mrsjenkinsclass.com
Open in
urlscan Pro
67.225.188.222
Malicious Activity!
Public Scan
URL:
https://mrsjenkinsclass.com/wp-includes/images/xtra/
Submission: On April 06 via api from CA
Submission: On April 06 via api from CA
Summary
This website contacted 27 IPs
in 6 countries
across 21 domains to perform 87 HTTP transactions.
The main IP is 67.225.188.222, located in
Lansing, United States and
belongs to LIQUIDWEB, US.
The main domain is mrsjenkinsclass.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 7th 2020. Valid for: 3 months.
This is the only time mrsjenkinsclass.com was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on March 7th 2020. Valid for: 3 months.
This is the only time mrsjenkinsclass.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spark (Telecommunication)Domain & IP information
8
67.225.188.222
(Lansing, United States)
ASN32244 (LIQUIDWEB, US)
PTR: host1.wdbhst.com
ASN32244 (LIQUIDWEB, US)
PTR: host1.wdbhst.com
| mrsjenkinsclass.com |
32
146.171.248.36
(Auckland, New Zealand)
ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ)
ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ)
| www.spark.co.nz |
1
13.224.196.43
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-43.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-43.fra2.r.cloudfront.net
| d2oh4tlt9mrke9.cloudfront.net |
1
2a00:1450:4001:81d::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
2a00:1450:4001:81c::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
172.217.18.166
(United States)
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net
| ad.doubleclick.net |
1
54.152.53.96
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-53-96.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-53-96.compute-1.amazonaws.com
| ws.sessioncam.com |
1
2a00:1450:4001:815::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
3
216.58.210.2
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net
| googleads4.g.doubleclick.net | |
| www.googleadservices.com |
2
13.224.196.170
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-170.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-170.fra2.r.cloudfront.net
| d3f5l8ze0o4j2m.cloudfront.net |
2
13.225.73.80
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-80.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-80.fra2.r.cloudfront.net
| www.staticcdn.co.nz |
1
54.76.87.20
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-87-20.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-87-20.eu-west-1.compute.amazonaws.com
| 4c60a0a94672.o3n.io |
2
172.217.22.6
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net
| 8015196.fls.doubleclick.net |
1
205.185.216.42
(Phoenix, United States)
ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
| servedby.flashtalking.com |
2
2a00:1450:4001:816::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
13.54.252.238
(Sydney, Australia)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-252-238.ap-southeast-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-252-238.ap-southeast-2.compute.amazonaws.com
| spark-live.inside-graph.com |
| Domain | Requested by | |
|---|---|---|
| 32 | www.spark.co.nz |
mrsjenkinsclass.com
|
| 8 | www.google.com |
5 redirects
www.spark.co.nz
|
| 8 | mrsjenkinsclass.com |
www.spark.co.nz
|
| 6 | www.google.de |
mrsjenkinsclass.com
|
| 4 | stats.g.doubleclick.net | 4 redirects |
| 4 | www.google-analytics.com |
2 redirects
www.googletagmanager.com
mrsjenkinsclass.com |
| 3 | www.facebook.com | 2 redirects |
| 2 | googleads.g.doubleclick.net |
1 redirects
www.spark.co.nz
|
| 2 | uipus.semasio.net | 1 redirects |
| 2 | connect.facebook.net |
mrsjenkinsclass.com
connect.facebook.net |
| 2 | www.googleadservices.com |
www.googletagmanager.com
www.spark.co.nz |
| 2 | 8015196.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
| 2 | www.staticcdn.co.nz |
mrsjenkinsclass.com
|
| 2 | d3f5l8ze0o4j2m.cloudfront.net | 2 redirects |
| 2 | spark-track.inside-graph.com |
mrsjenkinsclass.com
spark-track.inside-graph.com |
| 1 | spark-live.inside-graph.com |
www.spark.co.nz
|
| 1 | cx.atdmt.com | |
| 1 | ampcid.google.de |
www.spark.co.nz
|
| 1 | servedby.flashtalking.com |
www.spark.co.nz
|
| 1 | ampcid.google.com |
www.spark.co.nz
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | 4c60a0a94672.o3n.io |
mrsjenkinsclass.com
|
| 1 | googleads4.g.doubleclick.net |
ad.doubleclick.net
|
| 1 | www.googletagservices.com |
ad.doubleclick.net
|
| 1 | ws.sessioncam.com |
www.spark.co.nz
|
| 1 | ad.doubleclick.net |
www.googletagmanager.com
|
| 1 | script.crazyegg.com |
www.googletagmanager.com
|
| 1 | www.googletagmanager.com |
mrsjenkinsclass.com
|
