www.comparecards.com
Open in
urlscan Pro
104.19.179.13
Public Scan
Effective URL: https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&...
Submission: On June 08 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 23rd 2022. Valid for: a year.
This is the only time www.comparecards.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-6-143.compute-1.amazonaws.com
click.deals.shermanstravel.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-69-134.compute-1.amazonaws.com
landscape.shermanstravel.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
secure.quantserve.com | |
pixel.quantserve.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-218.fra6.r.cloudfront.net
d2619hvqn7b355.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-217-101.compute-1.amazonaws.com
cs.choozle.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-186-148.muc50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
d2r8ootic371nc.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
lytics.io
c.lytics.io — Cisco Umbrella Rank: 5389 |
52 KB |
8 |
shermanstravel.com
1 redirects
click1.shermanstravel.com — Cisco Umbrella Rank: 694322 click.deals.shermanstravel.com landscape.shermanstravel.com |
24 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 43 |
20 KB |
4 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 92 |
564 B |
4 |
lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 6210 |
166 KB |
4 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2518 |
11 KB |
3 |
comparecards.com
2 redirects
www.comparecards.com — Cisco Umbrella Rank: 3255 |
2 KB |
3 |
adsrvr.org
1 redirects
insight.adsrvr.org — Cisco Umbrella Rank: 554 match.adsrvr.org — Cisco Umbrella Rank: 306 |
673 B |
3 |
cloudfront.net
d2619hvqn7b355.cloudfront.net d1eoo1tco6rr5e.cloudfront.net d2r8ootic371nc.cloudfront.net |
24 KB |
3 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 281 fonts.googleapis.com — Cisco Umbrella Rank: 52 |
35 KB |
2 |
pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 770 |
839 B |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6180 |
565 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 4 |
565 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 |
2 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149 |
114 KB |
2 |
pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 741 |
19 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
2 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 942 pixel.quantserve.com — Cisco Umbrella Rank: 430 |
10 KB |
1 |
lendingtree.com
1 redirects
splitter.lendingtree.com |
2 KB |
1 |
azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 7063 |
792 B |
1 |
choozle.com
cs.choozle.com — Cisco Umbrella Rank: 7106 |
123 B |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 122 |
15 KB |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 906 |
439 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75 |
64 KB |
63 | 24 |
Domain | Requested by | |
---|---|---|
9 | c.lytics.io |
click.deals.shermanstravel.com
c.lytics.io |
6 | click.deals.shermanstravel.com |
click.deals.shermanstravel.com
ajax.googleapis.com |
5 | www.google-analytics.com |
click.deals.shermanstravel.com
www.google-analytics.com |
4 | www.facebook.com |
click.deals.shermanstravel.com
|
4 | www.lightboxcdn.com |
click.deals.shermanstravel.com
www.lightboxcdn.com |
4 | nexus.ensighten.com |
www.googletagmanager.com
nexus.ensighten.com |
3 | www.comparecards.com |
2 redirects
click.deals.shermanstravel.com
|
2 | insight.adsrvr.org |
1 redirects
d1eoo1tco6rr5e.cloudfront.net
|
2 | ct.pinterest.com |
s.pinimg.com
click.deals.shermanstravel.com |
2 | www.google.de |
click.deals.shermanstravel.com
|
2 | www.google.com |
click.deals.shermanstravel.com
|
2 | connect.facebook.net |
click.deals.shermanstravel.com
connect.facebook.net |
2 | s.pinimg.com |
www.googletagmanager.com
s.pinimg.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
click.deals.shermanstravel.com
|
1 | splitter.lendingtree.com | 1 redirects |
1 | d2r8ootic371nc.cloudfront.net |
c.lytics.io
|
1 | match.adsrvr.org |
click.deals.shermanstravel.com
|
1 | d1eoo1tco6rr5e.cloudfront.net |
nexus.ensighten.com
|
1 | lightboxapi.azurewebsites.net |
www.lightboxcdn.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | cs.choozle.com |
click.deals.shermanstravel.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | d2619hvqn7b355.cloudfront.net |
click.deals.shermanstravel.com
|
1 | pixel.quantserve.com |
click.deals.shermanstravel.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | www.googletagmanager.com |
click.deals.shermanstravel.com
|
1 | secure.quantserve.com |
click.deals.shermanstravel.com
|
1 | landscape.shermanstravel.com |
click.deals.shermanstravel.com
|
1 | ajax.googleapis.com |
click.deals.shermanstravel.com
|
1 | click1.shermanstravel.com | 1 redirects |
63 | 32 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.shermanstravel.com Amazon |
2022-05-17 - 2023-06-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-09 - 2022-08-01 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-05-09 - 2022-08-01 |
