urlscan.io logo urlscan.io
SecurityTrails logo

www.crowd.live Open in urlscan Pro
3.85.46.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.crowd.live/EHQTRIVIA1
Effective URL: https://www.crowd.live/EHQTRIVIA1
Submission: On February 14 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 3.85.46.214, located in Fairfield, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.crowd.live.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 19th 2019. Valid for: 3 months.
This is the only time www.crowd.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.203.185.156 14618 (AMAZON-AES)
2 3.85.46.214 14618 (AMAZON-AES)
4 143.204.98.120 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.160 16509 (AMAZON-02)
1 143.204.98.29 16509 (AMAZON-02)
2 52.6.254.56 14618 (AMAZON-AES)
18 8
1    34.203.185.156 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-203-185-156.compute-1.amazonaws.com
www.crowd.live
2    3.85.46.214 (Fairfield, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-85-46-214.compute-1.amazonaws.com
www.crowd.live
4    143.204.98.120 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-120.fra50.r.cloudfront.net
d1wwyyu0cac7rz.cloudfront.net
2    2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:81e::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
5    2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    143.204.98.160 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-160.fra50.r.cloudfront.net
d1wwyyu0cac7rz.cloudfront.net
1    143.204.98.29 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net
d1w4wy5g3i8ewk.cloudfront.net
2    52.6.254.56 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-6-254-56.compute-1.amazonaws.com
apm-engine.meteor.com
Domain Requested by
5 fonts.gstatic.com d1wwyyu0cac7rz.cloudfront.net
5 d1wwyyu0cac7rz.cloudfront.net www.crowd.live
d1wwyyu0cac7rz.cloudfront.net
3 www.crowd.live 1 redirects d1wwyyu0cac7rz.cloudfront.net
2 apm-engine.meteor.com d1wwyyu0cac7rz.cloudfront.net
2 www.google-analytics.com www.crowd.live
www.google-analytics.com
1 d1w4wy5g3i8ewk.cloudfront.net
1 fonts.googleapis.com www.crowd.live
18 7
Subject Issuer Validity Valid
www.crowd.live
Let's Encrypt Authority X3		 2019-01-19 -
2019-04-19		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-01-23 -
2019-04-17		 3 months crt.sh
apm-engine.meteor.com
Let's Encrypt Authority X3		 2019-01-16 -
2019-04-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.crowd.live/EHQTRIVIA1
Frame ID: 7B14E051004E51D225F12357471F2136
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.crowd.live/EHQTRIVIA1 HTTP 301
    https://www.crowd.live/EHQTRIVIA1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+__meteor-css__/i
  • env /^Meteor$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+__meteor-css__/i
  • env /^Meteor$/i
Overall confidence: 100%
Detected patterns
  • env /^Handlebars$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+__meteor-css__/i
  • env /^Meteor$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

1256 kB
Transfer

4522 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.crowd.live/EHQTRIVIA1 HTTP 301
    https://www.crowd.live/EHQTRIVIA1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request EHQTRIVIA1
www.crowd.live/
Redirect Chain
  • http://www.crowd.live/EHQTRIVIA1
  • https://www.crowd.live/EHQTRIVIA1
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.crowd.live/EHQTRIVIA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.85.46.214 Fairfield, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-85-46-214.compute-1.amazonaws.com
Software
/
Resource Hash
6ab2095eaa7afd90d7be245ad7dafb94309ee104e7807570699ed0bcfd0ddfb7

Request headers

:method
GET
:authority
www.crowd.live
:scheme
https
:path
/EHQTRIVIA1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Feb 2019 19:05:29 GMT
set-cookie
galaxy-sticky=fsKLqPbxXbseCxmo3-ck0f2; Path=/; HttpOnly
vary
Accept-Encoding
content-length
1726

