lp.newrez.com
Open in
urlscan Pro
13.111.185.135
Public Scan
Effective URL: https://lp.newrez.com/sms-qd
Submission: On May 19 via manual from US
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 10th 2020. Valid for: a year.
This is the only time lp.newrez.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-20.fra56.r.cloudfront.net
static.hotjar.com |
ASN13335 (CLOUDFLARENET, US)
prism.app-us1.com | |
diffuser-cdn.app-us1.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-81-166.compute-1.amazonaws.com
track.gaconnector.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN26211 (PROOFPOINT-ASN-US-WEST, US)
PTR: urldefense.proofpoint.com
urldefense.proofpoint.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-14-71.vie50.r.cloudfront.net
compass.rebel.ai |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-14-67.vie50.r.cloudfront.net
script.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-103.fra53.r.cloudfront.net
vars.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
10713737.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-207.fra2.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net |
Domain | Requested by | |
---|---|---|
8 | image.s10.exacttarget.com |
lp.newrez.com
|
7 | create.leadid.com |
create.lidstatic.com
deviceid.trueleadid.com |
6 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | script.crazyegg.com |
www.googletagmanager.com
script.crazyegg.com |
3 | beacon.krxd.net |
lp.newrez.com
cdn.krxd.net |
3 | cdn.krxd.net |
www.googletagmanager.com
cdn.krxd.net |
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com lp.newrez.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | 10713737.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | consumer.krxd.net |
cdn.krxd.net
|
2 | www.google.de |
lp.newrez.com
|
2 | www.google.com |
lp.newrez.com
|
2 | connect.facebook.net |
lp.newrez.com
connect.facebook.net |
2 | prism.app-us1.com |
1 redirects
prism.app-us1.com
|
2 | www.googletagmanager.com |
lp.newrez.com
www.googletagmanager.com |
2 | stackpath.bootstrapcdn.com |
lp.newrez.com
|
2 | lp.newrez.com | 1 redirects |
1 | cookie.rebel.ai |
urldefense.proofpoint.com
|
1 | event.rebel.ai |
lp.newrez.com
|
1 | adservice.google.com |
10713737.fls.doubleclick.net
|
1 | deviceid.trueleadid.com |
d2m2wsoho8qq12.cloudfront.net
|
1 | d2m2wsoho8qq12.cloudfront.net |
create.lidstatic.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | www.facebook.com |
lp.newrez.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | compass.rebel.ai |
lp.newrez.com
|
1 | urldefense.proofpoint.com | 1 redirects |
1 | web-2-tel.com |
www.googletagmanager.com
|
1 | track.gaconnector.com |
www.googletagmanager.com
|
1 | diffuser-cdn.app-us1.com |
lp.newrez.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | create.lidstatic.com |
lp.newrez.com
|
1 | cdnjs.cloudflare.com |
lp.newrez.com
|
1 | code.jquery.com |
lp.newrez.com
|
1 | fonts.googleapis.com |
lp.newrez.com
|
1 | click.mc.newrez.com | 1 redirects |
72 | 39 |
This site contains links to these domains. Also see Links.
