www.gemfinance.co.nz
Open in
urlscan Pro
108.158.20.109
Public Scan
Submitted URL: http://www.gemfinance.co.nz/ds1
Effective URL: https://www.gemfinance.co.nz/disclosures/?gemid2=-sms-:fico:customer-disclosures:strategy
Submission: On January 13 via api from NZ — Scanned from NZ
Effective URL: https://www.gemfinance.co.nz/disclosures/?gemid2=-sms-:fico:customer-disclosures:strategy
Submission: On January 13 via api from NZ — Scanned from NZ
Summary
This website contacted 25 IPs
in 3 countries
across 17 domains to perform 72 HTTP transactions.
The main IP is 108.158.20.109, located in
United States and
belongs to AMAZON-02, US.
The main domain is www.gemfinance.co.nz.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 21st 2024. Valid for: a year.
This is the only time www.gemfinance.co.nz was scanned on urlscan.io!
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 21st 2024. Valid for: a year.
This is the only time www.gemfinance.co.nz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
17
108.158.20.109
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-109.syd62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-109.syd62.r.cloudfront.net
| www.gemfinance.co.nz |
5
2606:4700:20::ac43:4794
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| www.bugherd.com | |
| sidebar.bugherd.com |
4
142.251.221.67
(Farmingdale, United States)
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
| fonts.gstatic.com | |
| www.google.co.nz |
4
13.55.4.2
(Sydney, Australia)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-4-2.ap-southeast-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-4-2.ap-southeast-2.compute.amazonaws.com
| data.privacy.ensighten.com |
3
18.67.93.106
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-106.syd62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-106.syd62.r.cloudfront.net
| nexus.ensighten.com |
3
44.198.85.11
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-85-11.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-85-11.compute-1.amazonaws.com
| dpm.demdex.net |
1
108.158.32.22
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-22.syd3.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-22.syd3.r.cloudfront.net
| static.hotjar.com |
2
157.240.8.23
(Sydney, Australia)
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
| connect.facebook.net |
1
18.67.110.3
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-3.syd62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-3.syd62.r.cloudfront.net
| script.hotjar.com |
1
18.65.244.98
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-98.syd3.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-98.syd3.r.cloudfront.net
| vc.hotjar.io |
2
157.240.8.35
(Sydney, Australia)
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
| www.facebook.com |
1
107.23.22.141
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-22-141.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-22-141.compute-1.amazonaws.com
| latitudefinancialservices.demdex.net |
2
63.140.38.5
(United States)
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-5.data.adobedc.net
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-5.data.adobedc.net
| smetrics.gemfinance.co.nz |
1
52.76.172.15
(Singapore, Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-172-15.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-172-15.ap-southeast-1.compute.amazonaws.com
| cm.everesttech.net |
1
142.250.71.68
(Plainview, United States)
ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f4.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f4.1e100.net
| www.google.com |
4
142.250.76.102
(Plainview, United States)
ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net
| 14129891.fls.doubleclick.net | |
| 9239623.fls.doubleclick.net |
2
142.250.66.198
(Plainview, United States)
ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f6.1e100.net
| ad.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 19 |
gemfinance.co.nz
3 redirects
www.gemfinance.co.nz smetrics.gemfinance.co.nz |
1 MB |
| 12 |
doubleclick.net
2 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 14129891.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 145 9239623.fls.doubleclick.net |
2 KB |
| 10 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 4813 data.privacy.ensighten.com — Cisco Umbrella Rank: 9194 |
82 KB |
| 8 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1341 |
85 KB |
| 5 |
bugherd.com
2 redirects
www.bugherd.com — Cisco Umbrella Rank: 20234 sidebar.bugherd.com — Cisco Umbrella Rank: 21294 |
9 KB |
| 4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
409 KB |
| 4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 262 latitudefinancialservices.demdex.net |
2 KB |
| 3 |
google.com
analytics.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 3 |
|
| 2 |