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://www.crowd.live/EHQTRIVIA1
Date
Thu, 14 Feb 2019 19:05:28 GMT
Content-Length
68
acdbd95e4a06db573c1b751a99ec57219f5a8e76.css
d1wwyyu0cac7rz.cloudfront.net/ 		210 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1wwyyu0cac7rz.cloudfront.net/acdbd95e4a06db573c1b751a99ec57219f5a8e76.css?meteor_css_resource=true&_g_app_v_=207
Requested by
Host: www.crowd.live
URL: https://www.crowd.live/EHQTRIVIA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.120 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-120.fra50.r.cloudfront.net
Software
/
Resource Hash
f490858457bdc379340fb27fa24fd2e678d5e88565c85fabc109601a84d7eab3

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 10:35:33 GMT
content-encoding
gzip
age
1153796
etag
"acdbd95e4a06db573c1b751a99ec57219f5a8e76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
pl5JHtkm55k5IjLwO23ua3homaXcxtUR_StZ5p4ckXiqxzg3ITrpEQ==
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
6299cfc02436a33258bbb6886294079845424b77.css
d1wwyyu0cac7rz.cloudfront.net/ 		362 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1wwyyu0cac7rz.cloudfront.net/6299cfc02436a33258bbb6886294079845424b77.css?meteor_css_resource=true&_g_app_v_=207
Requested by
Host: www.crowd.live
URL: https://www.crowd.live/EHQTRIVIA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.120 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-120.fra50.r.cloudfront.net
Software
/
Resource Hash
0dc01ca559834e5c605f540c0e9964d8567a85724ab7a0af857e6d7084880087

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 10:35:33 GMT
content-encoding
gzip
age
1153795
etag
"6299cfc02436a33258bbb6886294079845424b77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
epQ4oNJ0cQ_Mn7bSzF6FgzmtP5-MvLOy5xM-UFQeinlzMB8Eu93H5g==
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
a0e21913a5542f48f99a03353c64b5e348faf034.css
d1wwyyu0cac7rz.cloudfront.net/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1wwyyu0cac7rz.cloudfront.net/a0e21913a5542f48f99a03353c64b5e348faf034.css?meteor_css_resource=true&_g_app_v_=207
Requested by
Host: www.crowd.live
URL: https://www.crowd.live/EHQTRIVIA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.120 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-120.fra50.r.cloudfront.net
Software
/
Resource Hash
6f599fc1e1aa36bb08f6014b0597b1f3c10a5522ad34a8bc77c8a4898cb00ebd

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 10:35:33 GMT
content-encoding
gzip
age
1153796
etag
"a0e21913a5542f48f99a03353c64b5e348faf034"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
sSb-2FZHhGFxdvqYidRSnke3P5iwKA9n4-0IR80wAFqyKBETK8LLvQ==
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.crowd.live
URL: https://www.crowd.live/EHQTRIVIA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
56
date
Thu, 14 Feb 2019 19:04:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Thu, 14 Feb 2019 21:04:33 GMT
6daaaa98871ca35c683fcdaed76da658a231fb11.js
d1wwyyu0cac7rz.cloudfront.net/ 		4 MB
948 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Requested by
Host: www.crowd.live
URL: https://www.crowd.live/EHQTRIVIA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.120 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-120.fra50.r.cloudfront.net
Software
/
Resource Hash
d3d51c3cf26f40b4c8a0049ecd1a24c4ec973ecc04f6ba75288677f551b27a9a

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 10:35:33 GMT
content-encoding
gzip
age
1153796
etag
"6daaaa98871ca35c683fcdaed76da658a231fb11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DG3CzY-4eDH5-_3eu09qh5TR1zr0IYx7BUqN_53fyYcmvHHcjdTLOA==
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Mono|Roboto:400,100,300,500,700,300italic|Roboto+Condensed:300,400,700|Open+Sans:300,400,600,700|Roboto+Slab:400,700&subset=latin,latin-ext
Requested by
Host: www.crowd.live
URL: https://www.crowd.live/EHQTRIVIA1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1a59a31f4788bb853b3c28fc17750293ccdd9b52dedddedb8a9a8322ce3fd7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 14 Feb 2019 19:05:29 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 14 Feb 2019 19:05:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 14 Feb 2019 19:05:29 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2949
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
856
x-xss-protection
1; mode=block
expires
Thu, 14 Feb 2019 19:16:20 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu+Mono|Roboto:400,100,300,500,700,300italic|Roboto+Condensed:300,400,700|Open+Sans:300,400,600,700|Roboto+Slab:400,700&subset=latin,latin-ext
Origin
https://www.crowd.live

