greencardorganization.com
Open in
urlscan Pro
34.199.196.189
Public Scan
Effective URL: https://greencardorganization.com/landing/steps?taboola&media_channel=taboola&media_campaign=Germany39-steps&utm_source=taboola&ut...
Submission: On August 04 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on June 19th 2018. Valid for: 3 months.
This is the only time greencardorganization.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.225.52.250 34.225.52.250 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 2.16.186.43 2.16.186.43 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 52.1.148.133 52.1.148.133 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 35.169.42.12 35.169.42.12 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 2 | 151.101.14.2 151.101.14.2 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 151.101.114.2 151.101.114.2 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 34.199.196.189 34.199.196.189 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
15 | 52.222.149.242 52.222.149.242 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 52.222.149.129 52.222.149.129 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 35.190.88.7 35.190.88.7 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 107.154.114.122 107.154.114.122 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
1 | 2.18.234.190 2.18.234.190 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
2 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 74.201.198.92 74.201.198.92 | 13789 (INTERNAP-...) (INTERNAP-BLK3 - Internap Network Services Corporation) | |
27 | 11 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-225-52-250.compute-1.amazonaws.com
tracking.freebiesfrenzy.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-43.deploy.static.akamaitechnologies.com
li.freebiesfrenzy.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-148-133.compute-1.amazonaws.com
p.liadm.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-169-42-12.compute-1.amazonaws.com
d.liadm.com |
ASN54113 (FASTLY - Fastly, US)
mb.taboola.com | |
tr.outbrain.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-196-189.compute-1.amazonaws.com
greencardorganization.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-242.fra53.r.cloudfront.net
dle5b25kew331.cloudfront.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-129.fra53.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com |
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.114.122.ip.incapdns.net
atsc.activetrail.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com |
ASN13789 (INTERNAP-BLK3 - Internap Network Services Corporation, US)
amplifypixel.outbrain.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
cloudfront.net
dle5b25kew331.cloudfront.net d2wy8f7a9ursnm.cloudfront.net |
742 KB |
3 |
outbrain.com
amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com |
3 KB |
2 |
google-analytics.com
www.google-analytics.com |
14 KB |
2 |
bugsnag.com
sessions.bugsnag.com |
135 B |
2 |
taboola.com
1 redirects
mb.taboola.com api.taboola.com |
2 KB |
2 |
liadm.com
2 redirects
p.liadm.com d.liadm.com |
2 KB |
2 |
freebiesfrenzy.com
2 redirects
tracking.freebiesfrenzy.com li.freebiesfrenzy.com |
942 B |
1 |
activetrail.com
atsc.activetrail.com |
25 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
25 KB |
1 |
greencardorganization.com
greencardorganization.com |
15 KB |
27 | 10 |
Domain | Requested by | |
---|---|---|
15 | dle5b25kew331.cloudfront.net |
greencardorganization.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | sessions.bugsnag.com |
d2wy8f7a9ursnm.cloudfront.net
greencardorganization.com |
1 | amplifypixel.outbrain.com |
greencardorganization.com
|
1 | tr.outbrain.com |
greencardorganization.com
|
1 | amplify.outbrain.com |
greencardorganization.com
|
1 | atsc.activetrail.com |
greencardorganization.com
|
1 | www.googletagmanager.com |
greencardorganization.com
|
1 | d2wy8f7a9ursnm.cloudfront.net |
greencardorganization.com
|
1 | greencardorganization.com |
api.taboola.com
|
1 | api.taboola.com | |
1 | mb.taboola.com | 1 redirects |
1 | d.liadm.com | 1 redirects |
1 | p.liadm.com | 1 redirects |
1 | li.freebiesfrenzy.com | 1 redirects |
1 | tracking.freebiesfrenzy.com | 1 redirects |
27 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
www.instagram.com |
www.linkedin.com |
www.pinterest.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
greencardorganization.com Let's Encrypt Authority X3 |
2018-06-19 - 2018-09-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://greencardorganization.com/landing/steps?taboola&media_channel=taboola&media_campaign=Germany39-steps&utm_source=taboola&utm_medium=discovery&utm_campaign=Germany_39_Steps_desk_eng&ad_id={{ad_id}}&doc_title={{doc_title}}&doc_id={{doc_id}}&ad_title={{ad_title}}&source_id={{source_id}}§ion_id={{section_id}}&utm_lp_name=V2-eng
Frame ID: 7FD102A68519DA2D9F825497C3C844E3
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://tracking.freebiesfrenzy.com/?xtl=475nz5xewpz1dchzc3jmh5tpv4cg7e1t8y4dw54bqqwr78f9f4q8hb7v49icmc8hnwnq2yj...
