mortgageassistancenow.com
Open in
urlscan Pro
2606:4700:3031::ac43:ae88
Public Scan
Effective URL: https://mortgageassistancenow.com/?publisher_id=1190&subid=5bc8ldfl8xf3
Submission Tags: phishing
Submission: On May 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by E1 on April 17th 2022. Valid for: 3 months.
This is the only time mortgageassistancenow.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u9336.ct.sendgrid.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
cxprime.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-111-64-202.deploy.static.akamaitechnologies.com
cdn-3.convertexperiments.com |
ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com | |
api.useproof.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-180-71.compute-1.amazonaws.com
finance.mediaalpha.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-62-73.us-west-2.compute.amazonaws.com
cdn.fcmrktplace.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
rgrassets.s3-us-west-2.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-35-142.compute-1.amazonaws.com
api.trustedform.com |
ASN16509 (AMAZON-02, US)
cdn.trustedform.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14061 (DIGITALOCEAN-ASN, US)
cp.reallygreatrate.com |
Domain | Requested by | |
---|---|---|
48 | mortgageassistancenow.com |
mortgageassistancenow.com
rgrassets.s3-us-west-2.amazonaws.com cdn.trustedform.com |
7 | api.trustedform.com |
1 redirects
api.trustedform.com
cdn.trustedform.com |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | reallygreatrate.com |
code.jquery.com
rgrassets.s3-us-west-2.amazonaws.com |
3 | cdn.useproof.com |
mortgageassistancenow.com
cdn.useproof.com |
2 | api.useproof.com |
cdn.useproof.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | cdn.trustedform.com |
mortgageassistancenow.com
api.trustedform.com |
2 | fonts.googleapis.com |
mortgageassistancenow.com
|
2 | cdn.fcmrktplace.com |
mortgageassistancenow.com
|
2 | geoip-js.com |
mortgageassistancenow.com
rgrassets.s3-us-west-2.amazonaws.com |
1 | analytics.proofapi.com |
cdn.useproof.com
|
1 | cp.reallygreatrate.com |
rgrassets.s3-us-west-2.amazonaws.com
|
1 | www.gstatic.com |
cdn.useproof.com
|
1 | create.lidstatic.com |
mortgageassistancenow.com
|
1 | www.googletagmanager.com |
mortgageassistancenow.com
|
1 | rgrassets.s3-us-west-2.amazonaws.com |
mortgageassistancenow.com
|
1 | finance.mediaalpha.com |
mortgageassistancenow.com
|
1 | code.jquery.com |
mortgageassistancenow.com
|
1 | cdnjs.cloudflare.com |
mortgageassistancenow.com
|
1 | cdn-3.convertexperiments.com |
mortgageassistancenow.com
|
1 | cxprime.com | 1 redirects |
1 | norhorto.online | 1 redirects |
1 | u9336.ct.sendgrid.net | 1 redirects |
89 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
portal.reallygreatrate.com |
www.cnbc.com |
www.nmlsconsumeraccess.org |
www.refiexpert.net |
privacyportal-eu-cdn.onetrust.com |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mortgageassistancenow.com E1 |
2022-04-17 - 2022-07-16 |
3 months | crt.sh |
*.convertexperiments.com DigiCert SHA2 Secure Server CA |
2022-02-26 - 2023-03-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
mediaalpha.com Amazon |
2021-08-10 - 2022-09-08 |
a year | crt.sh |
*.fcmrktplace.com Amazon |
2022-02-06 - 2023-03-07 |
a year | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon |
2021-12-17 - 2022-11-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
reallygreatrate.com E1 |
2022-05-11 - 2022-08-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
lidstatic.com Cloudflare Inc ECC CA-3 |
2022-03-30 - 2023-03-30 |
a year | crt.sh |
cp.reallygreatrate.com R3 |
2022-04-06 - 2022-07-05 |
3 months | crt.sh |
*.trustedform.com Amazon |
2021-10-12 - 2022-11-09 |
a year | crt.sh |
cdn.trustedform.com Amazon |
2022-04-14 - 2023-05-13 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://mortgageassistancenow.com/?publisher_id=1190&subid=5bc8ldfl8xf3
Frame ID: 7EBDADDED78A9ACA022940B7EF6A5EB8
Requests: 78 HTTP requests in this frame
Frame:
https://cdn.useproof.com/proxy/index.html
Frame ID: F8798D3B83D3ADF7BCE00B4966DC056E
Requests: 6 HTTP requests in this frame
Frame:
https://api.trustedform.com/certs
Frame ID: 4E8AA15180E174DFA895EC2A507AEF3A
Requests: 1 HTTP requests in this frame
Frame:
https://api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/snapshot
Frame ID: 7B986C779B33B3211BF2DA125056868C
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Mortgage Assistance NowPage URL History Show full URLs
-
https://u9336.ct.sendgrid.net/ls/click?upn=L6toakHJUuOKACQE71HZq7-2FxZZ7hUS-2FrK1VUJFdurnjVjD6rcMXUqZ-2Fsz...
