-remapped-date
Tue, 24 Mar 2020 07:55:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Y4M8oft166B9loZ_ZzeEgubeGzazmzE6Gv63dzTEfg3Qgd20I5ou_A==

Redirect headers

Server
CloudFront
Date
Tue, 24 Mar 2020 07:55:17 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://corona.luki.io/
X-Cache
Redirect from cloudfront
Via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
O0gOYjc1dj9EZ6j-s0JyJBDiu1SzNr4ja9lYKvEQ1AFMf_37Rpc28A==
css
fonts.googleapis.com/ 		59 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,400i,500,500i,600,600i,700,700i|Nunito:400,400i,600,600i,700,700i,800,800i,900,900i|Roboto+Mono:400,400i,500,500i,700,700i|Roboto:400,500,700&display=swap
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac9e071ad00253941664414d1f2035a13d2b5caab75dc01ee22e90f922d47f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Mar 2020 07:55:20 GMT
server
ESF
date
Tue, 24 Mar 2020 07:55:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Mar 2020 07:55:20 GMT
analytics.js
www.craft.do/assets/js/ 		964 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.craft.do/assets/js/analytics.js
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.201.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-110.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7050a259e89e6421ebde91996685ef260866333abd22d47a865064a5f6087b1

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 07:00:00 GMT
via
1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
last-modified
Fri, 14 Feb 2020 12:12:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"bd9629f8c11889894cbfee6845f7d1dc"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
content-length
964
x-amz-cf-id
AzkHEOVgSikDXf1GZD_dzsA4YFTsYO1nry2VjrNWiOGr3H_7v7NP0Q==
vendors~main.39b44df6.chunk.css
corona.luki.io/share/static/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://corona.luki.io/share/static/css/vendors~main.39b44df6.chunk.css
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
802c33b34307f660840fd68222b8739f0cf12fed011a69292ed49753a5d5bffa

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 24 Mar 2020 06:31:10 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 13:23:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
tTw0MYFw4FPLKiRQYvLRyVkbLriBmp5AW_8BQO-m7i8XPFEcpBCS0Q==
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
vendors~main.71d23642.chunk.js
corona.luki.io/share/static/js/ 		248 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.luki.io/share/static/js/vendors~main.71d23642.chunk.js
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
892558a8fb941ce42d5f8b2c006d9185ae465283e8be24d914ad28f4a31067eb

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 06:31:10 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 13:22:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
hmI21RAO5J2XaBi-l0XSfOwOvrWtt45cJZRCYhEMJTrFpukMSP-bRA==
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
main.84e07ec9.chunk.js
corona.luki.io/share/static/js/ 		275 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.luki.io/share/static/js/main.84e07ec9.chunk.js
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-102.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6414cf8aefebfc169176e6fcd7dc4bf447e58dd9114f250d066d2a3330b69484

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 06:31:10 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 13:22:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
H4-jpyaKJha1KUN1g7i92oQw8G9FybuNdb1UtxgEABAVVomwVmiQNg==
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
64.png
unpkg.com/emoji-datasource-apple@4.0.4/img/apple/sheets-256/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unpkg.com/emoji-datasource-apple@4.0.4/img/apple/sheets-256/64.png
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/share/static/js/main.84e07ec9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc370d2403bc5ef763a65a13f312dd8c4ee2115e3842ee62f4013aff9ab74bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 07:55:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3973019
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3079047
last-modified
Mon, 16 Apr 2018 23:57:58 GMT
server
cloudflare
etag
"2efb87-2HoGZWchWTonvFVsYs2usbynGaM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-cloud-trace-context
3ea35aa03b5a1476e68246623e73d3f6
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
578ed44e78be640d-FRA
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/share/static/js/main.84e07ec9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,400i,500,500i,600,600i,700,700i|Nunito:400,400i,600,600i,700,700i,800,800i,900,900i|Roboto+Mono:400,400i,500,500i,700,700i|Roboto:400,500,700&display=swap
Origin
https://corona.luki.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1658561
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 05 Mar 2021 03:12:39 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/share/static/js/main.84e07ec9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,400i,500,500i,600,600i,700,700i|Nunito:400,400i,600,600i,700,700i,800,800i,900,900i|Roboto+Mono:400,400i,500,500i,700,700i|Roboto:400,500,700&display=swap
Origin
https://corona.luki.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2243294
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:47:06 GMT
XtQNi60gRpgb
corona.luki.io/api/share/ 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corona.luki.io/api/share/XtQNi60gRpgb
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/share/static/js/main.84e07ec9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-102.fra6.r.cloudfront.net
Software
/
Resource Hash
d8e833a0ae6c4be718994052b7faa75b4ea3a82f06e7c821c717ba075e3cd6d6