| 1 | d2oh4tlt9mrke9.cloudfront.net |
www.spark.co.nz
|
| 87 | 29 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.sparkdigital.co.nz |
| www.spark.co.nz |
| www.sparknz.co.nz |
| www.sparklab.co.nz |
| play.google.com |
| itunes.apple.com |
| www.facebook.com |
| twitter.com |
| www.youtube.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| mrsjenkinsclass.com Let's Encrypt Authority X3 |
2020-03-07 - 2020-06-05 |
3 months | crt.sh |
| www.spark.co.nz Entrust Certification Authority - L1K |
2019-06-27 - 2020-07-13 |
a year | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-01-28 - 2020-08-05 |
6 months | crt.sh |
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-11-14 - 2020-10-09 |
a year | crt.sh |
| *.doubleclick.net GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| www.google.de GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| ws.sessioncam.com Amazon |
2019-05-14 - 2020-06-14 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| www.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| staticcdn.co.nz Amazon |
2020-01-27 - 2021-02-27 |
a year | crt.sh |
| *.o3n.io Gandi Standard SSL CA 2 |
2019-07-02 - 2021-07-02 |
2 years | crt.sh |
| *.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| servedby.flashtalking.com DigiCert SHA2 Secure Server CA |
2019-02-08 - 2021-02-11 |
2 years | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
| *.semasio.net RapidSSL RSA CA 2018 |
2019-10-01 - 2020-11-29 |
a year | crt.sh |
| *.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2020-06-03 |
3 months | crt.sh |
| *.inside-graph.com RapidSSL RSA CA 2018 |
2019-11-07 - 2021-01-05 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://mrsjenkinsclass.com/wp-includes/images/xtra/
Frame ID: 775679177C8062B95154C832ECCF0ECC
Requests: 85 HTTP requests in this frame
Frame:
https://8015196.fls.doubleclick.net/activityi;dc_pre=COz-iIeO0-gCFUjzdwodB3sKEw;src=8015196;type=sitew0;cat=1spar0;ord=3016594648293;gtm=2wg3p1;auiddc=461506126.1586152371;u1=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F;u2=;u10=1714073732.1586152371;u11=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855;u15=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F;~oref=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F
Frame ID: 345AA3F41442A4F76104C758BEC25159
Requests: 1 HTTP requests in this frame
Frame:
https://servedby.flashtalking.com/container/7487;52295;5663;iframe/?U1=undefined&U2=undefined&U3=undefined&U5=undefined&U10=false&ft_referrer=https%3A//mrsjenkinsclass.com/wp-includes/images/xtra/&ns=&cb=165997.1813114307
Frame ID: 27A487279C5F79D160502BCF04E59C9E
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Sign In | MySpark | Spark NZDetected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc.clientlibs\//i
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc.clientlibs\//i
ZURB Foundation
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+foundation[^>"]+css/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Crazy Egg
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
URL: http://www.sparkdigital.co.nz/
Title: Medium and Enterprise Business
Title: Medium and Enterprise Business
Search URL Search Domain Scan URL
URL: https://www.spark.co.nz/5g/
Title: Spark 5G Lab
Title: Spark 5G Lab
Search URL Search Domain Scan URL
URL: http://www.sparknz.co.nz/
Title: Spark New Zealand
Title: Spark New Zealand
Search URL Search Domain Scan URL
URL: https://www.sparknz.co.nz/what-matters/foundation/
Title: Spark Foundation
Title: Spark Foundation
Search URL Search Domain Scan URL
URL: https://www.sparklab.co.nz/
Title: Spark Lab
Title: Spark Lab
Search URL Search Domain Scan URL
URL: https://www.spark.co.nz/rest/v1/access/logout
Title: Sign out
Title: Sign out
Search URL Search Domain Scan URL
URL: https://www.spark.co.nz/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.spark.co.nz/search
Title:
Title:
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=nz.co.telecom.smartphone.android
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/nz/app/spark-nz/id703229756
Search URL Search Domain Scan URL
URL: https://www.facebook.com/spark4nz
Search URL Search Domain Scan URL
URL: https://twitter.com/sparknz
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/sparknewzealand
Search URL Search Domain Scan URL
URL: https://www.sparkdigital.co.nz/
Title: Spark Digital
Title: Spark Digital
Search URL Search Domain Scan URL
URL: https://www.sparknz.co.nz/
Title: Spark New Zealand
Title: Spark New Zealand