HTTP 302
http://norhorto.online/rgr.php?s1=23rdSG2 HTTP 302
https://cxprime.com/click?trvid=10054&c1=23rdSG2 HTTP 302
https://mortgageassistancenow.com/?publisher_id=1190&subid=5bc8ldfl8xf3 Page URL
Detected technologies
Firebase (Databases) ExpandDetected patterns
- /(?:([\d.]+)/)?firebase(?:\.min)?\.js
- /firebasejs/([\d.]+)/firebase
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Lightbox (JavaScript Libraries) Expand
Detected patterns
- <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
- lightbox(?:-plus-jquery)?.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: partners
Search URL Search Domain Scan URL
Title: CNBC
Search URL Search Domain Scan URL
Title: Nationwide Mortgage Licensing System (NMLS) ID # 2721.
Search URL Search Domain Scan URL
Title: Licenses and Disclosures
Search URL Search Domain Scan URL
Title: Do Not Sell My Info
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u9336.ct.sendgrid.net/ls/click?upn=L6toakHJUuOKACQE71HZq7-2FxZZ7hUS-2FrK1VUJFdurnjVjD6rcMXUqZ-2FszAp-2BqV7MKDG5_-2BQC8YCOH7CWXsLqq0WDbIzvsGhfiPP6UYvxKEuNgqfZgkvBLe0Srt5sG40Wl4sYRqRetgBAozqpzk6l0wycITbTIp32OWjMCy6sVApDP5cO5oSWImgmeWwlrYt1vdhGttMh9pchCrh-2BKaeZX9qqnEepoS1FgdUiDRuii7vSYXn-2Ft-2F7TOQmK3tFGwrkYs1n-2FK-2B6a-2FSEnpuq4-2BZAFRHpx7Ge3MWJGWPWp-2BRtoLtdaVv-2FlvUYfR901LLmQWAXBzwzyUakAh-2BD9pWhm23nwGEoo1uC0U8p7Eq638RNGh7Fg0uck-3D
HTTP 302
http://norhorto.online/rgr.php?s1=23rdSG2 HTTP 302
https://cxprime.com/click?trvid=10054&c1=23rdSG2 HTTP 302
https://mortgageassistancenow.com/?publisher_id=1190&subid=5bc8ldfl8xf3 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 53- https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16533327277180.7936607074447846 HTTP 301
- https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16533327277180.7936607074447846
89 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mortgageassistancenow.com/ Redirect Chain
|
95 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10025084-10024691.js
cdn-3.convertexperiments.com/js/ |
2 B 223 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
mortgageassistancenow.com/fonts/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
mortgageassistancenow.com/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
mortgageassistancenow.com/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.lightbox.css
mortgageassistancenow.com/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.confirm.css
mortgageassistancenow.com/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
mortgageassistancenow.com/css/ |
55 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ |
34 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sh_confirm.css
mortgageassistancenow.com/css/ |
395 B 471 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clickwall.css
mortgageassistancenow.com/css/ |
2 KB 726 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.0.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proof.js
cdn.useproof.com/ |
486 KB 487 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip2.js
geoip-js.com/js/apis/geoip2/v2.1/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ajax-loader.gif
mortgageassistancenow.com/images/ |
19 KB 19 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
mortgageassistancenow.com/images/ |
124 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
single-family.png
mortgageassistancenow.com/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
multi-family.png
mortgageassistancenow.com/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
condo.png
mortgageassistancenow.com/images/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile-home.png
mortgageassistancenow.com/images/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit1_sls.png
mortgageassistancenow.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit2_sls.png
mortgageassistancenow.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit3_sls.png