HTTP 302
http://li.freebiesfrenzy.com/click?s=97965&sz=300x250&li=071218aLR&e=kathy.lewis@capitalone.com&p=138638603 HTTP 301
http://p.liadm.com/click?s=97965&sz=300x250&li=071218aLR&m=d0bc55233a2a6763a9c9f48e08b6bb56&sh=... HTTP 302
http://d.liadm.com/click2/c948cc5a/aUnYro3paYCNreNj5Y42ZaqX8XtQ6OhzcOwuQQxr_G_tmki5MPLSedfrc3Ji... HTTP 302
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.click?recipient.proprietar... HTTP 302
http://api.taboola.com/1.1/json/liveintent-ron-row/recommendations.notify-click?app.type=email&app.... Page URL
- https://greencardorganization.com/landing/steps?taboola&media_channel=taboola&media_campaign=Germany39-steps&u... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /.*Varnish/i
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- env /^Vue$/i
BugSnag (Analytics) Expand
Detected patterns
- script /bugsnag.*\.js/i
- env /^BugSnag$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tracking.freebiesfrenzy.com/?xtl=475nz5xewpz1dchzc3jmh5tpv4cg7e1t8y4dw54bqqwr78f9f4q8hb7v49icmc8hnwnq2yjim93y0vrvlcrei78lnmiiy98y0awd6ed16ixwg25l0zvi7za12z3fxkvjy9re0ryfigt2v4tsg7jnud3anknsi3b3ixh1ygsaxi4leto7h4o1thbcvwmg613kid51erl0xorz6xf56jflettapij3nepl&xi=kathy.lewis@capitalone.com&email=kathy.lewis@capitalone.com
HTTP 302
http://li.freebiesfrenzy.com/click?s=97965&sz=300x250&li=071218aLR&e=kathy.lewis@capitalone.com&p=138638603 HTTP 301
http://p.liadm.com/click?s=97965&sz=300x250&li=071218aLR&m=d0bc55233a2a6763a9c9f48e08b6bb56&sh=64246b1a60e06d94f046a18d2bb63ef66034a430&sh2=6c473bc54d5e27133030ca63ee56b737e7e1cf74c10637de23796fb43b4d97a0&p=138638603&dom=capitalone.com HTTP 302
http://d.liadm.com/click2/c948cc5a/aUnYro3paYCNreNj5Y42ZaqX8XtQ6OhzcOwuQQxr_G_tmki5MPLSedfrc3JiqSiPe32yQFB_Jluy6xclJj41f6Ywr0miRuEb0ue-ASp7tpZE39NkBtGtgG0saH180PklHka6cAX6mOIeowju_bPrf3aCsjhN_425g8citZdmsAy00o5A3PDZmZw2ScIAbmOUq6hrcZXyqh46wzUDNwMRLhAkBoGuCHNOzUs5x93TeQF8yYBwXUlPFi_Lgn_u2BBxtDKb3QS2VinAZ4vV0MmHSv-40bJRoTJwBPrNA38iiYMg6tJsqbpGOoRzfwWjm9IXxpsu350a6RfoHvRBjrQo5mA8-59JChdhJ25YXMOTzubLEwQumthC__8CB5YkFh3PHD7pSdoW20tGHjJ4oMV0a601HdYnO-IIi3KvwvBoHfBzyPEAf6cd_NLsZeUYc2_FyEKbwsloh7_M_Zw8JJRc1OuzSHqhgIK9bM6FPvFyitxAC8_bvKtkriWG0HNtvdU5atEz7o5K11mRSo5Zue1-f5OsJWy0bmQX57aLdE2RPsJsw0pAtsdRMuV04gWpXc2fkBJ9FKO9J6HWazD80ZevWx9LxqMuIChHGQXZ-WLros0u5rKsSVrCSsqWg0kkcqWj6ilSQOxYwnsnT4comvOp1LaS6U1AGP3uUbOhC9Fp_AczRNlM8kRZCb-8_5-L8DnoRXga2fbFYnsT0B5y6wnVHSbfrWZN_Vc1W0wqtIFpLtOf7w62tp3hHNEcDX3SFNe6MI1NnqZfqvCmw338DybxsV7SnpKWRaKkZToPOFameK7M-GavOIJSFRdPg8ODAko0XRddmGWJNIaZ2045VB03el-orUHhm274AtGc3rmUeNTUO9g3CUwSplmxBehxZNZYm6aL0R_ROUePbwrIGk8IbGORcv4euZBjAdntSG4_k_alXHsc9d2D1Jee6y9tyomRZDXX4N3DRDdWrlNb5LJyxGF8nTlkPYwE1VPhQnrUWdzEnl9qiXwRYViLhQcqryrgcx9X9pyXspX-pkUYmXVOXdpg_ebDzKAAtYk-rnA8xdz2EapShbh1AbEB_VzxxO05eJNYMQI-gg136WIwxOsZuiG-_h1bSthRjsMiI4B-3o5QgJPrKgOl4Xwp// HTTP 302