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 46- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-48213762-2&cid=1714073732.1586152371&jid=188369813&gjid=803497868&_gid=795759086.1586152371&_u=YGBAgEAB~&z=576609037 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1714073732.1586152371&jid=188369813&_v=j81&z=576609037 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1714073732.1586152371&jid=188369813&_v=j81&z=576609037&slf_rd=1&random=160536219
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1656445527&t=pageview&_s=1&dl=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20MySpark%20%7C%20Spark%20NZ&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDACEABB~&jid=1635173337&gjid=1059204088&cid=1714073732.1586152371&tid=UA-48213762-11&_gid=795759086.1586152371&_r=1>m=2wg3p1WT5NVL&cd1=%2Fwp-includes%2Fimages%2Fxtra%2F&cd3=%2Fcontent%2Ftelecomcms%2Fpersonal%2Fmyspark%2Flogin&cd4=2018-06-07T13%3A52%3A08Z&cd5=myspark&cd6=&cd7=&cd8=&z=78192907 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48213762-11&cid=1714073732.1586152371&jid=1635173337&_gid=795759086.1586152371&gjid=1059204088&_v=j81&z=78192907 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1714073732.1586152371&jid=1635173337&_v=j81&z=78192907 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1714073732.1586152371&jid=1635173337&_v=j81&z=78192907&slf_rd=1&random=1324114583
- https://d3f5l8ze0o4j2m.cloudfront.net/m87/k33spt.js?_=1586152371863 HTTP 301
- https://www.staticcdn.co.nz/m87/k33spt.js
- https://d3f5l8ze0o4j2m.cloudfront.net/m87/close.png HTTP 301
- https://www.staticcdn.co.nz/m87/close.png
- https://8015196.fls.doubleclick.net/activityi;src=8015196;type=sitew0;cat=1spar0;ord=3016594648293;gtm=2wg3p1;auiddc=461506126.1586152371;u1=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F;u2=;u10=1714073732.1586152371;u11=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855;u15=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F;~oref=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F HTTP 302
- https://8015196.fls.doubleclick.net/activityi;dc_pre=COz-iIeO0-gCFUjzdwodB3sKEw;src=8015196;type=sitew0;cat=1spar0;ord=3016594648293;gtm=2wg3p1;auiddc=461506126.1586152371;u1=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F;u2=;u10=1714073732.1586152371;u11=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855;u15=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F;~oref=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F
- https://uipus.semasio.net/phdnz/1/info?_ignore=42008984583432920&sType=track&nTrackingPointId=24607&_sdv&_referrer=https%3A//mrsjenkinsclass.com/wp-includes/images/xtra/ HTTP 302
- https://uipus.semasio.net/phdnz/1/info2?_ignore=42008984583432920&sType=track&nTrackingPointId=24607&_sdv&_referrer=https%3A//mrsjenkinsclass.com/wp-includes/images/xtra/
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1656445527&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20MySpark%20%7C%20Spark%20NZ&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Track%20Client%20ID&ea=Read%20from%20Cookie&el=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&_u=aHDACEABBAQC~&jid=1080888015&gjid=568451027&cid=793738288.1586152375&tid=UA-48213762-2&_gid=148301794.1586152375&_r=1>m=2wg3p1WT5NVL&cd4=New%20customer&cd9=&cd11=&cd12=1714073732.1586152371&z=1185107292 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48213762-2&cid=793738288.1586152375&jid=1080888015&_gid=148301794.1586152375&gjid=568451027&_v=j81&z=1185107292 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=793738288.1586152375&jid=1080888015&_v=j81&z=1185107292 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=793738288.1586152375&jid=1080888015&_v=j81&z=1185107292&slf_rd=1&random=1924172121
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-48213762-2&cid=793738288.1586152375&jid=1080888015&gjid=568451027&_gid=148301794.1586152375&_u=aHDACEABBAQC~&z=713853078 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=793738288.1586152375&jid=1080888015&_v=j81&z=713853078 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=793738288.1586152375&jid=1080888015&_v=j81&z=713853078&slf_rd=1&random=1225324530
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971021318/?random=724771973&cv=9&fst=*&num=1&value=0&label=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg3p1&sendb=1&ig=1&frm=0&url=https://mrsjenkinsclass.com/wp-includes/images/xtra/&tiba=Sign%20In%20%7C%20MySpark%20%7C%20Spark%20NZ&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=t8OKXsrvC5mT3gO_yIGYBA&sscte=1&crd=>d=&eitems=ChAI8IOm9AUQzt3w54fpiY5OEh0A6Ke0WAY0PS-PmECt4yHlrJ1A2NX0dPOKYQ6bug HTTP 302
