www.mrg.com
Open in
urlscan Pro
72.10.48.177
Public Scan
Submitted URL: http://mrg.com/
Effective URL: https://www.mrg.com/
Submission: On July 20 via manual from SV — Scanned from DE
Effective URL: https://www.mrg.com/
Submission: On July 20 via manual from SV — Scanned from DE
Summary
This website contacted 22 IPs
in 4 countries
across 21 domains to perform 61 HTTP transactions.
The main IP is 72.10.48.177, located in
Ashburn, United States and
belongs to GO-DADDY-COM-LLC, US.
The main domain is www.mrg.com.
TLS certificate: Issued by R3 on July 2nd 2022. Valid for: 3 months.
This is the only time www.mrg.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on July 2nd 2022. Valid for: 3 months.
This is the only time www.mrg.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
22
72.10.48.177
(Ashburn, United States)
ASN398110 (GO-DADDY-COM-LLC, US)
PTR: spring.mayowebdesign.com
ASN398110 (GO-DADDY-COM-LLC, US)
PTR: spring.mayowebdesign.com
| mrg.com | |
| www.mrg.com |
5
2a02:26f0:3500:16::215:148f
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| use.typekit.net |
3
2a03:2880:f02d:100:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
6
2a03:2880:f12d:181:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
2
2a00:1450:4001:827::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| ssl.google-analytics.com |
1
2a02:26f0:3500:16::215:149b
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| snap.licdn.com |
3
2620:1ec:21::14
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| px.ads.linkedin.com | |
| www.linkedin.com |
9
52.19.45.42
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-45-42.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-45-42.eu-west-1.compute.amazonaws.com
| pixel-geo.prfct.co |
2
18.156.0.31
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
| ups.analytics.yahoo.com |
1
34.98.64.218
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
1
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
2
142.250.185.66
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
| cm.g.doubleclick.net |
4
37.252.173.62
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| secure.adnxs.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
mrg.com
1 redirects
mrg.com www.mrg.com |
399 KB |
| 9 |
prfct.co
6 redirects
pixel-geo.prfct.co — Cisco Umbrella Rank: 14180 |
4 KB |
| 6 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
594 B |
| 6 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 572 p.typekit.net — Cisco Umbrella Rank: 688 |
181 KB |
| 4 |
adnxs.com
2 redirects
secure.adnxs.com — Cisco Umbrella Rank: 430 |
4 KB |
| 4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 371 www.linkedin.com — Cisco Umbrella Rank: 472 px4.ads.linkedin.com — Cisco Umbrella Rank: 5526 |
3 KB |
| 4 |
fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 6678 |
275 KB |
| 3 |
hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 1995 |
16 KB |
| 3 |
doubleclick.net
2 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 117 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 |
1 KB |
| 3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
194 KB |
| 2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285 |
490 B |
| 2 |
google-analytics.com
1 redirects
ssl.google-analytics.com — Cisco Umbrella Rank: 407 |
17 KB |
| 1 |
hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2085 |
960 B |
| 1 |
hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 7229 |
868 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 333 |
239 B |
| 1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 391 |
275 B |
| 1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 487 |
354 B |
| 1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 738 |
3 KB |
| 1 |
marinsm.com
tag.marinsm.com — Cisco Umbrella Rank: 27664 |
11 KB |
| 1 |
hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 1991 |
20 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 303 |
34 KB |
| 61 | 21 |
| Domain | Requested by | |
|---|---|---|
| 21 | www.mrg.com |
www.mrg.com
|
| 9 | pixel-geo.prfct.co |
6 redirects
www.mrg.com
|
| 6 | www.facebook.com |
www.mrg.com
|
| 5 | use.typekit.net |
www.mrg.com
use.typekit.net |
| 4 | secure.adnxs.com |
2 redirects
www.mrg.com
|
| 4 | pro.fontawesome.com |
www.mrg.com
pro.fontawesome.com |
| 3 | js.hs-banner.com |
js-na1.hs-scripts.com
js.hs-banner.com |
| 3 | connect.facebook.net |
www.mrg.com
connect.facebook.net |
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | ups.analytics.yahoo.com |
