l.harpquiz.com
Open in
urlscan Pro
52.8.176.79
Public Scan
Effective URL: https://l.harpquiz.com/?req_id=45716217&s1=PGPH_1114&a=196&o=1252
Submission: On November 14 via manual from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 2nd 2017. Valid for: 9 months.
This is the only time l.harpquiz.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.108.37.139 104.108.37.139 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
2 3 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 54.67.26.88 54.67.26.88 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 52.53.67.177 52.53.67.177 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 52.8.176.79 52.8.176.79 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 52.9.202.238 52.9.202.238 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 34.193.61.227 34.193.61.227 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 216.58.206.2 216.58.206.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 54.215.171.192 54.215.171.192 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 54.230.15.40 54.230.15.40 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
6 | 50.97.168.187 50.97.168.187 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:815::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 2 | 2a00:1450:400... 2a00:1450:4001:806::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 54.230.14.138 54.230.14.138 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 92.123.94.148 92.123.94.148 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1288:80:... 2a00:1288:80:800::7001 | 203220 (YAHOO-DEB) (YAHOO-DEB) | |
1 | 54.231.114.44 54.231.114.44 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 54.230.131.102 54.230.131.102 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c04::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 151.101.114.2 151.101.114.2 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 188.125.66.33 188.125.66.33 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
5 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
3 | 52.202.4.64 52.202.4.64 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
3 | 52.7.204.158 52.7.204.158 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 52.207.195.246 52.207.195.246 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 | 162.247.242.21 162.247.242.21 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
1 | 52.200.114.135 52.200.114.135 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
55 | 26 |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-37-139.deploy.static.akamaitechnologies.com
cl.exct.net |
ASN15169 (GOOGLE - Google LLC, US)
goo.gl | |
www.google-analytics.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-67-26-88.us-west-1.compute.amazonaws.com
trking9.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-53-67-177.us-west-1.compute.amazonaws.com
suited45trk.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-8-176-79.us-west-1.compute.amazonaws.com
l.harpquiz.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-9-202-238.us-west-1.compute.amazonaws.com
xdc.suitedconnector.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-61-227.compute-1.amazonaws.com
nexus.ensighten.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-215-171-192.us-west-1.compute.amazonaws.com
l.harpquiz.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-15-40.ams1.r.cloudfront.net
d1tprjo2w7krrh.cloudfront.net |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bb.a8.6132.ip4.static.sl-reverse.com
api.trustedform.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-14-138.ams1.r.cloudfront.net
b-code.liadm.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-94-148.deploy.akamaitechnologies.com
amplify.outbrain.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-131-102.ams50.r.cloudfront.net
js.adsrvr.org |
ASN54113 (FASTLY - Fastly, US)
tr.outbrain.com | |
amplifypixel.outbrain.com |
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-4-64.compute-1.amazonaws.com
create.leadid.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-7-204-158.compute-1.amazonaws.com
create.leadid.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-207-195-246.compute-1.amazonaws.com
c.liadm.com |
ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net
bam.nr-data.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-114-135.compute-1.amazonaws.com