- https://www.google.com/pagead/1p-conversion/971021318/?random=724771973&cv=9&fst=*&num=1&value=0&label=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg3p1&sendb=1&ig=1&frm=0&url=https://mrsjenkinsclass.com/wp-includes/images/xtra/&tiba=Sign%20In%20%7C%20MySpark%20%7C%20Spark%20NZ&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=t8OKXsrvC5mT3gO_yIGYBA&cid=CAQSKQCNIrLMfvlZX81aMCvdf_ZV4Us1p0kgcCkEsGZxxQULsnh4yGcg-Lqd&eitems=ChAI8IOm9AUQzt3w54fpiY5OEh0A6Ke0WIUQt8ck6L9kRBqR9m7DVbATkFX9UNuu8A&random=3350282990&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-conversion/971021318/?random=724771973&cv=9&fst=*&num=1&value=0&label=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg3p1&sendb=1&ig=1&frm=0&url=https://mrsjenkinsclass.com/wp-includes/images/xtra/&tiba=Sign%20In%20%7C%20MySpark%20%7C%20Spark%20NZ&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=t8OKXsrvC5mT3gO_yIGYBA&cid=CAQSKQCNIrLMfvlZX81aMCvdf_ZV4Us1p0kgcCkEsGZxxQULsnh4yGcg-Lqd&eitems=ChAI8IOm9AUQzt3w54fpiY5OEh0A6Ke0WIUQt8ck6L9kRBqR9m7DVbATkFX9UNuu8A&random=3350282990&resp=GooglemKTybQhCsO&ipr=y
- https://www.facebook.com/tr/?id=134249707157074&ev=PageView&dl=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&rl=&if=false&ts=1586152375347&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&it=1586152375166&coo=false&rqm=GET HTTP 302
- https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&ec=0&ev=PageView&id=134249707157074&if=false&it=1586152375166&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1586152375347&v=2.9.15
- https://www.facebook.com/tr/?id=134249707157074&ev=Microdata&dl=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2Fxtra%2F&rl=&if=false&ts=1586152375852&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20In%20%7C%20MySpark%20%7C%20Spark%20NZ%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.spark.co.nz%2Fcontent%2Fdam%2Ftelecomcms%2Fcontent-images%2Fshare%2Fog-myspark.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&it=1586152375166&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
- https://cx.atdmt.com/?c=4745582824192490864&f=AYza6nPXRYL71ICOi7vp5Tb300fYdCe_DJGVxqWC5We6AILtKRzN8ydA7P2WeXDDXWultZhuDYU61YQOWYJZ69TX&id=134249707157074&l=3&v=0
87 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
mrsjenkinsclass.com/wp-includes/images/xtra/ |
99 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
www.spark.co.nz/etc.clientlibs/foundation/clientlibs/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.spark.co.nz/etc.clientlibs/clientlibs/granite/ |
288 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utils.js
www.spark.co.nz/etc.clientlibs/clientlibs/granite/ |
47 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
granite.js
www.spark.co.nz/etc.clientlibs/clientlibs/granite/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.spark.co.nz/etc.clientlibs/foundation/clientlibs/ |
471 B 925 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shared.js
www.spark.co.nz/etc.clientlibs/foundation/clientlibs/ |
98 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
www.spark.co.nz/etc.clientlibs/foundation/clientlibs/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-all.css
www.spark.co.nz/etc/designs/onespark/ |
800 KB 105 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-all.css
www.spark.co.nz/etc/designs/sparklabs/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-sparkv2.css
www.spark.co.nz/etc/designs/onespark/ |
111 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ |
421 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shopping-disabled.svg
www.spark.co.nz/content/dam/telecomcms/responsive/icons-svg/ |
962 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shopping.svg
www.spark.co.nz/content/dam/telecomcms/responsive/icons-svg/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
purple.svg
www.spark.co.nz/content/dam/sparkdigital/images/logo/ |
34 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Netflix_Menu.jpg
www.spark.co.nz/content/dam/telecomcms/content-images/personalisation/vas/netflix/our-planet/ |
190 KB 191 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lightbox-getmore-201711-270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Spotify_Menu.jpg
www.spark.co.nz/content/dam/telecomcms/content-images/personalisation/vas/spotify/ |
91 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rugby-ready-menu.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/RWC/ |
125 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
template-background.css
www.spark.co.nz/content/dam/telecomcms/css/help/ |
125 B 677 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Facebook-F-blue.svg
www.spark.co.nz/content/dam/telecomcms/spark-identity/images/ |
761 B 980 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Google-G.png