google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 41106 |
126 B |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 120 |
218 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192 |
76 KB |
| 2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185 |
61 KB |
| 2 |
contentful.com
cdn.contentful.com — Cisco Umbrella Rank: 7270 |
11 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
76 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
3 KB |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1608 |
490 B |
| 1 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3181 |
230 B |
| 72 | 17 |
| Domain | Requested by | |
|---|---|---|
| 17 | www.gemfinance.co.nz |
3 redirects
www.gemfinance.co.nz
|
| 8 | tags.tiqcdn.com |
www.gemfinance.co.nz
nexus.ensighten.com |
| 6 | nexus.ensighten.com |
tags.tiqcdn.com
www.gemfinance.co.nz nexus.ensighten.com |
| 4 | td.doubleclick.net |
nexus.ensighten.com
|
| 4 | www.googletagmanager.com |
nexus.ensighten.com
|
| 4 | data.privacy.ensighten.com |
www.gemfinance.co.nz
|
| 3 | dpm.demdex.net | 1 redirects |
| 3 | sidebar.bugherd.com |
www.gemfinance.co.nz
nexus.ensighten.com |
| 2 | 9239623.fls.doubleclick.net |
1 redirects
nexus.ensighten.com
|
| 2 | ad.doubleclick.net | |
| 2 | 14129891.fls.doubleclick.net |
1 redirects
nexus.ensighten.com
|
| 2 | smetrics.gemfinance.co.nz |
nexus.ensighten.com
|
| 2 | www.google.co.nz | |
| 2 | stats.g.doubleclick.net |
nexus.ensighten.com
|
| 2 | analytics.google.com |
nexus.ensighten.com
|
| 2 | www.facebook.com | |
| 2 | connect.facebook.net |
nexus.ensighten.com
|
| 2 | cdn.contentful.com |
nexus.ensighten.com
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | www.bugherd.com | 2 redirects |
| 2 | fonts.googleapis.com |
www.gemfinance.co.nz
|
| 1 | www.google.com |
nexus.ensighten.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | latitudefinancialservices.demdex.net |
nexus.ensighten.com
|
| 1 | vc.hotjar.io |
nexus.ensighten.com
|
| 1 | script.hotjar.com |
nexus.ensighten.com
|
| 1 | static.hotjar.com |
nexus.ensighten.com
|
| 72 | 27 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.gemfinance.co.nz DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-21 - 2025-03-23 |
a year | crt.sh |
| upload.video.google.com WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
| tags.tiqcdn.com Amazon RSA 2048 M02 |
2024-03-19 - 2025-04-17 |
a year | crt.sh |
| nexus.ensighten.com Amazon RSA 2048 M03 |
2024-08-29 - 2025-09-28 |
a year | crt.sh |
| *.gstatic.com WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
| *.privacy.ensighten.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-02 - 2025-02-19 |
a year | crt.sh |
| bugherd.com WE1 |
2024-11-26 - 2025-02-24 |
3 months | crt.sh |
| cdn.contentful.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-04-03 - 2025-05-05 |
a year | crt.sh |
| *.google-analytics.com WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
| *.hotjar.com Amazon RSA 2048 M03 |
2024-05-22 - 2025-06-20 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-10-22 - 2025-01-20 |
3 months | crt.sh |
| *.hotjar.io Amazon ECDSA 256 M03 |
2025-01-08 - 2026-02-07 |
a year | crt.sh |
| *.google.com WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
| *.g.doubleclick.net WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
| *.doubleclick.net WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
| *.google.co.nz WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
| *.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-09-25 - 2025-10-26 |
a year | crt.sh |
| smetrics.gemfinance.co.nz DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-10-14 - 2025-11-14 |
a year | crt.sh |
This page contains 9 frames:
Primary Page:
https://www.gemfinance.co.nz/disclosures/?gemid2=-sms-:fico:customer-disclosures:strategy
Frame ID: 58083E9EDD4CFE88068ABF4DC092ABCF
Requests: 72 HTTP requests in this frame
Frame:
https://sidebar.bugherd.com/sidebar/embed_html?apikey=k8x4tdkkpaylbl47h1vpyq
Frame ID: 76BCA54652B16794D721F6042F90DFA4
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/ga/rul?tid=G-ZXRZ5ZKK5R&gacid=105153347.1736749363>m=45je5190v890065171za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2108674298
Frame ID: BE6E2A782380B9FAF90B3BDE2CEB86F5
Requests: 1 HTTP requests in this frame
Frame:
https://latitudefinancialservices.demdex.net/dest5.html?d_nsid=0
Frame ID: A1CF741530250E1EE65B8E1FE50F176D
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/ga/rul?tid=G-S8DT26C3G4&gacid=105153347.1736749363>m=45je5190v9179177559za200zb890065171&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1034420198
Frame ID: BD6F403364CDE3E7F2CAFA700CFF5DF7
Requests: 1 HTTP requests in this frame
Frame:
