urlscan.io logo urlscan.io
SecurityTrails logo

6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com Open in urlscan Pro
69.2.203.253  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.gregorywarrenconsultinggroup.com/
Effective URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Submission: On April 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 69.2.203.253, located in Houston, United States and belongs to ASN-VINS, US. The main domain is 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 18th 2019. Valid for: 2 years.
This is the only time 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 128.136.151.95 13649 (ASN-VINS)
1 9 69.2.203.253 13649 (ASN-VINS)
6 2600:9000:21f... 16509 (AMAZON-02)
1 205.234.175.175 30081 (CACHENETW...)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.25.195.247 16509 (AMAZON-02)
19 6
1    128.136.151.95 (Evansville, United States)

ASN13649 (ASN-VINS, US)
www.gregorywarrenconsultinggroup.com
9    69.2.203.253 (Houston, United States)

ASN13649 (ASN-VINS, US)
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
6    2600:9000:21f3:4600:6:738b:f940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.userway.org
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
imagescdn.dealercarsearch.com
3    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.25.195.247 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-195-247.us-west-2.compute.amazonaws.com
api.userway.org
Domain Requested by
9 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com 1 redirects 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
6 cdn.userway.org 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
cdn.userway.org
3 www.google-analytics.com 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
1 api.userway.org cdn.userway.org
1 imagescdn.dealercarsearch.com 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
1 www.gregorywarrenconsultinggroup.com 1 redirects
19 6

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.dealercarsearch.com
Subject Issuer Validity Valid
*.dcs-mvc.com
Starfield Secure Certificate Authority - G2		 2019-04-18 -
2021-04-18		 2 years crt.sh
cdn.userway.org
Amazon		 2019-12-16 -
2021-01-16		 a year crt.sh
*.dealercarsearch.com
Starfield Secure Certificate Authority - G2		 2019-06-14 -
2021-07-27		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
api.userway.org
Amazon		 2019-12-30 -
2021-01-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Frame ID: 549C54C6C19C301CC2EE132C20D45EDA
Requests: 19 HTTP requests in this frame

Frame: https://cdn.userway.org/widget/en/ftab.html?color=
Frame ID: 1684C60BFDC010DB20E5E93A06C58AF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.gregorywarrenconsultinggroup.com/ HTTP 307
    http://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/ HTTP 301
    https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

687 kB
Transfer

1503 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.gregorywarrenconsultinggroup.com/ HTTP 307
    http://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/ HTTP 301
    https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Redirect Chain
  • https://www.gregorywarrenconsultinggroup.com/
  • http://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
  • https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
b76ac5b19acf13bab4959f03054d18682c8d348545e551bd4227f17682c26084

Request headers

:method
GET
:authority
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
.AspNetCore.Session=CfDJ8ALvOgag67xPnf%2B4QORkdzaKHYp%2BWNnXLdTsrf8wpE%2Bn64P%2FbAOJ1lquZlorg%2FjMncqQDfbAMPUt4Umqn1rqtWAMx8Rb4zFXt7kjK8E0saj0pLYyIuaAn7Fpn3fRuQvsZXoSFQMwR7bQiZM1IJ3wBXfZqELsSS%2B8JXZCYuBvFdom; BNI_persistence=5RBKnYl7GKOO71Cr4XCtlxsreeuH5BAa-fKyl-cjO--IjW0qeH8amJ6PVV4RlUCfPPLIa2WmdhQKNfxO2UWKJA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Kestrel
machine-name
WEB16
x-powered-by
ASP.NET
date
Tue, 07 Apr 2020 14:43:03 GMT
set-cookie
BNI_persistence=5RBKnYl7GKOO71Cr4XCtlxsreeuH5BAa-fKyl-cjO--IjW0qeH8amJ6PVV4RlUCfPPLIa2WmdhQKNfxO2UWKJA==; Path=/

Redirect headers

Cache-Control
no-cache
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Expires
-1
Location
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Set-Cookie
.AspNetCore.Session=CfDJ8ALvOgag67xPnf%2B4QORkdzaKHYp%2BWNnXLdTsrf8wpE%2Bn64P%2FbAOJ1lquZlorg%2FjMncqQDfbAMPUt4Umqn1rqtWAMx8Rb4zFXt7kjK8E0saj0pLYyIuaAn7Fpn3fRuQvsZXoSFQMwR7bQiZM1IJ3wBXfZqELsSS%2B8JXZCYuBvFdom; path=/; samesite=lax; httponly BNI_persistence=5RBKnYl7GKOO71Cr4XCtlxsreeuH5BAa-fKyl-cjO--IjW0qeH8amJ6PVV4RlUCfPPLIa2WmdhQKNfxO2UWKJA==; Path=/
Machine-Name
WEB16
Date
Tue, 07 Apr 2020 14:43:02 GMT
widget.js
cdn.userway.org/ 		451 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4600:6:738b:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32b2bac39f7f9efb30ef941660042be66877e8e82239b02cb6fbb4fd5e32791e