Response headers

date
Mon, 11 Feb 2019 10:27:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
290290
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10748
x-xss-protection
1; mode=block
expires
Tue, 11 Feb 2020 10:27:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu+Mono|Roboto:400,100,300,500,700,300italic|Roboto+Condensed:300,400,700|Open+Sans:300,400,600,700|Roboto+Slab:400,700&subset=latin,latin-ext
Origin
https://www.crowd.live

Response headers

date
Mon, 14 Jan 2019 19:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:03 GMT
server
sffe
age
2675969
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10764
x-xss-protection
1; mode=block
expires
Tue, 14 Jan 2020 19:46:00 GMT
info
www.crowd.live/sockjs/ 		79 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.crowd.live/sockjs/info?cb=o8p3manwbc
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.85.46.214 Fairfield, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-85-46-214.compute-1.amazonaws.com
Software
/
Resource Hash
41ac33faaaa96fce382c33ba41d1c3ca1aebf5aff7ee79dccf2c7820a97a3d8e

Request headers

:path
/sockjs/info?cb=o8p3manwbc
pragma
no-cache
cookie
galaxy-sticky=fsKLqPbxXbseCxmo3-ck0f2; _ga=GA1.2.1279038793.1550171130; _gid=GA1.2.1944247435.1550171130
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.crowd.live
referer
https://www.crowd.live/EHQTRIVIA1
:scheme
https
:method
GET
Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 14 Feb 2019 19:05:30 GMT
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
access-control-allow-origin
*
content-length
79
vary
Origin
content-type
application/json; charset=UTF-8
KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
756b267a12034b471a6482473e66174616b0bf6d33c8b4fd99e91100b1f0463e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu+Mono|Roboto:400,100,300,500,700,300italic|Roboto+Condensed:300,400,700|Open+Sans:300,400,600,700|Roboto+Slab:400,700&subset=latin,latin-ext
Origin
https://www.crowd.live

Response headers

date
Thu, 17 Jan 2019 18:15:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:43 GMT
server
sffe
age
2422206
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10668
x-xss-protection
1; mode=block
expires
Fri, 17 Jan 2020 18:15:24 GMT
fontawesome-webfont.woff2
d1wwyyu0cac7rz.cloudfront.net/packages/fortawesome_fontawesome/upstream/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1wwyyu0cac7rz.cloudfront.net/packages/fortawesome_fontawesome/upstream/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.160 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-160.fra50.r.cloudfront.net
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1wwyyu0cac7rz.cloudfront.net/acdbd95e4a06db573c1b751a99ec57219f5a8e76.css?meteor_css_resource=true&_g_app_v_=207
Origin
https://www.crowd.live

Response headers

date
Thu, 14 Feb 2019 19:05:31 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
access-control-allow-origin
*
etag
"a34ffd10b2a49d55d6247e351520ffdf556e0bb1"
x-cache
Miss from cloudfront
content-type
application/font-woff2
status
200
cache-control
public, max-age=0
accept-ranges
bytes
content-length
77160
x-amz-cf-id
xDPjsLqaQqn45KK76bIptwb1Q38_xDLLq4IrLBWaesKgtI14lTKb6A==
BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v7/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu+Mono|Roboto:400,100,300,500,700,300italic|Roboto+Condensed:300,400,700|Open+Sans:300,400,600,700|Roboto+Slab:400,700&subset=latin,latin-ext
Origin
https://www.crowd.live

