nationwidecashhouses.com
Open in
urlscan Pro
34.205.42.6
Public Scan
Submission: On February 21 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 23rd 2022. Valid for: 3 months.
This is the only time nationwidecashhouses.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 34.205.42.6 34.205.42.6 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 18.66.17.162 18.66.17.162 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::2008 | 15169 (GOOGLE) (GOOGLE) | |
7 | 52.217.90.94 52.217.90.94 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 18.213.230.103 18.213.230.103 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2001 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c09::9b | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 142.251.39.2 142.251.39.2 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
32 | 12 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-42-6.compute-1.amazonaws.com
nationwidecashhouses.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-162.vie50.r.cloudfront.net
ddazrdkhbg01e.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-230-103.compute-1.amazonaws.com
my.freedomsoft.com |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
amazonaws.com
s3.amazonaws.com |
2 MB |
4 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 106 |
249 B |
3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149 |
244 KB |
3 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 70 |
189 KB |
3 |
freedomsoft.com
1 redirects
my.freedomsoft.com |
6 KB |
3 |
cloudfront.net
ddazrdkhbg01e.cloudfront.net |
565 KB |
2 |
gstatic.com
www.gstatic.com |
23 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6232 |
652 B |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4596 |
304 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50 |
128 KB |
1 |
googleadservices.com
1 redirects
www.googleadservices.com — Cisco Umbrella Rank: 163 |
417 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77 |
259 B |
1 |
nationwidecashhouses.com
nationwidecashhouses.com |
8 KB |
32 | 13 |
Domain | Requested by | |
---|---|---|
7 | s3.amazonaws.com |
nationwidecashhouses.com
|
4 | www.facebook.com |
nationwidecashhouses.com
|
3 | connect.facebook.net |
nationwidecashhouses.com
connect.facebook.net |
3 | lh3.googleusercontent.com |
nationwidecashhouses.com
|
3 | my.freedomsoft.com |
1 redirects
nationwidecashhouses.com
|
3 | ddazrdkhbg01e.cloudfront.net |
nationwidecashhouses.com
|
2 | www.gstatic.com |
www.googletagmanager.com
www.gstatic.com |
2 | www.google.de |
nationwidecashhouses.com
|
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | www.googletagmanager.com |
nationwidecashhouses.com
www.googletagmanager.com |
1 | www.googleadservices.com | 1 redirects |
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | nationwidecashhouses.com | |
32 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.freedomsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nationwidecashhouses.com R3 |
2022-12-23 - 2023-03-23 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
s3.amazonaws.com Amazon RSA 2048 M01 |
2022-12-06 - 2023-12-05 |
a year | crt.sh |
*.freedomsoft.com Amazon |
2022-04-23 - 2023-05-22 |
a year | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-11-30 - 2023-02-28 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nationwidecashhouses.com/
Frame ID: D6F9F7733D7B1B494CAE37D38B5B0C57
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
HomeDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: FreedomSoft
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://www.googleadservices.com/pagead/conversion/365321323/wcm?cc=ZZ&dn=18559826250&cl=BrWCCNTDy5sCEOu4ma4B&ct_eid=2 HTTP 302
- https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18559826250&cl=BrWCCNTDy5sCEOu4ma4B
- https://my.freedomsoft.com/forms/public.js HTTP 302
- https://ddazrdkhbg01e.cloudfront.net/assets/forms-d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3.js
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
nationwidecashhouses.com/ |
25 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348.css
ddazrdkhbg01e.cloudfront.net/assets/websites/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sites-10656d822ce7bd34ec591c97eb804b7800632484b409a3bdabc396b2c815f854.js
ddazrdkhbg01e.cloudfront.net/assets/ |
474 KB 475 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
223 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.png
s3.amazonaws.com/com.freedomsoft.production/site/media/files/121695/original/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7IquIzRk6fTngQ.js
my.freedomsoft.com/forms/public/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wQ3bsYLbvDTjoKmu-3LhXCFCXv4DGnUo5pp7TVIS39d9ZeB-XIL1nLytjjv7Gp1f9510hYQB5GFhpss9IkapPA=s0
lh3.googleusercontent.com/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z4W7sIKWngF28juzXMZOu5B-4ffwG0hoyRlyQL1ILGJyOrXmKaQ7E5_Quyprnpa5gZDyAk2bacadk1q1tcnX=s0
