urlscan.io logo urlscan.io
SecurityTrails logo

chat.gohealthhero.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chat.gohealthhero.com/
Effective URL: https://chat.gohealthhero.com/
Submission: On January 16 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is chat.gohealthhero.com.
TLS certificate: Issued by GTS CA 1P5 on December 17th 2023. Valid for: 3 months.
This is the only time chat.gohealthhero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 152.199.19.160 15133 (EDGECAST)
6 143.204.205.185 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
1 104.26.10.16 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 9
6    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
chat.gohealthhero.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:adb (United States)

ASN13335 (CLOUDFLARENET, US)
app.viral-loops.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
cdn.botframework.com
6    143.204.205.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-185.fra53.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
1    2600:9000:214f:6c00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    104.26.10.16 (None, )

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
1    2606:4700::6813:a818 (United States)

ASN13335 (CLOUDFLARENET, US)
healthhero.us.auth0.com
Apex Domain
Subdomains		 Transfer
6 cloudfront.net
d10lpsik1i8c69.cloudfront.net
100 KB
6 gohealthhero.com
chat.gohealthhero.com
140 KB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6706
healthhero.us.auth0.com
2 KB
2 viral-loops.com
app.viral-loops.com — Cisco Umbrella Rank: 146912
213 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 10963
1 KB
1 botframework.com
cdn.botframework.com — Cisco Umbrella Rank: 18234
872 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
775 B
20 7
Domain Requested by
6 d10lpsik1i8c69.cloudfront.net chat.gohealthhero.com
d10lpsik1i8c69.cloudfront.net
6 chat.gohealthhero.com 1 redirects chat.gohealthhero.com
2 app.viral-loops.com chat.gohealthhero.com
app.viral-loops.com
1 healthhero.us.auth0.com chat.gohealthhero.com
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 cdn.auth0.com chat.gohealthhero.com
1 cdn.botframework.com chat.gohealthhero.com
1 fonts.googleapis.com chat.gohealthhero.com
20 8

This site contains links to these domains. Also see Links.

Domain
terms.gohealthhero.com
Subject Issuer Validity Valid
gohealthhero.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
viral-loops.com
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-30 -
2024-04-29		 a year crt.sh
us.auth0.com
E1		 2023-11-28 -
2024-02-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://chat.gohealthhero.com/
Frame ID: 522DDD6C916E640A635FDBE76CF887D8
Requests: 16 HTTP requests in this frame

Frame: https://healthhero.us.auth0.com/authorize?client_id=CLTY3hw8TZsjBPkZcfUeoV1G50jLArOc&scope=openid+profile+email&audience=https%3A%2F%2Fhealthhero.com&redirect_uri=https%3A%2F%2Fchat.gohealthhero.com%2Fcallback&prompt=none&response_type=code&response_mode=web_message&state=NGVYNTctLk9kamp0UDdqZ09oOHRNMnhPeHR3aVF6S0ZTTDhuMmh1akhGaQ%3D%3D&nonce=d0RGWXlXSWxiY29scUVjZUloYXVUM3NYcH5NN2tlUko3MU9hRzhaNUVHcQ%3D%3D&code_challenge=C8WwwDO3VScx2Un9ezQMQUK7L2Q8q8u_NhobCLQufbU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtdnVlIiwidmVyc2lvbiI6IjIuMy4xIn0%3D
Frame ID: 42F7770B5BCCD1EDD765EDEDBDC9C994
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: CE1D617C5A29ADF88CC36406D4353359
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Enterprise Wellness By Health Hero

Page URL History Show full URLs

  1. http://chat.gohealthhero.com/ HTTP 301
    https://chat.gohealthhero.com/ Page URL

