Submitted URL: http://checkforcorona.com/
Effective URL: https://checkforcorona.com/
Submission: On April 06 via api from US

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 40.79.154.193, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is checkforcorona.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 12th 2020. Valid for: a year.
This is the only time checkforcorona.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 40.79.154.193 8075 (MICROSOFT...)
4 204.79.197.234 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a01:4180:240... 200517 (MS-DEUTSC...)
2 2603:1000:100... 8075 (MICROSOFT...)
2 2a01:4180:200... 200517 (MS-DEUTSC...)
26 7
Domain Requested by
14 checkforcorona.com 1 redirects checkforcorona.com
4 www.atmrum.net checkforcorona.com
www.atmrum.net
2 615969a6a09daccf8e088f996ba957f5.azr.footprintdns.com checkforcorona.com
2 dcd12633e125af3d7c84dd3368c81bda.azr.footprintdns.com checkforcorona.com
2 5429cbb20f08dffbfcb491c76acdef38.azr.footprintdns.com checkforcorona.com
2 www.google-analytics.com www.googletagmanager.com
checkforcorona.com
1 www.googletagmanager.com checkforcorona.com
26 7

This site contains links to these domains. Also see Links.

Domain
www.mozilla.org
www.google.com
luminaremed.com
Subject Issuer Validity Valid
checkforcorona.com
Go Daddy Secure Certificate Authority - G2
2020-03-12 -
2021-03-12
a year crt.sh
*.atmrum.net
Microsoft IT TLS CA 5
2019-08-26 -
2021-08-26
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-24 -
2020-06-16
3 months crt.sh
*.footprintdns.com
D-TRUST SSL Class 3 CA 1 2009
2019-12-11 -
2021-12-11
2 years crt.sh

This page contains 1 frames:

Primary Page: https://checkforcorona.com/
Frame ID: 5B64A67512650D40C01D192E2A73BE44
Requests: 26 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://checkforcorona.com/ HTTP 301
    https://checkforcorona.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

26
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

408 kB
Transfer

1235 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://checkforcorona.com/ HTTP 301
    https://checkforcorona.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
checkforcorona.com/
Redirect Chain
  • http://checkforcorona.com/
  • https://checkforcorona.com/
3 KB
2 KB
Document
General
Full URL
https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3457d3413ee2de0c3eed2e7c011c1810a1841941c2c0939aaee4f5e03d9c706f

Request headers

Host
checkforcorona.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
ETag
W/"a2e-zEd9eGKnZNextFQxNQkHX1U+N0k"
Vary
Accept-Encoding
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
Date
Mon, 06 Apr 2020 16:12:36 GMT

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://checkforcorona.com/
Server
Microsoft-IIS/10.0
Date
Mon, 06 Apr 2020 16:12:35 GMT
Content-Length
0
main.cde64655753e.css
checkforcorona.com/css/
261 KB
44 KB
Stylesheet
General
Full URL
https://checkforcorona.com/css/main.cde64655753e.css
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f7c1a907a837fe95929e0827276ceae5e5fce16906042f8ad64ea5b66a25e7d

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 06 Apr 2020 16:12:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"41253-17140b4e080"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Accept-Ranges
bytes
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
main.26849aff246f.js
checkforcorona.com/js/
740 KB
202 KB
Script
General
Full URL
https://checkforcorona.com/js/main.26849aff246f.js
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
078288821a7353f510d6fa9c55a6bb86f69747e02403e98750fab4e65523ee55

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 16:12:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"b917c-17140b4e080"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Accept-Ranges
bytes
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
rum.js
www.atmrum.net/
301 B
588 B
Script
General
Full URL
https://www.atmrum.net/rum.js
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 16:12:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:56:41 GMT
x-msedge-ref
Ref A: 7D5437F6829940C8B600B45A6A7C4864 Ref B: LON04EDGE0518 Ref C: 2020-04-06T16:12:37Z
access-control-allow-origin
*
etag
0x8D4FC0223F2F653
content-type
application/javascript
status
200
access-control-expose-headers
X-MSEdge-Ref
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
301
js
www.googletagmanager.com/gtag/
76 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74201307-2
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d10ca5c62323b3dd035a658dbfec2c844c4425797853333185a3aa25ea6df023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 16:12:37 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29062
x-xss-protection
0
last-modified
Mon, 06 Apr 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Apr 2020 16:12:37 GMT
quickscreen-logo.png
checkforcorona.com/img/logos/
8 KB
9 KB
Image
General
Full URL
https://checkforcorona.com/img/logos/quickscreen-logo.png
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f6e0363a94eaf976317619428e7181c077007352fb78ae3ef1e1d88eba47fd7e

