urlscan.io logo urlscan.io
SecurityTrails logo

www.mortgagehacking.com Open in urlscan Pro
2606:4700:3031::681b:a629  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Submission: On May 15 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3031::681b:a629, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mortgagehacking.com.
This is the only time www.mortgagehacking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3031::681b:a629 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mortgagehacking.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
Domain Requested by
5 maxcdn.bootstrapcdn.com www.mortgagehacking.com
4 www.mortgagehacking.com www.mortgagehacking.com
3 fonts.gstatic.com www.mortgagehacking.com
2 counter.yadro.ru 1 redirects www.mortgagehacking.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 cdnjs.cloudflare.com www.mortgagehacking.com
1 fonts.googleapis.com www.mortgagehacking.com
1 stats.g.doubleclick.net www.mortgagehacking.com
1 ajax.googleapis.com www.mortgagehacking.com
1 www.googletagmanager.com www.mortgagehacking.com
20 10

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.mortgagehacking.com/xeKuzmbe323B
Frame ID: 9C794A3792E15067C158FCE953323C20
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

20
Requests

55 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

11
IPs

5
Countries

360 kB
Transfer

958 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1920838677&t=pageview&_s=1&dl=http%3A%2F%2Fwww.mortgagehacking.com%2FxeKuzmbe323B&ul=en-us&de=UTF-8&dt=Buildinggreen%20Promoted%20Page%20Share%20Links%20-%20PasteIO&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=553750673&gjid=1632906084&cid=1835568861.1589552755&tid=UA-102646522-1&_gid=367613235.1589552755&_r=1&gtm=2ou561&z=697267260 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102646522-1&cid=1835568861.1589552755&jid=553750673&_gid=367613235.1589552755&gjid=1632906084&_v=j82&z=697267260
Request Chain 19
  • http://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//www.mortgagehacking.com/xeKuzmbe323B;hBuildinggreen%20Promoted%20Page%20Share%20Links%20-%20PasteIO;0.8384921325291919 HTTP 302
  • http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//www.mortgagehacking.com/xeKuzmbe323B;hBuildinggreen%20Promoted%20Page%20Share%20Links%20-%20PasteIO;0.8384921325291919

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set xeKuzmbe323B
www.mortgagehacking.com/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:a629 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash
bfa2df5b8840d0538ab319a8a0050b8469b29eb3d2db8231912f88239c086b18

Request headers

Host
www.mortgagehacking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:25:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d93fcf4a298424d4d53311839c62ec26f1589552754; expires=Sun, 14-Jun-20 14:25:54 GMT; path=/; domain=.mortgagehacking.com; HttpOnly; SameSite=Lax ci_session=ioprqkq3fg8l0niss9ecflneaoaccmrq; expires=Fri, 15-May-2020 16:25:55 GMT; Max-Age=7200; path=/; HttpOnly
X-Powered-By
PHP/5.4.45
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
cf-request-id
02ba5347c900003240ce82d200000001
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
593d87ec7e523240-FRA
Content-Encoding
gzip
js
www.googletagmanager.com/gtag/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-102646522-1
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d97642d8c15183e71c3b67939c392b8897a031bed4178b3822f3b026becfe197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:25:55 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33117
x-xss-protection
0
last-modified
Fri, 15 May 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 May 2020 14:25:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.mortgagehacking.com/xeKuzmbe323B
Origin
http://www.mortgagehacking.com

Response headers

date
Fri, 15 May 2020 14:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:25:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
style.min.css
www.mortgagehacking.com/assets/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mortgagehacking.com/assets/css/style.min.css?v=44
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:a629 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash
9c864bdcea114a8ff37d92d280594a5322d3e0b43b38ca64e850cb6480d6e6c1