mortgageassistancenow.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit4_sls.png
mortgageassistancenow.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
brand.png
mortgageassistancenow.com/images/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
mortgageassistancenow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rhinoslider-1.05.min.js
mortgageassistancenow.com/js/ |
39 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
angular.min.js
mortgageassistancenow.com/js/ |
104 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
mortgageassistancenow.com/js/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.inputmask.bundle.min.js
mortgageassistancenow.com/js/ |
74 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.lightbox.js
mortgageassistancenow.com/js/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
mortgageassistancenow.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mousewheel.js
mortgageassistancenow.com/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
easing.js
mortgageassistancenow.com/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts.js
mortgageassistancenow.com/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
config.js
mortgageassistancenow.com/ |
44 B 643 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.js
mortgageassistancenow.com/js/ |
32 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
postscribe.min.js
mortgageassistancenow.com/js/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serve.js
finance.mediaalpha.com/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clicksnet.js
cdn.fcmrktplace.com/scripts/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clicksnet_mortgage.js
cdn.fcmrktplace.com/scripts/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EHawkTalon.js
mortgageassistancenow.com/ |
43 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.min.js
rgrassets.s3-us-west-2.amazonaws.com/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
984 B 679 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
995 B 304 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
109 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
reallygreatrate.com/api/anura/ |
19 B 546 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
arrow.png
mortgageassistancenow.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v29/ |
31 KB 21 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrQ.ttf
fonts.gstatic.com/s/raleway/v27/ |
46 KB 28 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrQ.ttf
fonts.gstatic.com/s/raleway/v27/ |
46 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac0e3dfb-cfa1-505e-f49b-a3e095438614.js
create.lidstatic.com/campaign/ |
123 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v29/ |
31 KB 31 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrQ.ttf
fonts.gstatic.com/s/raleway/v27/ |
46 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
cdn.trustedform.com/ Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
cdn.useproof.com/proxy/ Frame F879 |
325 B 793 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase.js
www.gstatic.com/firebasejs/4.5.0/ Frame F879 |
389 KB 114 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxy.js
cdn.useproof.com/proxy/ Frame F879 |
112 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TWoRTkvsVLQNe3zCfcg3pETq91r1
api.useproof.com/pixel/ Frame F879 |
881 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MAN
cp.reallygreatrate.com/pixel/view/1190/REFINANCE/ |
0 683 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel_landing.html
mortgageassistancenow.com/ |
0 536 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
reallygreatrate.com/api/hdi/ |
16 B 651 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
reallygreatrate.com/api/user/ip_address/ |
32 B 334 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
