www.thecovid19foundation.org Open in urlscan Pro
206.189.220.15  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.thecovid19foundation.org/	11 KB 4 KB	538ms 161ms	Document text/html	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 51f6a0743e59b2a8b41d8fcd2c4311515b2f53d5a5b26d3764a1823d3ac2817c Request headers Host www.thecovid19foundation.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.14.0 (Ubuntu) Date Fri, 22 May 2020 16:08:20 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By Express ETag W/"2a6e-21m49gNjwJ9f9HyrN1Cxq8xG6xs" Content-Encoding gzip
GET H2	200	css fonts.googleapis.com/	15 KB 997 B	19ms 17ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 22 May 2020 16:08:20 GMT server ESF date Fri, 22 May 2020 16:08:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 22 May 2020 16:08:20 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 611 B	18ms 16ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900&display=swap Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash da948da908fa1bbb0ee062a7e271688f3054d970fc1927c2b419c9a74e695f1f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 22 May 2020 16:08:20 GMT server ESF date Fri, 22 May 2020 16:08:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 22 May 2020 16:08:20 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 615 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Amiri:400,400italic&display=swap Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d2ff681af41369a19958f588a18827bc1b086dcc5a0164f47fba3939444abb8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 22 May 2020 16:08:20 GMT server ESF date Fri, 22 May 2020 16:08:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 22 May 2020 16:08:20 GMT
GET H/1.1	200 OK	bootstrap.css www.thecovid19foundation.org/css/	193 KB 193 KB	310ms 309ms	Stylesheet text/css	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.thecovid19foundation.org/css/bootstrap.css Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 81c02fda1cf5f0f3e87c1aabe9405f682c79bde41265bd8155052da380591b88 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:20 GMT Last-Modified Fri, 03 Apr 2020 05:08:55 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"302da-1713e712993" Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 197338
GET H/1.1	200 OK	main.css www.thecovid19foundation.org/css/	4 KB 4 KB	460ms 155ms	Stylesheet text/css	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.thecovid19foundation.org/css/main.css Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 6cd7f9818955e46e728c3e6acfc94ff9a7a2c993cebd2860dc52aa8aa0d42b37 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:20 GMT Last-Modified Thu, 23 Apr 2020 03:14:02 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"ed1-171a5072aa2" Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 3793
GET H/1.1	404 Not Found	inputmask.min.js www.thecovid19foundation.org/js/	0 0	480ms 161ms	Script text/html	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.thecovid19foundation.org/js/inputmask.min.js Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:20 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx/1.14.0 (Ubuntu) X-Powered-By Express Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS, PUT, PATCH, DELETE Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Security-Policy default-src 'none' Connection keep-alive Access-Control-Allow-Headers X-Requested-With,content-type
GET H2	200	/ Show response js.stripe.com/v3/	166 KB 43 KB	84ms 27ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e3e6070a723a7fccae7a43a608f43d126f3029576f3256857a0cbd30b0b8015f Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 22 May 2020 16:08:20 GMT content-encoding gzip vary Accept-Encoding age 1 via 1.1 varnish x-cache HIT status 200 content-length 43557 x-amz-id-2 m15mkvzANOppjMQ1/UyDfratC+QKVTGWtXeZGBFf07NEwCTJDDd0+GTpsYu03k2l7Ws0D4nvbLU= x-served-by cache-fra19183-FRA timing-allow-origin * last-modified Thu, 21 May 2020 20:36:49 GMT server AmazonS3 etag "22976593fd696c3173edda1c37893456" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id F5C10932770F5D04 access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 2
GET H/1.1	200 OK	logo-white.svg www.thecovid19foundation.org/img/logo/	32 KB 32 KB	163ms 162ms	Image image/svg+xml	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.thecovid19foundation.org/img/logo/logo-white.svg Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash e1dd9866cc38e5e4359de1a206cbf599d89bcf8fe258b6c3284255a5cb547754 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:20 GMT Last-Modified Fri, 03 Apr 2020 05:08:55 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"7f6b-1713e712a03" Content-Type image/svg+xml Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 32619
GET H/1.1	200 OK	covid.png www.thecovid19foundation.org/img/programs/	166 KB 167 KB	309ms 308ms	Image image/png	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.thecovid19foundation.org/img/programs/covid.png Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 3c3dccc62687f4462508f135273451166444341b61901ce515ca6be083d4557d Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:20 GMT Last-Modified Fri, 03 Apr 2020 05:08:55 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"299af-1713e712a07" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 170415