www.spark.co.nz/content/dam/telecomcms/spark-identity/images/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spark-app-20170316-1146.css
www.spark.co.nz/content/dam/telecomcms/responsive/css/myspark/mymobile/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spark-app-20170316-1146.js
www.spark.co.nz/content/dam/telecomcms/responsive/js/myspark/mymobile/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
google-play.png
www.spark.co.nz/content/dam/telecomcms/responsive/images/myspark/spark-app/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app-store.svg
www.spark.co.nz/content/dam/telecomcms/responsive/images/myspark/spark-app/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
myspark-identity-bg.jpg
www.spark.co.nz/content/dam/telecomcms/spark-identity/images/ |
957 KB 957 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shielded.png
www.spark.co.nz/content/dam/onespark/icon-images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modern.js
www.spark.co.nz/etc.clientlibs/clientlibs/granite/lodash/ |
224 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-all.js
www.spark.co.nz/etc/designs/onespark/ |
1 MB 365 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-all.js
www.spark.co.nz/etc/designs/sparklabs/ |
2 KB 968 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clientlib-sparkv2.js
www.spark.co.nz/etc/designs/onespark/ |
72 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
token.json
mrsjenkinsclass.com/libs/granite/csrf/ |
62 KB 62 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mbox-contents-de1b4d06fbe09f4993942f6b4da51a3f2f53a2c9.js
mrsjenkinsclass.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-59c20c0664746d517100c2e7.js
mrsjenkinsclass.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sessioncam.recorder.js
d2oh4tlt9mrke9.cloudfront.net/Record/js/ |
257 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
366 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
f26faddb-86cc-4477-a253-1e1287684336.woff
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
spark-icon-family.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
checkradio.png
www.spark.co.nz/apps/sparkdigital/components/content/content/dam/telecomcms/images/sprite/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6377.js
script.crazyegg.com/pages/scripts/0046/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
include.js
spark-track.inside-graph.com/gtm/IN-1000260/ |
34 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
B20295767.205245490;sz=1x2;ord=1772482772;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/adj/N700316.197812NSO.CODESRV/ |
22 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.aspx
ws.sessioncam.com/Record/ |
14 B 409 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ |
95 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
view
googleads4.g.doubleclick.net/pcs/ |
0 719 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
674 B 543 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dil-contents-55e57c2ad764d9c482f4c3a29190cdaf9cf5b715.js
mrsjenkinsclass.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s-code-contents-f6fa8cd17baf6aa7489d584dc9710bff2a2f442d.js
mrsjenkinsclass.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
728 B 543 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
k33spt.js
www.staticcdn.co.nz/m87/ Redirect Chain
|
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
minicart
mrsjenkinsclass.com/bin/tnz/public/shop/checkout/ |
62 KB 63 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.gif
4c60a0a94672.o3n.io/files/kylecko9g8or588jlvuaao9tb/ |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/ |
259 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close.png
www.staticcdn.co.nz/m87/ Redirect Chain
|
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
a0f4c2f9-8a42-4786-ad00-fce42b57b148.ttf
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
spark-icon-family.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
890bd988-5306-43ff-bd4b-922bc5ebdeb4.ttf
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
spark-icon-family.woff
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/sd-iconfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
spark-icon-family.ttf
www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/sd-iconfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-5aa83e3d64746d01bc003d09.js
mrsjenkinsclass.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 552 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=COz-iIeO0-gCFUjzdwodB3sKEw;src=8015196;type=sitew0;cat=1spar0;ord=3016594648293;gtm=2wg3p1;auiddc=461506126.1586152371;u1=https%3A%2F%2Fmrsjenkinsclass.com%2Fwp-includes%2Fimages%2...