https://14129891.fls.doubleclick.net/activityi;dc_pre=COncnseH8ooDFZiMZgIdAg4hIg;src=14129891;type=nzgemgt;cat=lfspa0;ord=4451953017535;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=626967916;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9178645020za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy
Frame ID: CA6C7CBCC59D088ADB9B2242053A7CF2
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14129891;type=nzgemgt;cat=lfspa0;ord=4451953017535;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=626967916;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9178645020za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy
Frame ID: 824F957332D3215C1263552681FB40E3
Requests: 1 HTTP requests in this frame
Frame:
https://9239623.fls.doubleclick.net/activityi;dc_pre=COSFoceH8ooDFcOgZgId780v1A;src=9239623;type=rmk;cat=000si0;ord=224449020426;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=904971641;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9189603947za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102123607~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy
Frame ID: 0155F78486B89F4B8681AB3456D9F9FF
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=9239623;type=rmk;cat=000si0;ord=224449020426;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=904971641;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9189603947za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102123607~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy
Frame ID: A5585988C756B9B7D8695E92610858DB
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Disclosures | Gem by LatitudePage URL History Show full URLs
-
http://www.gemfinance.co.nz/ds1
HTTP 307
https://www.gemfinance.co.nz/ds1 HTTP 301
https://www.gemfinance.co.nz/ds1/ HTTP 301
https://www.gemfinance.co.nz/disclosures?gemid2=-sms-:fico:customer-disclosures:strategy HTTP 301
https://www.gemfinance.co.nz/disclosures/?gemid2=-sms-:fico:customer-disclosures:strategy Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Ensighten
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //nexus\.ensighten\.com/
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
Mautic
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- [^a-z]mtc.*\.js
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
URL: https://www.offers-exchange.com/gemvisa
Title: Find out more
Title: Find out more
Search URL Search Domain Scan URL
URL: https://www.latitudefinancial.com.au/about-us/our-company/?isgemf=&gemid2=gemf-web%3Ainformation%3Adisclosures%3Aleadership-team%3Aheader#leadership-team
Title: Leadership team
Title: Leadership team
Search URL Search Domain Scan URL
URL: https://www.latitudefinancial.com.au/about-us/news-room/?isgemf=&gemid2=gemf-web%3Ainformation%3Adisclosures%3Amedia-news%3Aheader
Title: Media & News
Title: Media & News
Search URL Search Domain Scan URL
URL: https://www.latitudefinancial.com.au/careers/?isgemf=&gemid2=gemf-web%3Ainformation%3Adisclosures%3Acareers%3Aheader
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://gemfinance.zendesk.com/hc/en-nz?gemid2=gemf-web%3Ainformation%3Adisclosures%3Ahelp%3Aheader
Title: Help
Title: Help
Search URL Search Domain Scan URL
URL: https://servicecentre.latitudefinancial.co.nz/login?migration=true
Title: Log in
Title: Log in
Search URL Search Domain Scan URL
URL: https://servicecentre.latitudefinancial.co.nz/register
Title: Register
Title: Register
Search URL Search Domain Scan URL
URL: https://loans.portal.gemfinance.co.nz/s/?gemid2=gemf-web%3Ainformation%3Adisclosures%3Alog-in-to-loans%3Aheader
Title: Log in to Loans
Title: Log in to Loans
Search URL Search Domain Scan URL
URL: https://www.ifso.nz/
Title: ifso.nz
Title: ifso.nz
Search URL Search Domain Scan URL
URL: https://www.facebook.com/GemFinance/
Search URL Search Domain Scan URL
URL: https://www.youtube.com/channel/UC4OODvUJswoDRTS_xFCCXcw
Search URL Search Domain Scan URL
URL: https://twitter.com/Latitude_FS/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/latitude-financial-services
Search URL Search Domain Scan URL
URL: https://www.instagram.com/gem_finance/
Search URL Search Domain Scan URL
URL: https://www.latitudefinancial.com.au/careers/?isgemf=&gemid2=gemf-web%3Ainformation%3Adisclosures%3Acareers%3Afooter
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: http://gemfinance.zendesk.com/hc/en-nz?gemid2=gemf-web%3Ainformation%3Adisclosures%3Ahelp-centre%3Afooter
Title: Help Centre
Title: Help Centre
Search URL Search Domain Scan URL
URL: http://gemfinance.zendesk.com/hc/en-nz/articles/360010403418-Contact-Us?gemid2=gemf-web%3Ainformation%3Adisclosures%3Acontact-us%3Afooter
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://apps.apple.com/app/apple-store/id1373059866?pt=118165058&ct=Latitude%20web%20footer&mt=8
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.latitudefinancial.latitudeapp&referrer=utm_source%3DLatitude%2520Web%2520Footer%26anid%3Dadmob