GET H/1.1	200 OK	vulnerable.png www.thecovid19foundation.org/img/programs/	196 KB 196 KB	295ms 293ms	Image image/png	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.thecovid19foundation.org/img/programs/vulnerable.png Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 53f43dcb0717cbc0a469b27621fbf61e3804858d24582058d9cad95527d3d6bf Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:20 GMT Last-Modified Fri, 03 Apr 2020 05:08:55 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"310ae-1713e712a07" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 200878
GET H/1.1	200 OK	masks.png www.thecovid19foundation.org/img/programs/	180 KB 180 KB	465ms 161ms	Image image/png	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.thecovid19foundation.org/img/programs/masks.png Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 922ad963acf174e19999370bc6781af449f12de3391e5219c1fcde8088b04264 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:21 GMT Last-Modified Fri, 03 Apr 2020 05:08:55 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"2d0c1-1713e712a07" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 184513
GET H/1.1	200 OK	experts.png www.thecovid19foundation.org/img/programs/	119 KB 119 KB	602ms 296ms	Image image/png	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.thecovid19foundation.org/img/programs/experts.png Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 16dfbf86d7d0938f6595a2dc15974d42d7c7aa233116b2c91762d106edc976f7 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:21 GMT Last-Modified Fri, 03 Apr 2020 05:08:55 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"1dcb0-1713e712a07" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 122032
GET H/1.1	200 OK	jquery-3.4.1.slim.min.js Show response code.jquery.com/	69 KB 24 KB	32ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.slim.min.js Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.thecovid19foundation.org/ Origin https://www.thecovid19foundation.org Response headers Date Fri, 22 May 2020 16:08:20 GMT Content-Encoding gzip Last-Modified Wed, 01 May 2019 21:14:27 GMT Server nginx ETag W/"5cca0c33-1157d" Vary Accept-Encoding X-HW 1590163700.dop039.fr8.t,1590163700.cds163.fr8.shn,1590163700.dop039.fr8.t,1590163700.cds121.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 24328
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/	21 KB 8 KB	28ms 13ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.thecovid19foundation.org/ Origin https://www.thecovid19foundation.org Response headers date Fri, 22 May 2020 16:08:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 17291504 x-cache HIT, HIT status 200 strict-transport-security max-age=31536000; includeSubDomains; preload cf-request-id 02debd93df0000178e4fba5200000001 x-served-by cache-ams21026-AMS, cache-hhn4073-HHN timing-allow-origin * server cloudflare etag W/"5309-YvI45zNIx3656GVCan0bfeI8uy0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 5977cb996e4f178e-FRA
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/	59 KB 16 KB	1178ms 945ms	Script text/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.thecovid19foundation.org/ Origin https://www.thecovid19foundation.org Response headers date Fri, 22 May 2020 16:08:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 28 Nov 2019 17:52:52 GMT status 200 etag "1574963572" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 15919
GET H/1.1	200 OK	hero.png www.thecovid19foundation.org/img/	479 KB 479 KB	606ms 300ms	Image image/png	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.thecovid19foundation.org/img/hero.png Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 872677c34c7ee4e097571b71450fa115086001abf6f8ed93c221afd09ddd7b15 Request headers Referer https://www.thecovid19foundation.org/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:21 GMT Last-Modified Tue, 07 Apr 2020 02:37:05 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"77a14-171527f9502" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 490004
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900&display=swap Origin https://www.thecovid19foundation.org Response headers date Tue, 19 May 2020 09:27:04 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 283276 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Wed, 19 May 2021 09:27:04 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2 Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap Origin https://www.thecovid19foundation.org Response headers date Mon, 18 May 2020 00:54:26 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:19:08 GMT server sffe age 400434 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11012 x-xss-protection 0 expires Tue, 18 May 2021 00:54:26 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap Origin https://www.thecovid19foundation.org Response headers date Mon, 18 May 2020 09:09:22 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:58 GMT server sffe age 370738 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11020 x-xss-protection 0 expires Tue, 18 May 2021 09:09:22 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900&display=swap Origin https://www.thecovid19foundation.org Response headers date Tue, 19 May 2020 23:24:57 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:54 GMT server sffe age 233003 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 expires Wed, 19 May 2021 23:24:57 GMT