8015196.fls.doubleclick.net/ Frame 345A Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
27 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
servedby.flashtalking.com/container/7487;52295;5663;iframe/ Frame 27A4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info2
uipus.semasio.net/phdnz/1/ Redirect Chain
|
42 B 604 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
134249707157074
connect.facebook.net/signals/config/ |
413 KB 104 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 481 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.googleadservices.com/pagead/conversion/971021318/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/979185687/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/979185687/ |
42 B 122 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/979185687/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-conversion/971021318/ Redirect Chain
|
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ Redirect Chain
|
44 B 124 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
42 B 431 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ig.js
spark-track.inside-graph.com/ |
443 KB 123 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gettracker
spark-live.inside-graph.com/ |
4 B 229 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/f26faddb-86cc-4477-a253-1e1287684336.woff
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/spark-icon-family.woff
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/a0f4c2f9-8a42-4786-ad00-fce42b57b148.ttf
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/spark-icon-family.ttf
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/Avenir/890bd988-5306-43ff-bd4b-922bc5ebdeb4.ttf
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/sd-iconfonts/spark-icon-family.woff
- Domain
- www.spark.co.nz
- URL
- https://www.spark.co.nz/etc/designs/onespark/clientlib-site/fonts/sd-iconfonts/spark-icon-family.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spark (Telecommunication)291 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| CQ function| $ function| jQuery object| matched object| browser object| Granite object| _g function| $CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH function| cq5forms_isArray function| cq5forms_isNodeList function| cq5forms_showMsg function| cq5forms_isEmpty function| cq5forms_regcheck function| cq5forms_multiResourceChange function| picturefill object| jQuery112403165794334786831 object| digitalData object| date number| clientHourOfDay object| pageVisitJson number| systemHourOfDay number| diffHourOfDay object| days string| isWeekend function| emptyDiv function| page function| e object| adobe function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| scRec object| dataLayer string| theme function| emailPage string| usernameBlankMessage string| passwordBlankMessage string| usernameAndPasswordBlankMessage function| emailThisPage function| _ object| google_tag_manager function| postscribe object| CryptoJS string| GoogleAnalyticsObject function| ga function| initialise object| isMobile function| detectMobileOS function| showAndroid function| showIOS function| showIosAndAndroid function| removeSticky function| addEventListeners function| handleSticky object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _UA-48213762-2_sendHitTask function| _UA-48213762-11_sendHitTask object| sessionCamRecorder function| SessionCamRecorder number| scInitTime0 function| sessionCamJQuery object| _inside boolean| _insideLoaded function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc number| __google_lidar_ number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| osdsir function| fnOpenPopUpWindow function| hideBuyNowButton function| getSelectedDeviceImages function| renderResponce function| sendAjaxReq function| initSlick function| createImageSlider function| loadselectedColorImages function| scrolltoAccordion function| checkUrlParameter function| articleRelatedContentImage function| createHeroCardCarousal function| editModeCarousal function| getCarousalTitle function| getNavigation function| createMobileView function| getAllSelectedSorts function| showHideCheckMore function| sortEvents function| getEventsBySession function| getEventsByLocations function| getEventsBySort function| sort1 function| sort2 function| sort3 function| sort4 function| renderEventList function| dynamicHeightUpdateForCards function| checkViewMoreLink function| hideViewMoreLink function| checkViewMore function| displayArticles