covidran.online
Open in
urlscan Pro
2606:4700:3030::6818:6836
Public Scan
Effective URL: https://covidran.online/?__cf_chl_jschl_tk__=7269a02e660d095ddf35b00fa7c837e5ae40352c-1585244369-0-AVqP0hmCVkCiFxdbOr5fT...
Submission: On March 26 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 26th 2020. Valid for: 6 months.
This is the only time covidran.online was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 2606:4700:303... 2606:4700:3030::6818:6836 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 205.234.175.175 205.234.175.175 | 30081 (CACHENETW...) (CACHENETWORKS) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2606:4700::68... 2606:4700::6811:4004 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
31 | 13 |
ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.ckeditor.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
covidran.online
covidran.online |
880 KB |
3 |
facebook.com
www.facebook.com |
|
3 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
117 KB |
2 |
fontawesome.com
use.fontawesome.com |
80 KB |
2 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
35 KB |
1 |
facebook.net
connect.facebook.net |
120 KB |
1 |
googleapis.com
fonts.googleapis.com |
561 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
7 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
google.com
www.google.com |
537 B |
1 |
ckeditor.com
cdn.ckeditor.com |
151 KB |
31 | 11 |
Domain | Requested by | |
---|---|---|
15 | covidran.online |
covidran.online
|
3 | www.facebook.com |
covidran.online
connect.facebook.net |
2 | fonts.gstatic.com |
covidran.online
|
2 | use.fontawesome.com |
covidran.online
|
2 | stackpath.bootstrapcdn.com |
covidran.online
|
1 | connect.facebook.net |
covidran.online
|
1 | www.gstatic.com |
www.google.com
|
1 | fonts.googleapis.com |
covidran.online
|
1 | cdnjs.cloudflare.com |
covidran.online
|
1 | code.jquery.com |
covidran.online
|
1 | www.google.com |
covidran.online
|
1 | cdn.ckeditor.com |
covidran.online
|
31 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
facebook.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-03-26 - 2020-10-09 |
6 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA |
2019-02-27 - 2021-02-26 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
*.fontawesome.com DigiCert SHA2 Secure Server CA |
2019-10-28 - 2020-12-23 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://covidran.online/?__cf_chl_jschl_tk__=7269a02e660d095ddf35b00fa7c837e5ae40352c-1585244369-0-AVqP0hmCVkCiFxdbOr5fTVWTfnc8M7vFSQRGt6jPBCwJNbtQ7Ja4yRDPKyei7xk3-iuZXVcKUDWgoHHJ5iP1dsYxG3Pmloys2H0UieZ2RUzbaujO1mPgMofwHU5j0s_wL92yyC52JXC2QiLKhEVDqi-lfcu3bOnRxQhHyWA1jYdk2yuu7J2rfH_zPAH3JGFzbQfDiAneYkGhkU99AKsL_QwQUubUpd0sMR7C42uhoL9joL-O8vE0WtG4ESO59e-PxwxkP-3QiPEOH8C301dg_2s
Frame ID: 0528E1C2974FBE8EF0C02A8A086D41DC
Requests: 30 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FCovidRANOnline%2F&width=740&height=200&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Frame ID: BCB20A126760B4DBF95F7603B83B75ED
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v6.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df2b95a36454e8ac%26domain%3Dcovidran.online%26origin%3Dhttps%253A%252F%252Fcovidran.online%252Ff25dd255822e854%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=103552841296484&sdk=joey&theme_color=%23ff0000
Frame ID: 3574C7490860A1483A0516D44EB0753F
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v6.0/plugins/customer_chat/bubble
Frame ID: 224F2F3DA985A3AE0D1C950760AE4FE7
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://covidran.online/ Page URL
- https://covidran.online/?__cf_chl_jschl_tk__=7269a02e660d095ddf35b00fa7c837e5ae40352c-1585244369-0-A... Page URL
Detected technologies
Chart.js (JavaScript Graphics) ExpandDetected patterns
- script /\/Chart(?:\.bundle)?(?:\.min)?\.js/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Facebook Page
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://covidran.online/ Page URL
- https://covidran.online/?__cf_chl_jschl_tk__=7269a02e660d095ddf35b00fa7c837e5ae40352c-1585244369-0-AVqP0hmCVkCiFxdbOr5fTVWTfnc8M7vFSQRGt6jPBCwJNbtQ7Ja4yRDPKyei7xk3-iuZXVcKUDWgoHHJ5iP1dsYxG3Pmloys2H0UieZ2RUzbaujO1mPgMofwHU5j0s_wL92yyC52JXC2QiLKhEVDqi-lfcu3bOnRxQhHyWA1jYdk2yuu7J2rfH_zPAH3JGFzbQfDiAneYkGhkU99AKsL_QwQUubUpd0sMR7C42uhoL9joL-O8vE0WtG4ESO59e-PxwxkP-3QiPEOH8C301dg_2s Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
covidran.online/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
covidran.online/cdn-cgi/images/trace/jschal/js/ |
42 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
covidran.online/cdn-cgi/images/trace/jschal/nojs/ |