GET H2	200	J7afnpd8CGxBHpUrhLEY67FIEjg.woff2 fonts.gstatic.com/s/amiri/v13/	21 KB 21 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/amiri/v13/J7afnpd8CGxBHpUrhLEY67FIEjg.woff2 Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 122c105a5c2bece4c1e67d64bc660fb9ae9c610985cc6c2beec2890d7768a706 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Amiri:400,400italic&display=swap Origin https://www.thecovid19foundation.org Response headers date Tue, 19 May 2020 03:48:37 GMT x-content-type-options nosniff last-modified Tue, 16 Jul 2019 23:49:05 GMT server sffe age 303583 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21700 x-xss-protection 0 expires Wed, 19 May 2021 03:48:37 GMT
GET H/1.1	200 OK	config Show response www.thecovid19foundation.org/	93 B 539 B	246ms 161ms	Fetch application/json	206.189.220.15 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.thecovid19foundation.org/config Requested by Host: www.thecovid19foundation.org URL: https://www.thecovid19foundation.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 206.189.220.15 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash daac1b0224630b6d278713120c2f76394dba9b496bdf50f771e3faa10403fb96 Request headers Referer https://www.thecovid19foundation.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 22 May 2020 16:08:21 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"5d-EfGi/PpzfZTgnq9pHN5YkCVpbCE" Access-Control-Allow-Methods GET, POST, OPTIONS, PUT, PATCH, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers X-Requested-With,content-type Content-Length 93
GET H2	200	controller-8eaa7493dcc5b9b4300acef47ba09867.html js.stripe.com/v3/ Frame 303B	0 0	27ms 26ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-8eaa7493dcc5b9b4300acef47ba09867.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/controller-8eaa7493dcc5b9b4300acef47ba09867.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.thecovid19foundation.org/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.thecovid19foundation.org/ Response headers status 200 x-amz-id-2 sUi9ixyHr/l2r3cZzrNSDSJ3voIS5H+3jo+B0Mtdi/2qjNduah+mw/eQFvJiPzjNvefzYhW6ELQ= x-amz-request-id 8KCZ4W8K8G3J6GER last-modified Thu, 21 May 2020 20:36:49 GMT etag "8eaa7493dcc5b9b4300acef47ba09867" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding gzip accept-ranges bytes date Fri, 22 May 2020 16:08:21 GMT via 1.1 varnish age 102 x-served-by cache-fra19183-FRA x-cache HIT x-cache-hits 26 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 236
GET H2	200	m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html js.stripe.com/v3/ Frame C121	0 0	27ms 27ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash Security Headers Name Value Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.thecovid19foundation.org/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.thecovid19foundation.org/ Response headers status 200 x-amz-id-2 6TBhavv8sVO3XD/nOr9TbiNrWCxnoT9n7rpCZDJi3BxMmSJQ6ph/mwhUFBHdDt4WmXBc6X0r3RI= x-amz-request-id DBC00849A21A83BE last-modified Fri, 28 Feb 2020 23:42:06 GMT etag "a0f6c1465b8d9aab778cf2913d1d3c86" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding gzip accept-ranges bytes date Fri, 22 May 2020 16:08:21 GMT via 1.1 varnish age 28 x-served-by cache-fra19183-FRA x-cache HIT x-cache-hits 37 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 203

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Stripe object| modal object| btn object| span function| handleResult function| createCheckoutSession function| $ function| jQuery function| Popper object| config object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.thecovid19foundation.org/(Line 267) Message: retrieved cconfig

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
stackpath.bootstrapcdn.com
www.thecovid19foundation.org
151.101.12.176
2001:4de0:ac19::1:b:1b
206.189.220.15
2606:4700::6810:5714
2a00:1450:4001:81b::2003
2a00:1450:4001:821::200a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
122c105a5c2bece4c1e67d64bc660fb9ae9c610985cc6c2beec2890d7768a706
16dfbf86d7d0938f6595a2dc15974d42d7c7aa233116b2c91762d106edc976f7
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
3c3dccc62687f4462508f135273451166444341b61901ce515ca6be083d4557d
51f6a0743e59b2a8b41d8fcd2c4311515b2f53d5a5b26d3764a1823d3ac2817c
53f43dcb0717cbc0a469b27621fbf61e3804858d24582058d9cad95527d3d6bf
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6cd7f9818955e46e728c3e6acfc94ff9a7a2c993cebd2860dc52aa8aa0d42b37
81c02fda1cf5f0f3e87c1aabe9405f682c79bde41265bd8155052da380591b88
872677c34c7ee4e097571b71450fa115086001abf6f8ed93c221afd09ddd7b15
922ad963acf174e19999370bc6781af449f12de3391e5219c1fcde8088b04264
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
d2ff681af41369a19958f588a18827bc1b086dcc5a0164f47fba3939444abb8a
da948da908fa1bbb0ee062a7e271688f3054d970fc1927c2b419c9a74e695f1f
daac1b0224630b6d278713120c2f76394dba9b496bdf50f771e3faa10403fb96
e1dd9866cc38e5e4359de1a206cbf599d89bcf8fe258b6c3284255a5cb547754
e3e6070a723a7fccae7a43a608f43d126f3029576f3256857a0cbd30b0b8015f