undefined| sortData undefined| getArticleByTheme undefined| getArticleBySort undefined| getArticleByYear undefined| getArticleByMonth undefined| sortArticle2 undefined| sortArticle1 undefined| renderArticleListDesktop undefined| renderArticleListMobile undefined| getThemes undefined| getDateHtml undefined| getContentThemeCategory function| getAuthorHtml function| getVideoPlayHtml function| getSlideShareHtml function| getDescriptionHtml function| getArrayWithDate function| getArrayWithMonth function| socialMediaShareLinks string| accordionContainerId object| accordionContainer object| accordionEntry function| fnLoadTopHeaders function| onClickLogin function| onClickHeaderNavigation function| heightAlignment function| removeHeight function| createDataTable function| fnTechSpechsGridStructure function| fnSolutionCardCarousel function| getMaxHeight undefined| backgroundImage function| fnSlnCardColors function| fnSolutionCardColors function| alterSolutionCardDiv function| functionOnResize function| reizingInTabletView boolean| mobileFlag boolean| tabletFlag boolean| mediascreenFlag boolean| largescreenFlag function| resizing function| fnProductGridArrowRightMobile function| fnProdutcGridDivAlignment function| fnProdutGridStickyDiv function| fnProductCardSlick function| findMaxHeight function| fnProductCardDivAlignment function| needsHeightUpdate function| navigate function| fnShowActiveTab function| fnIconTabSetWidth function| needsIconContainer function| tabHeight function| alterHomeCardDiv function| fnTrimDescHomecard function| fnAddHeightForDesc function| fnTitleBelowImage function| fnTitleWithoutImage function| fnTitleBelowImageForTwo function| fnGetStartDescrptionColor function| fnGetstartedDivAlignment function| checkWidth function| getDeviceGalleryProducts function| removetopanel function| addtopanel function| getCampareMapFromCookie function| updateCompareFooter function| checkAddToCompareOnLoad function| alterGetStartedDiv function| fnDescrptionColor function| alterCategoryDiv function| populateTable object| smbChangePlan object| smbChangePlanController function| showExtraAccountNumbers function| hideExtraAccountNumbers function| showHideDropdownValues function| updateBankCode function| addFBValidation function| addingCaptcha function| formValidation object| jQuery112209971757929768599 object| showdown function| WOW object| wow object| ES6Promise function| html2canvas function| iFrameResize function| messageHandler function| createLiteStore string| UPDATE_ACTION function| updateGLobalCart function| updateCustomerDetails function| updateLinksAndTitles function| showCustomerLoggedIn function| showCustomerLoggedOut function| showCustomerLoggedInBlueIcon function| updateCartColor function| buildStaticPages function| iterateJsonData function| getQueryParameterValue function| redirectionUrl function| populateNewsFeed function| resetFeedbackDialog function| showErrorMessage function| sendFeedback object| adobeTrackingUtils function| getDatalayerEventAttributes object| store object| $android object| $ios object| dl string| pathname string| url string| query string| hash undefined| h2 undefined| h2Clean undefined| qu undefined| category undefined| form undefined| h3Elem undefined| ecom undefined| count undefined| div undefined| span undefined| stepName undefined| clean object| reg undefined| element undefined| currentplan undefined| transactionId object| iframes boolean| include object| ytIDs function| onYouTubeIframeAPIReady object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| ds07o6pcmkorn object| ft_onetag_5663 function| fbq function| _fbq number| smoRand string| smoPrtKey string| smoPUrl string| smoParams string| smoInfo string| smoSD string| smoTrUrl object| smoTrImg function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| $jscomp object| _insideGraph object| insideFrontInterface function| isLocal object| insideAPI boolean| isStyleFuncSupported object| insidePreChatForm object| insideOfflineForm object| insideChatPanePrint object| insideChatPaneFrame string| _insideProtocol string| _insideCluster string| _insideGraphUrl string| _insideSocialUrl string| _insideCDN string| _insideCDN2 string| _insideScriptVersion boolean| _insideLive boolean| _insideIsLive3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| mrsjenkinsclass.com/ | Name: __session:0.1746944904556995: Value: https: |
|
| mrsjenkinsclass.com/ | Name: sc.Status Value: 2 |
|
| mrsjenkinsclass.com/ | Name: sc.ASP.NET_SESSIONID Value: |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4c60a0a94672.o3n.io
