ahla.quorum.us
Open in
urlscan Pro
34.238.58.227
Public Scan
Effective URL: https://ahla.quorum.us/campaign/27864/
Submission: On July 29 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 20th 2019. Valid for: 2 years.
This is the only time ahla.quorum.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.183.0.47 54.183.0.47 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 34.238.58.227 34.238.58.227 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST) | |
3 | 2600:9000:21f... 2600:9000:21f3:6a00:12:cac3:2380:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
2 | 52.216.112.91 52.216.112.91 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42::729 2a04:4e42::729 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.242.21 162.247.242.21 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
30 | 14 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-0-47.us-west-1.compute.amazonaws.com
email.highnoon.co |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-58-227.compute-1.amazonaws.com
ahla.quorum.us |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
quorum-media.s3.amazonaws.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
quorum.us
ahla.quorum.us static.quorum.us |
908 KB |
7 |
googleapis.com
fonts.googleapis.com maps.googleapis.com |
196 KB |
3 |
gstatic.com
fonts.gstatic.com maps.gstatic.com |
19 KB |
2 |
nr-data.net
bam.nr-data.net |
456 B |
2 |
facebook.net
connect.facebook.net |
63 KB |
2 |
amazonaws.com
quorum-media.s3.amazonaws.com |
39 KB |
2 |
twitter.com
platform.twitter.com |
29 KB |
1 |
newrelic.com
js-agent.newrelic.com |
10 KB |
1 |
ravenjs.com
cdn.ravenjs.com |
13 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
20 KB |
1 |
highnoon.co
1 redirects
email.highnoon.co |
213 B |
30 | 11 |
Domain | Requested by | |
---|---|---|
6 | maps.googleapis.com |
ahla.quorum.us
maps.googleapis.com |
6 | ahla.quorum.us |
static.quorum.us
ahla.quorum.us |
3 | static.quorum.us |
ahla.quorum.us
|
2 | bam.nr-data.net |
js-agent.newrelic.com
ahla.quorum.us |
2 | maps.gstatic.com |
ahla.quorum.us
|
2 | connect.facebook.net |
ahla.quorum.us
connect.facebook.net |
2 | quorum-media.s3.amazonaws.com |
ahla.quorum.us
static.quorum.us |
2 | platform.twitter.com |
ahla.quorum.us
platform.twitter.com |
1 | js-agent.newrelic.com |
ahla.quorum.us
|
1 | fonts.gstatic.com |
static.quorum.us
|
1 | fonts.googleapis.com |
ahla.quorum.us
|
1 | cdn.ravenjs.com |
ahla.quorum.us
|
1 | maxcdn.bootstrapcdn.com |
ahla.quorum.us
|
1 | email.highnoon.co | 1 redirects |
30 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.quorum.us |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.quorum.us Sectigo RSA Domain Validation Secure Server CA |
2019-06-20 - 2021-06-19 |
2 years | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-11-18 |
a year | crt.sh |
*.quorum.us COMODO RSA Domain Validation Secure Server CA |
2018-01-25 - 2021-02-13 |
3 years | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2021-03-12 |
a year | crt.sh |
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-05-20 - 2020-12-18 |
7 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-07-22 - 2021-05-07 |
10 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://ahla.quorum.us/campaign/27864/
Frame ID: 6E1A48427EDE3ABB3685CB8ADFFE640E
Requests: 31 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.c4b33f07650267db9f8a72eaac551cac.html?origin=https%3A%2F%2Fahla.quorum.us
Frame ID: D5E7582C889BFE61FFBE18C240F717F1
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://email.highnoon.co/t/r-l-jkduiyiy-udllliuiut-h/
HTTP 302
https://ahla.quorum.us/campaign/27864/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Powered by Quorum
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email.highnoon.co/t/r-l-jkduiyiy-udllliuiut-h/
HTTP 302
https://ahla.quorum.us/campaign/27864/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ahla.quorum.us/campaign/27864/ Redirect Chain
|
759 KB 129 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_grassroots.css
static.quorum.us/versions/desktop/2.11.2.31/25507676/ |
54 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aHbjfS4hUcn2xveA85bg.css
quorum-media.s3.amazonaws.com/media/css/grassroots/custom/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raven.min.js
cdn.ravenjs.com/3.24.1/ |
34 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_grassroots.js
static.quorum.us/versions/desktop/2.11.2.31/25507676/ |
2 MB 600 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 615 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
125 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2016-07-07_18:32:56.082059_2559__Hotel-Lobby.jpg
ahla.quorum.us/media/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2016-09-07_00:54:12.004218_2559__HotelsACTlogoFinal.png
quorum-media.s3.amazonaws.com/media/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e6fwniDtzM.woff
fonts.gstatic.com/s/muli/v22/ |
13 KB 13 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ahla.quorum.us/api/grassrootscustomevent/ |