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.click?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=kti0jpPDLH4nG4op99iJ6hCwcMhl5BuMAChOlA&recipient.user.id=9f1a4a3a-4ea3-4276-94ef-f38d2ba2c4e5-tuct25c2930&instance.id=0017a542-b3b5-3ab7-af41-d0ca55f8d9dc&widget.placement=97965&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=5336&recipient.user.agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&recipient.ipv4=148.251.45.254&widget.alternative=PC HTTP 302
http://api.taboola.com/1.1/json/liveintent-ron-row/recommendations.notify-click?app.type=email&app.apikey=faae74d77ed5cd60844ed42faefc3463&response.id=__c077c7b67cc790db0c3983c7e1df261e__51b9ab6a856ac053ad1f7278d4a8b298&response.session=v2_bd8d91d17b22fc2688d0c335b2d560c9_701e86f7-1f50-4ceb-b224-7055b0bc9702-tuct25003c8_1533212298_1533212298_CNawjgYQmcdFGJqdzNTPLCABKAQwODib4wlAgooQSJjEF1Cl7BBYAGAA&item.id=%7E%7EV1%7E%7E8153077221242772461%7E%7EuFyYRqDzhR8V6GLBaycJxjkJChLpfZt4UnB5aed8aDYgADLX0sCLI84lvxeYoNVBXtEiVLHvk6BFwXvQihx-5s_F7IEFgT48p02hBSmEqFjF0PpRwV5-CQIuSfGax4ibBTk-nbv_eA05MmfacYlA3yPakojaTDwT42rmaofz1hhMKZoaxS90V8pTImQczKden9Lq-4IJFdc9t6WEztInweCNUUJxklDTg3battEpLqksB0B4D9jyB0tMU00llCXJ&item.type=video&sig=d1ba35699bbe617392d62a70d4818d6459a8e36cea76&redir=https%3A%2F%2Fgreencardorganization.com%2Flanding%2Fsteps%3Ftaboola%26media_channel%3Dtaboola%26media_campaign%3DGermany39-steps%26utm_source%3Dtaboola%26utm_medium%3Ddiscovery%26utm_campaign%3DGermany_39_Steps_desk_eng%26ad_id%3D%7B%7Bad_id%7D%7D%26doc_title%3D%7B%7Bdoc_title%7D%7D%26doc_id%3D%7B%7Bdoc_id%7D%7D%26ad_title%3D%7B%7Bad_title%7D%7D%26source_id%3D%7B%7Bsource_id%7D%7D%26section_id%3D%7B%7Bsection_id%7D%7D%26utm_lp_name%3DV2-eng Page URL
- https://greencardorganization.com/landing/steps?taboola&media_channel=taboola&media_campaign=Germany39-steps&utm_source=taboola&utm_medium=discovery&utm_campaign=Germany_39_Steps_desk_eng&ad_id={{ad_id}}&doc_title={{doc_title}}&doc_id={{doc_id}}&ad_title={{ad_title}}&source_id={{source_id}}§ion_id={{section_id}}&utm_lp_name=V2-eng Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://tracking.freebiesfrenzy.com/?xtl=475nz5xewpz1dchzc3jmh5tpv4cg7e1t8y4dw54bqqwr78f9f4q8hb7v49icmc8hnwnq2yjim93y0vrvlcrei78lnmiiy98y0awd6ed16ixwg25l0zvi7za12z3fxkvjy9re0ryfigt2v4tsg7jnud3anknsi3b3ixh1ygsaxi4leto7h4o1thbcvwmg613kid51erl0xorz6xf56jflettapij3nepl&xi=kathy.lewis@capitalone.com&email=kathy.lewis@capitalone.com HTTP 302
- http://li.freebiesfrenzy.com/click?s=97965&sz=300x250&li=071218aLR&e=kathy.lewis@capitalone.com&p=138638603 HTTP 301
- http://p.liadm.com/click?s=97965&sz=300x250&li=071218aLR&m=d0bc55233a2a6763a9c9f48e08b6bb56&sh=64246b1a60e06d94f046a18d2bb63ef66034a430&sh2=6c473bc54d5e27133030ca63ee56b737e7e1cf74c10637de23796fb43b4d97a0&p=138638603&dom=capitalone.com HTTP 302