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:30:10 GMT
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified
Fri, 03 Apr 2020 14:01:57 GMT
server
AmazonS3
age
811
etag
"26b1a6d1cc621f9be1c81ef3773ea1a9"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=900, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
451
x-amz-cf-id
BkC8Hc-cOe9uBXz5DTjCjy_7s_tHbpX5UFMsL2Ur4lCUJUYz8JSliA==
28013.min.css
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/dealers/19001_20000/19005/ 		338 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/dealers/19001_20000/19005/28013.min.css?v=oE8xV3hx7PxwV1lKBvHijGIuwjHO_z_DEWvi7p_jQq8
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
a04f31577871ecfc7057594a06f1e28c622ec231ceff3fc3116be2ee9fe342af

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 07 Apr 2020 14:43:03 GMT
content-encoding
gzip
etag
"1d60ce47ccbd2c8"
last-modified
Tue, 07 Apr 2020 13:57:34 GMT
server
Kestrel
x-powered-by
ASP.NET
machine-name
WEB16
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public,max-age=31536000
accept-ranges
bytes
logo.png
imagescdn.dealercarsearch.com/dealerimages/19005/28013/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagescdn.dealercarsearch.com/dealerimages/19005/28013/logo.png
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c418a0e72216d656dd02195449f355adba8cdeab1beb5432211ff0f0c10c499d

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:43:04 GMT
x-cf3
M
cf4ttl
604800.000
x-cf1
28911:fC.fra2:co:1586268283:cacheN.fra2-01:M
status
200
x-app-server
c5014-oslb005/cloudian_s3/c5014-osdn002
content-length
40447
x-cf-tsc
1586270574
x-cf2
H
last-modified
Tue, 07 Apr 2020 14:04:43 GMT
server
CFS 0215
x-cff
B
etag
"ea61685f36380c63efeef03ccad0ad61"
x-amz-request-id
2a46a014-7d6e-18a5-8457-e4434b4c8514
cache-control
max-age=2592000
cf4age
0
accept-ranges
bytes
content-type
image/png
x-cf-rand
0.028
expires
Thu, 07 May 2020 14:43:04 GMT
s56r_flt_btn_1.jpg
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/images/styles/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/images/styles/s56r_flt_btn_1.jpg
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
13a60a9ffd9ef2fb11e629b10d1feaf685a2f91c63ee7a8c4a60ec8abc1abe84

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:43:03 GMT
etag
"1d56fd0fdd88277"
last-modified
Fri, 20 Sep 2019 16:32:28 GMT
server
Kestrel
x-powered-by
ASP.NET
machine-name
WEB16
content-type
image/jpeg
status
200
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
62583
s56r_flt_btn_2.jpg
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/images/styles/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/images/styles/s56r_flt_btn_2.jpg
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
615a8a0320511e0400c0f1bdf9b56c022a45ea71345d52f5a692c48bf8d81a17

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:43:03 GMT
etag
"1d56fd0fdd96572"
last-modified
Fri, 20 Sep 2019 16:32:28 GMT
server
Kestrel
x-powered-by
ASP.NET
machine-name
WEB16
content-type
image/jpeg
status
200
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
70514
s56r_flt_btn_3.jpg
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/images/styles/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/images/styles/s56r_flt_btn_3.jpg
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
9f72175fd0394cf50c6f3925cc0a73152a86bcd8e9a8741166bd1ececc8c8dc8

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:43:03 GMT
etag
"1d56fd0fdd8be7b"
last-modified
Fri, 20 Sep 2019 16:32:28 GMT
server
Kestrel
x-powered-by
ASP.NET
machine-name
WEB16
content-type
image/jpeg
status
200
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
51323
logo.png
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/Dealers/19001_110000/19005/images/ 		267 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/Dealers/19001_110000/19005/images/logo.png
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:43:03 GMT
content-encoding
gzip
server
Kestrel
x-powered-by
ASP.NET
machine-name
WEB16
vary
Accept-Encoding
content-type
text/html; charset=utf-8
status
200
cache-control
public,max-age=0,must-revalidate
28013.min.js
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/dealers/19001_20000/19005/ 		664 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/dealers/19001_20000/19005/28013.min.js?v=AdbfXinek7iBMr3J_yEcuFe2dKzQ84xQTCmoZ76y-zk
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
01d6df5e29de93b88132bdc9ff211cb857b674acd0f38c504c29a867beb2fb39