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"21d1-17140b4e080"
Content-Type
image/png
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
8657
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
luminare-logo-white.png
checkforcorona.com/img/
21 KB
21 KB
Image
General
Full URL
https://checkforcorona.com/img/luminare-logo-white.png
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0267631e02f4f96f40bc153d7872a8eb74e7d8f25af91e8c656eaae09974a08a

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 16:12:36 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"524c-17140b4e080"
Content-Type
image/png
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
21068
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
fpv2.min.js
www.atmrum.net/client/v1/atm/
3 KB
3 KB
Script
General
Full URL
https://www.atmrum.net/client/v1/atm/fpv2.min.js
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32ea28e4cc9fb2662d406bc5e859f774b58f927861c31864c33cb81aa8263aac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 16:12:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:56:41 GMT
x-msedge-ref
Ref A: A8699C82ACE94E5BBA8F0B248D4BADFD Ref B: LON04EDGE0518 Ref C: 2020-04-06T16:12:37Z
access-control-allow-origin
*
etag
0x8D501F7AFB7338D
content-type
application/javascript
status
200
access-control-expose-headers
X-MSEdge-Ref
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
2983
source-sans-pro-v11-latin-regular.woff2
checkforcorona.com/fonts/
16 KB
16 KB
Font
General
Full URL
https://checkforcorona.com/fonts/source-sans-pro-v11-latin-regular.woff2
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

Referer
https://checkforcorona.com/css/main.cde64655753e.css
Origin
https://checkforcorona.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"3e24-17140b4e080"
Content-Type
font/woff2
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
15908
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
source-sans-pro-v11-latin-700.woff2
checkforcorona.com/fonts/
15 KB
15 KB
Font
General
Full URL
https://checkforcorona.com/fonts/source-sans-pro-v11-latin-700.woff2
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Request headers

Referer
https://checkforcorona.com/css/main.cde64655753e.css
Origin
https://checkforcorona.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"3c78-17140b4e080"
Content-Type
font/woff2
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
15480
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
source-sans-pro-v11-latin-italic.woff2
checkforcorona.com/fonts/
15 KB
15 KB
Font
General
Full URL
https://checkforcorona.com/fonts/source-sans-pro-v11-latin-italic.woff2
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d

Request headers

Referer
https://checkforcorona.com/css/main.cde64655753e.css
Origin
https://checkforcorona.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"3a20-17140b4e080"
Content-Type
font/woff2
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
14880
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74201307-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5945
date
Mon, 06 Apr 2020 14:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 06 Apr 2020 16:33:32 GMT
oswald-v16-latin-regular.woff2
checkforcorona.com/fonts/
15 KB
15 KB
Font
General
Full URL
https://checkforcorona.com/fonts/oswald-v16-latin-regular.woff2
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/js/main.26849aff246f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b038dfedc262406996d21b97425bf6f36b77c82ab12e23aaf55e7e822bf3a866

Request headers

Referer
https://checkforcorona.com/css/main.cde64655753e.css
Origin
https://checkforcorona.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"3b90-17140b4e080"
Content-Type
font/woff2
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
15248
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
source-sans-pro-v11-latin-300.woff2
checkforcorona.com/fonts/
15 KB
16 KB
Font
General
Full URL
https://checkforcorona.com/fonts/source-sans-pro-v11-latin-300.woff2
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/js/main.26849aff246f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1851a4758fa23827c8ef2d994b9bf4b8d0b3b54570f55cb5e5d5e7836a69b502

Request headers

Referer
https://checkforcorona.com/css/main.cde64655753e.css
Origin
https://checkforcorona.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"3d94-17140b4e080"
Content-Type
font/woff2
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
15764
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
checked-circle-inactive.svg
checkforcorona.com/img/
626 B
952 B
Image
General
Full URL
https://checkforcorona.com/img/checked-circle-inactive.svg
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b9989c8a19a335e293727fe283b35e31bcc6934b6a5304a7cef8bf9d6797bd63

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"272-17140b4e080"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
626
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
globe-white.svg
checkforcorona.com/img/
1 KB
1 KB
Image
General
Full URL
https://checkforcorona.com/img/globe-white.svg
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3b6538b9d425a0cb65b33230a17bf17893c784262ef91642bf9800ced89e544

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"5ea-17140b4e080"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Accept-Ranges
bytes
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
map-icon-white.svg
checkforcorona.com/img/
347 B
673 B
Image
General
Full URL
https://checkforcorona.com/img/map-icon-white.svg
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ff504e93016d9af2dcd6a79846f92e2ebef11fa64864f010a7c4af90389c638