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:25:55 GMT
Content-Encoding
gzip
ETag
W/"5e8dc7a3-39b1"
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Apr 2020 12:46:27 GMT
Server
cloudflare
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
593d87ef7f593240-FRA
cf-request-id
02ba5349ac00003240ce85e200000001
Expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.mortgagehacking.com/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mortgagehacking.com/assets/images/logo.png
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:a629 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash
2570cb05bbdff46665d841145c87d624cc3e706b7a603fa292be7d23380cd26a

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:25:55 GMT
ETag
"5b22555d-134f"
CF-Cache-Status
BYPASS
Last-Modified
Thu, 14 Jun 2018 11:45:33 GMT
Server
cloudflare
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
593d87ef8d99325c-FRA
cf-request-id
02ba5349b50000325c5fbff200000001
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 21:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
837761
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 May 2021 21:43:14 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
ace.js
cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ 		358 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ace.js
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8245819a48f2ffc7b5414cf9b6fe02098804b6347cb11946897b0c79e6d5794a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:25:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3511927
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02ba5349b10000c281288a9200000001
served-in-seconds
0.005
timing-allow-origin
*
last-modified
Sun, 24 Feb 2019 09:15:51 GMT
server
cloudflare
etag
W/"5c7260c7-59810"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
593d87ef8d82c281-FRA
expires
Wed, 05 May 2021 14:25:55 GMT
ext-modelist.js
cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.3/ext-modelist.js
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df9e8425e492ddcb3a9f04c5a22a3894fefdd6471b44cfe67c9b81b2c06e7c9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:25:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1850000
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02ba5349b10000c281288aa200000001
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Sun, 24 Feb 2019 09:15:52 GMT
server
cloudflare
etag
W/"5c7260c8-11a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
593d87ef8d84c281-FRA
expires
Wed, 05 May 2021 14:25:55 GMT
app.min.js
www.mortgagehacking.com/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mortgagehacking.com/assets/js/app.min.js?v=2
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:a629 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash
3d24535f45921df5303562c0c5f934fef14e6245c67e839a52c4436cdb4f7808

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:25:55 GMT
Content-Encoding
gzip
ETag
W/"5cd9b126-1c82"
CF-Cache-Status
MISS
Last-Modified
Mon, 13 May 2019 18:02:14 GMT
Server
cloudflare
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
593d87ef89a11f31-FRA
cf-request-id
02ba5349b300001f31ebaf9200000001
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102646522-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
5376
date
Fri, 15 May 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 15 May 2020 14:56:19 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1920838677&t=pageview&_s=1&dl=http%3A%2F%2Fwww.mortgagehacking.com%2FxeKuzmbe323B&ul=en-us&de=UTF-8&dt=Buildinggreen%20Promoted%20Page%20Shar...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102646522-1&cid=1835568861.1589552755&jid=553750673&_gid=367613235.1589552755&gjid=1632906084&_v=j82&z=697267260
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102646522-1&cid=1835568861.1589552755&jid=553750673&_gid=367613235.1589552755&gjid=1632906084&_v=j82&z=697267260
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 May 2020 14:25:55 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 14:25:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102646522-1&cid=1835568861.1589552755&jid=553750673&_gid=367613235.1589552755&gjid=1632906084&_v=j82&z=697267260
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:400,100,300,500,400italic,700,900
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f922c5dd020427e6247ee3b98547d9e3590c8142d4004a457b67258f5de98d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:25:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 15 May 2020 14:25:55 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Fri, 15 May 2020 14:25:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto:400,100,300,500,400italic,700,900
Origin
http://www.mortgagehacking.com

Response headers

Date
Wed, 13 May 2020 06:52:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:48 GMT
Server
sffe
Age
200032
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11056
X-XSS-Protection
0
Expires
Thu, 13 May 2021 06:52:06 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto:400,100,300,500,400italic,700,900
Origin
http://www.mortgagehacking.com

Response headers

Date
Wed, 06 May 2020 03:12:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:50 GMT
Server
sffe
Age
817992
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11016
X-XSS-Protection
0
Expires
Thu, 06 May 2021 03:12:46 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://www.mortgagehacking.com