c.liadm.com |
Domain | Requested by | |
---|---|---|
7 | l.harpquiz.com |
l.harpquiz.com
|
6 | create.leadid.com |
l.harpquiz.com
|
6 | api.trustedform.com |
l.harpquiz.com
api.trustedform.com |
5 | www.facebook.com |
l.harpquiz.com
|
4 | connect.facebook.net |
l.harpquiz.com
connect.facebook.net |
3 | nexus.ensighten.com |
l.harpquiz.com
nexus.ensighten.com |
2 | bam.nr-data.net |
js-agent.newrelic.com
l.harpquiz.com |
2 | c.liadm.com |
l.harpquiz.com
|
2 | www.google-analytics.com |
1 redirects
l.harpquiz.com
|
2 | www.google.de |
l.harpquiz.com
|
2 | www.google.com | 2 redirects |
2 | xdc.suitedconnector.com |
l.harpquiz.com
|
1 | js-agent.newrelic.com |
l.harpquiz.com
|
1 | sp.analytics.yahoo.com |
s.yimg.com
|
1 | amplifypixel.outbrain.com |
l.harpquiz.com
|
1 | tr.outbrain.com |
l.harpquiz.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | js.adsrvr.org |
www.googletagmanager.com
|
1 | s3.amazonaws.com |
l.harpquiz.com
|
1 | s.yimg.com |
l.harpquiz.com
|
1 | amplify.outbrain.com |
l.harpquiz.com
|
1 | b-code.liadm.com |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net | 1 redirects |
1 | d1tprjo2w7krrh.cloudfront.net |
l.harpquiz.com
|
1 | www.googletagmanager.com |
l.harpquiz.com
|
1 | www.googleadservices.com |
l.harpquiz.com
|
1 | suited45trk.com | 1 redirects |
1 | trking9.com | 1 redirects |
1 | goo.gl | 1 redirects |
1 | cl.exct.net | 1 redirects |
0 | match.adsrvr.org Failed | |
0 | d2m2wsoho8qq12.cloudfront.net Failed |
d1tprjo2w7krrh.cloudfront.net
|
55 | 32 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.lowratesshop.com |
www.homehelp101.com |
loans.ratemarketplace.com |
www.lowermybills.com |
www.lendingtree.com |
www.harp.gov |
www.optout-jsql.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
r.harpquiz.com Go Daddy Secure Certificate Authority - G2 |
2017-11-02 - 2018-08-01 |
9 months | crt.sh |
*.suitedconnector.com Amazon |
2017-04-18 - 2018-05-18 |
a year | crt.sh |
nexus.ensighten.com Symantec Class 3 Secure Server SHA256 SSL CA |
2014-10-27 - 2018-01-13 |
3 years | crt.sh |
www.googleadservices.com Google Internet Authority G3 |
2017-11-01 - 2018-01-24 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2016-12-09 - 2018-01-25 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2017-11-01 - 2018-01-24 |
3 months | crt.sh |
*.cloudfront.net Symantec Class 3 Secure Server CA - G4 |
2017-10-20 - 2018-07-20 |
9 months | crt.sh |
*.trustedform.com Go Daddy Secure Certificate Authority - G2 |
2017-01-04 - 2018-03-05 |
a year | crt.sh |
www.google.de Google Internet Authority G3 |
2017-11-01 - 2018-01-24 |
3 months | crt.sh |
*.liadm.com Amazon |
2016-12-09 - 2018-01-09 |
a year | crt.sh |
*.outbrain.com Symantec Class 3 Secure Server CA - G4 |
2017-06-29 - 2018-09-28 |
a year | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2017-10-20 - 2017-12-06 |
2 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2017-09-26 - 2018-09-20 |
a year | crt.sh |
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2017-02-15 - 2019-04-19 |
2 years | crt.sh |
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2017-10-31 - 2018-10-06 |
a year | crt.sh |
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2017-06-29 - 2017-12-28 |
6 months | crt.sh |
*.leadid.com Go Daddy Secure Certificate Authority - G2 |
2017-02-13 - 2018-04-14 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2017-10-19 - 2018-05-04 |
6 months | crt.sh |
*.nr-data.net GeoTrust SSL CA - G3 |
2017-07-18 - 2018-03-17 |
8 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://l.harpquiz.com/?req_id=45716217&s1=PGPH_1114&a=196&o=1252
Frame ID: 15897.1
Requests: 53 HTTP requests in this frame
Frame:
https://xdc.suitedconnector.com/xdc
Frame ID: 15897.2
Requests: 1 HTTP requests in this frame
Frame:
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3D2EC769-2716-849F-556D-64C6F5A1EFF0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.4.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6
Frame ID: 15897.3
Requests: 1 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/upb/?adv=m2ydk5f&ref=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252%23&upid=vvdi7s0&osi=b8e69991d4846fd3d5d4084dca9050b1&osv=1.1&upv=1.1.2
Frame ID: 15897.6
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://cl.exct.net/?qs=7a7b1b2c94350c8f3fd3e3e1fb16131153e00782f0108b81d299257558ee54c9358a3bd9...