Search URL Search Domain Scan URL
URL: https://assets.latitudefinancial.com/legals/product-disclosure-statements/nz/gem_disclosure_statement_loan_schedule.pdf
Title: Loan Schedule
Title: Loan Schedule
Search URL Search Domain Scan URL
URL: https://assets.latitudefinancial.com/legals/product-disclosure-statements/nz/pds.pdf
Title: Prescribed Statement Disclosure
Title: Prescribed Statement Disclosure
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.gemfinance.co.nz/ds1
HTTP 307
https://www.gemfinance.co.nz/ds1 HTTP 301
https://www.gemfinance.co.nz/ds1/ HTTP 301
https://www.gemfinance.co.nz/disclosures?gemid2=-sms-:fico:customer-disclosures:strategy HTTP 301
https://www.gemfinance.co.nz/disclosures/?gemid2=-sms-:fico:customer-disclosures:strategy Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://www.bugherd.com/sidebarv2.js?apikey=k8x4tdkkpaylbl47h1vpyq HTTP 302
- https://sidebar.bugherd.com/embed.js?apikey=k8x4tdkkpaylbl47h1vpyq
- https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1736749362409 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1736749362409
- https://www.bugherd.com/sidebarv2.js?apikey=k8x4tdkkpaylbl47h1vpyq HTTP 302
- https://sidebar.bugherd.com/embed.js?apikey=k8x4tdkkpaylbl47h1vpyq
- https://cm.everesttech.net/cm/dd?d_uuid=32219348071409432852907717008895872150 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4SxNAAAAEgHvAM4
- https://14129891.fls.doubleclick.net/activityi;src=14129891;type=nzgemgt;cat=lfspa0;ord=4451953017535;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=626967916;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9178645020za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy HTTP 302
- https://14129891.fls.doubleclick.net/activityi;dc_pre=COncnseH8ooDFZiMZgIdAg4hIg;src=14129891;type=nzgemgt;cat=lfspa0;ord=4451953017535;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=626967916;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9178645020za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy
- https://9239623.fls.doubleclick.net/activityi;src=9239623;type=rmk;cat=000si0;ord=224449020426;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=904971641;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9189603947za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102123607~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy HTTP 302
- https://9239623.fls.doubleclick.net/activityi;dc_pre=COSFoceH8ooDFcOgZgId780v1A;src=9239623;type=rmk;cat=000si0;ord=224449020426;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=904971641;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe5190v9189603947za200zb890065171;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102123607~102198178;epver=2;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2Fdisclosures%2F%3Fgemid2%3D-sms-%3Afico%3Acustomer-disclosures%3Astrategy
72 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.gemfinance.co.nz/disclosures/ Redirect Chain
|
563 KB 100 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
26 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
sidebar.bugherd.com/ Redirect Chain
|
18 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/latitudefs/web-main/prod/ |
439 B 880 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webpack-runtime-6c8ddb18cc6e7e079d8a.js
www.gemfinance.co.nz/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
framework-fecf8dbfb50e0cb0e675.js
www.gemfinance.co.nz/ |
145 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-f7eab3550bf8ac432f74.js
www.gemfinance.co.nz/ |
643 KB 191 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles-0ec71dd62c66cb95665c.js
www.gemfinance.co.nz/ |
117 B 639 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a23d66911b6a57e6f1d78c62033c011748b27285-a93ab6ddd40fc7330ffc.js
www.gemfinance.co.nz/ |
2 MB 544 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0060f5f9bcd24e9f6446e885129b814abc37273f-29f437198c6adf1f1953.js
www.gemfinance.co.nz/ |
71 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dcaea2415c9ce9fc538f1c23592c1302fe037fe8-a048b7d3e0baccae84b0.js
www.gemfinance.co.nz/ |
33 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
component---src-pages-disclosures-index-tsx-257a1935b7fc85826c16.js
www.gemfinance.co.nz/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
page-data.json
www.gemfinance.co.nz/page-data/disclosures/ |
142 B 688 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-data.json
www.gemfinance.co.nz/page-data/ |
50 B 565 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bootstrap.js
nexus.ensighten.com/gecapitalau/privacy-prod/ |
344 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 275 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/gecapitalau/privacy-prod/ |
415 B 747 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/latitudefs/web-main/prod/ |