Response headers

date
Fri, 15 May 2020 14:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto:400,100,300,500,400italic,700,900
Origin
http://www.mortgagehacking.com

Response headers

Date
Tue, 12 May 2020 02:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:58 GMT
Server
sffe
Age
301571
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11020
X-XSS-Protection
0
Expires
Wed, 12 May 2021 02:39:47 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin
http://www.mortgagehacking.com

Response headers

date
Fri, 15 May 2020 14:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//www.mortgagehacking.com/xeKuzmbe323B;hBuildinggreen%20Promoted%20Page%20Share%20Links%20-%20PasteIO;0.8384921325291919
  • http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//www.mortgagehacking.com/xeKuzmbe323B;hBuildinggreen%20Promoted%20Page%20Share%20Links%20-%20PasteIO;0.8384921325291919
132 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//www.mortgagehacking.com/xeKuzmbe323B;hBuildinggreen%20Promoted%20Page%20Share%20Links%20-%20PasteIO;0.8384921325291919
Requested by
Host: www.mortgagehacking.com
URL: http://www.mortgagehacking.com/xeKuzmbe323B
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
0W/0.8c /
Resource Hash
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Request headers

Referer
http://www.mortgagehacking.com/xeKuzmbe323B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 May 2020 14:25:58 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
132
Expires
Wed, 15 May 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 May 2020 14:25:58 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//www.mortgagehacking.com/xeKuzmbe323B;hBuildinggreen%20Promoted%20Page%20Share%20Links%20-%20PasteIO;0.8384921325291919
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Wed, 15 May 2019 21:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| define function| require object| ace string| baseurl function| GetSyntaxCodeByExtension function| GetExtensionBySyntaxCode object| syntax_list string| mode string| text number| type string| access_control string| authentic_token string| syntax string| syntax_extension boolean| content_expire string| created_date string| expiry_date number| view_count string| pasteurl string| deleteurl boolean| PasswordProtected function| Initialize function| InitializeEditor function| ChangeEditorMode function| ApplyWordCount function| WordCount function| LengthInUtf8Bytes function| SizeFormatter function| download_click function| raw_click function| clone_click function| report_click function| ReportSubmit

5 Cookies

Domain/Path Name / Value
.mortgagehacking.com/ Name: _gid
Value: GA1.2.367613235.1589552755
.mortgagehacking.com/ Name: _ga
Value: GA1.2.1835568861.1589552755
.mortgagehacking.com/ Name: _gat_gtag_UA_102646522_1
Value: 1
www.mortgagehacking.com/ Name: ci_session
Value: ioprqkq3fg8l0niss9ecflneaoaccmrq
.mortgagehacking.com/ Name: __cfduid
Value: d93fcf4a298424d4d53311839c62ec26f1589552754

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.mortgagehacking.com
2001:4de0:ac19::1:b:3b
2606:4700:3031::681b:a629
2606:4700::6810:85e5
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:821::200a
2a00:1450:400c:c0b::9a
88.212.201.216
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
2570cb05bbdff46665d841145c87d624cc3e706b7a603fa292be7d23380cd26a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3d24535f45921df5303562c0c5f934fef14e6245c67e839a52c4436cdb4f7808
3df9e8425e492ddcb3a9f04c5a22a3894fefdd6471b44cfe67c9b81b2c06e7c9
4f922c5dd020427e6247ee3b98547d9e3590c8142d4004a457b67258f5de98d4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8245819a48f2ffc7b5414cf9b6fe02098804b6347cb11946897b0c79e6d5794a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9c864bdcea114a8ff37d92d280594a5322d3e0b43b38ca64e850cb6480d6e6c1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfa2df5b8840d0538ab319a8a0050b8469b29eb3d2db8231912f88239c086b18
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d97642d8c15183e71c3b67939c392b8897a031bed4178b3822f3b026becfe197
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c