reallygreatrate.com/api/prepop/ |
69 B 592 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
me
geoip-js.com/geoip/v2.1/city/ |
1 KB 2 KB |
XHR
application/vnd.maxmind.com-city+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
certs
api.trustedform.com/ Frame 4E8A |
475 B 686 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
helveticaltstd-boldcond.woff
mortgageassistancenow.com/fonts/ |
18 KB 18 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
analytics.proofapi.com/ Frame F879 |
71 B 796 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trustedform-1.8.26.js
cdn.trustedform.com/ |
97 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
snapshot
api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/ Frame 7B98 |
0 159 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ajax-loader.gif
mortgageassistancenow.com/images/ |
19 KB 19 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
mortgageassistancenow.com/images/ |
124 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
single-family.png
mortgageassistancenow.com/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
multi-family.png
mortgageassistancenow.com/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
condo.png
mortgageassistancenow.com/images/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile-home.png
mortgageassistancenow.com/images/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit1_sls.png
mortgageassistancenow.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit2_sls.png
mortgageassistancenow.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit3_sls.png
mortgageassistancenow.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
credit4_sls.png
mortgageassistancenow.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
brand.png
mortgageassistancenow.com/images/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
fingerprints
api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/ Frame 7B98 |
0 159 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TWoRTkvsVLQNe3zCfcg3pETq91r1
api.useproof.com/reporting/captures/ Frame F879 |
1 KB 951 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/ |
0 159 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/ Frame 7B98 |
0 159 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/ Frame 7B98 |
0 159 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/ Frame 7B98 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.trustedform.com
- URL
- https://api.trustedform.com/certs/457e7aea660ca7c4f2de407ba3dc977e34d1de79/events
Verdicts & Comments Add Verdict or Comment
102 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails boolean| convert_fire function| $ function| jQuery object| geoip2 object| dataLayer string| anurapub string| anurasub string| activated_response boolean| anura_activated function| anuraResultHandler function| getResult function| optionalCallbackFunction object| angular object| jQuery112007786362861364537 function| Inputmask function| buttonclick function| spanclick function| ValidateForm function| property_type function| credit_score function| property_value function| loan_amount function| fha_loan function| cashout function| veteran function| va_loan function| elect_bill1 function| validate function| validateOptEmails function| validateEmail function| hasClass object| config function| mobileTabletCheck function| RGRCallBack function| postscribe function| customRadio function| fillState object| dt string| month string| day string| year string| currentDate object| scrollbox function| trustedFormCertUrlCallback function| setImmediate function| clearImmediate boolean| proofInitialized object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __maxch__thunk object| MediaAlphaExchange function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__load undefined| targetID undefined| targetElt object| gaplugins object| gaGlobal