163 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
419 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
804 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
460 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
862 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ |
39 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ |
37 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ |
0 107 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed_html
sidebar.bugherd.com/sidebar/ Frame 76BC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e238b3ab011e132fa5b83b1cc8d9b279.js
nexus.ensighten.com/gecapitalau/privacy-prod/code/ |
277 B 694 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
6dbece50d03435685e0286c792aa0e25.js
nexus.ensighten.com/gecapitalau/privacy-prod/code/ |
597 B 1013 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
entries
cdn.contentful.com/spaces/w0q68lqdeo57/environments/master/ |
71 KB 11 KB |
XHR
application/vnd.contentful.delivery.v1+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
entries
cdn.contentful.com/spaces/w0q68lqdeo57/environments/master/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.60.js
tags.tiqcdn.com/utag/latitudefs/web-main/prod/ |
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.3.js
tags.tiqcdn.com/utag/latitudefs/web-main/prod/ |
67 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.11.js
tags.tiqcdn.com/utag/latitudefs/web-main/prod/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.14.js
tags.tiqcdn.com/utag/latitudefs/web-main/prod/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.28.js
tags.tiqcdn.com/utag/latitudefs/web-main/prod/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e.gif
nexus.ensighten.com/error/ |
0 218 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.gemfinance.co.nz/ |
1 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg-banner-cc-8012b06863438887d951ba6ead92d98f.png
www.gemfinance.co.nz/static/ |
63 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
384 B 929 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
328 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-826763.js
static.hotjar.com/c/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fbevents.js
connect.facebook.net/en_US/ |
239 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg-banner-cc-new-901bf13407456aab0ae6ae350c044303.png
www.gemfinance.co.nz/static/ |
494 KB 495 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
sidebar.bugherd.com/ Redirect Chain
|
18 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.60031afbf51fb3e88a5b.js
script.hotjar.com/ |
223 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
792659474107647
connect.facebook.net/signals/config/ |
74 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
826763
vc.hotjar.io/sessions/ |
0 230 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
0 16 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 202 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
415 KB 133 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 558 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rul
td.doubleclick.net/td/ga/ Frame BE6E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
235 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
237 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.co.nz/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dest5.html
latitudefinancialservices.demdex.net/ Frame A1CF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.gemfinance.co.nz/ |
48 B 466 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=411&dpuuid=Z4SxNAAAAEgHvAM4
dpm.demdex.net/ Redirect Chain
|
42 B 714 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 48 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rul
td.doubleclick.net/td/ga/ Frame BD6F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.co.nz/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google.com/ccm/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=COncnseH8ooDFZiMZgIdAg4hIg;src=14129891;type=nzgemgt;cat=lfspa0;ord=4451953017535;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;p...
14129891.fls.doubleclick.net/ Frame CA6C Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;fledge=1;src=14129891;type=nzgemgt;cat=lfspa0;ord=4451953017535;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=626967916;uaa=;uab=;u...
td.doubleclick.net/td/fls/rul/ Frame 824F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activity;register_conversion=1;src=14129891;type=nzgemgt;cat=lfspa0;ord=4451953017535;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=626967916...
ad.doubleclick.net/ |
0 24 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=COSFoceH8ooDFcOgZgId780v1A;src=9239623;type=rmk;cat=000si0;ord=224449020426;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=90...