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:43:03 GMT
content-encoding
gzip
etag
"1d60cde2feda6ec"
last-modified
Tue, 07 Apr 2020 13:12:28 GMT
server
Kestrel
x-powered-by
ASP.NET
machine-name
WEB16
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public,max-age=31536000
accept-ranges
bytes
widget_app_1585921921960.js
cdn.userway.org/widgetapp/2020-04-03/ 		149 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2020-04-03/widget_app_1585921921960.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4600:6:738b:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
177e62263e5aeed7f8cfb46fe136323a11689684334bd3b9531d459c0fd6a649

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 18:28:21 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 14:01:54 GMT
server
AmazonS3
age
332084
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
osaMZ0XMWu-SiLnNBZIRITZHf3ycMOlB9BK90Ow-A7EilawVVGlCMw==
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
572
date
Tue, 07 Apr 2020 14:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 07 Apr 2020 16:33:32 GMT
truncated
/ 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f17069caa33d0f60e8b26de439c858614a72bf318e64e4d5ff531b56aeb091af

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-brands-400.woff2
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/scss/font-awesome/webfonts/ 		70 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/scss/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.2.203.253 Houston, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/dealers/19001_20000/19005/28013.min.css?v=oE8xV3hx7PxwV1lKBvHijGIuwjHO_z_DEWvi7p_jQq8
Origin
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:43:03 GMT
content-encoding
gzip
etag
"1d4ef304c69f2b0"
last-modified
Tue, 09 Apr 2019 23:59:42 GMT
server
Kestrel
x-powered-by
ASP.NET
machine-name
WEB16
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1437985545&t=pageview&_s=1&dl=https%3A%2F%2F6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com%2F&ul=en-us&de=UTF-8&dt=Used%20Cars%20Mesa%20AZ%20%7C%20Used%20Cars%20%26%20Trucks%20AZ%20%7C%20Warren%20Automotive%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEAB~&jid=644811137&gjid=57159393&cid=1849002330.1586270584&tid=UA-161925862-1&_gid=1061283862.1586270584&_r=1&z=92138843
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:43:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1437985545&t=pageview&_s=1&dl=https%3A%2F%2F6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com%2F&ul=en-us&de=UTF-8&dt=Used%20Cars%20Mesa%20AZ%20%7C%20Used%20Cars%20%26%20Trucks%20AZ%20%7C%20Warren%20Automotive%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEAB~&jid=830181417&gjid=2009527947&cid=1849002330.1586270584&tid=UA-34719373-1&_gid=1061283862.1586270584&_r=1&z=1237841651
Requested by
Host: 6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
URL: https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:43:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
RKc9SJg9ce
api.userway.org/api/tunings/ 		486 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/RKc9SJg9ce
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2020-04-03/widget_app_1585921921960.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.195.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-195-247.us-west-2.compute.amazonaws.com
Software
_ / Express
Resource Hash
0f3323919e5dc8d0ed384dd9bbe5470c4881247ea7c2fffad45eb796184006df

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
Origin
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Apr 2020 14:43:04 GMT
content-encoding
gzip
etag
W/"1e6-1y2zCkwXDHMB0YsLj/32BJ1Y8EY"
server
_
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
expires
Tue, 07 Apr 2020 14:43:04 GMT
ftab.html
cdn.userway.org/widget/en/ Frame 1684 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget/en/ftab.html?color=
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2020-04-03/widget_app_1585921921960.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4600:6:738b:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.userway.org
:scheme
https
:path
/widget/en/ftab.html?color=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/

Response headers

status
200
content-type
text/html
last-modified
Wed, 12 Feb 2020 11:09:25 GMT
server
AmazonS3
content-encoding
gzip
date
Tue, 07 Apr 2020 13:51:48 GMT
cache-control
max-age=3600, public
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hW_EF_8wDfd7w5En6-v9m7Hs8aovSn9C9KUD8esnjBrUFHNrVSdWxQ==
age
3078
wheel_right_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/wheel_right_wh.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4600:6:738b:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb42a2d2c73e5cea53af5c0c8b841ae5c2a7e649ef2b2a97e83c0754e1cbb882

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 18:28:23 GMT
content-encoding
gzip
last-modified
Wed, 29 Jan 2020 23:27:31 GMT
server
AmazonS3
age
332083
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
47aT-xwsWXXsR1xXGpfdM4zYrO2_YwgouEboYkyAwbS4kjP-tDSWzg==
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4600:6:738b:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 18:28:21 GMT
content-encoding
gzip
last-modified
Wed, 29 Jan 2020 23:27:31 GMT
server
AmazonS3
age
332085
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7mHLDEtBRQYJFefQYiV4LI6JsVNsmSQCIgw7JN61agE9XqOqrWCiQA==
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
check_on.svg
cdn.userway.org/widgetapp/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/check_on.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4600:6:738b:f940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3cd29395c595b3ec5d5b775b07523746af83cf064c96e25093095aba271d4dbe