Domain |
---|
ezapp.newrez.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lp.newrez.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-10 - 2021-12-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
akamai-san1.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-06 - 2022-02-06 |
a year | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
lidstatic.com Cloudflare Inc ECC CA-3 |
2021-04-30 - 2022-04-29 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 01 |
2021-04-12 - 2021-10-12 |
6 months | crt.sh |
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2021-02-08 - 2022-02-07 |
a year | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
*.gaconnector.com Sectigo RSA Domain Validation Secure Server CA |
2019-08-06 - 2021-08-05 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
*.web-2-tel.com Sectigo RSA Organization Validation Secure Server CA |
2020-08-14 - 2022-11-12 |
2 years | crt.sh |
*.rebel.ai Amazon |
2021-05-17 - 2022-06-15 |
a year | crt.sh |
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-13 - 2022-01-07 |
a year | crt.sh |
create.leadid.com Amazon |
2021-04-24 - 2022-05-23 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
consumer.krxd.net DigiCert SHA2 Secure Server CA |
2020-09-14 - 2021-09-14 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-05-03 - 2021-07-26 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
deviceid.trueleadid.com Amazon |
2021-02-06 - 2022-03-07 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://lp.newrez.com/sms-qd
Frame ID: 3D4B0C57D2F4F95688B57BA2634B5473
Requests: 65 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: C0DA9983EBBE5DFBED5D2CF39D0036B3
Requests: 1 HTTP requests in this frame
Frame:
https://10713737.fls.doubleclick.net/activityi;dc_pre=CKPOrcGt1vACFU7d1Qoda9wHmQ;src=10713737;type=newre0;cat=newre0;ord=1314177113624;gtm=2od5c1;auiddc=1493010613.1621448270;~oref=https%3A%2F%2Flp.newrez.com%2Fsms-qd
Frame ID: 5FACC8D02233BB33E79390754805DB49
Requests: 2 HTTP requests in this frame
Frame:
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=BB99AB49-880C-079A-CD73-E93FD902DE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0A06184A-C8EC-7D4D-B573-C533DB097ADE&lac=B94E7CDE-E7EC-C58D-C8FF-5FF9C0350903
Frame ID: FC0030E195B670B42056D7C925F383E7
Requests: 1 HTTP requests in this frame
Frame:
https://deviceid.trueleadid.com/iframe.html?token=BB99AB49-880C-079A-CD73-E93FD902DE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0A06184A-C8EC-7D4D-B573-C533DB097ADE&lac=B94E7CDE-E7EC-C58D-C8FF-5FF9C0350903
Frame ID: 300B898AAB2B4DDB21050127F37E48DA
Requests: 2 HTTP requests in this frame
Frame:
https://cookie.rebel.ai/bsync?guid=91219c13-e17f-4822-85f1-7d4a12ecb54e&cv=eyJpZCI6ImNjZTY4ZTIwLTk3YzctMzA2Ni0yZjkzLTBlNWNkZjIzNjM2NCIsInB2IjoxLCJzdGltZSI6MTYyMTQ0ODI3MDUzOSwic2MiOjF9&p=aHR0cHM6Ly9scC5uZXdyZXouY29tL3Ntcy1xZA==
Frame ID: 6215D33851A705336BCFD162F138FCD0
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.mc.newrez.com/?qs=543fa95801678893ab1a49cdbe33979ddc357a7950f28b0e0ee8026d997f815f6394b032...
HTTP 302
http://lp.newrez.com/sms-qd HTTP 302
https://lp.newrez.com/sms-qd Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Crazy Egg (Analytics) Expand
Detected patterns
- script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Prism (Miscellaneous) Expand
Detected patterns
- script /prism\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Get Started Online
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.mc.newrez.com/?qs=543fa95801678893ab1a49cdbe33979ddc357a7950f28b0e0ee8026d997f815f6394b032307443e5e4d2b58bef99e4e076a3806cf5a961929c8620ff0d2540e9
HTTP 302
http://lp.newrez.com/sms-qd HTTP 302
https://lp.newrez.com/sms-qd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://prism.app-us1.com/prism.js HTTP 301
- https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
- https://urldefense.proofpoint.com/v2/url?u=https-3A__compass.rebel.ai_js_evt.js&d=DwIGAg&c=0lncElIBWYsRcXcy7LkjHTsv1U5PF4UYQ4WSvB6jjFo&r=hDi7e5KcRnU5xP7khz_sqzPO8l9iU_ZbmCon6n57ZDc&m=yj6cfbpqQMrJiNole-ZLJzWF1GSEwDi5TcwrcglSGRg&s=EoDQzoK_KrpSDZJDzP3gc_mVEB8ZM2gaPiZWf-TzIY4&e= HTTP 302