9239623.fls.doubleclick.net/ Frame 0155 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;fledge=1;src=9239623;type=rmk;cat=000si0;ord=224449020426;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=904971641;uaa=;uab=;uafvl=;...
td.doubleclick.net/td/fls/rul/ Frame A558 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activity;register_conversion=1;src=9239623;type=rmk;cat=000si0;ord=224449020426;npa=0;auiddc=724772060.1736749364;u1=%2Fdisclosures%2F;u2=www.gemfinance.co.nz;gdid=dYmQxMT;ps=1;pcor=904971641;uaa=;...
ad.doubleclick.net/ |
0 24 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s05632325377781
smetrics.gemfinance.co.nz/b/ss/lfs-prod/1/JS-2.22.4/ |
43 B 311 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
&lnn=-1&fn=&cid=619&client=gecapitalau&publishPath=privacy-prod&rid=3978170&did=628456&errorName=TypeError){kind=link}
&lnn=-1&fn=&cid=619&client=gecapitalau&publishPath=privacy-prod&rid=3978170&did=628456&errorName=TypeError){kind=link}
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway object| utag_cfg_ovrd string| pagePath object| ___chunkMapping object| webpackJsonp object| scCGSHMRCache object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate boolean| _bugHerd_sidebar2021 string| ___webpackCompilationHash object| utag function| loadLibrary function| getTLAttributes function| tladqp string| gtagRename object| dataLayer function| gtag object| _hjSettings function| hj object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in function| fbq function| _fbq object| adobe function| Visitor object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| s_i_lfs-prod33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .gemfinance.co.nz/ | Name: utag_main Value: v_id:01945e542a94000042d97510cc8905065005905d00b08$_sn:1$_se:1$_ss:1$_st:1736751161812$ses_id:1736749361812%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:gemfinance.co.nz |
|
| .gemfinance.co.nz/ | Name: _hjSessionUser_826763 Value: eyJpZCI6Ijk5YzA1NWM5LWZkNGUtNTRjYy1iYjRjLTQ0MzhhM2U3ZjdmNSIsImNyZWF0ZWQiOjE3MzY3NDkzNjI5NzYsImV4aXN0aW5nIjpmYWxzZX0= |
|
| .gemfinance.co.nz/ | Name: _hjSession_826763 Value: eyJpZCI6ImMxZDk0ZTZiLWRiYTktNDc3Yy05N2FhLWYwMjg2ODU3MmE0NyIsImMiOjE3MzY3NDkzNjI5NzcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0= |
|
| .gemfinance.co.nz/ | Name: _fbp Value: fb.2.1736749362998.924738455712227637 |
|
| .gemfinance.co.nz/ | Name: _ga_ZXRZ5ZKK5R Value: GS1.1.1736749363.1.0.1736749363.60.0.0 |
|
| .gemfinance.co.nz/ | Name: _ga Value: GA1.1.105153347.1736749363 |
|
| .demdex.net/ | Name: demdex Value: 32219348071409432852907717008895872150 |
|
| .gemfinance.co.nz/ | Name: AMCVS_B6D9B74F57B2FBE97F000101%40AdobeOrg Value: 1 |
|
| .gemfinance.co.nz/ | Name: utag_vnum Value: 1739341363468&vn=1 |
|
| .gemfinance.co.nz/ | Name: utag_invisit Value: true |
|
| .gemfinance.co.nz/ | Name: utag_dslv Value: 1736749363469 |
|
| .gemfinance.co.nz/ | Name: utag_dslv_s Value: First Visit |
|
| .gemfinance.co.nz/ | Name: _ga_S8DT26C3G4 Value: GS1.1.1736749363.1.0.1736749363.60.0.0 |
|
| .gemfinance.co.nz/ | Name: _gcl_au Value: 1.1.724772060.1736749364 |
|
| .doubleclick.net/ | Name: ar_debug Value: 1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUl8uHxs1B0Jpm9KOqhAl4fvwq9Vs4AaQo9cvi0YmimslbJvOK2breV98uqD |