1 redirects
www.mrg.com
|
| 2 | px.ads.linkedin.com | 2 redirects |
| 2 | ssl.google-analytics.com |
1 redirects
www.mrg.com
|
| 1 | track.hubspot.com | |
| 1 | js-na1.hs-scripts.com |
js.hs-analytics.net
|
| 1 | pixel.rubiconproject.com |
www.mrg.com
|
| 1 | us-u.openx.net |
www.mrg.com
|
| 1 | analytics.twitter.com |
www.mrg.com
|
| 1 | stats.g.doubleclick.net |
www.mrg.com
|
| 1 | px4.ads.linkedin.com |
www.mrg.com
|
| 1 | www.linkedin.com | 1 redirects |
| 1 | snap.licdn.com |
www.mrg.com
|
| 1 | tag.marinsm.com |
www.mrg.com
|
| 1 | js.hs-analytics.net |
www.mrg.com
|
| 1 | p.typekit.net |
use.typekit.net
|
| 1 | ajax.googleapis.com |
www.mrg.com
|
| 1 | mrg.com | 1 redirects |
| 61 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| questv2.mrg.com |
| www.facebook.com |
| www.linkedin.com |
| twitter.com |
| www.youtube.com |
| mrg.helpjuice.com |
| connect.mrg.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| mrg.com R3 |
2022-07-02 - 2022-09-30 |
3 months | crt.sh |
| use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-07 - 2023-04-07 |
a year | crt.sh |
| *.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-07-04 - 2022-09-26 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-04-29 - 2022-07-28 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-13 - 2023-06-13 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-07-04 - 2022-09-26 |
3 months | crt.sh |
| tag.marinsm.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-12-24 - 2023-01-25 |
a year | crt.sh |
| snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
| *.prfct.co Sectigo RSA Domain Validation Secure Server CA |
2021-11-02 - 2022-11-02 |
a year | crt.sh |
| hubspot.com Cloudflare Inc ECC CA-3 |
2022-03-08 - 2023-03-07 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.mrg.com/
Frame ID: B81439CD94031102181322503F1B179A
Requests: 58 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: D2523C778FE98BE0CEFB5EAA4BEFB9B9
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 41A8BB3FDB00B7883E93A552D82E41BD
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Management Research Group | LEA 360â„¢ Suite Leadership AssessmentsPage URL History Show full URLs
-
http://mrg.com/
HTTP 301
https://www.mrg.com/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <(?:iframe|img)[^>]+adnxs\.(?:net|com)
- adnxs\.(?:net|com)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
HubSpot Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- js\.hs-analytics\.net/analytics
Linkedin Insight Tag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Slick (JavaScript Libraries) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:/([\d.]+))?/slick(?:\.min)?\.js
Typekit
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://questv2.mrg.com/Pages/Cookies.aspx
Title: Find out more about browser cookies.
Title: Find out more about browser cookies.
Search URL Search Domain Scan URL
URL: https://www.facebook.com/MRGassessments/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/mrg-assessments
Search URL Search Domain Scan URL
URL: https://twitter.com/MRG_Assessments
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/MRGeducation
Search URL Search Domain Scan URL
URL: https://mrg.helpjuice.com/
Title: KNOWLEDGE BASE
Title: KNOWLEDGE BASE
Search URL Search Domain Scan URL
URL: http://questv2.mrg.com/
Title: QUEST
Title: QUEST
Search URL Search Domain Scan URL
URL: https://connect.mrg.com/lets-talk
Title: Let's Talk
Title: Let's Talk
Search URL Search Domain Scan URL
URL: https://questv2.mrg.com/Pages/Privacy.aspx
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mrg.com/
HTTP 301
https://www.mrg.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3918074&time=1658338580658&url=https%3A%2F%2Fwww.mrg.com%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3918074%26time%3D1658338580658%26url%3Dhttps%253A%252F%252Fwww.mrg.com%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3918074&time=1658338580658&url=https%3A%2F%2Fwww.mrg.com%2F&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3918074&time=1658338580658&url=https%3A%2F%2Fwww.mrg.com%2F&liSync=true&e_ipv6=AQJ5d7igSUFehwAAAYIcrpriZB60PPXitEpcY6KLjkwOErzBZXr7AovCjfPprQPmF_1_-BMsOC_Z
- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=951623221&utmhn=www.mrg.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Management%20Research%20Group%20%7C%20LEA%20360%E2%84%A2%20Suite%20Leadership%20Assessments&utmhid=758840304&utmr=-&utmp=%2F&utmht=1658338580685&utmac=UA-28498479-1&utmcc=__utma%3D252191445.673570173.1658338581.1658338581.1658338581.1%3B%2B__utmz%3D252191445.1658338581.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=256866311&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28498479-1&cid=673570173.1658338581&jid=256866311&_v=5.7.2&z=951623221
- https://pixel-geo.prfct.co/tagjs?a_id=79323&source=js_tag HTTP 302
- https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=79323&source=js_tag
- https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
- https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_1vSTpl0YIt40qmL35
- https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
- https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_1vSTpl0YIt40qmL35&_origin=1 HTTP 302
- https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_1vSTpl0YIt40qmL35&_origin=1&verify=true
- https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_1vSTpl0YIt40qmL35
- https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_1vSTpl0YIt40qmL35
- https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfMXZTVHBsMFlJdDQwcW1MMzU HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfMXZTVHBsMFlJdDQwcW1MMzU&google_tc= HTTP 302
- https://pixel-geo.prfct.co/cb?partnerId=goo
- https://secure.adnxs.com/seg?t=2&add=14866095 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D14866095
- https://secure.adnxs.com/seg?t=2&add=11276829 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11276829
61 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.mrg.com/ Redirect Chain
|
35 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jdz8mhf.css
use.typekit.net/ |
3 KB 972 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
www.mrg.com/wp-includes/css/dist/block-library/ |
87 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.mrg.com/wp-content/themes/management-research-group/ |
242 B 498 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
normalize.min.css
www.mrg.com/wp-content/themes/management-research-group/assets/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
www.mrg.com/wp-content/themes/management-research-group/assets/css/ |
168 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
pro.fontawesome.com/releases/v5.3.1/css/ |
63 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sassy-social-share-public.css
www.mrg.com/wp-content/plugins/sassy-social-share/public/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr-2.8.3-respond-1.4.2.min.js
www.mrg.com/wp-content/themes/management-research-group/assets/js/vendor/ |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
www.mrg.com/wp-content/themes/management-research-group/assets/img/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hp-hero.jpg
www.mrg.com/wp-content/uploads/2016/12/ |
140 KB 140 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assessment-icon-leadership.png
www.mrg.com/wp-content/uploads/2016/12/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assessment-icon-motivation.png
www.mrg.com/wp-content/uploads/2016/12/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assessment-icon-personal-growth.png
www.mrg.com/wp-content/uploads/2016/12/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assessment-icon-sales.png
www.mrg.com/wp-content/uploads/2016/12/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assessment-icon-service.png
www.mrg.com/wp-content/uploads/2016/12/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WOB_Certified_WBENC_color_web.png
www.mrg.com/wp-content/themes/management-research-group/assets/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer-logo-mrg.png
www.mrg.com/wp-content/themes/management-research-group/assets/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
plugins.js
www.mrg.com/wp-content/themes/management-research-group/assets/js/ |
13 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
www.mrg.com/wp-content/themes/management-research-group/assets/js/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slick.min.js
www.mrg.com/wp-content/themes/management-research-group/assets/js/vendor/ |
42 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sassy-social-share-public.js
www.mrg.com/wp-content/plugins/sassy-social-share/public/js/ |
119 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/9ff5df/0000000000000000000131a3/27/ |
41 KB 41 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.3.1/webfonts/ |
90 KB 90 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ |
50 KB 51 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-brands-400.woff2
pro.fontawesome.com/releases/v5.3.1/webfonts/ |
64 KB 64 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hp-experience-bg-photo.jpg
www.mrg.com/wp-content/themes/management-research-group/assets/img/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ |
46 KB 46 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/6ebf8d/0000000000000000000131a0/27/ |
41 KB 42 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-regular-400.woff2
pro.fontawesome.com/releases/v5.3.1/webfonts/ |
107 KB 108 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
568253697962582
connect.facebook.net/signals/config/ |
291 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1644735.js
js.hs-analytics.net/analytics/1658338800000/ |
62 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5a6a19414df6287b5f00005b.js
tag.marinsm.com/serve/ |
54 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 267 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 430 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
/
www.facebook.com/tr/ Frame D252 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
241296796535814
connect.facebook.net/signals/config/ |
292 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tagjs
pixel-geo.prfct.co/ Redirect Chain
|
125 B 454 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ Redirect Chain
|
43 B 354 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
ups.analytics.yahoo.com/ups/58288/ Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cb
pixel-geo.prfct.co/ Redirect Chain
|
43 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
pixel-geo.prfct.co/seg/ |
43 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
tr
www.facebook.com/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
tr
www.facebook.com/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
/
www.facebook.com/tr/ Frame 41A8 |
0 15 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1644735.js
js-na1.hs-scripts.com/ |
964 B 868 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__ptq.gif
track.hubspot.com/ |
45 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1644735.js
js.hs-banner.com/ |
60 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
view
js.hs-banner.com/cookie-banner-public/v1/activity/ |
0 137 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame |
0 0 |
Preflight
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| respond function| fbq function| _fbq function| imgpreload function| screenDimensions function| mobileNavigation function| bioContent function| copyright function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS object| _gaq object| _pa function| getCookie string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| jQuery112405109531572752306 boolean| _already_called_lintrk object| _gat object| gaGlobal object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded function| facebookEventsHelper function| googleAdsEventsHelper object| dataLayer object| _pq boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime object| e boolean| _hspb_ran boolean| _hspb_loaded27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mrg.com/ | Name: _fbp Value: fb.1.1658338580477.1751518081 |
|
| .mrg.com/ | Name: __utma Value: 252191445.673570173.1658338581.1658338581.1658338581.1 |
|
| .mrg.com/ | Name: __utmc Value: 252191445 |
|
| .mrg.com/ | Name: __utmz Value: 252191445.1658338581.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .mrg.com/ | Name: __utmt Value: 1 |
|
| .mrg.com/ | Name: __utmb Value: 252191445.1.10.1658338581 |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQItftdf_SCKqQAAAYIcrplG5VS43GjtG-ib-k6Us0bsDfF3zq9RqY53_4HKcnIvBGgDzhj9LnUIwg |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQLjsCy7Wq8_DgAAAYIcrplG7k9v3ccfHtHvSSBD276gSsMg8dr5Z6OOXXacDxSNDYnIyw5lXGxl58zc7MeDwA |
|
| .ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&29785d71-37d8-4ce0-82b9-785c3cde8891" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2714:u=1:x=1:i=1658338580:t=1658424980:v=2:sig=AQFHGvlYIreaL0_DPN6DumkMbVITeJ2l" |
|
| .linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&20220720173620a49be2ba-be5b-4b9f-8d25-6d3e95c22c60AQG8SQnYCacuVnozLptJ9vi1hR2w25k7" |
|
| .linkedin.com/ | Name: li_gc Value: MTswOzE2NTgzMzg1ODA7MjswMjEYbhGLneUxHXFQkPv4C9blb/mXIN0NpI6G+b+dbNU8OQ== |
|
| .prfct.co/ | Name: pa_uid Value: pa_1vSTpl0YIt40qmL35 |
|
| .prfct.co/ | Name: pa_twitter_ts Value: 1658338581335 |