Page Statistics

20
Requests

90 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

1328 kB
Transfer

5247 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chat.gohealthhero.com/ HTTP 301
    https://chat.gohealthhero.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
chat.gohealthhero.com/
Redirect Chain
  • http://chat.gohealthhero.com/
  • https://chat.gohealthhero.com/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680e6128a978397dda85741d18c962a4d4c2c33d12d146be20908a49cff8fff2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8465c3799c7a6698-AMS
content-encoding
br
content-type
text/html
date
Tue, 16 Jan 2024 10:44:30 GMT
expires
Tue, 16 Jan 2024 10:54:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTFKUh92V4A3kl1Z%2FTRZTlnGi3yKHw0DnkGFTH3s8ZXbX2TeETa8FFnRYUXY4VxojgMnF9cuUt8hPZO7vv75xP%2FnNpVkYGdmFjwBuG3x%2Fs2RprSfXTblijx4OSh4wArh%2BFW6yvo08cHpy5sVFJSKpz%2B%2BIlM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-cloud-trace-context
9672c519be6d8ee025ffe8aa48a89ac5

Redirect headers

CF-RAY
8465c37939e1669c-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 16 Jan 2024 10:44:30 GMT
Expires
Tue, 16 Jan 2024 11:44:30 GMT
Location
https://chat.gohealthhero.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eljKU%2FBR4FlpdCtddzCrzKAAcZVpZy%2BfWXbEwwYCzYMCLP2eAC1fvfleIfjDw41EWT1ChwR8rqf6sn9gL%2FaKvYRQh1RI2tKhZehS1wNqI4fki357bWU3TIsce6QuXyf88U2g4gWHz%2BWa2y%2BZ2GjoYMBSlo%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Jan 2024 10:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 10:44:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Jan 2024 10:44:30 GMT
index.a66afbf3.js
chat.gohealthhero.com/assets/ 		217 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.gohealthhero.com/assets/index.a66afbf3.js
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d26dadc3d932743876d4480525d59dc637b715acaa2fe2b7bad135575c7a9cd

Request headers

Referer
https://chat.gohealthhero.com/
Origin
https://chat.gohealthhero.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:44:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"Q_RyYg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QELXkKnfM3OOka%2FX6tR%2F1WgUHqNAJ2%2B24O7ffZGaxitMtaFSgOUB9yZVt3bVchuMnX5zWZc0usJ%2FD3jUdbdcbNnaO1eZfcw0r0zQe%2B1qRRVAW%2FGh6x%2Fqhy4x5rg4n3Ll8H7V5DRWMEeyLYL%2BCdr7njjnU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
9672c519be6d8ee025ffe8aa48a89ac5
cache-control
public, max-age=14400
cf-ray
8465c37a2d2d6698-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 10:54:30 GMT
index.3027e7af.css
chat.gohealthhero.com/assets/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat.gohealthhero.com/assets/index.3027e7af.css
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0f2d58d96f53eba1fbcd11c5a8f28a828d4cd6222b153bfe4ad001ff1ecb830

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:44:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"Q_RyYg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbSGgmA5Mk8SsfI5KFk262XXegYuNf0dYxEh%2BkvL0keWmlW3E%2FGAUqR23y38E3SPdyUCyWvAszZyfdfF18h0NRcI20AVzySW%2FrXMXo4a1Je9FiElxKr3%2F2ihtjhi0TmXgW5QdR%2F7%2BUjMeZnwGpEZGmm0UPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-cloud-trace-context
9672c519be6d8ee025ffe8aa48a89ac5
cache-control
public, max-age=14400
cf-ray
8465c37a2d2b6698-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 10:54:30 GMT
loader.js
app.viral-loops.com/widgetsV2/core/ 		463 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.viral-loops.com/widgetsV2/core/loader.js
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:adb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0dcd559e73bcc203413eabbf9d1246d4fcb15247cde29a26d2cfbed43ce2cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:44:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 vegur
cf-cache-status
EXPIRED
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options
nosniff
content-encoding
gzip
cf-polished
origSize=474068
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1704983580&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=cxjXTzGg0fDyJVKR6UBLFc8eUM5lkhN5gKUxxUivV0w%3D
last-modified
Thu, 11 Jan 2024 11:20:53 GMT
cf-bgj
minify
server
cloudflare
etag
W/"73bd4-18cf840ea08"
x-download-options
noopen
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704983580&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=cxjXTzGg0fDyJVKR6UBLFc8eUM5lkhN5gKUxxUivV0w%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
x-frame-options
DENY
cf-ray
8465c37a89711eb1-AMS
webchat.js
cdn.botframework.com/botframework-webchat/latest/ 		4 MB
872 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.botframework.com/botframework-webchat/latest/webchat.js
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C1) /
Resource Hash
2afdb8a0d301b0d67f0a60facda1fde61c5ac0998ba91184dc0f9eb767a98591