|
| .gemfinance.co.nz/ | Name: s_ecid Value: MCMID%7C31754052393841080972953688084885316962 |
|
| .gemfinance.co.nz/ | Name: s_tp Value: 2210 |
|
| .gemfinance.co.nz/ | Name: s_ppv Value: gemf-web%253Anz%253Adisclosures%2C54%2C54%2C1200 |
|
| .gemfinance.co.nz/ | Name: s_cc Value: true |
|
| .doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
| .adsrvr.org/ | Name: TDID Value: eda48b47-da7b-413c-8845-71bc773beb7b |
|
| .dpm.demdex.net/ | Name: dpm Value: 32219348071409432852907717008895872150 |
|
| .gemfinance.co.nz/ | Name: AMCV_B6D9B74F57B2FBE97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C20102%7CMCMID%7C31754052393841080972953688084885316962%7CMCAAMLH-1737354163%7C7%7CMCAAMB-1737354163%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1736756564s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20109%7CvVersion%7C5.4.0 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBDWxhGcCENt4EJJstp_tj1djORhOhHUFEgEBAQEChmeOZ4rENuUA_eMAAA&S=AQAAAi_yy6PI8ehNwe7lzq7ImBA |
|
| .bidswitch.net/ | Name: tuuid Value: 95ee2f03-b7ed-4c1a-9a05-664f0bf23131 |
|
| .bidswitch.net/ | Name: c Value: 1736749365 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1736749365 |
|
| .rubiconproject.com/ | Name: audit_p Value: 1|2LqERVEnQ2bT587D43VJ5/QN3W5qZr5MLDS66fjKEM0eObUSX1xGaJJbxIpC7y17IOKvIO2gt2owHTRO1/p4iHX0qfg68IpFQAPcN3ARK87wvAColp2Cbu463cV6z5j1yo6q3JO3ZiAkkNfumGvdVEe2v/NL5oxuajF3vI5+4arREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ== |
|
| .rubiconproject.com/ | Name: khaos Value: M5UNQBIO-1R-76ZT |
|
| .rubiconproject.com/ | Name: khaos_p Value: M5UNQBIO-1R-76ZT |
|
| .rubiconproject.com/ | Name: audit Value: 1|2LqERVEnQ2bT587D43VJ5/QN3W5qZr5MLDS66fjKEM0eObUSX1xGaJJbxIpC7y17IOKvIO2gt2owHTRO1/p4iHX0qfg68IpFQAPcN3ARK87wvAColp2Cbu463cV6z5j1yo6q3JO3ZiAkkNfumGvdVEe2v/NL5oxuajF3vI5+4arREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ== |
|
| .adsrvr.org/ | Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMzgm5mX6dk9EAUSFQoGZ29vZ2xlEgsIwPzNnpfp2T0QBRIYCgliaWRzd2l0Y2gSCwj0pJyZl-nZPRAFGAUgAygDMgsItryexq3p2T0QBUIPIg0IARIJCgV0aWVyMRABWgd6anM0Z3FuYAE. |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
14129891.fls.doubleclick.net
9239623.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
cdn.contentful.com
cm.everesttech.net
connect.facebook.net
data.privacy.ensighten.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
latitudefinancialservices.demdex.net
nexus.ensighten.com
script.hotjar.com
sidebar.bugherd.com
smetrics.gemfinance.co.nz
static.hotjar.com
stats.g.doubleclick.net
tags.tiqcdn.com
td.doubleclick.net
vc.hotjar.io
www.bugherd.com
www.facebook.com
www.gemfinance.co.nz
www.google.co.nz
www.google.com
www.googletagmanager.com
107.23.22.141
108.158.20.109
108.158.32.22
13.55.4.2
142.250.66.198
142.250.71.68
142.250.76.102
142.251.221.67
151.101.31.18
157.240.8.23
157.240.8.35
18.65.244.98
18.67.110.3
18.67.93.106
2001:4860:4802:32::181
2404:6800:4003:c1c::9a
2404:6800:4006:80b::2002
2404:6800:4006:813::200a
2404:6800:4006:814::2008
2600:9000:2212:8800:2:8f43:5780:93a1
2600:9000:2212:e400:7:2bfb:7c00:93a1
2606:4700:20::ac43:4794
44.198.85.11
52.76.172.15
63.140.38.5
07afff0f0182c104bf9e0c2a60f7b59ced6340b52679b54805b8ebbd6792d475
0c195dc3fac06deb0fa87317273d910e0cf4158e9f12099c96819dda6028e481