- https://compass.rebel.ai/js/evt.js
- https://10713737.fls.doubleclick.net/activityi;src=10713737;type=newre0;cat=newre0;ord=1314177113624;gtm=2od5c1;auiddc=1493010613.1621448270;~oref=https%3A%2F%2Flp.newrez.com%2Fsms-qd HTTP 302
- https://10713737.fls.doubleclick.net/activityi;dc_pre=CKPOrcGt1vACFU7d1Qoda9wHmQ;src=10713737;type=newre0;cat=newre0;ord=1314177113624;gtm=2od5c1;auiddc=1493010613.1621448270;~oref=https%3A%2F%2Flp.newrez.com%2Fsms-qd
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
sms-qd
lp.newrez.com/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ |
152 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 823 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8ff728a8-a105-4cfa-a666-95cc6ff802ff.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
39049568-1fc9-44c5-bddc-6bb73f242769.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1423cf92-fb40-457e-b98e-a3fda6e410ad.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c60ca670-3dcb-4962-a8ba-4e2239ef5db7.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f6ca36b9-c6e8-4429-9b61-69a25f10078d.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
98c6d565-6488-48cb-aaea-a0939d097c0a.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
83da9b42-3f69-40da-90f4-cf6c8ee9a41a.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f1b66902-9ea4-4a9a-a84f-29e0961e2470.png
image.s10.exacttarget.com/lib/fe3d15707564057e741177/m/1/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ |
57 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0a06184a-c8ec-7d4d-b573-c533db097ade.js
create.lidstatic.com/campaign/ |
123 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0173.js
script.crazyegg.com/pages/scripts/0068/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vbq4qx829.js
cdn.krxd.net/controltag/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1381927.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ Redirect Chain
|
24 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gaconnector.js
track.gaconnector.com/ |
8 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
org-sdk
web-2-tel.com/ |
17 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
js
www.googletagmanager.com/gtag/ |
81 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
evt.js
compass.rebel.ai/js/ Redirect Chain
|
27 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event.gif
beacon.krxd.net/ |
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
js
www.google-analytics.com/gtm/ |
141 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GenerateToken
create.leadid.com/2.11.7/ |
36 B 335 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56297126
bat.bing.com/p/action/ |
0 93 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 94 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
2668109330126344
connect.facebook.net/signals/config/ |
40 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0173.json
script.crazyegg.com/pages/data-scripts/0068/ |
8 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019713031/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.0fd8b750824023792fba.js
script.hotjar.com/ |
220 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ |
259 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
prism.app-us1.com/ |
0 214 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.1.295.js
script.crazyegg.com/pages/versioned/common-scripts/ |
62 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame C0DA |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1019713031/ |
42 B 138 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1019713031/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0173.json
script.crazyegg.com/pages/sampling-data-scripts/0068/ |
46 B 155 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c7a134c3-3ce3-425e-8461-1173dd6026b8
consumer.krxd.net/consent/get/ |
219 B 292 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c7a134c3-3ce3-425e-8461-1173dd6026b8
consumer.krxd.net/consent/set/ |