Request headers

Referer
https://chat.gohealthhero.com/
Origin
https://chat.gohealthhero.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Jan 2024 10:44:30 GMT
content-encoding
gzip
content-md5
UQOvb6huRleZzPZOQ3hC+Q==
age
694
x-cache
HIT
content-length
891589
x-ms-lease-status
unlocked
last-modified
Fri, 15 Dec 2023 01:21:12 GMT
server
ECAcc (ama/48C1)
etag
0x8DBFD0C207BDFE8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
714ebc38-201e-004d-2467-48a056000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 16 Jan 2024 10:59:30 GMT
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-185.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:36:06 GMT
content-encoding
gzip
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
505
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
BjLdmDo-3ErXr6BAfx6pw4kzHJ2OTByPQqrGPI_cfz8QgoHpOFYqQg==
core.js
app.viral-loops.com/widgetsV2/core/ 		279 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.viral-loops.com/widgetsV2/core/core.js
Requested by
Host: app.viral-loops.com
URL: https://app.viral-loops.com/widgetsV2/core/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:adb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842f5d6e45e9f215219e7fd9130c993f5e28a3b2bbd4eaaee74ffdf1d13c11dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chat.gohealthhero.com/
Origin
https://chat.gohealthhero.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:44:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 vegur
cf-cache-status
EXPIRED
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options
nosniff
content-encoding
gzip
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705401870&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=wFdhcweCtQXC8p1t0SCcrHeUIku45bJBVLrI975Znzc%3D
last-modified
Thu, 11 Jan 2024 11:20:53 GMT
server
cloudflare
etag
W/"45dfb-18cf840ea08"
x-download-options
noopen
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705401870&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=wFdhcweCtQXC8p1t0SCcrHeUIku45bJBVLrI975Znzc%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
x-frame-options
DENY
cf-ray
8465c37b9ac666fe-AMS
loader.svg
cdn.auth0.com/blog/hello-auth0/ 		445 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.auth0.com/blog/hello-auth0/loader.svg
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6c00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba6ae8882ad73e4b20605a6bc133d48491e5d0c24572808f7c10bb32644c22ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
1uMAzYNDqoXP9CA5oxvRPbPAmk34mwAM
date
Tue, 16 Jan 2024 09:23:01 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
6934
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
445
last-modified
Mon, 15 Nov 2021 00:57:58 GMT
server
AmazonS3
etag
"452398a87f2ff1ac92e9c1d829f9056c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
VNpL3EhQgiPyZm2hHTlcBLFRDvDlDWgul2p0Rnd9GOtpqbgTj8OMOQ==
login.ec1970be.png
chat.gohealthhero.com/assets/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chat.gohealthhero.com/assets/login.ec1970be.png
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1970bed4a84f96c7d9600f8ba1812eed63d654e12877dcf61eb932ef0219c5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:44:30 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"Q_RyYg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P4cDh5p8qLQZDEwCjPstBtWhUzUvlVU31UWup0ueLI4lOTpF%2F1pEwv32FAk90iiOXyjhc4QetMgUsd1qjlRLTX841NugRZ7IyaMaEoTQ83QiIaGARjM6UN07kuqqd%2Bq%2FB78l13aXEE6bvjW065EzZXIom4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
9672c519be6d8ee025ffe8aa48a89ac5
cache-control
public, max-age=14400
cf-ray
8465c37c5ce9b994-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 10:54:30 GMT
logo.94c805a4.png
chat.gohealthhero.com/assets/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chat.gohealthhero.com/assets/logo.94c805a4.png
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94c805a45e45571b2aa2f4f3b54e198bd4d633753e95526fb4b26f8020a7e34c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:44:30 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"Q_RyYg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTwJfbzcwzd0YX8kaWla4J%2BzDj2C2vrhFu0R0r%2FtGh%2ByApOTdLahQmG%2Bvxt%2BQRT4Q2YXgy2i2%2BePu9mEATRoGukrQs1HUGJR7uIQbWKgvwnRADNNpPawhzHvP4aSahOVdJhqdBm4E2%2BoF0ZUjzIQw0QJF7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
9672c519be6d8ee025ffe8aa48a89ac5
cache-control
public, max-age=14400
cf-ray
8465c37c5cf1b994-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 10:54:30 GMT
/
