nortansled.com
Open in
urlscan Pro
2a02:4780:b:1000:0:1450:f068:3
Public Scan
Submission: On August 13 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by WR1 on August 10th 2024. Valid for: 3 months.
This is the only time nortansled.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2a02:4780:b:1... 2a02:4780:b:1000:0:1450:f068:3 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
21 | 191.101.13.179 191.101.13.179 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 141.193.213.10 141.193.213.10 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
25 | 4 |
ASN47583 (AS-HOSTINGER, CY)
nortansled.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
nortansled.com
nortansled.com |
3 MB |
1 |
avada.website
avada.website |
572 B |
25 | 2 |
Domain | Requested by | |
---|---|---|
24 | nortansled.com |
nortansled.com
|
1 | avada.website | |
25 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
1.envato.market |
bit.ly |
www.facebook.com |
twitter.com |
www.instagram.com |
www.youtube.com |
avada.com |
wordpress.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nortansled.com WR1 |
2024-08-10 - 2024-11-08 |
3 months | crt.sh |
avada.website E6 |
2024-07-20 - 2024-10-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nortansled.com/
Frame ID: F59815DEB4FA846DF10DEC1BE5C0BA2F
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
Avada HandmadeDetected technologies
Cart Functionality (Ecommerce) ExpandDetected patterns
- <a[^>]*href=[^>]*/Cart
WooCommerce (Ecommerce) Expand
Detected patterns
- /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
WordPress (CMS) Expand
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: Buy Avada today
Search URL Search Domain Scan URL
Title: Buy Avada now
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Avada
Search URL Search Domain Scan URL
Title: Website Builder
Search URL Search Domain Scan URL
Title: WordPress
Search URL Search Domain Scan URL
Title: eCommerce
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nortansled.com/ |
197 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ea47d6ab400c9b41ad347e4a2e78274b.min.css
nortansled.com/wp-content/uploads/fusion-styles/ |
1 MB 273 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
nortansled.com/wp-includes/js/jquery/ |
86 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.blockUI.min.js
nortansled.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
add-to-cart.min.js
nortansled.com/wp-content/plugins/woocommerce/assets/js/frontend/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js.cookie.min.js
nortansled.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ |
2 KB 812 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
woocommerce.min.js
nortansled.com/wp-content/plugins/woocommerce/assets/js/frontend/ |
2 KB 868 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sourcebuster.min.js
nortansled.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
order-attribution.min.js
nortansled.com/wp-content/plugins/woocommerce/assets/js/frontend/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0f0ce5a7bbb972b0515aede2554b4a3d.min.js
nortansled.com/wp-content/uploads/fusion-scripts/ |
637 KB 170 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
145 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
148 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
145 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
142 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
145 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
148 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
145 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
nortansled.com/wp-content/uploads/fusion-gfonts/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
awb-icons.woff
nortansled.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ |
20 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
L0xhDFMnlVwD4h3Lt9JWnbX3jG-2X3LAE1ofEw.woff2
nortansled.com/wp-content/uploads/fusion-gfonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
handmade.ttf
nortansled.com/wp-content/uploads/fusion-icons/handmade-v1.5/fonts/ |
3 KB 2 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero-9.jpg
nortansled.com/wp-content/uploads/2020/11/ |
346 KB 346 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero-10.jpg
nortansled.com/wp-content/uploads/2020/11/ |
344 KB 344 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero-7.jpg
nortansled.com/wp-content/uploads/2020/11/ |
688 KB 689 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
admin-ajax.php
nortansled.com/wp-admin/ |
98 B 123 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
admin-ajax.php
nortansled.com/wp-admin/ |
98 B 325 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.svg
avada.website/handmade/wp-content/uploads/sites/152/2021/05/ |
576 B 572 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
product-46.jpg
nortansled.com/wp-content/uploads/2020/12/ |
244 KB 245 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
banner-4.jpg
nortansled.com/wp-content/uploads/2020/12/ |
180 KB 180 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
product-43.jpg
nortansled.com/wp-content/uploads/2020/12/ |
167 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
product-42.jpg
nortansled.com/wp-content/uploads/2020/12/ |
138 KB 138 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
banner-1.jpg
nortansled.com/wp-content/uploads/2020/11/ |
185 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