0dcd0edd388cc426dab1ebe1608e6812f4388d988d9b680e6e4c87940f82dce9
0eb548448cb41b00fb97d10f345d6808954bf211ecbe01d4bea740bc7ce09c5f
13b70858549f3c8dc222bf4deb2f88ff5a338d43d3912574e7b4e3463eb1620b
1edff7051e6208391d9b521854441f2366cf44a0b774f3cd69ffeb01cf515051
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
383190939c3c85308b725cb64370ce837fa1c8df49bb73842cea35fee8c9cb45
3b383eede0fc29a3cdc8a232f618ceeeeab2a3b617e3696e44b695a3cf92c494
3bc5d831eb56514df1b31d32e1d5e8b7c1a55d4dbc0ed0d02aa2f0084ad88b81
5332fd32d8be28eb2531721220e8c3c561000378988be4b4d7f97568f0b3f224
5b6914b498e5bef265fcd03a9c0aaaf187416a2fe864d7d8cb9d1ca8205b531d
5f037b9e2c01f0a27c6cabd9e075dd502dc43c247d58541698ae0beb434b82a0
623e21235e4ea20cd1b45269f30a74d116e1784c0d5c3058017ad34fee4d3982
6429cd3a221bfd7c68f71566edc2eaff7ec239a6721febcadf83943d1951c51e
651f5fb89445fc2733292f83c8bba509c4dab545066b4a8bdbeed6fe8f4d8bd4
66bec06b9dd168f58a0a63d1d2a1ca305c053770513b29f1af768eba25bda20b
6726953d0c5dd4da2b357a413d23e9e19396cdfca0072d3d9046a6422d315061
68fb3f2e421ce23a5ba892ec998227245cde9984ef3335185e0cbff1edd5651b
6941b4d751415a0a3970a58ad3f83d3fe3f18641f8b8ec4bc4f2ec8b670d1b97
7081ffe6e244a7f4cb2c763e661ffb69afbeae25913240bfe68a3948962455d8
7381483624ae36c339cd9efd31abd3005b58aefae783123540389eb4cc0830b7
757089a530514b5d02cb81c609620fdc518349e310bcc82173ad207195e7766d
79263282a0feb11d6bccc07c89fa9d10b6127d06ab27deec8a4947471d7b30df
8f78604f61cd32cbd6a9ba53a120ee9050dabb9930f2ed6f29100d2d2d0c22c3
93d12f6e780e13883d6e67d291d21e4b0116fe5a575dd8caee53acb3851bc1b0
99a3b4fd7ab63617d1f06c88239e3d567eb84ed2aa65e71aba68b3fd58abf471
9c1b2292f87f88796405b06e4079b37e7dde735f3de59fe02fb3d4dbc146fe86
9df923b2624b17a6d9ad48e7899a83ef602d75da140a9df18cad776fbd996faf
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3ee483c996b89f31a587d637544e951a5aadd10e57abe5f97c1e4429b214152
a56cab623228588fd332f991c16c743cebbeedb30681fc7377caf80bc410eebf
aa43ad111d051e43a9870d5b08ac31fff53f2916555db626ca35b99d9a51e904
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae81418dc2f741122dad82c334e31e68d8372a56132eab7e2d80c5e486ae6812
b35c3cdba97f5f6768fb8e5ee0fcc1a099f06c224ff9acb242a1daa7ba122421
b5d091fa1ca5625de0132bbfab3b1b8fe2fcb841469a4fabed0a04734e695a35
c13cfd563da77e4b86ca5570537996d21d75fdfba07049f62bcea8e8e20a7928
c7b6ce06feea3789bb9bfe3da03862568c501178dd479e1494a4626c37060433
d2a7be152937512ef6c8c36535ce88ff7b56c2e735a7e381e246adff2c990c0c
de26247843d345200b517d32d88b0b2a99b50fd98d192c11971d97f0f78ce0e5
e06d35b1ff6b7ca52b606bd7e98e6eaf0e642d09d2bfac16ca7ef78f7df2af46
e2e619e5a7e182d10f579c799e0957e4f4108effc17589e5c6b03ae9d3d63fa4
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e687f5b6eb1a0c3735f44051ec6e43fa7809ab4dae0c2aeb86bc8a724cbbe20a
ea544d5ff897ae72c155b4901d1df2a2649ad8fee19535bcc6ab3b4e521c77df
eebcc3860031edc9f5dff2549fb3b87a9a3727ac169b0bc08ce0c1a50961e238
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f4c7ba01908c7fa1f6acdcd83ec2b7f52f40ca87a329d657f78f22580d8e68
f25416565112d0f3e0a2d6fe0f856065435a9bdbfda8cdd11af3628340af9db1
f8b42be9e551436e95854c8b6cd8cc8d1624b8cf7fa7c712a6dc1c84b204eb55
f9bb3fd9508d976cc4ceb01fd02ff8ecc2870fb9d0098b550a656767fa767d25
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1