8015196.fls.doubleclick.net
ad.doubleclick.net
ampcid.google.com
ampcid.google.de
connect.facebook.net
cx.atdmt.com
d2oh4tlt9mrke9.cloudfront.net
d3f5l8ze0o4j2m.cloudfront.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
mrsjenkinsclass.com
script.crazyegg.com
servedby.flashtalking.com
spark-live.inside-graph.com
spark-track.inside-graph.com
stats.g.doubleclick.net
uipus.semasio.net
ws.sessioncam.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.spark.co.nz
www.staticcdn.co.nz
www.spark.co.nz
104.18.30.173
13.224.196.170
13.224.196.43
13.225.73.80
13.54.252.238
146.171.248.36
172.217.18.166
172.217.22.6
205.185.216.42
216.58.210.2
2606:4700::6813:9408
2a00:1450:4001:800::200e
2a00:1450:4001:815::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:821::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
50.57.31.206
54.152.53.96
54.76.87.20
67.225.188.222
076700cfb24bb47f33cfc1d6d08f0ed94b0f1fe6814a223c8c99afeb7a6e15b0
0dca547b59c4fbcd851ab52275af17aca24162114b919ddaa955e7d35838e9d4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14fd5488cd35a65a9c8d98f0ac5e97fca338d1a3532179ee3dc92d7e4667c4ce
164753cfe6206277d3be96569551f36f32105c3b837d56dc9e2d00f4d658d8c6
171adde2d24b56cc0f6e98c2cb4a925c8b033717c59bc7c0a95a04f94cad660e
17fb48da788e3051576e7d0e3c89b9ab12fd86e50bc2fb0ae092aace1e9133a1
1b5901ec3d5cd468d51cd763011e74ac2e94483fdbf21a348e0d4868ffdbb99a
1cac386a226657759d39c04b26768f03915090f0f1a5b4e6ca815d7478228159
1cce89e466513852bf92fd065eefb117c2fd2aaf68620c74b0edab2b76227abb
1ec646367adfa9d202390de7a9b06c95e70d48801fe3f6458ea96a5fe347f7b1
2afa0193eebc6dcba6256c02ba126cd809b278a8c271ba1344af1d54520fb173
333b70e4971b704028b62a2a8a8e159ba46ce1145be9ece33fd94986f1bf2bfe
4139d41d5f9c87b83750699535e5d6e8adc30fe82fc002b003206f67516fdb86
41cf2b12f448c74af3baba56d60f245827f2946c9a23a7120f103d65654df83e
42378a898444815e5a5eb9c321c962bc473b1ab69ee051614b340538cc357be5
446cb2c77c2807618caf4de745e133e0893780c448f2ce8b1b0266f08f9dfc83
4589441ac97df1033c946f3403b0199cfb05e8ba3e406e21013d1af6965dd06a
45e2f85e3aab6c36988703f5cc06444289bb795a25736b74975073c98de18498
45e454c3fe881841d770003cd3358f4962a39beeb010490a2d0d840600cd189b
4b91ad0b85c39f6789caf49cec4beb06b7b9f0e4d0ac8feff0de8f79fdd12d97
5a33b1b08faa141fe7a21f91a0f8bd26fb72c4f6ab530de586c1890efed6ff77
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
603f0409034d232b087e1be681f24a337a86f816bdfe34952d38ae38665e793f
64818334dce5c74e9b33612bcefd935d157d4e5d03a1e7f2884a0edf1e6e51b4
6799b0673272ab283e38da1c15c54b59918c1db048a26f5ecd7be9c0f1d50f86
6a5c758f069fbe8fc0eec70158c0a1f90ed0e8b14eddd32cb93eb096bd233afc
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
77d25fafd2a977cd6b1cc8beda635093c7becc4f6b649199c76822775560eb23
81b07c3b352d02db085880ca40f987d88b90692e687fc1bb0cb799b7e19d120b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a8c9b30652a824a58502a407930535efb3deadc7699719e0063f4e0b723cca
8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
8e1b476e96369d254b4635ee5de4ada47ae1b8c24cf1353bbb660e1703ec40ce
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bad99ef646f8f6420590109e7c9fd6feb235c9d8d0cd68f60f44823b1ff1bca
9ed798d14a2e989bdaa17abba606bcc9274c1d6b0c620d27bda902b5395a08ba
9efa6d6adde0b0304f55aa0228ed0778d29690af12732b360d30a4bd344163b0
aec8f06eaabf9c98bf6595dc0869dc0e20138dc5fdf439bfc03963c39244ff6e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff8ceeb9262b1456027c5202e7ca078c7b87e3e2d69344a8dc996dffcb9b9eb
b11dd35914e351efe8547142cd8e0ca6bbf778c71600c93fa5262b6345b81964
b3a9e0f1dcb8df6a831308fa264c1e9c3f53179cfb77155b18cc3156d0b5bba7
c1d4e92f71b4977bfd9bc2294c45e388a0ea14767b3e007b95c966fa1d202135
c53c6dad84d26b1e4944ded4b12b5060ff62aec8608b502447927931026a949f
c766a542b88d1c0d1f179ffe0c8b696c0b0700db444eb4b611813404adaf6633
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cfd1985749ab076e79ee99361ef540011b75419f5affda7595a581b8ea012845
d65da0384164d3caeeee36b2e8b7b5da42e1183d4575725a3bd05213e786ec55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
edc27ae43efdf22d5f81a54c69c0e55a766a72886d51b9065750d9669918e8a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6281f4fc0c8b4cd0ecb0cf382c080d9e5f01b58c816d5f071969f3734465fc6
f97818739ebb98f7e7158da11a697bd9369fcb59d5d2adabb78f406ebb99e48d
fc38f015f5eacfb4fe46fcae93e4441760970925152a19c026221f2cafff8c0c
fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1
ff1226fbe86a0b632ee3fe3eac4f6e9891c11590c935497e2f62d41073b7ee3a