143 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| jQuery object| wc_add_to_cart_params object| woocommerce_params object| doc function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| sbjs object| wc_order_attribution object| cssua object| fusionJSVars object| fusion function| Swiper object| fusionLightboxVideoVars object| fusionEqualHeightVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips object| fusionTimeout function| registerYoutubePlayers function| onPlayerReady function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| ytVidId function| insertParam function| fusionYouTubeTimeout function| onYouTubeIframeAPIReady function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| fusionMenuVars function| fusionNavClickExpandBtn function| fusionNavClickExpandSubmenuBtn function| fusionNavMobilePosition function| fusionNavSubmenuDirection function| fusionNavSearchOverlay function| fusionNavCloseFlyoutSub function| fusionNavAltArrowsClass function| fusionNavRunAll function| fusionAdjustNavMobilePosition function| fusionVerticalSubmenuDirection function| awbMegamenuPosition object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionFlexSliderStrToBool object| fusionAnimationsVars function| fusionSetAnimationData object| formCreatorConfig object| awbCarouselVars object| fusionPostCardsVars object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| fusionIsWholeElementInViewport function| initSwiperScrollingSection function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| moveSideHeaderStylingDivs function| fusionSideHeaderScroll function| fusionGetScrollOffset object| avadaWooCommerceVars function| fusionCalcWoocommerceTabsLayout function| reinitAftarAjax function| getVariationsValues function| variationsChange function| variationsImageReset function| initAvadaWoocommerProductGallery function| sizeGalleryThumbnails function| moveProductImageThumbs object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| awbScrollToTarget function| checkHoverTouchState object| fusionVideoVars function| fusionInitStickyColumns object| html5 object| Modernizr function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery object| browserPrefixes function| EventEmitter object| eventie function| imagesLoaded object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances function| onYouTubePlayerAPIReady function| YTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| lazySizes object| awb_oc_timeouts object| awbOffCanvas object| awbAnimationObservers object| fusionForms object| fusionFormLogics function| awbScrollSpy object| Cookies string| responsiveTypeElements number| _fusionWindowHeight number| _fusionWindowWidth object| fusionVimeoPlayers7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nortansled.com/ | Name: sbjs_migrations Value: 1418474375998%3D1 |
|
.nortansled.com/ | Name: sbjs_current_add Value: fd%3D2024-08-13%2005%3A39%3A35%7C%7C%7Cep%3Dhttps%3A%2F%2Fnortansled.com%2F%7C%7C%7Crf%3D%28none%29 |
|
.nortansled.com/ | Name: sbjs_first_add Value: fd%3D2024-08-13%2005%3A39%3A35%7C%7C%7Cep%3Dhttps%3A%2F%2Fnortansled.com%2F%7C%7C%7Crf%3D%28none%29 |
|
.nortansled.com/ | Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29 |
|
.nortansled.com/ | Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29 |
|
.nortansled.com/ | Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F127.0.0.0%20Safari%2F537.36 |
|
.nortansled.com/ | Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fnortansled.com%2F |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avada.website
nortansled.com
141.193.213.10
191.101.13.179
2a02:4780:b:1000:0:1450:f068:3
076e7aad80dc7c169cf8d9e869125202fd60117b0339901875d267bfd298455c
0b2e49baf190ea69227985a1e112a6df2f0155c19e1b056ca91a0e367ef119a2
105ed2e97f4e56441bd8dc2c2f09a65febf3f232aa5f5ba90c27b46a3fe3b2cc
1e2c314ed46055dda7304fecd97d2d4525107f90abf8e8b94eb18d88eb6ecb85
2b943b3056a3943746a5c6b8083025a4967cdd09ddee5aa7e9b4b008f833a6f2
3488addd00898e42b7c86a678ebf3eaa6029d5e9acea8adf43c610f84132ee94
363aa2d4106f0f661a989977347dc0a55b612de18d3c0247cecc0ca725f98270
431b902db2b3d58d2ae1c31ad5561bde2b8bfe7d33b8d8190a41dde02a4808ef
4defb60c583418ef37b0ca2949bad38b6754846f35cbf18a86e9716e18234659
4f0a4e5ff7378b48f06c23a8ff4e52633c828fee56f2495085eeea5c1a7f8aba
67fa0c066d1da8d786b0eb57ac6cfe07fe76cb6319be827cc571c0cb20859443
68deb0686ca202eb3f85390d5cb0400a0715744a70ea67ac96e47ee344c269cb
7834590f8518a96a09b930d88680b17a8466ab15d231ede96cd37a5e3602e291
7ead629b0d494cf42ac12cbf0495aedcf281e34f58a09d4ebe64e2bbb030c752
8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1
8d04ef0e119d5400b6462b9e7327a2bb5036eba3257755f74cee6f75f144a8fb
9cc3c79eb36dbc6a363088647ae155cf7fa592a9267300775fc2020d65543414
a4d077a4e6c6683241b87e8db34ccfde4c12920eb9e2e19c86b0e5101d14183f
ab23b9ef282119268aa2a54f6110b1e7eae41dbb52c360f2677db3dbda4275a8
ac16603a27a7312b36b993df3460b5fd650182856b92d5a94c56532286563566
b5a50adca9d85b2673df88657d77ae2df8c53028e68c959dd92cb5b70a5c2b09
c50a0b33030ba0ec063be642c297f48af94359e2222ff140817248d591faf837
c689efadb6d2747806d2fb3d2e365f6eb549c4f17419c932855b350f4fa2ac94
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb735498913b20cf64623cef86214498cdc6565d49111c72c5caa4d68b5dc66d
cbe421a5b6bafbaca553d466fdcf519307ce6b9b12d40a1cfdbf723604be25a8
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d4261047b9c2f5da740261e6998c580c87e5bdfd5ffacc43ef52c2e3c70dd0b9
d8caff0b43b6b213e9bd9454392e4636ecf0e65e9502d3025c894f7b90e00339
efce607c772c6d9b1cd193f0fc244bc0bf07674611c1b664c020f8287b813329
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6
fb8b4e965ce67168de5b4de20f304c0d94eddfe1a139406655e62bd0e9cb3456