- http://d.liadm.com/click2/c948cc5a/aUnYro3paYCNreNj5Y42ZaqX8XtQ6OhzcOwuQQxr_G_tmki5MPLSedfrc3JiqSiPe32yQFB_Jluy6xclJj41f6Ywr0miRuEb0ue-ASp7tpZE39NkBtGtgG0saH180PklHka6cAX6mOIeowju_bPrf3aCsjhN_425g8citZdmsAy00o5A3PDZmZw2ScIAbmOUq6hrcZXyqh46wzUDNwMRLhAkBoGuCHNOzUs5x93TeQF8yYBwXUlPFi_Lgn_u2BBxtDKb3QS2VinAZ4vV0MmHSv-40bJRoTJwBPrNA38iiYMg6tJsqbpGOoRzfwWjm9IXxpsu350a6RfoHvRBjrQo5mA8-59JChdhJ25YXMOTzubLEwQumthC__8CB5YkFh3PHD7pSdoW20tGHjJ4oMV0a601HdYnO-IIi3KvwvBoHfBzyPEAf6cd_NLsZeUYc2_FyEKbwsloh7_M_Zw8JJRc1OuzSHqhgIK9bM6FPvFyitxAC8_bvKtkriWG0HNtvdU5atEz7o5K11mRSo5Zue1-f5OsJWy0bmQX57aLdE2RPsJsw0pAtsdRMuV04gWpXc2fkBJ9FKO9J6HWazD80ZevWx9LxqMuIChHGQXZ-WLros0u5rKsSVrCSsqWg0kkcqWj6ilSQOxYwnsnT4comvOp1LaS6U1AGP3uUbOhC9Fp_AczRNlM8kRZCb-8_5-L8DnoRXga2fbFYnsT0B5y6wnVHSbfrWZN_Vc1W0wqtIFpLtOf7w62tp3hHNEcDX3SFNe6MI1NnqZfqvCmw338DybxsV7SnpKWRaKkZToPOFameK7M-GavOIJSFRdPg8ODAko0XRddmGWJNIaZ2045VB03el-orUHhm274AtGc3rmUeNTUO9g3CUwSplmxBehxZNZYm6aL0R_ROUePbwrIGk8IbGORcv4euZBjAdntSG4_k_alXHsc9d2D1Jee6y9tyomRZDXX4N3DRDdWrlNb5LJyxGF8nTlkPYwE1VPhQnrUWdzEnl9qiXwRYViLhQcqryrgcx9X9pyXspX-pkUYmXVOXdpg_ebDzKAAtYk-rnA8xdz2EapShbh1AbEB_VzxxO05eJNYMQI-gg136WIwxOsZuiG-_h1bSthRjsMiI4B-3o5QgJPrKgOl4Xwp// HTTP 302
- https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.click?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=kti0jpPDLH4nG4op99iJ6hCwcMhl5BuMAChOlA&recipient.user.id=9f1a4a3a-4ea3-4276-94ef-f38d2ba2c4e5-tuct25c2930&instance.id=0017a542-b3b5-3ab7-af41-d0ca55f8d9dc&widget.placement=97965&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=5336&recipient.user.agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&recipient.ipv4=148.251.45.254&widget.alternative=PC HTTP 302
- http://api.taboola.com/1.1/json/liveintent-ron-row/recommendations.notify-click?app.type=email&app.apikey=faae74d77ed5cd60844ed42faefc3463&response.id=__c077c7b67cc790db0c3983c7e1df261e__51b9ab6a856ac053ad1f7278d4a8b298&response.session=v2_bd8d91d17b22fc2688d0c335b2d560c9_701e86f7-1f50-4ceb-b224-7055b0bc9702-tuct25003c8_1533212298_1533212298_CNawjgYQmcdFGJqdzNTPLCABKAQwODib4wlAgooQSJjEF1Cl7BBYAGAA&item.id=%7E%7EV1%7E%7E8153077221242772461%7E%7EuFyYRqDzhR8V6GLBaycJxjkJChLpfZt4UnB5aed8aDYgADLX0sCLI84lvxeYoNVBXtEiVLHvk6BFwXvQihx-5s_F7IEFgT48p02hBSmEqFjF0PpRwV5-CQIuSfGax4ibBTk-nbv_eA05MmfacYlA3yPakojaTDwT42rmaofz1hhMKZoaxS90V8pTImQczKden9Lq-4IJFdc9t6WEztInweCNUUJxklDTg3battEpLqksB0B4D9jyB0tMU00llCXJ&item.type=video&sig=d1ba35699bbe617392d62a70d4818d6459a8e36cea76&redir=https%3A%2F%2Fgreencardorganization.com%2Flanding%2Fsteps%3Ftaboola%26media_channel%3Dtaboola%26media_campaign%3DGermany39-steps%26utm_source%3Dtaboola%26utm_medium%3Ddiscovery%26utm_campaign%3DGermany_39_Steps_desk_eng%26ad_id%3D%7B%7Bad_id%7D%7D%26doc_title%3D%7B%7Bdoc_title%7D%7D%26doc_id%3D%7B%7Bdoc_id%7D%7D%26ad_title%3D%7B%7Bad_title%7D%7D%26source_id%3D%7B%7Bsource_id%7D%7D%26section_id%3D%7B%7Bsection_id%7D%7D%26utm_lp_name%3DV2-eng