3 months | crt.sh |
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-26 - 2022-08-05 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-03-18 - 2022-06-16 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-16 - 2023-05-16 |
a year | crt.sh |
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-14 - 2022-10-12 |
a year | crt.sh |
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2022-06-01 - 2022-12-08 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-05-09 - 2022-08-01 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-05-09 - 2022-08-01 |
3 months | crt.sh |
*.choozle.com Amazon |
2022-05-18 - 2023-06-16 |
a year | crt.sh |
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01 |
2022-03-14 - 2023-03-09 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-05-09 - 2022-08-01 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
comparecards.com Cloudflare Inc ECC CA-3 |
2022-05-23 - 2023-05-23 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610&sessionid=503ef135-8604-42a6-b21c-89553e46ec5b&mta=1
Frame ID: 40CFFCE2609C4D95C27E2EDD7D6DF998
Requests: 59 HTTP requests in this frame
Frame:
https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1654715465036&lv=1
Frame ID: DB53171ECF996FCB9F596F7218949355
Requests: 2 HTTP requests in this frame
Frame:
https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
Frame ID: 5AA8EC60567782751530B9F50832BFC0
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=4...
HTTP 302
https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=Pos... Page URL
-
http://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=...
HTTP 301
https://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=... HTTP 307
https://splitter.lendingtree.com/api/CrossDomainTracking?mtaid=4E221&originalUrl=https%3A%2F%2Fwww.comparecar... HTTP 307
https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cas... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Ensighten (Tag Managers) Expand
Detected patterns
- //nexus\.ensighten\.com/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Lightbox (JavaScript Libraries) Expand
Detected patterns
- lightbox(?:-plus-jquery)?.{0,32}\.js
Quantcast Measure (Analytics) Expand
Detected patterns
- \.quantserve\.com/quant\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=41261&b=205687&c=111
HTTP 302
https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111 Page URL
-
http://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610
HTTP 301
https://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610 HTTP 307
https://splitter.lendingtree.com/api/CrossDomainTracking?mtaid=4E221&originalUrl=https%3A%2F%2Fwww.comparecards.com%2F%3Fsplitterid%3Dcoca-guide-amazing-cash-back-credit-cards%26mtaid%3D4E221%26esourceid%3D6419806%26utm_source%3Dshermanstravel%26grp%3Damazing-cash-back%26utm_campaign%3DSTDedicated%26tar%3DSTDedicated%26placement_name%3DSTDedicated%26utm_content%3Dwatch%2Bthe%2Bmoney%2Bpile%2Bup%2Bwith%2Bthese%2Bcashback%2Bcards%26adt%3Dhotpinkdollars%26ad_headline%3Dwatch%2Bthe%2Bmoney%2Bpile%2Bup%2Bwith%2Bthese%2Bcashback%2Bcards%26ad_image_name%3Dhotpinkdollars%26ad_position%3D2%26utm_medium%3Dnative%26pla%3Dshermanstravel.com%26bdst%3Drev%26campaign_date%3D20220610 HTTP 307
https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610&sessionid=503ef135-8604-42a6-b21c-89553e46ec5b&mta=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=41261&b=205687&c=111 HTTP 302
- https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
- https://insight.adsrvr.org/tags/ilucn8a/z4a47p5/iframe HTTP 303
- https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
watch-the-money-pile-up-with-these-cashback-cards
click.deals.shermanstravel.com/1742696/440/ Redirect Chain
|
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ |
91 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 961 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 635 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial-18b4490c67debd584ae96942f161a42c.css
click.deals.shermanstravel.com/assets/ |
1 KB 745 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial_external-280e77248e226b071b4a84b58d622434.css
click.deals.shermanstravel.com/assets/ |
1 KB 682 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
st_landscape.js
landscape.shermanstravel.com/ |
1 KB 947 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sht_logo_desktop-cbea7eafa6612ce39709903a4388d300.png
click.deals.shermanstravel.com/assets/logos/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
174 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
watch-the-money-pile-up-with-these-cashback-cards
click.deals.shermanstravel.com/1742696/440/ |
1 KB 980 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-y7jhK3PrFbS21.js
rules.quantcount.com/ |
3 B 439 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=1106661516;labels=ShermansTravel%20Deals%20Network;rf=0;a=p-y7jhK3PrFbS21;url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-card...
