hcarewards.lifeatworkportal.com
Open in
urlscan Pro
138.69.15.115
Public Scan
Effective URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48dc-4530-80a4-95b9673...
Submission: On November 06 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 14th 2023. Valid for: a year.
This is the only time hcarewards.lifeatworkportal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 138.69.15.131 138.69.15.131 | 11676 (AS11676) (AS11676) | |
1 2 | 138.69.15.115 138.69.15.115 | 11676 (AS11676) (AS11676) | |
13 | 138.69.15.195 138.69.15.195 | 11676 (AS11676) (AS11676) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 138.69.15.189 138.69.15.189 | 11676 (AS11676) (AS11676) | |
18 | 6 |
ASN11676 (AS11676, US)
PTR: hcarewards.lifeatworkportal.com
hcarewards.lifeatworkportal.com |
ASN11676 (AS11676, US)
PTR: sdc.mybenefitwallet.com
sdc.lifeatworkportal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
lifeatworkportal.com
2 redirects
hcarewards.lifeatworkportal.com cd.lifeatworkportal.com — Cisco Umbrella Rank: 81502 sdc.lifeatworkportal.com — Cisco Umbrella Rank: 101020 |
272 KB |
1 |
gstatic.com
www.gstatic.com |
189 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
benweb.co
benweb.co |
2 KB |
18 | 4 |
Domain | Requested by | |
---|---|---|
13 | cd.lifeatworkportal.com |
hcarewards.lifeatworkportal.com
cd.lifeatworkportal.com |
2 | sdc.lifeatworkportal.com |
1 redirects
hcarewards.lifeatworkportal.com
|
2 | hcarewards.lifeatworkportal.com |
1 redirects
benweb.co
|
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
hcarewards.lifeatworkportal.com
|
1 | benweb.co | |
18 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
hca.ehr.com |
www.hcarewardshealthyliving.com |
form1095.benefitcenter.com |
www.microsoft.com |
support.apple.com |
www.google.com |
www.mozilla.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
benweb.co Sectigo RSA Organization Validation Secure Server CA |
2023-09-14 - 2024-09-13 |
a year | crt.sh |
hcarewards.lifeatworkportal.com Sectigo RSA Organization Validation Secure Server CA |
2023-09-14 - 2024-09-13 |
a year | crt.sh |
cd.lifeatworkportal.com Sectigo RSA Organization Validation Secure Server CA |
2023-08-03 - 2024-08-02 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48dc-4530-80a4-95b9673839ac&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-sJtRD%2f97yQvNVow4wFfao%2bH23tpNLTW0lPx1qfgwG0T33EfqiqEDEYXQKIDyPNkuXUtlCbMyMbNqBxqucbXECcgoli7Ayq4V&TARGET=-SM-https%3a%2f%2fhcarewards%2elifeatworkportal%2ecom%2fdlv1%2fDOC_CENTER
Frame ID: 56251D394CB0FFC8F3A3A5EFC1243FED
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
HCA - LoginPage URL History Show full URLs
- https://benweb.co/dlsc/hca00ab Page URL
-
https://hcarewards.lifeatworkportal.com/dlv1/DOC_CENTER
HTTP 302
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Learn About HCA Rewards
Search URL Search Domain Scan URL
Title: Wellness Resources
Search URL Search Domain Scan URL
Title: Form 1095
Search URL Search Domain Scan URL
Title: Resources for Retirees
Search URL Search Domain Scan URL
Title: Benefits Providers
Search URL Search Domain Scan URL
Title: Download Microsoft Edge
Search URL Search Domain Scan URL
Title: Download Safari
Search URL Search Domain Scan URL
Title: Download Chrome
Search URL Search Domain Scan URL
Title: Download Mozilla Firefox
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://benweb.co/dlsc/hca00ab Page URL
-
https://hcarewards.lifeatworkportal.com/dlv1/DOC_CENTER
HTTP 302