settings.luckyorange.net/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fchat.gohealthhero.com%2F&s=326373
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a140bfc8928ec08374cae6a1e1b25a7d31ed146a252b27bb8d38958c2c80d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:44:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://chat.gohealthhero.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3uBruoVjfq%2BjsdEF7ROESZhrX%2FrM4HErhJHB96DdWoLlNF9Q1dZ0wEahZPlHCLEhRTA0xK4tgBsI2SoByQ%2B50gHDTioNQtAGEPE%2BcrWH2K%2F4m0pXteIaUsxzPoszvzLBJlp58HyXLEFZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
8465c37dfe420e78-AMS
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
authorize
healthhero.us.auth0.com/ Frame 42F7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://healthhero.us.auth0.com/authorize?client_id=CLTY3hw8TZsjBPkZcfUeoV1G50jLArOc&scope=openid+profile+email&audience=https%3A%2F%2Fhealthhero.com&redirect_uri=https%3A%2F%2Fchat.gohealthhero.com%2Fcallback&prompt=none&response_type=code&response_mode=web_message&state=NGVYNTctLk9kamp0UDdqZ09oOHRNMnhPeHR3aVF6S0ZTTDhuMmh1akhGaQ%3D%3D&nonce=d0RGWXlXSWxiY29scUVjZUloYXVUM3NYcH5NN2tlUko3MU9hRzhaNUVHcQ%3D%3D&code_challenge=C8WwwDO3VScx2Un9ezQMQUK7L2Q8q8u_NhobCLQufbU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtdnVlIiwidmVyc2lvbiI6IjIuMy4xIn0%3D
Requested by
Host: chat.gohealthhero.com
URL: https://chat.gohealthhero.com/assets/index.a66afbf3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b439c7ccc0cfb7b81cfb5847c9bab31c57c94839c67fff539bc4f0661c92b859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.gohealthhero.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8465c37e387bb731-AMS
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 16 Jan 2024 10:44:31 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
2a7a7c41f998eaba343e
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1705401872
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame CE1D 		287 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-185.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin
https://chat.gohealthhero.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 19:02:10 GMT
content-encoding
gzip
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
315742
x-cache
Hit from cloudfront
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
etag
W/"6a7ba000cc0f3518baa46608eb12410c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
vml-F9658KpNrE5y3mjE-w_bg7NeQUTQ6IbiqtqaCLBQ21mHwyV_6w==
blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-185.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 02:56:30 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
9100082
etag
"2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1283
x-amz-cf-id
FDP3CjKbqWf0OXAMKuzMtekfdQTB0xKrGLibbf5Qoq5YRQAurpx1Cw==
logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-185.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:23:53 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
9094839
etag
"35ce74c31e3ef54462a234340af702d7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1143
x-amz-cf-id
pWaMcPVaep-_lV_crtQMXsHl4-NqUEHJmvvujp4fKCq7hUsoboUzYw==
sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		277 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-185.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:05:31 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
9171541
etag
"76f1993de0fd323f67cece8d8e63bfa2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
277
x-amz-cf-id
Vo6pXR1qjvg-5lDsrV4hx5D-O117_qRVQhOqXhpErBPmON0z7LpYsA==
reset.css
d10lpsik1i8c69.cloudfront.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-185.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chat.gohealthhero.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:31:05 GMT
content-encoding
gzip
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
8262807
etag
W/"7144eaceff0b31347712515a6116074e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
gjFpxIl2sg2yDsv-JxZQkebdri3HyNYSHu84UG9zSY9L3awWTF-NTw==
cefa1114-d7c5-4126-86d9-1785158c0f74
https://chat.gohealthhero.com/ Frame CE1D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://chat.gohealthhero.com/cefa1114-d7c5-4126-86d9-1785158c0f74
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
0
Content-Type
413dc0e2-ec04-4557-bd77-b15403fcb934
https://chat.gohealthhero.com/ Frame CE1D 		30 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://chat.gohealthhero.com/413dc0e2-ec04-4557-bd77-b15403fcb934
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
31224
Content-Type