object| gaData function| clicksNetGetProtocol function| clicksNetGetQueryStringParam function| clicksNetGetElementsByClassName boolean| cf_mort_src_script_was_added boolean| cf_add_adapt_src_script_was_added function| mortCallback function| cf_add_missing_src_scripts function| GenerateMissingScript function| loadScriptWithSrc function| stripAndExecuteScript function| addClass function| removeClass function| clicksNetAddExpandButtonListeners function| eHawkTalon function| EHTalon function| Fingerprint boolean| isBlink string| pixelrgr_product string| pixelrgr_upload_type string| pixelrgr_url object| LeadiDconfig undefined| LeadiD object| pixelrgr_cackeid string| pixelrgr_publisher_id object| pixelrgr_pageview string| tmpShiftValue string| tmpParts object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording number| chk string| e_hawkTalonStr object| regeneratorRuntime6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cxprime.com/ | Name: ClickDataNG Value: H4sIAAAAAAAA_1xSXW_bOBD8K8Y-3eEIWx8nJ2URpI6TfgBNUSBNnwoENLmSiVCksCSlGEn-e0FJcY2-UbuzO6OdeYYeyWtngUO-zJYZMAiHDoFnDHzc_Xh7S2d7pIAKeC2MRwbSaPn4RQGHaifPjarN-VNdAgMlAgLP11VZlsVZsWYgRdsJ3diEzrOs-p-B9tvvm-MuckEE7UZAlTGgaDC90xOVJpThFsPeKeAFA-8iybFfMDDCKm2bGT1_3ZMBDsDA1TXSSJsXJYMdCSv3M3bsTch9CJ3nq1XrKDSiQeG99kFYidYNS-na1WUXd0b7PdKDVhd5_i77FbOsWPu40-rirwtI58Msvkcbpwt24uBiAL6uZuptJEIrD8Dh_u4aGETSJ1rkU0e6xZF9vPVloD5xpwNO5DK_KEpSd58KYKC7jVKE3icrz6tlkZfLvKqW-Xp92l1Ph4keadOgDcBBiwdBcq97pMU__yV-vloNw7AUBp_EKMDrgKs9mm414K4VPiD59wtJYjBIH464fyH9c42ENNEo7LXEY4pcEndvH60bbHLH_zymD5I7bvDj5B_ItOCKhFWnG2-dQnNa-CZanL7lxAZbR52jlMWUtg44lHl-Vi7ukNKAX2yuRquiDZQ8uL4ZxTeTnOubl5fP6H2aljoc5tJHEvaxjhQWol3cCp0kdoLQhm2yaA4d6Ubbr91JKZCwXsgp4x64jcYwkNEH1wJ_hj4DDm9evr7-DgAA___YD4HqlwMAAA== |
|
cxprime.com/ | Name: ClickDataNgFall Value: H4sIAAAAAAAA_1xSXW_bOBD8K8Y-3eEIWx8nJ2URpI6TfgBNUSBNnwoENLmSiVCksCSlGEn-e0FJcY2-UbuzO6OdeYYeyWtngUO-zJYZMAiHDoFnDHzc_Xh7S2d7pIAKeC2MRwbSaPn4RQGHaifPjarN-VNdAgMlAgLP11VZlsVZsWYgRdsJ3diEzrOs-p-B9tvvm-MuckEE7UZAlTGgaDC90xOVJpThFsPeKeAFA-8iybFfMDDCKm2bGT1_3ZMBDsDA1TXSSJsXJYMdCSv3M3bsTch9CJ3nq1XrKDSiQeG99kFYidYNS-na1WUXd0b7PdKDVhd5_i77FbOsWPu40-rirwtI58Msvkcbpwt24uBiAL6uZuptJEIrD8Dh_u4aGETSJ1rkU0e6xZF9vPVloD5xpwNO5DK_KEpSd58KYKC7jVKE3icrz6tlkZfLvKqW-Xp92l1Ph4keadOgDcBBiwdBcq97pMU__yV-vloNw7AUBp_EKMDrgKs9mm414K4VPiD59wtJYjBIH464fyH9c42ENNEo7LXEY4pcEndvH60bbHLH_zymD5I7bvDj5B_ItOCKhFWnG2-dQnNa-CZanL7lxAZbR52jlMWUtg44lHl-Vi7ukNKAX2yuRquiDZQ8uL4ZxTeTnOubl5fP6H2aljoc5tJHEvaxjhQWol3cCp0kdoLQhm2yaA4d6Ubbr91JKZCwXsgp4x64jcYwkNEH1wJ_hj4DDm9evr7-DgAA___YD4HqlwMAAA== |
|
.mortgageassistancenow.com/ | Name: _ga Value: GA1.2.1740177816.1653332728 |
|
.mortgageassistancenow.com/ | Name: _gid Value: GA1.2.815119187.1653332728 |
|
.mortgageassistancenow.com/ | Name: _gat_UA-104373288-13 Value: 1 |
|
mortgageassistancenow.com/ | Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d Value: %7B%22v%22%3A%225.8%22%2C%22a%22%3A3220912229%2C%22b%22%3A%2285504f30b5d0964acd887a59a34d75e5%22%2C%22c%22%3A1653332728673%2C%22d%22%3A%224ef26d19c81aa429c1c627803f07f4dc%22%2C%22e%22%3A%22%22%7D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.proofapi.com
api.trustedform.com
api.useproof.com
cdn-3.convertexperiments.com
cdn.fcmrktplace.com
cdn.trustedform.com
cdn.useproof.com
cdnjs.cloudflare.com
code.jquery.com
cp.reallygreatrate.com
create.lidstatic.com
cxprime.com
finance.mediaalpha.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
mortgageassistancenow.com
norhorto.online
reallygreatrate.com
rgrassets.s3-us-west-2.amazonaws.com
u9336.ct.sendgrid.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
api.trustedform.com
104.111.64.202
104.248.186.70
165.227.241.154
167.89.118.28
2001:4de0:ac18::1:a:3b
209.59.184.222
2600:9000:2261:8800:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2606:4700:3031::ac43:ae88
2606:4700:3033::6815:40e
2606:4700:4400::6812:264a
2606:4700::6811:180e