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
recommendations.notify-click
api.taboola.com/1.1/json/liveintent-ron-row/ Redirect Chain
|
874 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
steps
greencardorganization.com/landing/ |
98 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
app.css
dle5b25kew331.cloudfront.net/assets/css/ |
51 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bootstrap_3.3.7.min.css
dle5b25kew331.cloudfront.net/assets/landing_pages/multistep-1/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
style.css
dle5b25kew331.cloudfront.net/assets/landing_pages/multistep-1/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v4/ |
37 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
usa-flag.png
dle5b25kew331.cloudfront.net/assets/landing_pages/multistep-1/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ic_phone.png
dle5b25kew331.cloudfront.net/assets/img/icon/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ic_mail.png
dle5b25kew331.cloudfront.net/assets/img/icon/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ic_location.png
dle5b25kew331.cloudfront.net/assets/img/icon/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
facebook.png
dle5b25kew331.cloudfront.net/images/ |
935 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
instagram.png
dle5b25kew331.cloudfront.net/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
linkedin.png
dle5b25kew331.cloudfront.net/images/ |
670 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pinterest.png
dle5b25kew331.cloudfront.net/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
youtube.png
dle5b25kew331.cloudfront.net/images/ |
719 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
landing.js
dle5b25kew331.cloudfront.net/assets/promo/ |
185 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
72 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS S |
/
sessions.bugsnag.com/ |
0 44 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Atsc.js
atsc.activetrail.com/Scripts/ |
100 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
green_card.png
dle5b25kew331.cloudfront.net/assets/landing_pages/multistep-1/img/ |
72 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
background-flag.png
dle5b25kew331.cloudfront.net/assets/landing_pages/multistep-1/img/ |
544 KB 545 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST S |
/
sessions.bugsnag.com/ |
21 B 91 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pixel
tr.outbrain.com/ |
43 B 326 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
amplifypixel.outbrain.com/ |
43 B 293 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST S |
collect
www.google-analytics.com/r/ |