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 16:12:37 GMT
Last-Modified
Fri, 03 Apr 2020 15:42:08 GMT
ETag
W/"15b-17140b4e080"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
347
request-context
appId=cid-v1:d7fb9326-3626-4fe1-a6b0-6f52b02a362c
fpconfig.min.json
www.atmrum.net/conf/v1/atm/
191 B
474 B
XHR
General
Full URL
https://www.atmrum.net/conf/v1/atm/fpconfig.min.json
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72766f736186eb5c7c6d08502f3bf28da0092e8ea85cf3b5413c9daf8dc2d94a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
Origin
https://checkforcorona.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 16:12:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:56:41 GMT
x-msedge-ref
Ref A: 11EA2A39A3AD4FB29BB2D9B6759C0E71 Ref B: LON04EDGE0207 Ref C: 2020-04-06T16:12:37Z
etag
0x8D501F7AFB7338D
status
200
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-MSEdge-Ref
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
191
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1606187424&t=pageview&_s=1&dl=https%3A%2F%2Fcheckforcorona.com%2F&ul=en-us&de=UTF-8&dt=CheckForCorona.com%20-%20COVID-19%20Screening%20Tool&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=902686431&gjid=2039725095&cid=79340048.1586189558&tid=UA-74201307-2&_gid=193072689.1586189558&_r=1&gtm=2ou3p1&z=961384101
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 16:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
trans.gif
5429cbb20f08dffbfcb491c76acdef38.azr.footprintdns.com/apc/
43 B
243 B
Image
General
Full URL
https://5429cbb20f08dffbfcb491c76acdef38.azr.footprintdns.com/apc/trans.gif?87b346e2cb8aa1fc8d10c52a42b94f7a
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4180:2401::59e , Germany, ASN200517 (MS-DEUTSCHLAND, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 01 Jan 2020 04:05:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/gif
status
200
date
Mon, 06 Apr 2020 16:12:37 GMT
accept-ranges
bytes
content-length
43
etag
"aad731b458c0d51:0"
trans.gif
5429cbb20f08dffbfcb491c76acdef38.azr.footprintdns.com/apc/
43 B
81 B
Image
General
Full URL
https://5429cbb20f08dffbfcb491c76acdef38.azr.footprintdns.com/apc/trans.gif?a0a751e6ea62bdda433e32786f7ec169
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4180:2401::59e , Germany, ASN200517 (MS-DEUTSCHLAND, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 01 Jan 2020 04:05:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/gif
status
200
date
Mon, 06 Apr 2020 16:12:37 GMT
accept-ranges
bytes
content-length
43
etag
"aad731b458c0d51:0"
trans.gif
dcd12633e125af3d7c84dd3368c81bda.azr.footprintdns.com/apc/
43 B
242 B
Image
General
Full URL
https://dcd12633e125af3d7c84dd3368c81bda.azr.footprintdns.com/apc/trans.gif?251b86cf83cfc544827c6241a77a4a69
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1000:100:5::7 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 31 Jan 2020 19:15:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/gif
status
200
date
Mon, 06 Apr 2020 16:12:38 GMT
accept-ranges
bytes
content-length
43
etag
"0e46cda6ad8d51:0"
trans.gif
dcd12633e125af3d7c84dd3368c81bda.azr.footprintdns.com/apc/
43 B
81 B
Image
General
Full URL
https://dcd12633e125af3d7c84dd3368c81bda.azr.footprintdns.com/apc/trans.gif?86e00f8303a5967f66093e3e4e3b269c
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1000:100:5::7 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 31 Jan 2020 19:15:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/gif
status
200
date
Mon, 06 Apr 2020 16:12:38 GMT
accept-ranges
bytes
content-length
43
etag
"0e46cda6ad8d51:0"
trans.gif
615969a6a09daccf8e088f996ba957f5.azr.footprintdns.com/apc/
43 B
243 B
Image
General
Full URL
https://615969a6a09daccf8e088f996ba957f5.azr.footprintdns.com/apc/trans.gif?00ef637b80b0dc17f59e325a317bb297
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4180:2001::3f2 Frankfurt am Main, Germany, ASN200517 (MS-DEUTSCHLAND, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 01 Jan 2020 04:05:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/gif
status
200
date
Mon, 06 Apr 2020 16:12:38 GMT
accept-ranges
bytes
content-length
43
etag
"aad731b458c0d51:0"
trans.gif
615969a6a09daccf8e088f996ba957f5.azr.footprintdns.com/apc/
43 B
81 B
Image
General
Full URL
https://615969a6a09daccf8e088f996ba957f5.azr.footprintdns.com/apc/trans.gif?2e73470941f855827a1bcf67caac5d9b
Requested by
Host: checkforcorona.com
URL: https://checkforcorona.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4180:2001::3f2 Frankfurt am Main, Germany, ASN200517 (MS-DEUTSCHLAND, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkforcorona.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 01 Jan 2020 04:05:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/gif
status
200
date
Mon, 06 Apr 2020 16:12:38 GMT
accept-ranges
bytes
content-length
43
etag
"aad731b458c0d51:0"
r.gif
www.atmrum.net/report/v1/atm/
42 B
196 B
XHR
General
Full URL
https://www.atmrum.net/report/v1/atm/r.gif?MonitorID=atm&rid=9052fc1155ff4100c10d2e52292913b1&w3c=true&prot=https:&v=2017061301&tag=b9bb8718b605fc698569ca26d2f29ec1&DATA=[{%22RequestID%22:%225429cbb20f08dffbfcb491c76acdef38%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:71},{%22RequestID%22:%225429cbb20f08dffbfcb491c76acdef38%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:17},{%22RequestID%22:%22dcd12633e125af3d7c84dd3368c81bda%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:605},{%22RequestID%22:%22dcd12633e125af3d7c84dd3368c81bda%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:184},{%22RequestID%22:%22615969a6a09daccf8e088f996ba957f5%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:43},{%22RequestID%22:%22615969a6a09daccf8e088f996ba957f5%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:7}]
Requested by
Host: www.atmrum.net
URL: https://www.atmrum.net/client/v1/atm/fpv2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://checkforcorona.com/
Origin
https://checkforcorona.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 06 Apr 2020 16:12:38 GMT
cache-control
no-store
x-msedge-ref
Ref A: DD388E7F780A4A6C8FF048E35DF54DE5 Ref B: LON04EDGE0207 Ref C: 2020-04-06T16:12:38Z
access-control-allow-origin
https://checkforcorona.com
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| COV19_CONFIG object| $jscomp object| shadow$provide object| closure_lm_604324 object| rum function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| Footprint object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| fpconfig