pixel.quantserve.com/ |
35 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 219 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.jpg
d2619hvqn7b355.cloudfront.net/uploads/partner/large_logo/982/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrows-8d8e8b955e27d8c6747cc06635e44272.gif
click.deals.shermanstravel.com/assets/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
s.pinimg.com/ct/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.min.js
c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/choozle/16346/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightbox.js
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame DB53 |
326 B 479 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 452 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1030893760286070
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/choozle/16346/ |
401 B 543 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2033ac07a2eae34026d3189da90d18b6
c.lytics.io/cid/ |
24 B 463 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame DB53 |
961 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b91deb381a983463890df766160d0db7.js
nexus.ensighten.com/choozle/16346/code/ |
2 KB 536 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daf02a36827736997cd92656653dd1c9.js
nexus.ensighten.com/choozle/16346/code/ |
1 KB 859 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
26781
cs.choozle.com/dp/chz/ |
35 B 123 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.32155010.js
s.pinimg.com/ct/lib/ |
52 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011597705/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
z
lightboxapi.azurewebsites.net/z9gd/42332/click.deals.shermanstravel.com/jsonp/ |
543 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.gif
www.lightboxcdn.com/z9g/ |
35 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d8733d13-0782-4eb2-a8c5-f022775aae9d
c.lytics.io/api/personalize/2033ac07a2eae34026d3189da90d18b6/user/_uid/ |
3 KB 1 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ |
35 B 318 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ |
35 B 315 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ |
35 B 404 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/user/ |
487 B 743 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/v3/ |
35 B 96 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/1011597705/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-user-list/1011597705/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe
d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/ Frame 5AA8 Redirect Chain
|
138 B 668 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
match.adsrvr.org/track/cmf/generic/ |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/pxl/ Frame 5AA8 |
70 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.js
c.lytics.io/static/ |
101 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.css
c.lytics.io/static/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shermans-overrides.css
d2r8ootic371nc.cloudfront.net/lytics-shermanstravel/ |
20 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
c.lytics.io/api/experience/candidate/2033ac07a2eae34026d3189da90d18b6/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
amazing-cash-back-credit-cards
www.comparecards.com/guide/ Redirect Chain
|
9 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
click1.shermanstravel.com/ | Name: JSESSIONID Value: B897350571F23B18E3729E65203F4C4E |
|
.shermanstravel.com/ | Name: _ga Value: GA1.2.1826539151.1654715465 |
|
.shermanstravel.com/ | Name: _gid Value: GA1.2.1234424202.1654715465 |
|
.shermanstravel.com/ | Name: usrsess Value: %7B%22e%22%3A1654717264%2C%22v%22%3A%7B%22cord%22%3A1%7D%7D |
|
.quantserve.com/ | Name: mc Value: 62a0f448-e9b51-67eb3-e18ae |
|
.shermanstravel.com/ | Name: _gat Value: 1 |
|
.shermanstravel.com/ | Name: __qca Value: P0-1857182685-1654715464929 |
|
.shermanstravel.com/ | Name: _gcl_au Value: 1.1.302400181.1654715465 |
|
.click.deals.shermanstravel.com/ | Name: seerses Value: e |