35 B 135 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| bugsnag object| bugsnagClient object| _atsc_paq function| _ function| axios function| setImmediate function| clearImmediate function| Vue object| GCO function| handleCurrentStep function| setRef function| resetRef function| validateStep function| updateProgressBar object| PageToPrecentage function| gtag object| dataLayer function| obApi object| JSON2 object| Atsc object| AnalyticsTracker function| Atsc_log object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
greencardorganization.com/ | Name: _pk_id.4f06cc08-0e07-4606-983d-3fa21c20ae83.422b Value: b6589fc6ab0dc82c.1533424721.1.1533424721.1533424721. |
|
greencardorganization.com/ | Name: referrer Value: eyJpdiI6IkRkMHNrWXZYcFFtVEd1K0V4b1J5TWc9PSIsInZhbHVlIjoiSk9mMlBGaXhGMkZHUENVTVNaS3V4UlI1eFloVlNlY0NrT1FwM1RaYTBQQmNPV1wvOFRYenUwWnlWQVZUSXFjSDFJYjc5TVZYUTdGbDlMZ1NZRzN6QUNEbHpBd2JtdUJhb3l6TTFIOCtEaVBRdHltaFZJV3BrOWlqV0ZhK0Q0bDZvOUxIRWVFZ01cL2kwODlyUFlaalRsZ2NvYjR0N3ZtOWVYWW9CMWdTTGZPZ2lvOGhBSkJPV0hwYWVIU1NFQ0lyNFFENzFaSm9lRDlPSEdNSE91bWRtK3FkOGt1MDRDMzVwUlQ3dHVkR1ZkdElGRkVtTTJSMVpGYzdiYVwvMkVNS2ZOZU8zbXRBZllpU2hISUZrK2FtcUdtc1l1YXZEcjl0cWhEOTZiY05UZHU4c2NneHJMc2Mzb3FyUG54MVVJdXhcL3c1bmJIRkE1NXBIOVhhV2JHZnJIMW9XNWIxUTRUQjR4dmFVM3VTaFpBRHVVc1VNSnFmVkFuWHhTeWVvYUk5TCt3U0I4N0hSVnFLQmdBN1ZkbCtsNUE1NWkxWmNWTHVwMzcrSFhIMTRGcEp2MlpBU1NLbFh5ZEFBRzNJbE9LOWhwN0MzbGdra25oTnJUNmJwNk5OQVNrOUwxbEJtQjZHWnRXUm9ycDVBeWtIelI5WTZsWmxtMXRLQjBKMnNXOGhFdFIzUGNIZk5IdTFDTyswMlNmUnF6SGpUclBEVFVuZUdvdTUwN09TWWVYTlExaVM5SWhFTU1GQ0VmY0NUOG4wVXVKY1BVMkZDQUpabjRDTndmM01wWHM3QXZ4Y3RIa0xWVDlGRnVURVQwVnd0eEh1bWdLcHhZdER6NzRab0VhN3lLZ2dGMUhJOWZYMUsyUTlWOGdhYkkzQkd0a1RKTWhXbEdTNUJhakRzTVJDTE5tQmxRRjcxTGV3NW5oR1FsaWFQeGVZTzY1TCszQ3ErYTBcL0ZHQnRLeUcraWtJVlBYMlFOMURsM3AzRlhOUlY2clhaTG45bHZBOHVLVVljNFpaWTdxTzFHQ3lvUjh3ODB1UVdLU041SlFYdzFVK3cxMFVITjVPam5OTm5ZK0VTS3JUWVJPTTFMMDhwRzNMdDRMN3I3WlJxditrSGVwaWxKUE5pc0FHRWdcL1FaZ0tFK3oxRVJMaVNjVkVmZU1CYXdhQVV1VStwQXI5aHNLNlVIVmdoaDZidFRiWUxlaURMRitDRW1kS0JJaXNPZVVBdjA5cWF3SzNxbSs1VysxR2l0T2hqcmZpaFpGUGZJRGJGNEx4bnFHSktIVTcwQTgrTnRlYXFUTWFwb2VsOFwvM0ZsWXFRXC9ib0djU0ZzZ29SYkd2TE1sbWJNN1lMelJHeVFVSjRRQTZqcmc3WWFEdVZNblF3ZFlUYVd3QXVKRHlFQWdCQU13d29PTkpSSVBEck41T3ZBVTdvbFVLdUVUdGlqM0VpV0dOSk5hWGxseDk5aXFuWjM0ZTVhNmlsY3dWamRveERrWGt3NXg3QmZYb0E3MVFGTEE2YUw3M3Z5VnFcL0YyMHhTYlMrNDZCdXVuTFZNZzZcL0Y4NGdBaGN5Wk0xUjZzS3RPVkxxeGlKYldndGY0aVwvRGhGYVA2Z3FOTlJRalZjRG4xZ1wvb1I5RldlZDhWaHRTMDcwYzQwQVJJWEVGNHdHUlwvbGJHNEo0ekdZTU50aDVkYkFhemtrXC9sb01FZFRpK2h4WWVUXC83VnFQN05tVnIrTHJGK3NZZmx4RFJQQm5SMkZtdlh3MWxkakhLMmt3M2ZORlJTMmh2SXNxWUI5REhSQUY3ejJFdGRZb2U1dlVmbk1oc2lqWjBwS05OZGJYR1wvWXVXV0RMTjljWmVxUDhNZnE0NE14VHpqUVBpdWhDYTY3M29Ic2FMRnZFM1EraEJOdjlzQXRvK2I0WnJrTHpcL25aK1Q2NGI5VWhUdnBDckRLWU9icHNEbUIrblVRYVhObGRFcDBVZVE1Z0NYMnY1ZGt4dkZaQ2V5SFNHUmozdE9IeDYzNmd0a01ldE1Cd04xMUJlV1NwMzFoNGd5Y3RQRUtGU1NMaHFOeXZvclloYlVpaHlwcHowRDZQV2RrSEE5c3UrM2FkbkZUWG5vVDdWbzdwZnFBZ05tNDI3K3Z4NDJIQWhXYTVPV2FuczgxUTQrV3Z2bzNlUGpUdlBiSG1Fc016bjVVbHJYVFZKZm11UTYwSW9jTT0iLCJtYWMiOiIwZGM1NGNiMDMyMTBmYzZlZDNjMWViN2EyZGM2YWY5ZDczZmMyZGZlNGY3MGExNzM3NjlkNmU2ZTkwMTMyN2E4In0%3D |