42 B 190 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
/
covidran.online/ |
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.2/css/ |
139 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
covidran.online/assets/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Chart.min.js
covidran.online/bdx/ |
51 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ckeditor.js
cdn.ckeditor.com/4.5.9/standard/ |
506 KB 151 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
674 B 537 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
covidran.online/assets/images/ |
145 KB 145 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner%201-min.jpg
covidran.online/assets/ |
72 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ff8-05.gif
covidran.online/images/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.2/js/ |
50 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweet-alert.css
covidran.online/bdx/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweet-alert.min.js
covidran.online/bdx/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.4.1/css/ |
49 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 561 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/ |
260 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
likebox.php
www.facebook.com/plugins/ Frame BCB2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
covidran.online/assets/images/ |
537 KB 537 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav-pattern.png
covidran.online/assets/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card-pattern.jpg
covidran.online/assets/images/ |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
137 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
137 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card-title.png
covidran.online/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v8/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ |
67 KB 67 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ |
422 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
customerchat.php
www.facebook.com/v6.0/plugins/ Frame 3574 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bubble
www.facebook.com/v6.0/plugins/customer_chat/ Frame 224F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| Chart object| CKEDITOR object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| $ function| jQuery function| Popper object| bootstrap function| swal function| sweetAlert function| fbAsyncInit object| FB0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.ckeditor.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
covidran.online
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
use.fontawesome.com
www.facebook.com
www.google.com
www.gstatic.com
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
205.234.175.175
23.111.9.35
2606:4700:3030::6818:6836
2606:4700::6811:4004
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2003
2a00:1450:4001:820::2003
2a00:1450:4001:824::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
15358c48a832851f01229b20156c47a97777dc51b36a022ff3c973775ca0fb01
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
21e2349686b7e697ee0f1a996c68505226660f60b2c2fd7f6ddaa2ca9196e3aa
2e44819dbae3ef451999f1dc0745a4f2bba8d989afd35de23ad71edde63f2f83
2f6cb285eedc6172ee105cab64fcc0d114a1f531ccac0700d247ef52a810fb31
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
50418bd248241258a795544514abed52714959d5a0613d2c84e9b799339c338a
56e2c589ada6c994d815aec3569319d2aa4ccd71d979dde1bae23c5b8c86f61f
5efeb00637711dcf64130ecb49b70adb6533148ee8c0a01875f71a42beadb313
67c2a2bc7b802a6eec4d00e53f94473c43ffcb625f1fa5aca4a1d05d115e670c
6f8dcd3a9729b71918754dd4cd4bf9b41229a860a7af4e42a092a80dceb1337f
715c2de5e64cca90c3efafc7f589b797b6f7763f49fe6e2db45eb08e45a3bcad
76920682b13f713a3774ea37243087805dd6f621817d234c93a9424d172045a0
7bbaa892a4909ad18b44c5577f666b60a08e7119ee6104a4df7c8194a451fa09
8386356e1d512f570aac1b4883b928fe4bfd649c1d54a4d0f618357359cd3b74
8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd
8f1d44ead25db7fc1c7b378a33cb757a484a13b6aa230d0d3a73714d54151fc7
93e52a8e8e922523d34afadcc53273ae99f03203d2cd5009298c879fbf6a2cae
aa1332593692fcacd02d309930ad74bb1129574dcce46a710e02017b5d375b89
b2d6fcca7b06d9b949f7f407e9229e0323cb2a75cb6ee4ad35b53e25cf161605
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
beb58d113da73001dfcbbb97b0e041c737361f1ae0050e6c60c96c14d69a46a7
cd5525bc887734465161af57feaa4d63c3f5681cb477816b23b6e17d94995707
ce3d3481cf65d3f3dde8454f7e67ee233cb619a671f43f63dd982ed08fdfd4c5
d87ee7993053c508dcc4668529b8bcb16579385d5dff52996ccca4642d0f658a
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e