|
.shermanstravel.com/ | Name: _fbp Value: fb.1.1654715465139.142156513 |
|
.click.deals.shermanstravel.com/ | Name: seerid Value: d8733d13-0782-4eb2-a8c5-f022775aae9d |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.click.deals.shermanstravel.com/ | Name: _pin_unauth Value: dWlkPVlqTTFOVEl6TldFdFlqazVNQzAwWVRsaExXRmtOekl0WWpZeFpqVTNaRGMwTXpVeg |
|
.lytics.io/ | Name: seerid Value: d8733d13-0782-4eb2-a8c5-f022775aae9d |
|
.comparecards.com/ | Name: __cf_bm Value: t9sU4hJNzGjXxFCSnneGAwlT849DUkrnFGCkYQx9uuo-1654715469-0-Aa7+D5B/pa5FW8tTlc8ckCBcH50exmuOvbR5aAmBM3g4w6prz9ExkF3ApcssBgKDkyIrt+paM4EYZENZq9mrV8s= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
c.lytics.io
click.deals.shermanstravel.com
click1.shermanstravel.com
connect.facebook.net
cs.choozle.com
ct.pinterest.com
d1eoo1tco6rr5e.cloudfront.net
d2619hvqn7b355.cloudfront.net
d2r8ootic371nc.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
landscape.shermanstravel.com
lightboxapi.azurewebsites.net
match.adsrvr.org
nexus.ensighten.com
pixel.quantserve.com
rules.quantcount.com
s.pinimg.com
secure.quantserve.com
splitter.lendingtree.com
stats.g.doubleclick.net
www.comparecards.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
104.19.147.29
104.19.179.13
15.197.193.217
151.101.128.84
18.195.42.228
18.66.186.148
20.40.202.0
216.58.212.162
2600:9000:2057:9200:11:b97d:c600:21
2600:9000:2315:3c00:6:44e3:f8c0:93a1
2606:4700:20::681a:216
2606:4700::6810:51a5
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:400c:c07::9b
2a02:26f0:3500:891::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.220.150
34.193.6.143
44.197.217.101
52.0.69.134
74.214.203.11
99.86.1.218
050c3aaec0b43fc06246a676b30b0ca0a1e1c765903a07d403e6e30ddd2503db
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0b210becbb202a73c8c40e469e2500fb92f7a0ae867b64909f49bded5cfb2103
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0dbe5951f1b2fc415b5c49994e6a877396618d47cb4e9c26ebe05908b718f799
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146a03175b402672121859534d41746101351d328deefd13753eb40bad5c2448
1d3dd3128042a9ee9584961f85fa5d5199d8d9046d5ab9617e5e30dc4dac3142
212954141f78bba409857a6fdb356639fe7846e8ff91bf2fc6b12f7c8dd28cca
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
29deb14477cf999bbb35097903fc55f2847121bf38ae3c0a14736ac5cf462a89
2ea475a2aed045ed1748b8c64853ad2423164b3e23b2269f64f72b93f7e5bc2c
3287d19fb549ad1443377c8490fe1cf95b9ef35cb8473747b54662c1f1add459
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3fde7a56c437a737445b59a2a94749888886990dbe40b410dd4a7abe00c4dfc4
4471b340d0573aed2222f6f7b94749e3ae1d5573b929d1fa9dcf0493ea7f741b
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4e90ad41ae655ac2d685e0fb8ed83fe474e9c7ec4ca04451639f9301760344d4
5246c1351922b3cb2b238400e4b80678680f40577d2995fc5f29b8368aa25750
6412ec37d9c58c87e9678bd55dfeaa632d05abb90304c9220a8c1a8ed6b1dad0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdec4e3c51e8632f4f07fc071477493f519187d39821841e57fad12594a1662
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a82d5d6368f34a1384c667f859540aebb8eb4f071d80de35c861f4919b5a209d
acc99a0b70afad5ab53c8c1fb2be18189342e873e7b1e07327f044773c5edba0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d4f4be14ec90c84952052c340e8a18f447de2f305eab176bf70dc04e4b32e818
d998b01e8bab6d5570c17f428e9547d4a6753a696b8bdac3e186332b3a575bd9
d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875
e0599c1b92893f04ff8ffd231d5532501c02fd5f346170f7d3cd1120de0b4101
e2bcd5a8e2e8f4157a9899ff2923a58e23dc09f588f8f316157de7f22a438def
ea626c9d7ce9f6bb3096ce20d10f55ee60ee8b8cfd17c2907e7829a2291b08df
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ec71478763d59753bb1931f8cc7f3ce6584d5a60fa15dfe00eaf52c4458fe695
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60e5fe54f75b0825bc3a51830b26709a96843762ae26a45f4439a749df039f
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f48efe3749c6349fd14f1c380b97b699d7a74350f2a6d4050775c054bca259dd
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729