HTTP 302
https://goo.gl/3sJDKz HTTP 301
http://trking9.com/?nc2u=IQNsse1odLURqhHQ6RJQkw%3D%3D&s1=PGPH_1114 HTTP 302
https://suited45trk.com/?nc2u=IQNsse1odLURqhHQ6RJQkw%3D%3D&s1=PGPH_1114&ckmguid=a289a2e4-90d8-42c7-8... HTTP 302
https://l.harpquiz.com/?req_id=45716217&s1=PGPH_1114&a=196&o=1252 Page URL
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: privacy
Search URL Search Domain Scan URL
Title: partners
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: LMB Provider Network
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: solar services
Search URL Search Domain Scan URL
Title: Terms of Use Agreement
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: communications
Search URL Search Domain Scan URL
Title: partners
Search URL Search Domain Scan URL
Title: LoanExplorer
Search URL Search Domain Scan URL
Title: http://www.HARP.gov
Search URL Search Domain Scan URL
Title: Unsubscribe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cl.exct.net/?qs=7a7b1b2c94350c8f3fd3e3e1fb16131153e00782f0108b81d299257558ee54c9358a3bd9a991f180a748789661881e331bafd84e223c288b
HTTP 302
https://goo.gl/3sJDKz HTTP 301
http://trking9.com/?nc2u=IQNsse1odLURqhHQ6RJQkw%3D%3D&s1=PGPH_1114 HTTP 302
https://suited45trk.com/?nc2u=IQNsse1odLURqhHQ6RJQkw%3D%3D&s1=PGPH_1114&ckmguid=a289a2e4-90d8-42c7-8fa1-088ea3c55a36 HTTP 302
https://l.harpquiz.com/?req_id=45716217&s1=PGPH_1114&a=196&o=1252 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979222320/?random=1510669906432&cv=8&fst=1510669906432&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252&tiba=HARP%20Quiz&rfmt=3&fmt=4 HTTP 302
- https://www.google.com/ads/user-lists/979222320/?random=1510669906432&cv=8&fst=1510668000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252&tiba=HARP%20Quiz&fmt=4&cdct=2&is_vtc=1&random=362764154 HTTP 302
- https://www.google.de/ads/user-lists/979222320/?random=1510669906432&cv=8&fst=1510668000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252&tiba=HARP%20Quiz&fmt=4&cdct=2&is_vtc=1&random=362764154&ipr=y&ulfeg=n
- https://www.google-analytics.com/r/collect?v=1&_v=j65&a=1822496043&t=pageview&_s=1&dl=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252&ul=en-us&de=UTF-8&dt=HARP%20Quiz&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEABI~&jid=458276682&gjid=1685685607&cid=401288894.1510669907&tid=UA-80201401-30&_gid=1974048624.1510669907&_r=1&z=1556497461 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80201401-30&cid=401288894.1510669907&jid=458276682&_gid=1974048624.1510669907&gjid=1685685607&_v=j65&z=1556497461 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80201401-30&cid=401288894.1510669907&jid=458276682&_v=j65&z=1556497461 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80201401-30&cid=401288894.1510669907&jid=458276682&_v=j65&z=1556497461&slf_rd=1&random=3392611591
- https://insight.adsrvr.org/track/up?adv=m2ydk5f&ref=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252%23&upid=vvdi7s0&osi=b8e69991d4846fd3d5d4084dca9050b1&osv=1.1&upv=1.1.2 HTTP 302
- https://match.adsrvr.org/track/upb/?adv=m2ydk5f&ref=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252%23&upid=vvdi7s0&osi=b8e69991d4846fd3d5d4084dca9050b1&osv=1.1&upv=1.1.2
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
l.harpquiz.com/ Redirect Chain
|
993 KB 295 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
xdc.min.css
xdc.suitedconnector.com/css/ |
1 KB 474 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
xdc-head.js
xdc.suitedconnector.com/js/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/choozle/3375/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalsign_secure_site_seal.png
l.harpquiz.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load_later.min.css
l.harpquiz.com/dist/css/load_later/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
32 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
52 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
xdc
xdc.suitedconnector.com/ Frame 1589 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyphicons-halflings-regular.woff2
l.harpquiz.com/fonts/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/choozle/3375/ |
332 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js