Response headers

date
Tue, 29 Jan 2019 09:04:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:32:29 GMT
server
sffe
age
1418480
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11096
x-xss-protection
1; mode=block
expires
Wed, 29 Jan 2020 09:04:10 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v7/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
11f18af740f9727666190b83a8999d30ade3421e0148bf1b1586eaaad25dd781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu+Mono|Roboto:400,100,300,500,700,300italic|Roboto+Condensed:300,400,700|Open+Sans:300,400,600,700|Roboto+Slab:400,700&subset=latin,latin-ext
Origin
https://www.crowd.live

Response headers

date
Fri, 08 Feb 2019 15:40:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:31:41 GMT
server
sffe
age
530714
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10988
x-xss-protection
1; mode=block
expires
Sat, 08 Feb 2020 15:40:16 GMT
v23zaFBQ4HpBF2dJy-4zRzePRuQumfxbCZB_custom_logo.png
d1w4wy5g3i8ewk.cloudfront.net/experienceLogos/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1w4wy5g3i8ewk.cloudfront.net/experienceLogos/v23zaFBQ4HpBF2dJy-4zRzePRuQumfxbCZB_custom_logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.29 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-29.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7839cdb3c3acf0e3a89291091ce44ac6abffc5e21ebfcd83a34904781c843fe4

Request headers

Referer
https://www.crowd.live/EHQTRIVIA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 19:05:32 GMT
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
Last-Modified
Tue, 05 Feb 2019 02:30:22 GMT
Server
AmazonS3
ETag
"f5b9476a202d02beb9abd7b447a32ead"
X-Cache
Miss from cloudfront
Content-Type
image/png
Content-Disposition
inline; filename="enbridge-logo%20(1)whiteuse.png"; filename*=utf-8''enbridge-logo%20(1)whiteuse.png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70351
X-Amz-Cf-Id
n_p_sfThm9nQoDiHjra1zHbOsfD6JtVvdxRawn6la4TcmPIh57aAmA==
sync
apm-engine.meteor.com/simplentp/ 		13 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm-engine.meteor.com/simplentp/sync
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.254.56 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-6-254-56.compute-1.amazonaws.com
Software
/
Resource Hash
b78c8af1536ce416ecba4e12511307bcf2e07930960449fd36ca83dbb83d4033

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.crowd.live/EHQTRIVIA1
Origin
https://www.crowd.live

Response headers

date
Thu, 14 Feb 2019 19:05:40 GMT
status
200
access-control-allow-methods
GET,POST
content-type
text/plain
access-control-allow-origin
https://www.crowd.live
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
13
sync
apm-engine.meteor.com/simplentp/ 		13 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm-engine.meteor.com/simplentp/sync
Requested by
Host: d1wwyyu0cac7rz.cloudfront.net
URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.254.56 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-6-254-56.compute-1.amazonaws.com
Software
/
Resource Hash
0e80b69a5e6cea93fd3b24c0d6d365613e3b0e16c2ab37d7b8f3137d3b958a7f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.crowd.live/EHQTRIVIA1
Origin
https://www.crowd.live

Response headers

date
Thu, 14 Feb 2019 19:05:40 GMT
status
200
access-control-allow-methods
GET,POST
content-type
text/plain
access-control-allow-origin
https://www.crowd.live
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
13