276 B 927 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ahla.quorum.us/api/grassrootsissue/ |
264 B 911 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ahla.quorum.us/api/grassrootsregistrationpage/ |
463 B 1022 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ahla.quorum.us/api/grassrootscampaign/get_grassroots_campaign_detail/ |
5 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.c4b33f07650267db9f8a72eaac551cac.html
platform.twitter.com/widgets/ Frame D5E7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
199 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ |
144 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controls.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ |
208 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/41/7/ |
43 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
84 B 84 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
83 B 83 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b06871f281fee6b241d60582ae9369b9.ttf
static.quorum.us/versions/desktop/2.11.2.31/25507676/ |
162 KB 97 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1173.min.js
js-agent.newrelic.com/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d1446abd66
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 147 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
d1446abd66
bam.nr-data.net/events/1/ |
24 B 181 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NREUM object| newrelic function| __nr_require object| __twttrll object| twttr object| __twttr object| DJANGIO_ENTRY_POINT function| detectIEEdge boolean| ieVersion object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| Raven object| optionalFields string| property object| action_center_settings number| supporter_points object| organization object| pages string| index_route object| organization_design object| userdata object| Userdata object| permissions string| language string| sso_url object| registrationPages object| customFields object| campaignList boolean| cookielessSafariWindow boolean| registrationForm function| inIframe object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| axios object| DjangIO function| swal function| sweetAlert function| generateStaticUrl function| BACKENDERROR function| segue object| store function| SearchifyWrapper object| options function| setRavenContext function| fbAsyncInit object| FB object| __e3_ object| _xdc_2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ahla.quorum.us/ | Name: qsesid Value: 8zuizw2z2pgce250y0al82kryx305qlz |
|
ahla.quorum.us/ | Name: current_version Value: "2.11.2.31/25507676" |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ahla.quorum.us
bam.nr-data.net
cdn.ravenjs.com
connect.facebook.net
email.highnoon.co
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
platform.twitter.com
quorum-media.s3.amazonaws.com
static.quorum.us
151.101.114.110
162.247.242.21
2001:4de0:ac19::1:b:1a
2600:9000:21f3:6a00:12:cac3:2380:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a00:1450:4001:818::2003
2a00:1450:4001:820::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42::729
34.238.58.227
52.216.112.91
54.183.0.47
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cbdf9a5f8ac2a143fc5529b31164cbf449f99d969843df9aae120ddf659318f
17bffb267b7c1b87c3e24c27f81d3d68d1c8576854d295796943f0121fefad24
1cbfcef32ac8eddd803853dfe1a247e27c2844e6d179d72dd447e78995910bed
1da5f87b65589dee4b910c7e9a1f00a8d8f72e0409c07be06b0b922845173b4f
237ba874ae79252e7a517bbf2f3b3a3e8b72ec2f761ee0422f32ffc77d224042
2de3501030a60b30d663947fe95efaf8eba5dbb9be36f26893387a7a575133fb
2fa5cf741948212bb723a44fec256b2f63dbb65bd4e6b6ce5584bb58d6d5221a
302f0fbc9d7907bf57c61dfb1a6cce18b65b7ef936e71d9177f278793e4b7872
394efb4b3c27d91c57ec24b001aadcd622e3056ec2b57adc41cb5fb0d8535366
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0
46ff63d7e4e322aed3aeae6d4b7cac00872e9a0f7e63e77acd2c258faab5e953
4d4109649e7ab9c2a424074c6d2f0afd1037d3254396e5d24a1d6c085ee2a238
4f2d5096ed272aa849d0753d5f4ebb1873f63d80670ff032cbd02cf5c171fdaf
5a79c44ef471513afd464db0470033bbd443770d9d47e0c4e20fb5377f74c2ee
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
7176be8be722411127c507733c0ec0a1db629f1fe8ae1b5f887f2fbdea2bcd6d
8caea3e58665d8a56ac1140f37ab4ed259c735a12fd63a8c84aa71eef7b46887
9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36
99ab6fd805e3873aa0a5adedd4b27e9c74becff9cd70b5ae1e96d420379736b0
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
aba4cd44e18dc6345bd6543303e8f133afc146b73278d63ccbea47e236a2c895
b25e1e7145a66edbf71a2d71a39de7b8b9f9aafea4891b7d8bbc663a478144b1
c55e6260ff8e823b731867a20aa58c848604d836de8aeb09b91feb8cb00f7cc2
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
db490a3761450f5af43dbae404030508ecfb60f4011ea60492849f03fbe06b89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5cdb8bcb4447d5f482f6b4a0e4a04ebf5e51a4c463bd97ef538758b13ac975
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f87950f61369af5b89e4d5c3ff2d5f70e5457fab93ea90b992017fc0aa7ff2da