|
| .prfct.co/ | Name: pa_yahoo_ts Value: 1658338581379 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVQgNGWO!]tbP6j2F-XstGt!@DeO$nK`d |
|
| .adnxs.com/ | Name: uuid2 Value: 4301587531241472458 |
|
| .prfct.co/ | Name: pa_openx_ts Value: 1658338581416 |
|
| .prfct.co/ | Name: pa_rubicon_ts Value: 1658338581416 |
|
| .prfct.co/ | Name: pa_google_ts Value: 1658338581420 |
|
| .twitter.com/ | Name: personalization_id Value: "v1_qCl3r2aEw/R7jkgxVke5SQ==" |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBBU92GICEDid-rMnGBbHxsWSoBll-t4FEgEBAQGO2WLiYgAAAAAA_eMAAA&S=AQAAAkx5v_KrGLaZce_Ki67yZgk |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 18z4~264h |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlvCD6cA1CbFKDNxFAC7my3ung3zQ2Eu4S7DvSsmehbe9FlFjxRhA_FmYhz7ng |
|
| .hubspot.com/ | Name: __cf_bm Value: RXg54qm13lhkG5nnSU.wvIcyf_s9hMIJmCVpsiCNKqg-1658338581-0-AcWeAgR4wEioQDU9F8XZ9RR947CCAtMzGomdUoGvXXJghbUDGF3ac5G4gp8OUVWK0eEOVusFz2y58xavsQZ2UDw= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
analytics.twitter.com
cm.g.doubleclick.net
connect.facebook.net
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
mrg.com
p.typekit.net
pixel-geo.prfct.co
pixel.rubiconproject.com
pro.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
secure.adnxs.com
snap.licdn.com
ssl.google-analytics.com
stats.g.doubleclick.net
tag.marinsm.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
www.facebook.com
www.linkedin.com
www.mrg.com
104.244.42.3
13.107.43.14
142.250.185.66
151.101.128.65
18.156.0.31
2606:4700:4400::ac40:9a55
2606:4700::6811:44b0
2606:4700::6811:d5cc
2606:4700::6812:1634
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2008
2a00:1450:400c:c07::9c
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:149b
2a02:26f0:ef::5c7b:c24c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.98.64.218
37.252.173.62
52.19.45.42
69.173.144.165
72.10.48.177
07dd3d751a7bd9870fc11f56a00d9ff51e52597ab207c44ca3aa07bc3561f6fb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22782ba06a33ba4955a768779c88e7fa4d1cdf06a09e314589ec9510e1f6c603
23d3dbc28a25fa522f41ef31a185d911ce3158edcdb85b2c292ec2a1fc5c1e62
24267886c8765d16a146758adad4ca16c906d005968852598fa351cdf9bafb0e
32f5cd73b9dec49357ac6eeeef40b87886b538e87b6205d9d9a8f50c3ee83978
33c4deef946bbe6237b1298f509cada76091990508cfebbe4164d54fbc9a4ef1
3cc49fc5ded58b415e3f3fd2f07cff4f18da9e1e09602b5085fcd3f0cc85a486
3ccf9a5c2f87f3307915833da66acf27072e134258e7538c9af00ea73ac7a152
41c7d0c98a2740360c537b8accf06735ec06ee8486fad7ca70d0e32c958d78ac
436991f5190c57c630f4830de77a9837d4664d705b9a2a96105ea32442c6a21a
469970139b65ffa44961ccbd68cdd60bce4138ad6ce132a4ff094040289cec86
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
538803abb3e2032179657ded87f8d93b9d37b2481e50a6acde6a2951303bbe57
560c452163a84c199b652e3562a80a094946f6cd6320fd98a14b90244eee9469
596bb8e3c6b05e1897bd740bf4020280571762da943d14fbffa50c2f146a2ff6
61323b7603e0108ebdd5f6fa01ad9f2aebd907ccefedfa58c8f7d10766d8f8cf
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c79ea36b5c5b1159ce777affc2dc11441e8cd68e22ac05e7d6df5aac1832153
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6e3a96c8e814ec61a2a4d527543f3822dc3a3acd7474550fc912a50d808a1e4b
766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188
799c126cfbfd39ec8b8d4aae428e39e0b189dfedb025dfbda40fbb385feb2bc4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e196e92017e70aab2762ee30a1188d309a1f0b23f8c30edaf60fbda8c16f28
87e1ed8c94d134e4e068a17891d3dad0d122ee052bf061da0ca0e87b3da75069
8d697f5a37d240b3962632c9e08e3438039a04a2ba9b879d0a77f3b235cbcf30
96b67419d2538b42413797739000601d5884a81872b8346559c04770100a29fb
9b0417a9d09e8c4dbe0f6a6c52c2b7801c459b8dc3cc02e333ffd7aa6c4650d5
9f2e069e6c50b2f7aeea882e8f12044895cbac762f56f2330325fee1157e2ef6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1496364c5e55c42d0d23cee151aa10083de4f8adda484c9d4cc91e36f4467b7
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5772c16f9fd2d5e1a6b64db9f63bd4d86cc7727c6c71cac808c5027272e078b
b8b70f7fad9e815242f6fd43615f01cda1e7efbd5eda055505507b63f2551c12
ba83be19964b5874a13e74544c86d57dc4f427c9d4972b81747dd187251fde66
bd59eac0ddf71e5dd30101747cea1d55544339bd310c68a86aa133877f385213
c20ccf665bfefad0b9b2eebe774a43c6aecf4e8509c6364be14f13105b92b559
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eebc5f754b279f85839c09c63be39babf5856d4ad460f7f5692b7e8d433b17c3
f69840ca6e451e9184fb4d902007fb2d90cf86e0368e5f3432da19f4d682fa06