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| google_tag_data function| ga object| gaplugins object| __meteor_runtime_config__ function| require object| Package object| core object| __core-js_shared__ function| $ function| jQuery object| Iron function| Dropzone object| gaGlobal object| amplify object| TAPi18next object| Papa function| _ function| ReactiveVar function| Router function| RouteController object| headers object| AutoForm object| Roles object| CollectionHooks function| PersistentSession object| Mongo object| Session object| Tracker object| Deps function| Log object| Reload object| Random object| EJSON object| Spacebars function| check object| Match object| Kadira object| FastRender undefined| __init_fast_render object| Slingshot object| TAPi18n undefined| Tabular function| moment object| Collection2 function| SimpleSchema function| MongoObject object| Meteor object| global object| meteorEnv object| WebApp object| DDP object| Blaze object| UI object| Handlebars function| Template function| meteorInstall object| process object| meteorBabelHelpers object| Autoupdate object| HTML function| CP function| google_trackConversion object| intlTelInputUtils function| PNotify object| translations string| CROWDPURR_VERSION string| APP_CROWDPURR_DOMAIN string| VOTE_CROWDPURR_DOMAIN string| WEBSITE_CROWDPURR_DOMAIN string| SHORTCUT_VOTE_DOMAIN string| CUSTOM_URL_DOMAIN string| HELP_CENTER_URL boolean| ADMIN_NOTIFICATIONS string| ADMIN_EMAIL string| USER_IMAGES_CDN_URL number| TEST_LOADING_DELAY_SECONDS number| CACHE_QUERY_IN_PROGRESS number| CACHE_WAIT_FOR_RETRY number| EXPERIENCE_SETTINGS_CACHE_TTL number| EXPERIENCE_COUNTERS_UPDATE_INTERVAL number| ANONYMOUS_USER_CACHE_TTL number| QUESTIONS_CACHE_TTL number| ANSWERS_VOTE_COUNTS_CACHE_TTL number| EXPERIENCE_TOP_SCORECARDS_CACHE_TTL number| CUSTOM_URL_CACHE_TTL number| MODAL_HOLD_TIME number| BASIC_SOCIAL_WALL_POST_MAX number| BASIC_SOCIAL_WALL_UNAPPROVED_POST_MAX number| PREMIUM_SOCIAL_WALL_POST_MAX number| PREMIUM_UNAPPROVED_MAX number| PREMIUM_TEXT_QUESTION_ANSWER_MAX number| PREMIUM_EXPERIENCE_VOTE_MAX number| BASIC_EXPERIENCE_MAX number| BASIC_QUESTION_MAX number| BASIC_VOTER_MAX number| CLASSROOM_EXPERIENCE_MAX number| CLASSROOM_QUESTION_MAX number| CLASSROOM_VOTER_MAX number| SEMINAR_EXPERIENCE_MAX number| SEMINAR_VOTER_MAX number| CONFERENCE_EXPERIENCE_MAX number| CONFERENCE_VOTER_MAX number| CONVENTION_EXPERIENCE_MAX number| CONVENTION_VOTER_MAX number| CUSTOM_EXPERIENCE_MAX number| CUSTOM_VOTER_MAX number| DEFAULT_POLL_QUESTION_COUNT number| DEFAULT_QUESTION_ANSWER_COUNT number| DEFAULT_MULTIPLE_QUESTION_MAX number| QUESTIONS_PER_PAGE_SETUP number| QUESTIONS_PER_PAGE_VOTE number| DEFAULT_MULTIPLE_ANSWER_MAX number| DEFAULT_CORRECT_ANSWER_MAX number| TEXT_ANSWERS_PER_PAGE number| FOUR_COLUMN_SOCIAL_MOSAIC number| TWO_COLUMN_SOCIAL_MOSAIC number| ONE_COLUMN_LIST_VIEW number| SINGLE_POST_SPOTLIGHT number| SOCIAL_WALL_VERY_SLOW number| SOCIAL_WALL_SLOW number| SOCIAL_WALL_NORMAL number| SOCIAL_WALL_FAST number| SOCIAL_WALL_VERY_FAST number| SOCIAL_WALL_DISPLAY_CACHE_LIMIT number| SOCIAL_MEDIA_POLLING_INTERVAL_TIME number| SOCIAL_MEDIA_QUERY_INSERT_LIMIT number| POINTS_TIMER_START_DELAY number| PROCESSING_TIME_ALLOWANCE number| POINT_TIERS number| TRIVIA_RANKINGS_SCORECARD_COUNT number| TRIVIA_ADVANCED_TEAMS_MAX_COUNT number| TRIVIA_QUESTION_EXTRA_SECS number| SHOW_LIVE_ANSWERS_SECS number| SHOW_CORRECT_ANSWER_SECS number| SHOW_RANKINGS_SECS number| SHOW_CUMULATIVE_RANKINGS_SECS number| SHOW_TEAM_RANKINGS_SECS number| CROWD_CONTROLLED_BASE_TIME number| MAX_VOTER_INPUT_THRESHOLD number| MAX_VOTER_INPUT_TIME_PERIOD number| BASIC_MONTHLY_PRICE number| CLASSROOM_MONTHLY_PRICE number| SEMINAR_MONTHLY_PRICE number| CONFERENCE_MONTHLY_PRICE number| CONVENTION_MONTHLY_PRICE number| CUSTOM_MONTHLY_PRICE number| LOOKUP_CODE_LENGTH number| LOOKUP_CODE_MAX_TRIES object| DEFAULT_COLORS number| DEFAULT_COLOR_COUNT number| VERY_BRIGHT_THRESHOLD number| BRIGHT_THRESHOLD number| DARK_THRESHOLD object| UPPER_RIGHT_STACK object| DOMAIN_REGEX object| TabularTables object| AUTONAME_FIRST_LIST object| AUTONAME_SECOND_LIST function| ownsDocument function| createNotification function| toggleNavMenu function| Buffer function| P object| SocialWalls object| Answers object| Questions object| Experiences object| AnonymousUsers object| AnswerImageFiles object| Trivias object| CustomURLs object| ExperienceLogoFiles object| Feedback object| MobileBGFiles object| Polls object| PostImageFiles object| ProfileImageFiles object| QuestionImageFiles object| Scorecards object| VisualizerBGFiles object| Votes