255 B 463 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
activityi;dc_pre=CKPOrcGt1vACFU7d1Qoda9wHmQ;src=10713737;type=newre0;cat=newre0;ord=1314177113624;gtm=2od5c1;auiddc=1493010613.1621448270;~oref=https%3A%2F%2Flp.newrez.com%2Fsms-qd
10713737.fls.doubleclick.net/ Frame 5FAC Redirect Chain
|
396 B 349 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame FC00 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
SaveDom
create.leadid.com/2.11.7/ |
0 298 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
deviceid.trueleadid.com/ Frame 300B |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CKPOrcGt1vACFU7d1Qoda9wHmQ;src=10713737;type=newre0;cat=newre0;ord=1314177113624;gtm=2od5c1;auiddc=*;~oref=https%3A%2F%2Flp.newrez.com%2Fsms-qd
adservice.google.com/ddm/fls/z/ Frame 5FAC |
42 B 498 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Snap
create.leadid.com/2.11.7/ |
0 298 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track-event
event.rebel.ai/ |
0 38 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SaveDeviceId.js
create.leadid.com/2.11.7/ Frame 300B |
0 302 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Snap
create.leadid.com/2.11.7/ |
0 298 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optout_check
beacon.krxd.net/ |
79 B 237 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
cdn.krxd.net/userdata/ |
357 B 502 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
beacon.krxd.net/ |
0 336 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Snap
create.leadid.com/2.11.7/ |
0 298 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bsync
cookie.rebel.ai/ Frame 6215 |
0 38 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Snap
create.leadid.com/2.11.7/ |
0 298 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
65 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| $ function| jQuery function| Popper object| bootstrap object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| uetq function| Krux string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings string| prismGlobalObjectAlias function| pgo function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| LeadiDconfig object| LeadiD function| UET boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| visitorGlobalObjectAlias object| visitorGlobalObject object| google_optimize string| CE_USER_COMMON_SCRIPT_URL object| CE2BH object| gaconnector2 function| gtag object| defaultStyleFrame object| _0x4410 function| _0x208e undefined| Cookies function| GLOBAL_COOKIES object| telmeBase64 object| MARCHEX_DNI_SCANNER object| telmeDniOrgSdk function| TJSON_Serializer16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.deviceid.trueleadid.com/ | Name: uuid Value: 523713eee8004452bf19cb036a010887 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUn56OJeYiv8QwtffCpXWeV0b-5QU2S_faWHHrDryniOpS2Ivpl-XpV-BgD-Xss |
|
lp.newrez.com/ | Name: __railocckid Value: eyJpZCI6ImNjZTY4ZTIwLTk3YzctMzA2Ni0yZjkzLTBlNWNkZjIzNjM2NCIsInB2IjoxLCJzdGltZSI6MTYyMTQ0ODI3MDUzOSwic2MiOjF9 |
|
lp.newrez.com/ | Name: leadid_token-B94E7CDE-E7EC-C58D-C8FF-5FF9C0350903-0A06184A-C8EC-7D4D-B573-C533DB097ADE Value: BB99AB49-880C-079A-CD73-E93FD902DE65 |
|
.newrez.com/ | Name: _hjTLDTest Value: 1 |
|
.newrez.com/ | Name: _hjid Value: f428c65e-4206-4a14-87de-0d84095aeb5a |
|
.newrez.com/ | Name: _hjFirstSeen Value: 1 |
|
lp.newrez.com/ | Name: kxnewrez_visits Value: 1 |
|
.newrez.com/ | Name: _fbp Value: fb.1.1621448269805.2095617337 |
|
.newrez.com/ | Name: _uetvid Value: 84e437d0b8ce11ebad17e3f048992ce7 |
|
.newrez.com/ | Name: _gat_UA-125765976-1 Value: 1 |
|
lp.newrez.com/ | Name: kxnewrez_cc Value: %7B%22dt%22%3A%22kxcookie%22%2C%22settings%22%3A%7B%22dc%22%3A1%2C%22al%22%3A1%2C%22tg%22%3A1%2C%22cd%22%3A1%2C%22sh%22%3A0%2C%22re%22%3A0%7D%2C%22pr%22%3A%22gdpr%22%2C%22code%22%3A%22success%22%2C%22idt%22%3A%22device%22%2C%22idv%22%3A%22OIU4Vif_%22%2C%22request_id%22%3A%22135fXKxkMEpu82iQXG4iR6%22%2C%22timestamp%22%3A1621448270%7D |
|
.newrez.com/ | Name: _gcl_au Value: 1.1.1493010613.1621448270 |
|