d1tprjo2w7krrh.cloudfront.net/campaign/ |
123 KB 123 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trustedform.js
api.trustedform.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/ads/user-lists/979222320/ Redirect Chain
|
43 B 81 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
952789901420050
connect.facebook.net/signals/config/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
203812f962cdac28cda2020bc8088b55.js
nexus.ensighten.com/choozle/3375/code/ |
261 B 261 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a-00q4.min.js
b-code.liadm.com/ |
96 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
tr.outbrain.com/ |
43 B 78 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
amplifypixel.outbrain.com/ |
43 B 78 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
0 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
605940709573589
connect.facebook.net/signals/config/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
GenerateToken
create.leadid.com/2.4.0/ |
36 B 56 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1982776315285984
connect.facebook.net/signals/config/ |
1 KB 822 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
writelog
l.harpquiz.com/api/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 1589 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
SaveDom
create.leadid.com/2.4.0/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
InitFormData
create.leadid.com/2.4.0/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
writelog
l.harpquiz.com/api/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
api.trustedform.com/c7de7f3ab89748efa04363ea6490f614b4ee2b7c/ |
156 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
writelog
l.harpquiz.com/api/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
Snap
create.leadid.com/2.4.0/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
h
api.trustedform.com/c7de7f3ab89748efa04363ea6490f614b4ee2b7c/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
f
api.trustedform.com/c7de7f3ab89748efa04363ea6490f614b4ee2b7c/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
md
api.trustedform.com/c7de7f3ab89748efa04363ea6490f614b4ee2b7c/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
tp2
c.liadm.com/com.snowplowanalytics.snowplow/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1044.min.js
js-agent.newrelic.com/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
match.adsrvr.org/track/upb/ Frame 1589 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
439703bc4b
bam.nr-data.net/1/ |
57 B 57 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
InitFormData
create.leadid.com/2.4.0/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
tp2
c.liadm.com/com.snowplowanalytics.snowplow/ |
2 B 2 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
Snap
create.leadid.com/2.4.0/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
439703bc4b
bam.nr-data.net/resources/1/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
e
api.trustedform.com/c7de7f3ab89748efa04363ea6490f614b4ee2b7c/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- xdc.suitedconnector.com
- URL
- https://xdc.suitedconnector.com/xdc
- Domain
- d2m2wsoho8qq12.cloudfront.net
- URL
- https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3D2EC769-2716-849F-556D-64C6F5A1EFF0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.4.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6
- Domain
- match.adsrvr.org
- URL
- https://match.adsrvr.org/track/upb/?adv=m2ydk5f&ref=https%3A%2F%2Fl.harpquiz.com%2F%3Freq_id%3D45716217%26s1%3DPGPH_1114%26a%3D196%26o%3D1252%23&upid=vvdi7s0&osi=b8e69991d4846fd3d5d4084dca9050b1&osv=1.1&upv=1.1.2
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
d2m2wsoho8qq12.cloudfront.net/ | Name: uuid Value: a44418eb08a34326e0781eab9fb9d6f6 |
|
xdc.suitedconnector.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Im1mQjhKZ2xGaDJHa1ZFNTNrWHpqQlE9PSIsInZhbHVlIjoiT25UMFduVnMzYzFxRUE4Vk1zSW1BckVPZVFKTXlUVDBLQnM0eVNHUGp0WVcrU0dmYWwyRFlRbFlZaTRqZGRDanZtUkVORElFbVQ2NnppWmJvOFVTNUE9PSIsIm1hYyI6IjcxNDhkNmEzYzUxMTRiNjkxOTc1YWQ2MDg1OTMzMjk3YmI1NjJmOTFkMTJlMjUzNTQzZGQ3ODMwZWQxNmFhNjcifQ%3D%3D |
|