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| __lo_site_id function| _ object| ViralLoops object| _VL_DYNAMIC_ATTACHERS object| _VL_DOC_OBSERVER object| regeneratorRuntime object| WebChat object| Components function| createAdaptiveCardsAttachmentForScreenReaderMiddleware function| createAdaptiveCardsAttachmentMiddleware function| createCognitiveServicesSpeechServicesPonyfillFactory function| createDirectLine function| createDirectLineAppServiceExtension function| createDirectLineSpeechAdapters function| createStyleSet function| default object| hooks function| renderMarkdown function| renderWebChat function| withEmoji object| Constants function| concatMiddleware function| connectToWebChat function| createBrowserWebSpeechPonyfillFactory function| createStore function| createStoreWithDevTools function| createStoreWithOptions string| version object| __VUE_INSTANCE_SETTERS__ object| FontAwesomeConfig object| ___FONT_AWESOME___ boolean| __VUE__ boolean| __lo_csr_added object| WTW_Watcher object| LO object| _loq

6 Cookies

Domain/Path Name / Value
healthhero.us.auth0.com/ Name: did
Value: s%3Av0%3A3ad51ca0-b45c-11ee-b266-e17384428bfc.mkfBUehISVETfTb4kz647ph595yvgfHW%2BDj0CckPsOY
.us.auth0.com/ Name: __cf_bm
Value: 6q8RDD7oRGW4sDvp.cfvWrGOYZM3hZFgMpC.5rrGMgU-1705401871-1-AZTMH+SO4oHWG65awkLaLs+nB6JYRsnuKHPu2yikUqdM6sopTVRWvIe7VwUWimGYUI5uIRouWJLvcipocUIOhpM=
.gohealthhero.com/ Name: _lo_uid
Value: 326373-1705401871160-a5bd7fdab558787d
.gohealthhero.com/ Name: _lorid
Value: 326373-1705401871160-717fc2c389c9cc9b
.gohealthhero.com/ Name: _lo_v
Value: 1
.gohealthhero.com/ Name: __lotl
Value: https%3A%2F%2Fchat.gohealthhero.com%2F

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.viral-loops.com
cdn.auth0.com
cdn.botframework.com
chat.gohealthhero.com
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
healthhero.us.auth0.com
settings.luckyorange.net
104.26.10.16
143.204.205.185
152.199.19.160
2600:9000:214f:6c00:10:474e:104a:2961
2606:4700:20::681a:adb
2606:4700::6813:a818
2a00:1450:4001:829::200a
2a06:98c1:3120::3
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
2afdb8a0d301b0d67f0a60facda1fde61c5ac0998ba91184dc0f9eb767a98591
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
4a0dcd559e73bcc203413eabbf9d1246d4fcb15247cde29a26d2cfbed43ce2cd
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5d26dadc3d932743876d4480525d59dc637b715acaa2fe2b7bad135575c7a9cd
680e6128a978397dda85741d18c962a4d4c2c33d12d146be20908a49cff8fff2
842f5d6e45e9f215219e7fd9130c993f5e28a3b2bbd4eaaee74ffdf1d13c11dc
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
94c805a45e45571b2aa2f4f3b54e198bd4d633753e95526fb4b26f8020a7e34c
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
b439c7ccc0cfb7b81cfb5847c9bab31c57c94839c67fff539bc4f0661c92b859
b9a140bfc8928ec08374cae6a1e1b25a7d31ed146a252b27bb8d38958c2c80d0
ba6ae8882ad73e4b20605a6bc133d48491e5d0c24572808f7c10bb32644c22ed
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
e0f2d58d96f53eba1fbcd11c5a8f28a828d4cd6222b153bfe4ad001ff1ecb830
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1970bed4a84f96c7d9600f8ba1812eed63d654e12877dcf61eb932ef0219c5
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0