|
greencardorganization.com/ | Name: lp_slug Value: eyJpdiI6InJ2RWNGMkVHV01lOERLTGJVVVwvUWRnPT0iLCJ2YWx1ZSI6Ing4WXRjRFwvN3hpQW00NDJqdWtRVFB3PT0iLCJtYWMiOiIzYjM3NzMwYTdlZGE5NWMyZjFiNTFhZDJiZjBiMmJmNmRkYjJhNmUwMDY0OWI5NjAyODRiY2I1YTgyNzRhZGQ1In0%3D |
|
greencardorganization.com/ | Name: _pk_ses.4f06cc08-0e07-4606-983d-3fa21c20ae83.422b Value: * |
|
greencardorganization.com/ | Name: _pk_ref.4f06cc08-0e07-4606-983d-3fa21c20ae83.422b Value: %5B%22Germany_39_Steps_desk_eng%22%2C%22%22%2C1533424721%2C%22http%3A%2F%2Fapi.taboola.com%2F1.1%2Fjson%2Fliveintent-ron-row%2Frecommendations.notify-click%3Fapp.type%3Demail%26app.apikey%3Dfaae74d77ed5cd60844ed42faefc3463%26response.id%3D__c077c7b67cc790db0c3983c7e1df261e__51b9ab6a856ac053ad1f7278d4a8b298%26response.session%3Dv2_bd8d91d17b22fc2688d0c335b2d560c9_701e86f7-1f50-4ceb-b224-7055b0bc9702-tuct25003c8_1533212298_1533212298_CNawjgYQmcdFGJqdzNTPLCABKAQwODib4wlAgooQSJjEF1Cl7BBYAGAA%26item.id%3D~~V1~~8153077221242772461~~uFyYRqDzhR8V6GLBaycJxjkJChLpfZt4UnB5aed8aDYgADLX0sCLI84lvxeYoNVBXtEiVLHvk6BFwXvQihx-5s_F7IEFgT48p02hBSmEqFjF0PpRwV5-CQIuSfGax4ibBTk-nbv_eA05MmfacYlA3yPakojaTDwT42rmaofz1hhMKZoaxS90V8pTImQczKden9Lq-4IJFdc9t6WEztInweCNUUJxklDTg3battEpLqksB0B4D9jyB0tMU00llCXJ%26item.type%3Dvideo%26sig%3Dd1ba35699bbe617392d62a70d4818d6459a8e36cea76%26redir%3Dhttps%3A%2F%2Fgreencardorganization.com%2Flanding%2Fsteps%3Ftaboola%26media_channel%3Dtaboola%26media_campaign%3DGermany39-steps%26utm_source%3Dtaboola%26utm_medium%3Ddiscovery%26utm_campaign%3DGermany_39_Steps_desk_eng%26ad_id%3D%7B%7Bad_id%7D%7D%26doc_title%3D%7B%7Bdoc_title%7D%7D%26doc_id%3D%7B%7Bdoc_id%7D%7D%26ad_title%3D%7B%7Bad_%22%5D |
|
.greencardorganization.com/ | Name: _gid Value: GA1.2.1706953125.1533424721 |
|
greencardorganization.com/ | Name: utm Value: eyJpdiI6IkRjaXM3S0NHKzh6SEFjZ2cwUit1aXc9PSIsInZhbHVlIjoicjc5Y0kzZlp4ZGxSZ25ZMzVialVlVHQxempDbUJ0cDM0ZEQxR0I2dmdSbkZERXJsS0lXakJINzM2ZHBEZWtRRXBDcjlDYlJqM2orak5nU2xMTjJyVDk1SnF2bHBmODZlMnNUdVpuWUxFV1U0VFV0dGR0dEJHUmhkY2dRWHJkcUd0QnlvdElVR21CbkIyNUQxcW9LTjgxelg1dUJBU0FpRlNvTk5POW9wTjlvPSIsIm1hYyI6ImRhZTMzMGIwY2M1M2E4NmUwMTI0Y2U4MzE0MDQxOTg5Y2ZmMzA1M2VmYTY3Njc4Nzk3Yzk5ZjRmNmIxYzQ2MjIifQ%3D%3D |
|
greencardorganization.com/ | Name: XSRF-TOKEN Value: eyJpdiI6InV2N1M4TG9IbHpBRmtUcFwvZDZSZ2VBPT0iLCJ2YWx1ZSI6IkhKaUM3Q0VVU0JYRzg2enZUQ1F4Vm5SRUllZXJYQ2tUQ1pic0NjbEcyYlJZNnBZeFlRdlVvOHFFVVkzbzNpejBqaWwxXC9wU2wyYkRyU054UjJrNWkrdz09IiwibWFjIjoiYzg4NjM3NGEyZDM4ODEwM2I3N2Y5MWIyYjllZGQxOTUwNzY4ODc1NDZmMTlkNGUzMTg4M2U1ZTEwOWU5NWI1MCJ9 |
|
greencardorganization.com/ | Name: gco_session Value: eyJpdiI6IjZQdjdCd2VWMDVVNGJ1TDNWOWdXTkE9PSIsInZhbHVlIjoiTWw3M2F2ZDN1ODhcLzhjN0FtVDlQYVM0aVVZT3FGODArKzR0OFwvOExDWHRLQjIzUHc2SVpIeDFvYTFDSmFxOWtFVjRPRXRGekswdmQ5VmUxRCszZGZsUT09IiwibWFjIjoiNzMxYTI0NWUyYTI4YzNlMGNhYmRlYjI4ZGFmMzJkMmJhYWQ4MmFmZmFhNmU2YjkzNTE3MTFkMjFkMGViNDI1YiJ9 |