3 Cookies

Domain/Path Name / Value
.crowd.live/ Name: _ga
Value: GA1.2.1279038793.1550171130
.crowd.live/ Name: _gid
Value: GA1.2.1944247435.1550171130
www.crowd.live/ Name: galaxy-sticky
Value: fsKLqPbxXbseCxmo3-ck0f2

1 Console Messages

Source Level URL
Text
console-api log URL: https://d1wwyyu0cac7rz.cloudfront.net/6daaaa98871ca35c683fcdaed76da658a231fb11.js?meteor_js_resource=true&_g_app_v_=207(Line 3)
Message:
You are running a browser with no localStorage or userData support. Logging in from one tab will not cause another tab to be logged in.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apm-engine.meteor.com
d1w4wy5g3i8ewk.cloudfront.net
d1wwyyu0cac7rz.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.crowd.live
www.google-analytics.com
143.204.98.120
143.204.98.160
143.204.98.29
2a00:1450:4001:81c::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:820::200e
3.85.46.214
34.203.185.156
52.6.254.56
0dc01ca559834e5c605f540c0e9964d8567a85724ab7a0af857e6d7084880087
0e80b69a5e6cea93fd3b24c0d6d365613e3b0e16c2ab37d7b8f3137d3b958a7f
11f18af740f9727666190b83a8999d30ade3421e0148bf1b1586eaaad25dd781
1a59a31f4788bb853b3c28fc17750293ccdd9b52dedddedb8a9a8322ce3fd7d4
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
41ac33faaaa96fce382c33ba41d1c3ca1aebf5aff7ee79dccf2c7820a97a3d8e
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
6ab2095eaa7afd90d7be245ad7dafb94309ee104e7807570699ed0bcfd0ddfb7
6f599fc1e1aa36bb08f6014b0597b1f3c10a5522ad34a8bc77c8a4898cb00ebd
756b267a12034b471a6482473e66174616b0bf6d33c8b4fd99e91100b1f0463e
7839cdb3c3acf0e3a89291091ce44ac6abffc5e21ebfcd83a34904781c843fe4
8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
b78c8af1536ce416ecba4e12511307bcf2e07930960449fd36ca83dbb83d4033
d3d51c3cf26f40b4c8a0049ecd1a24c4ec973ecc04f6ba75288677f551b27a9a
f490858457bdc379340fb27fa24fd2e678d5e88565c85fabc109601a84d7eab3