0 Cookies

6 Console Messages

Source Level URL
Text
console-api info URL: https://checkforcorona.com/js/main.26849aff246f.js(Line 1260)
Message:
INFO [luminare.covid19.core:34] - Initializing covid19 Screening Application
console-api info URL: https://checkforcorona.com/js/main.26849aff246f.js(Line 1260)
Message:
INFO [luminare.covid19.events:19] - Initializing app-db
console-api info URL: https://checkforcorona.com/js/main.26849aff246f.js(Line 1260)
Message:
INFO [luminare.covid19.core:26] - Begin rendering
console-api info URL: https://checkforcorona.com/js/main.26849aff246f.js(Line 1260)
Message:
INFO [luminare.covid19.routing:49] - Initializing Routing
console-api warning URL: https://checkforcorona.com/js/main.26849aff246f.js(Line 1260)
Message:
WARN [luminare.covid19.routing:42] - Unrecognized route: :unknown
console-api info URL: https://checkforcorona.com/js/main.26849aff246f.js(Line 1260)
Message:
INFO [luminare.covid19.native-dom-events:18] - Adding native DOM events

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5429cbb20f08dffbfcb491c76acdef38.azr.footprintdns.com
615969a6a09daccf8e088f996ba957f5.azr.footprintdns.com
checkforcorona.com
dcd12633e125af3d7c84dd3368c81bda.azr.footprintdns.com
www.atmrum.net
www.google-analytics.com
www.googletagmanager.com
204.79.197.234
2603:1000:100:5::7
2a00:1450:4001:800::2008
2a00:1450:4001:81c::200e
2a01:4180:2001::3f2
2a01:4180:2401::59e
40.79.154.193
0267631e02f4f96f40bc153d7872a8eb74e7d8f25af91e8c656eaae09974a08a
078288821a7353f510d6fa9c55a6bb86f69747e02403e98750fab4e65523ee55
1851a4758fa23827c8ef2d994b9bf4b8d0b3b54570f55cb5e5d5e7836a69b502
32ea28e4cc9fb2662d406bc5e859f774b58f927861c31864c33cb81aa8263aac
3457d3413ee2de0c3eed2e7c011c1810a1841941c2c0939aaee4f5e03d9c706f
3f7c1a907a837fe95929e0827276ceae5e5fce16906042f8ad64ea5b66a25e7d
72766f736186eb5c7c6d08502f3bf28da0092e8ea85cf3b5413c9daf8dc2d94a
80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ff504e93016d9af2dcd6a79846f92e2ebef11fa64864f010a7c4af90389c638
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d
b038dfedc262406996d21b97425bf6f36b77c82ab12e23aaf55e7e822bf3a866
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9989c8a19a335e293727fe283b35e31bcc6934b6a5304a7cef8bf9d6797bd63
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
d10ca5c62323b3dd035a658dbfec2c844c4425797853333185a3aa25ea6df023
d3b6538b9d425a0cb65b33230a17bf17893c784262ef91642bf9800ced89e544
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f6e0363a94eaf976317619428e7181c077007352fb78ae3ef1e1d88eba47fd7e