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48dc-4530-80a4-95b9673839ac&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-sJtRD%2f97yQvNVow4wFfao%2bH23tpNLTW0lPx1qfgwG0T33EfqiqEDEYXQKIDyPNkuXUtlCbMyMbNqBxqucbXECcgoli7Ayq4V&TARGET=-SM-https%3a%2f%2fhcarewards%2elifeatworkportal%2ecom%2fdlv1%2fDOC_CENTER Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?&dcsdat=1699275060440&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hcamfa%26TYPE=33554433%26REALMOID=06-a317304c-48dc-4530-80a4-95b9673839ac%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-sJtRD%25252f97yQvNVow4wFfao%25252bH23tpNLTW0lPx1qfgwG0T33EfqiqEDEYXQKIDyPNkuXUtlCbMyMbNqBxqucbXECcgoli7Ayq4V%26TARGET=-SM-https%25253a%25252f%25252fhcarewards%25252elifeatworkportal%25252ecom%25252fdlv1%25252fDOC_CENTER&dcsref=https://benweb.co/&WT.tz=1&WT.bh=13&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=HCA%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=hcarewards.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1699275060440&WT.vtid=20adf7e630d673f13351699253460440&WT.co_f=20adf7e630d673f13351699253460440 HTTP 303
- https://sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?dcsredirect=1&dcsdat=1699275060440&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hcamfa%26TYPE=33554433%26REALMOID=06-a317304c-48dc-4530-80a4-95b9673839ac%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-sJtRD%25252f97yQvNVow4wFfao%25252bH23tpNLTW0lPx1qfgwG0T33EfqiqEDEYXQKIDyPNkuXUtlCbMyMbNqBxqucbXECcgoli7Ayq4V%26TARGET=-SM-https%25253a%25252f%25252fhcarewards%25252elifeatworkportal%25252ecom%25252fdlv1%25252fDOC_CENTER&dcsref=https://benweb.co/&WT.tz=1&WT.bh=13&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=HCA%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=hcarewards.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1699275060440&WT.vtid=20adf7e630d673f13351699253460440&WT.co_f=20adf7e630d673f13351699253460440
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
hca00ab
benweb.co/dlsc/ |
233 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
logonlw.jsp
hcarewards.lifeatworkportal.com/login/v3/pub/ Redirect Chain
|
42 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
cd.lifeatworkportal.com/slogin/common/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
cd.lifeatworkportal.com/slogin/common/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
branding.css
cd.lifeatworkportal.com/slogin/hcamfa/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtrends.js
cd.lifeatworkportal.com/static60/resources/scripts/client/rks/157/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cd.lifeatworkportal.com/slogin/common/js/ |
71 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
cd.lifeatworkportal.com/slogin/common/js/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-3.0.0.js
cd.lifeatworkportal.com/slogin/common/js/ |
76 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bowser.js
cd.lifeatworkportal.com/slogin/common/js/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientLogo.png
cd.lifeatworkportal.com/slogin/hcamfa/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_login.png
cd.lifeatworkportal.com/slogin/hcamfa/images/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootbox.min.js
cd.lifeatworkportal.com/slogin/common/js/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TmpBrowser_Inline2.js
cd.lifeatworkportal.com/slogin/common/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ |
470 KB 189 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcs.gif
sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/ Redirect Chain
|
43 B 589 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSerifPro-Regular.ttf
cd.lifeatworkportal.com/slogin/hcamfa/fonts/ |
98 KB 99 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| WebTrends function| dcsMultiTrack function| dcsDebug function| $ function| jQuery object| bowser object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _tag string| url object| urlParts function| ConvertToLower function| eraseCookie undefined| value function| fLogin_Validate function| setCookie function| toggler function| errorDisplay function| onLoadBody function| validate boolean| isMobApp object| bootbox object| recaptcha string| bcver string| fbrowser number| bversion undefined| osversion string| ua number| osver boolean| isosupp boolean| ismob boolean| isandroid boolean| isios boolean| isnotsupp boolean| islogin boolean| isedge boolean| isossupp boolean| isbsupp25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e | Name: WEBTRENDS_ID Value: 80.255.10.203-3850507840.31068335 |