Request headers

Referer
https://6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 18:28:21 GMT
content-encoding
gzip
last-modified
Wed, 29 Jan 2020 23:27:31 GMT
server
AmazonS3
age
332085
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
f6Nb6yTdaMXq2sGPmXS483AxzdJsnPWWsiPMIc-G27kxs15kKgLtbA==
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _userway_config string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _typeof object| UserWayWidgetApp boolean| _userway function| lodashvar function| redirect function| ajaxFailure function| defaultRangeValidator string| inventoryModuleSearchError function| fourPillarSetValue function| updateResults function| applyFiltersApi function| changePage function| closeFilters function| changePageSize function| changePageSortBy function| ModalSmsTextForm_UpdateVehicleId function| removeAll function| removeRangeFilter function| removeFiltersByName function| removeFilterByNameAndValue function| checkboxCheckedChanged function| inventoryModuleFormSuccess function| inventoryModuleFormFailure function| loadJSControls function| loadRangeSliders function| loadMultiSelects function| openWindow function| scrollToPlace function| scrollToTab function| handleDefaultPhotoContainer function| getUrlQueryParams function| toggleIsBuyerVisible function| loadCarousel function| loadLoanCalcSpotlightCarousel function| reloadCarousel function| numberOnly function| numberOrDecimalPointOnly function| updateSpotlight function| calculateLoanAndUpdateSpotlight function| updateMessage function| calculateLoan function| beginResponsiveBlogAjax function| ajaxResponsiveBlogSuccess function| ajaxResponsiveBlogFailure function| couponShowPrint function| beginAjax function| ajaxSuccess function| buyNowWizardNext function| buyNowGetFloat function| buyNowGetInt function| buyNowGetCurrency function| startMyDealCalculate function| $ function| jQuery function| Popper object| bootstrap function| _ function| reframe function| Cookies object| lazySizesConfig object| lazySizes object| UserWay

5 Cookies

Domain/Path Name / Value
.dcs-mvc.com/ Name: _gat_DCS
Value: 1
.dcs-mvc.com/ Name: _gid
Value: GA1.2.1061283862.1586270584
.dcs-mvc.com/ Name: _ga
Value: GA1.2.1849002330.1586270584
.dcs-mvc.com/ Name: _gat_Dealer
Value: 1
6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com/ Name: BNI_persistence
Value: 5RBKnYl7GKOO71Cr4XCtlxsreeuH5BAa-fKyl-cjO--IjW0qeH8amJ6PVV4RlUCfPPLIa2WmdhQKNfxO2UWKJA==

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.userway.org/widgetapp/2020-04-03/widget_app_1585921921960.js(Line 5)
Message:
ScreenReader voice lang:en-US

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6fbe67c0-c02c-4c13-ae91-78af1c9010cc.dcs-mvc.com
api.userway.org
cdn.userway.org
imagescdn.dealercarsearch.com
www.google-analytics.com
www.gregorywarrenconsultinggroup.com
128.136.151.95
205.234.175.175
2600:9000:21f3:4600:6:738b:f940:93a1
2a00:1450:4001:81c::200e
52.25.195.247
69.2.203.253
01d6df5e29de93b88132bdc9ff211cb857b674acd0f38c504c29a867beb2fb39
0f3323919e5dc8d0ed384dd9bbe5470c4881247ea7c2fffad45eb796184006df
13a60a9ffd9ef2fb11e629b10d1feaf685a2f91c63ee7a8c4a60ec8abc1abe84
177e62263e5aeed7f8cfb46fe136323a11689684334bd3b9531d459c0fd6a649
32b2bac39f7f9efb30ef941660042be66877e8e82239b02cb6fbb4fd5e32791e
3cd29395c595b3ec5d5b775b07523746af83cf064c96e25093095aba271d4dbe
615a8a0320511e0400c0f1bdf9b56c022a45ea71345d52f5a692c48bf8d81a17
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9f72175fd0394cf50c6f3925cc0a73152a86bcd8e9a8741166bd1ececc8c8dc8
a04f31577871ecfc7057594a06f1e28c622ec231ceff3fc3116be2ee9fe342af
b76ac5b19acf13bab4959f03054d18682c8d348545e551bd4227f17682c26084
bb42a2d2c73e5cea53af5c0c8b841ae5c2a7e649ef2b2a97e83c0754e1cbb882
c418a0e72216d656dd02195449f355adba8cdeab1beb5432211ff0f0c10c499d
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f17069caa33d0f60e8b26de439c858614a72bf318e64e4d5ff531b56aeb091af