xdc.suitedconnector.com/ | Name: laravel_session Value: eyJpdiI6IlZUNHBmN09RM21xeDh0OWgyQnl5U1E9PSIsInZhbHVlIjoicjlVTnVJK2xsa1F6OHpTVzB5VGdXenZZVFUxSlFFXC9sOFwvR1Bta3liaE5HaDlTVUFCVVlMWXhsekZmMGpRZUc0SStHVkQwRkZqXC81MHI0MHZ6blp4d2c9PSIsIm1hYyI6ImFkZGM5Y2MwOWFiYTUxMDRjNzJlYjgwNWQ1MmY2MTY5YjM3NWI2NWZjMjY4NWMzMjhlYTdmMjZmNjRkMTgyOGYifQ%3D%3D |
|
xdc.suitedconnector.com/ | Name: AWSELB Value: 1759FF131C1A66434425D1540C4BCCE4243460C447677554F2D4CE9E46B65CBBB7FB1ACC553F79D929A70362C6FCB99570AF4E1BD8A214479ED7259438D724E283894795A6 |
|
l.harpquiz.com/ | Name: _litra_ses.07d7 Value: * |
|
l.harpquiz.com/ | Name: leadid_token-2B26B722-D668-EC71-D186-45FE6EC4DDE1-F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6 Value: 3D2EC769-2716-849F-556D-64C6F5A1EFF0 |
|
.harpquiz.com/ | Name: _gat Value: 1 |
|
.harpquiz.com/ | Name: _gid Value: GA1.2.1974048624.1510669907 |
|
.harpquiz.com/ | Name: _ga Value: GA1.2.401288894.1510669907 |
|
l.harpquiz.com/ | Name: _litra_id.07d7 Value: a-00q4--e1f36327-7146-4e93-9997-9456a2e6419c.1510669907.1.1510669908.1510669907.bc96ca70-608c-45d6-b99c-a52bc58f016c |
|
l.harpquiz.com/ | Name: CAKEPHP Value: rvqk7o124lg80n0a3crjkcid11 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amplify.outbrain.com
amplifypixel.outbrain.com
api.trustedform.com
b-code.liadm.com
bam.nr-data.net
c.liadm.com
cl.exct.net
connect.facebook.net
create.leadid.com
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
goo.gl
googleads.g.doubleclick.net
js-agent.newrelic.com
js.adsrvr.org
l.harpquiz.com
match.adsrvr.org
nexus.ensighten.com
s.yimg.com
s3.amazonaws.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
suited45trk.com
tr.outbrain.com
trking9.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
xdc.suitedconnector.com
d2m2wsoho8qq12.cloudfront.net
match.adsrvr.org
xdc.suitedconnector.com
104.108.37.139
151.101.114.110
151.101.114.2
162.247.242.21
188.125.66.33
216.58.206.2
2a00:1288:80:800::7001
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:815::2002
2a00:1450:4001:816::200e
2a00:1450:4001:817::2008
2a00:1450:400c:c04::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.193.61.227
50.97.168.187
52.200.114.135
52.202.4.64
52.207.195.246
52.53.67.177
52.7.204.158
52.8.176.79
52.9.202.238
54.215.171.192
54.230.131.102
54.230.14.138
54.230.15.40
54.231.114.44
54.67.26.88
92.123.94.148
0f555567ee537c345c8e656dad04d4a44625825816d7f3fa26ede0a4d102b8d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
151a73db325b1f8f839e688323011768b90551f5279cda57b7220ac3a17df214
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
33a05f0ff8c3bb3b8fdc3495c015352e711aee798ebb818fb580cc9c323ba40d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
359769002382b02ce2a8d08ca8cc38c8bacaafdd10da01a35da0b01b5bdabc87
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
564d81fd95a7c902d258059ad7da95b27dcd66ca0c2e55a0f84845dc394dc9a4
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
5bea53e79490e911cda150cf3a7260cca1d6c85bb1c177279f73ff71aa839a09
60f786f47627007f274963a6512d27dd25d91106565803339252b265f2e58dd5
65575530fea49b6404e2ca737b961c9da07509b13d3929832f9abd434bfb1616
68df6172e7cc9b1a3379bcde4a21ea0d85c595996e9089e782b4dcde7f2e8bcb
6a31d19adad3f2c853019374bee082e054fbfd7c3e47831914a6bb66ba3df010
6b0629990e345639633c11a21c7e54e3c00ea5dff03738ae123db943057a5923
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
85aeff6e282fc6829cc546e768c60b9f343a389a326b13253f20d4b0a9cd4a03
a124702d0772ec7c732d6499222c13f37cba75cf00d49ad18ca8821503562822
a6cf711556010e3c062518205b50fc2c9fefe527927eeb51aecbf2d91933a26e
ae56b565100c1ba89fa5464f09114362463ed9ce2a35695d072e086360890626
af535c940d910a4c6e18363c3482683fa2efd9c59b877b381ec80fda0103deb9
b003b4bb9f910d93e4f42f609cc96dff2fe12888d3caaf9dea8b17c6b0901c9a
b625e1d1c0456df03a0243e9b44941f555c08612bbd4b53a289ae9764bc4e99a
b76bbc7e0a8dec3d3fc248ec90c7e14d45e5074ccb0b92bad1b52f01d65e4c3a
b89c9ebf4ebc4309f41421eff8ee26fa75434b1d006d7572c9fbc00510bcdabb
c07662ec7831d46e8254220934fb0f0ad8e45595940234a7b39fb94797a51a48
c14997da0175f9a67a2dc95416743aea67c5ed9496f71da334704c62e79500af
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03109dd414befe07c55013d6763251567fc1e2c8e041d6a5bd56e4b14cce57e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c