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

date
Tue, 24 Mar 2020 07:55:23 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
f26265f7-752a-4972-a8c1-a708a978d7da
x-cache
Miss from cloudfront
content-type
application/json
status
200
cache-control
no-cache
x-amzn-trace-id
Root=1-5e79bce9-247d0ec08565efc38522afd8;Sampled=0
x-amz-apigw-id
J4p0hHFtIAMFw5g=
content-length
3284
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
x-amz-cf-id
V6rTvdI21lqHEnh5qeOr7m-eRzhvCFbLQrfS9vxUF58gZfoLrY0niA==
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154809035-2
Requested by
Host: www.craft.do
URL: https://www.craft.do/assets/js/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9e907e2fe40f1cae2db999d22ab1081ded940f2584910efaf8d8bcac48c5801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 07:55:20 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28650
x-xss-protection
0
last-modified
Tue, 24 Mar 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 24 Mar 2020 07:55:20 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154809035-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4605
date
Tue, 24 Mar 2020 06:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 24 Mar 2020 08:38:35 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=824832161&t=pageview&_s=1&dl=https%3A%2F%2Fcorona.luki.io%2F&ul=en-us&de=UTF-8&dt=Test%20page%20for%20obfuscation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=277805382&gjid=411837298&cid=1831890728.1585036521&tid=UA-154809035-2&_gid=215892043.1585036521&_r=1&gtm=2ou3b2&z=1493239916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 24 Mar 2020 07:55:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
jizDREVNn1dOx-zrZ2X3pZvkTiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/ibmplexserif/v8/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexserif/v8/jizDREVNn1dOx-zrZ2X3pZvkTiUf2zcZiVbJ.woff2
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/share/static/js/main.84e07ec9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
028912e9ad8cb6b41e802d8ff9120951f0d8944a48a2d98b5d906223a17e1bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,400i,500,500i,600,600i,700,700i|Nunito:400,400i,600,600i,700,700i,800,800i,900,900i|Roboto+Mono:400,400i,500,500i,700,700i|Roboto:400,500,700&display=swap
Origin
https://corona.luki.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 11:27:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:37:04 GMT
server
sffe
age
2233695
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14016
x-xss-protection
0
expires
Fri, 26 Feb 2021 11:27:08 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: corona.luki.io
URL: https://corona.luki.io/share/static/js/main.84e07ec9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Serif:400,400i,500,500i,600,600i,700,700i|Nunito:400,400i,600,600i,700,700i,800,800i,900,900i|Roboto+Mono:400,400i,500,500i,700,700i|Roboto:400,500,700&display=swap
Origin
https://corona.luki.io
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
4604704
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:50:19 GMT
blank_profile.png
res.luki.io/assets/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.luki.io/assets/blank_profile.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-17.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6176daa79e0b765aaa2547b00b4f89cc40ca69e274ddcc123d271cd0a0ac574

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 23:49:03 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Thu, 05 Dec 2019 15:06:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"9acfe78b8e1cfbf4c1b1d1f31745b96b"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
17253
x-amz-cf-id
0sakTYxsVkjm2HFPNpsbzyWCO5DnEJkR777A-cGl50F3F7BJQBJBiQ==
photo-1581309553233-a6d8e331c921
images.unsplash.com/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1581309553233-a6d8e331c921?ixlib=rb-1.2.1&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=1080&fit=max&ixid=eyJhcHBfaWQiOjcxMzcxfQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
657313ec41beea169c54997a4ab30bb7be776d65a566b5d1c544bb93f1d475d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 07:55:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Feb 2020 04:46:54 GMT
server
imgix
age
3726519
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
public, max-age=315360000
x-imgix-id
8c0e9d82fd8278fefaed76173704d7f7a4ed185a
accept-ranges
bytes
access-control-allow-origin
*
content-length
71299
x-served-by
cache-lax8622-LAX, cache-ams21022-AMS
6FFC64B3-4D2D-4C09-A333-CD5C15EC4F1A%7Cother
res.luki.io/user/full/tom/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.luki.io/user/full/tom/6FFC64B3-4D2D-4C09-A333-CD5C15EC4F1A%7Cother
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-17.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9caafb21274a02c59d9b93254ee223f8bada18e5560aa222944108c74c71c8d9