2a00:1450:4001:800::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a06:98c1:3121::a
3.126.48.135
3.212.35.142
52.33.62.73
52.44.180.71
52.92.131.194
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8
012a094dc14a6d1fbb121c540ddbcd97993f55f6da9e13048408ec679a406f54
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0d4fb30789057d1151d632cf837eb666ec7c01cc2cac04f32044005815569aff
12d5f5436c92db2953a77e0c1d3d10ddf7ca6365129dbda3300e705d7d8bcb0d
18b7e49a6696c5a278ac77eb98149048d0819df63ac265a2cf3abb26914d57c3
1c624ecad269094c29601eecbac5c49a806969ed0e8b73edeed6f1114fd6e1f2
1f7c1711bbcc552ffcfa2d4a1ce63f0e5fde356e71d9c2fd7d7358888b93e798
2046ed80d06bde3e0232da2c1ff0f0b86b987bbdf462301dce2b1bcea7f0ff80
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f5992d4020e358b3e25dfad256782f4070002a70fcc328fdce09d7bc2964da
2bdf83f75f66adf883bffa8154a933820ebe1774462491fa9569ced274dcfb76
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b
3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46
3db5722c797d4acfeca70bb10bf202cfc1321f017dca1f8a8a2bd4ea7be7cb27
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
439a62706891e1d3726121a56316cdc8b545114ec209a7dab5abc374c7059a6f
46b6ad2baf6393d33793ee22027f26a8840a55840a2720eb2081aad1ab6c6005
479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512
4d94e267fc3de1684dc4917ec98679aacdeb82e6c005afe7a298ee253ca95745
4deff0de412f42349a745f1267b69927a052b591b39d52ebb6f41b933c597171
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
678fdb7afba1751c7895d0c940b105e04c0f4b38c02cf9c13cf75ef8e827ff1f
67e90eb6f83106a38bfb9ce8bd44768e1b05da01c5e70520d9ddf8f9832a37b8
68151e32200f64f60f412bbc3ccde917a5fadb2f1a464cf7b3b77fd7675e6afc
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72d397d74fd60b1d52a91613c1cb86a079154003db7b3deab1b108124fe344a9
7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf
7730ecd1ce30ae23632bf2ef8cda8700a914a5ba57a1eba7a739bc3d9cbf5fef
7ae5a39803e420c1586641e0b94437aa94c2655fb6078061fdaccccef50d18b1
7cc923dec978748535faf653ee5d43d428a48eb10560685a75965f6fd77fa556
816f2defd6b836729269ca0ee8a5d91a90e42a5011785aefce637311a37b2b25
8264889cab7f6ab69bb7347717f9f0af5279106e43e1eaed00e06ef225ebc3d0
86b9810f5af65c62a1d7c0ae9b8fcfbf88fec66b80b6ba723eb6b37eb4c3fef8
8e76eef62b062738a039caadccc53acc5729bae82c4291a420647a1a57c2e501
934b265c36a554e34c2ad890d922f7a6f5f33900f835ba2db4cc5ac0944331a5
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53
9a0ff1637c40c428f881cc02120a2b263c8e53f8a140985c6753fc3c5f99c7fa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a507e200e8d3bc647fba318a1c98985712ec6a82432c9b92727c97e494a7eae8
a896fcab84650ebeec818e6193e7febac8bbe29bb2cd912958efb16d1dfed8b1
a9d46e4d47e1eaa899ee395323e8b79b7466afe16594b6cc01cadfa32f0647bc
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b5ef677540bc95d34f276b58d2aadc855311321a39ee0d1ec3e89f1f6dfe0912
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
bc8f52f0616202cd73dda803b41c7e4171da483c146594e5a9a64a2323a65191
c0504aaebc704c9e2f127b37b96aa475865d6dc9e8a7b3ebb84dabdaa87305ce
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c6043ab87bb7b81914baba0a1ad97ca2c71e2b111852d0afff035f2281432f30
dcb4398d22aa0b56aa4fca71dfa73ffb4a044fa10be6eaec16b75860501eb9f6
dd6fc6fba01314323ece1d8290d5f6b7920a85bb7a5e9db0e262c90ecd14b52d
e179263cd46d022420cc79ef58ec6fe8013c6d170dd1cf0325ba496e0122537c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f2cf09acd9102b0395a54666be4b1e9cd345c217df3dc3acbb2f2af23edb9
e5e77a8d61a4df2e83c3e88daf6969f8fec080cda7b1a9e47158034c1497b1bc
ebbc44ab4691a9079c55df2186e812ed807d47576cbd87be7c55b823f83d7c93
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f625d9d50ff76347181290cfabdcf02d44a0aaa3b4c7d2a72827a1a49bd77c0b
f6335c07902ae33be2d521e8b884d50d3cfea01f9dafae08e7d6189cd82609dd
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c