lh3.googleusercontent.com/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cjDCAP4xQMyEoKCigXNqNwdQ8nqk5WMLa3Yk7EvOsh-pRDwogrGVdAhJLqM-HNbb86fVM6VI3tcD4kWfP7A6CA=s0
lh3.googleusercontent.com/ |
119 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HuaeweiP30Pro-4-920x613.jpg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/6031/original/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sell-your-house-for-what-you-owe.jpg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/6029/original/ |
152 KB 153 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Four-Reasons-to-Move-Out-of-the-Cities.jpg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/6030/original/ |
542 KB 543 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Screen_Shot_2021-03-21_at_2.24.28_PM.png
s3.amazonaws.com/com.freedomsoft.production/site/media/files/39930/original/ |
113 KB 114 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ListingVsUs-V4.jpeg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/39891/original/ |
598 KB 598 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
106 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero_image_-_layer_1.jpg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/65473/original/ |
94 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
129 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1211162125928219
connect.facebook.net/signals/config/ |
378 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.gstatic.com/wcm/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
call-tracking_7.js
www.gstatic.com/call-tracking/ |
54 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wcm
www.google.de/pagead/attribution/ Redirect Chain
|
80 B 244 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2226538640980012
connect.facebook.net/signals/config/ |
378 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forms-d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3.js
ddazrdkhbg01e.cloudfront.net/assets/ Redirect Chain
|
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7IquIzRk6fTngQ.js
my.freedomsoft.com/forms/public/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 18 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 15 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery object| Colors function| currencyFormat function| module function| uniqueId function| commaize function| numberToCurrency function| constructorName function| stubDate object| image_paths function| image_path function| image_url object| Observations object| Sites function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| _googWcmImpl string| _googWcmAk function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| google_wcc_status object| formHelper5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nationwidecashhouses.com/ | Name: timezone Value: 0 |
|
.nationwidecashhouses.com/ | Name: _ga Value: GA1.1.696075232.1676955852 |
|
.nationwidecashhouses.com/ | Name: _ga_Z0QZ2XK117 Value: GS1.1.1676955852.1.0.1676955852.60.0.0 |
|
.nationwidecashhouses.com/ | Name: _gcl_au Value: 1.1.1553587961.1676955852 |
|
.nationwidecashhouses.com/ | Name: _fbp Value: fb.1.1676955852398.1811764076 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
ddazrdkhbg01e.cloudfront.net
lh3.googleusercontent.com
my.freedomsoft.com
nationwidecashhouses.com
region1.analytics.google.com
s3.amazonaws.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.251.39.2
18.213.230.103
18.66.17.162
2001:4860:4802:34::36
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::2008
2a00:1450:400c:c09::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.205.42.6
52.217.90.94
10656d822ce7bd34ec591c97eb804b7800632484b409a3bdabc396b2c815f854
224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348
24fc5b44b4a3f49d2e94e71862d925019d20ad46fd7cc00a69e05d7fa753850d
373ea3012220f0e236c7c1461eddd07dd145eb2ee2a3c6ae1de5065c93fb0216
87cd5ff3f0e1135c3ab64ed82a8d1e3f9de063b51926da4580dc1d5c8a9bdcfb
8f06c7850d596f8da5ffdc54436c42579e9086fe4e8af3e4b8c92bb82438d416
9e41b73960de30515090bdc722fe4c31ca4e1279b63c6a76464469ef5aef7965
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a475232e9c0204e32e319f26b573b239d6a4226bfd72f2f0de0cbdb60e78bf68
a59a74720f6872a8b345e9355838ea267e5ee2ebf23d341a9d763c119aea60bc
a6316a2ffda44ec958b719175bc22cd8c65c9201baba1405a64f7f0c417ddf96
b5514e6750666c28a09a44075ead189f0c85ffc11ef150b211eb3c1ff265d9c8
b83ee610ced16d8524683700b581c1fa8b57f5770f901044e8874e0d269fef4d
bea31e29c5b2097df7b5ec5805f5e7f938b919ed8ac7812c99b0549512de1a6b
d266ab592f0df6eb5870964e7422e5e9b636665eb82b262144b77d8155f12b93
d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7015f57ab4b2ba2a230e67730709727909bf6bee5bfd8ebdb8a7b53a06788a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc752db8fdab4978a3a60e4c462fa00a30cf248dcd8f8441aae272627cdd6adb
fe7b2f44aaaa360134db7fbb652c0d2a58449dd25a9d442d092fc213d75ca999
fe863574be342b9d0815c1fca8269f3ac2b5bf5692feb228033d7f466d675774
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df