.newrez.com/ | Name: _uetsid Value: 84e2c850b8ce11eb9b2605b94ce52201 |
|
.newrez.com/ | Name: _gid Value: GA1.2.1556414150.1621448270 |
|
.newrez.com/ | Name: _ga Value: GA1.2.1210045559.1621448270 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10713737.fls.doubleclick.net
adservice.google.com
bat.bing.com
beacon.krxd.net
cdn.krxd.net
cdnjs.cloudflare.com
click.mc.newrez.com
code.jquery.com
compass.rebel.ai
connect.facebook.net
consumer.krxd.net
cookie.rebel.ai
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
diffuser-cdn.app-us1.com
event.rebel.ai
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image.s10.exacttarget.com
lp.newrez.com
prism.app-us1.com
script.crazyegg.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
track.gaconnector.com
urldefense.proofpoint.com
vars.hotjar.com
web-2-tel.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
100.26.81.166
107.23.224.234
13.111.185.135
13.111.186.99
13.225.84.207
13.32.14.67
13.32.14.71
13.32.25.20
142.250.185.70
142.250.186.98
143.204.202.103
151.101.114.133
2001:4de0:ac18::1:a:2a
23.45.105.246
2606:4700:10::6816:26b6
2606:4700::6810:125e
2606:4700::6811:925b
2606:4700::6812:bcf
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:82a::2008
2a00:1450:400c:c06::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.236.114.79
52.26.47.235
52.30.251.90
52.38.56.26
67.231.146.66
74.112.125.60
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
0948786ef26e6ffe673c340975893b0b07230a99b7ff28733a36eeaca14d7c92
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15b74646b3f6c605ec7947b70be4a7ce7ecbcc4bd0ef72bbdc475d8e02be965a
1c77681ad800d669d716b34d2072ea9c7c563547297142824f442a61eb117964
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2fa57a510e0534aff52b8f524ca78b1492ed87a3e53139642628df0b33ce6cea
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
36d3bec336b2499807bed749318176b67c4461c071b6aa92de32b62194df29b0
3dd1fa07e4802c23e53915d6e8a450445a9c50efcada797976b64eff77fbb6bd
41c0ada3ce570a051ef1e1e72abc0ee0882b8cd2dd7652823b07eef1c7b9c1df
43bcf55d4da9b8653d359ec876b3f58410e701ac3b563e0c8d87688ccee0cb50
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
50635303f49239a5cf8e1bcda79003eed571509d3e5ace7ad824cf8a50840a24
506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4
519b2bbc1aea5a4a614f4b5d1f774eedb2a6be7cd0968e77afcc653314eaf657
55ef5fb785dc29c2dc48ab41dde8b5daa7e3d7c09d0574ffe54330076f476ec5
5a9942504a963f1a0ae0a7862ce60bdf94332f3cb0a81c70db5a1404b232a588
5c1aa2b63a6333a0330a1a67369fd197ca0851a0b4d2cee0741ae1bbf4a5d1c5
5ef88eaba3aa108497e44d19ad24e8b9b2b3f84c02599c724bd82f8d5d793714
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
66fde57a45d4e9f3d8a01f45d2aba544284c3fb88a8ca73f576ce130b55d1542
70c03eabc1e3eccb2b5d30884eb2bce1e06341a487d81f43dee73336c7e1c449
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8660a0461568f74ff943412ef3a8677d91b680669fbd5a669b793ca73146403b
938bcf412eac294380bcf423bd53e7aa1626706b275a617959f68a2a63d9451a
a018a37f11c5c89b6e4e07ce1b93d70bf83502846ec3cf51ced0ea74ffcbc9a2
a1b42d3aaa44b0ffd722810940c67482d318d58a737420efffea78f6e424b477
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
ad30d03b8249fba27ca964b0bb373fef44f90c1530953e090e13edefdb976c38
ad31254985a92a598415d7fa35c6a518944c1670c41cc2d0d5bf16b4206a8aef
b49e0519c28e3dd7c4ba13ec9b98a3777e133c2431e0ed082f9f132f08c6e178
b5d32fe218a090143b75a32a8e8476a73dbb9097a31d8dc00f3b5a47ecff1a75
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
bde0584dd89d13561c3fc3663009883acf7a02e5047a33e14f90f911ea38b2ae
c3eaea236741bdc5d4e4dc20a5b3a168d3cda38931aef09a418f38ba8abd9116
dc49b5b6f2ac0d6f5564204f1366e3ca03cd321b544824b260b6500815af1c58
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66b74fc5756a20ce4b4fe116cb5c74ad51a005ebda4178a8a9e0333570e9956
e6dd5a5411490b564ca055ff03ec2110feb5d530954d66138a8f8a15749da9f0
e7b3cc61322504711313473557e4948baba7117e82e1fbd9a4aa9c4e30180582
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23f291230f63f232682f4a3e04a09a2e1dfe8f42871c1c365c1c62e291d049b
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2