|
.benweb.co/ | Name: ADRUM_BTa Value: R:0|g:8d1fd8ac-b0a6-4f2a-9201-d0684837c28f|n:customer1_b0de3491-4d68-468d-9abe-4b29519a6ded |
|
.benweb.co/ | Name: SameSite Value: None |
|
.benweb.co/ | Name: LSESSIONID Value: yTSkr602J7gJLRTV7t_UZorhYN6T-NjLI_xFJ3FnLA2KUcUpLfI0!1624246174 |
|
.benweb.co/ | Name: ADRUM_BT1 Value: R:0|i:1546369|e:32|d:0 |
|
.benweb.co/ | Name: GHHCOGLE Value: 02aa191b63-2e16-4d8-zVQ904S8TTLZg3LNx6NUZ3BXVcMdLSdLk-n6aRCQ7eCsOZOb9Naberu5ws8Bcmcqs |
|
.benweb.co/ | Name: LB Value: 80.255.10.203:56532 |
|
benweb.co/ | Name: DNNNMJBY Value: 020bf600cd-d21d-4328-kz5BTgA1Zp2nZkys6uwKR6EKpJHWtxzYOiahto2VuZ1qxCoXVVp0Iy95Z63uXqrU |
|
.hcarewards.lifeatworkportal.com/ | Name: LB Value: 80.255.10.203:45034 |
|
.hcarewards.lifeatworkportal.com/ | Name: ADRUM_BTa Value: R:18|g:90f9e0a8-819e-47ea-99d0-2e719dacdc62|n:customer1_b0de3491-4d68-468d-9abe-4b29519a6ded |
|
.hcarewards.lifeatworkportal.com/ | Name: SameSite Value: None |
|
.hcarewards.lifeatworkportal.com/ | Name: ADRUM_BT1 Value: R:18|i:1546364|e:42 |
|
.hcarewards.lifeatworkportal.com/ | Name: LSESSIONID Value: AECkr7KA-AFqRUG_Dcql6wl0JwgnPBCQI7b_42lGd78gK5jmQIGH!-923386464 |
|
.hcarewards.lifeatworkportal.com/ | Name: logontype Value: fb |
|
.hcarewards.lifeatworkportal.com/ | Name: client Value: hcamfa |
|
.hcarewards.lifeatworkportal.com/ | Name: cltFolder Value: benefits/hcamfa |
|
.hcarewards.lifeatworkportal.com/ | Name: product Value: login |
|
.hcarewards.lifeatworkportal.com/ | Name: locale Value: |
|
.hcarewards.lifeatworkportal.com/ | Name: origURL Value: https://hcarewards.lifeatworkportal.com/dlv1/DOC_CENTER |
|
.hcarewards.lifeatworkportal.com/ | Name: origtargetURL Value: https://hcarewards.lifeatworkportal.com/dlv1/DOC_CENTER |
|
.hcarewards.lifeatworkportal.com/ | Name: MWFRQWEA Value: 029a849977-b7d5-40eBJ9Zh0eLMtVESfylUYKXQ2b84u-l5R1gUQvfnKGhxh-5X9WxSNDQ1bY2McV25AULug |
|
.lifeatworkportal.com/ | Name: WT_FPC Value: id=20adf7e630d673f13351699253460440:lv=1699253460440:ss=1699253460440 |
|
.cd.lifeatworkportal.com/ | Name: LB Value: 80.255.10.203:55954 |
|
.sdc.lifeatworkportal.com/ | Name: LB Value: 80.255.10.203:41510 |
|
sdc.lifeatworkportal.com/ | Name: SPPOEAMH Value: 025e396da3-15db-4aKLn-QCKCkWvyYpV7npkLfCPY_4l-fzuZ9ZCsVO_ilp178Pg3rDRhxCSMhqTdsqJs0so |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
benweb.co
cd.lifeatworkportal.com
hcarewards.lifeatworkportal.com
sdc.lifeatworkportal.com
www.google.com
www.gstatic.com
138.69.15.115
138.69.15.131
138.69.15.189
138.69.15.195
2a00:1450:4001:806::2004
2a00:1450:4001:82a::2003
17821e941ab7bddbc1beb6d1bd637ef32e7ebb85eb0053e8fee857b95dab4cfb
1e1166fd3ed57bf8d3a1cea6495d073bfd5f4ec885636fe741d85e78802a6e8b
38ca7c48de33fb31ae7dfe8b2963024ab33be876a88453781e369ebb02e55b06
43f5092a8a186c1c7ef5e43b54eb247eab4ce9e036ffcc52cc29f7de5aee0fd9
4f4e8fb1d562cf041c81eba325ad02c81c660513b11111081908e0f029ac344b
7058211e5216ebad63799d12378357a75369454d3f8711690ffb22f52d143b4a
7efe892fa4ab4622102e8df4c7c4da906139fce1d4d25bb5c7a1224b8fa798cc
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
9bf47bc53ccc2a090ac0cdc2acde06c1347660fc48cf4b97d48f08536cf13a2b
a22c3070ed376c37b68a7c6e33de72c06054feb66048160908a782b819d40922
a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e
b6d957cdcd295007d5ab3c2229b0935cb5312c6f6a2180441a19014f80a8c7bc
c46dc051ce81c4af2b2096abbf885ae4ba7467ff5db0f0106ceee928cf3658a3
cb37bca8bda6339946a7d30765bc9185ca47c3a07a1bdcd705d762aeda50b284
dbde2b54820f8e105ef30ccb90be553c9d48e2f884d55af1ad18feb3022500ad
fb6d5bfcd03dde09ab2f71355bad7fdf3a93aa36433895d7ab86374c33a04b77
fe3ba6a02cd23f368db927bdf16ee839ed32908d2c623604364d0e21e434c92e