|
.greencardorganization.com/ | Name: _ga Value: GA1.2.918250054.1533424721 |
|
greencardorganization.com/ | Name: lang Value: en |
|
.greencardorganization.com/ | Name: _gat_gtag_UA_105815458_1 Value: 1 |
|
greencardorganization.com/ | Name: last_seen Value: eyJpdiI6IlUwSnNnOWJ4Z0l2aGpXZlc1QU9Scmc9PSIsInZhbHVlIjoiVCtTdXBMc0s2c1hYT2hBc3ZzcWF6WmNBQndFSlMrU3A0V011ZHNEMU9RZz0iLCJtYWMiOiJkNGVlZDMyOTc0MTcwNzFiN2EyNWE2NzJkOTg4NTQ5ODc4NGE2ODg0MDFhZTc3MGM4ODVmZmQzZGRkM2I5N2RhIn0%3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amplify.outbrain.com
amplifypixel.outbrain.com
api.taboola.com
atsc.activetrail.com
d.liadm.com
d2wy8f7a9ursnm.cloudfront.net
dle5b25kew331.cloudfront.net
greencardorganization.com
li.freebiesfrenzy.com
mb.taboola.com
p.liadm.com
sessions.bugsnag.com
tr.outbrain.com
tracking.freebiesfrenzy.com
www.google-analytics.com
www.googletagmanager.com
107.154.114.122
151.101.114.2
151.101.14.2
2.16.186.43
2.18.234.190
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
34.199.196.189
34.225.52.250
35.169.42.12
35.190.88.7
52.1.148.133
52.222.149.129
52.222.149.242
74.201.198.92
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
1d2ea7b17193c1f566bfebcb6da9f2f2992d1fc206c09f348b689d948582b435
26c9c2ffd3d4ea43b62a3ac326dc386049bf49048f038e051f684dee2e4d88ca
3397348ff623d13ac89133fc6d02514bbafa75cc702bd1014a7e3abc9efdedc1
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3ae32891ec6ab543a1c7587e944c6d1ce40884536387ef27f1c0aac3f2fad33e
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
438503dc8282092ca76505e73e97e9e717dd10490bcb0e47901c0dd0f76e50fe
49735d4070ce6776fb2c82e9ab9c7d11b7cf68dd26febd243601a53cfa6c80de
535125d10101da0542ed17e0cd1fcb306b3ad7855aa86cadfb973b3835847adc
5fea0da3f981dfcc17202d54aac6b7ee56a5709bcf0323dc65d4795b6a12c499
743b3b9e8562db60517ac4ad6cb8a84753ac79f986d56b7b642e79c27e246e29
7b2909a10353f4a1a07ea4994def6ca2f69df74ffdaad9be8cd4ca253abee5e3
7fdfc4f8d3e245c15f55d4b23020e1dc6fc91c07b30842cdbd825a00ed613451
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89d04e920856814e9a744ce27f702c1d7ce69c021f1d17184d7a629fb6c0ea4f
95920f5995038d121673bfa51f6300496f0e23fd75ccad82f57f4fce885fd2da
a56a4d49a386d7ee4879ecbfdd490086d02e05d48baca17eacf5b1dd7707e2b4
b25a37870e2a2df1197250f5e9befbbcc689663262ffacd7f53ccd0693411525
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
bbfa72eba0aa8dbb22704bd551b6ae2e3ef9320dc102f5e1b009c7bb69f7123c
c850177649a45fe1ca60049d06749be14b06d109907bf8e61570f8a6b329c757
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55869541d8d62428b5dbe5b9fb103a5f6d4279d92d501ffefc6933f09327c42
eaeb4358a9dc8f778d59a6fd3ff160a1572f8eddb9b36ff45b253f4c19b5aace
f9c314a0c06d14c44cfb4b5c09950a658b7d7e138b812d35d6e1612fb5f8b6da