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 07:55:24 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
etag
"3ece734942899fa72238d6e779a73414"
last-modified
Fri, 28 Feb 2020 15:16:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
81860
x-amz-cf-id
-fKdeFEMN9SddXcs_lQzKHT0xgep-Amn-yw0fPHDnUsrvb5Yiked_g==
75C912B0-073F-43C4-B5DE-62A9FC7FED81
res.luki.io/user/full/tom/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.luki.io/user/full/tom/75C912B0-073F-43C4-B5DE-62A9FC7FED81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-17.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7c40d906c581b832428b8eca15b24018e27dc172aa8b4c3a5ce13e15eb530e6

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 07:55:24 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
etag
"0871c0d75a20dcd23aed3921fa7636bc"
last-modified
Tue, 11 Feb 2020 13:09:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
235804
x-amz-cf-id
pKyBtreDg3QGz9FrobwPT6KJuxMPW7Mw8zeauV2V6X2SR3A1Vu4s2g==
5B8DC2F3-CE11-4FA2-A895-B260E30097C3
res.luki.io/user/full/tom/ 		18 MB
18 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.luki.io/user/full/tom/5B8DC2F3-CE11-4FA2-A895-B260E30097C3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-17.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d69acb511ead681587a9e768a1ca65d19480570f210a627905526f517105bdef

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 07:55:24 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
etag
"654de3c4a8bcb3390ca5a89f09283282"
last-modified
Tue, 11 Feb 2020 15:35:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/gif
status
200
accept-ranges
bytes
content-length
18537875
x-amz-cf-id
_rbi3O2jWjJ3zvNgkO5R82dIfoAlMthjhc4-thogVGtD5EG_O2-HTQ==
FooterLight.png
res.luki.io/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.luki.io/assets/FooterLight.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-17.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5160413399f1a95da9b4c8743fd36f666241184ee7255ddd3adedc87d11fd332

Request headers

Referer
https://corona.luki.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 07:55:24 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
etag
"2b5c2587c61fbee3bb3e6810f3978672"
last-modified
Mon, 10 Feb 2020 09:34:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
3691
x-amz-cf-id
xRH4piAYraH53f07a3c7VX5X0aHb0dhG12ScLZE01k0e3H4ymevnCw==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonpluki-web object| scCGSHMRCache object| regeneratorRuntime function| Hammer function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.luki.io/ Name: _gat_gtag_UA_154809035_2
Value: 1
.luki.io/ Name: _gid
Value: GA1.2.215892043.1585036521
.luki.io/ Name: _ga
Value: GA1.2.1831890728.1585036521

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corona.luki.io
fonts.googleapis.com
fonts.gstatic.com
images.unsplash.com
res.luki.io
unpkg.com
www.craft.do
www.google-analytics.com
www.googletagmanager.com
143.204.201.110
2606:4700::6810:7daf
2a00:1450:4001:800::200e
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81d::2008
2a04:4e42:9::720
99.86.3.102
99.86.3.17
028912e9ad8cb6b41e802d8ff9120951f0d8944a48a2d98b5d906223a17e1bd2
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
5160413399f1a95da9b4c8743fd36f666241184ee7255ddd3adedc87d11fd332
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6414cf8aefebfc169176e6fcd7dc4bf447e58dd9114f250d066d2a3330b69484
657313ec41beea169c54997a4ab30bb7be776d65a566b5d1c544bb93f1d475d0
802c33b34307f660840fd68222b8739f0cf12fed011a69292ed49753a5d5bffa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
892558a8fb941ce42d5f8b2c006d9185ae465283e8be24d914ad28f4a31067eb
9caafb21274a02c59d9b93254ee223f8bada18e5560aa222944108c74c71c8d9
ac9e071ad00253941664414d1f2035a13d2b5caab75dc01ee22e90f922d47f9e
b7050a259e89e6421ebde91996685ef260866333abd22d47a865064a5f6087b1
bc370d2403bc5ef763a65a13f312dd8c4ee2115e3842ee62f4013aff9ab74bcd
c266e2a3db87efbf97a0a91a27b2b265bb17dc5b5fb66c18fed30c2beb41b7cb
c6176daa79e0b765aaa2547b00b4f89cc40ca69e274ddcc123d271cd0a0ac574
c7c40d906c581b832428b8eca15b24018e27dc172aa8b4c3a5ce13e15eb530e6
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d69acb511ead681587a9e768a1ca65d19480570f210a627905526f517105bdef
d8e833a0ae6c4be718994052b7faa75b4ea3a82f06e7c821c717ba075e3cd6d6
e9e907e2fe40f1cae2db999d22ab1081ded940f2584910efaf8d8bcac48c5801
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d