urlscan.io logo urlscan.io
SecurityTrails logo

apply.brokerscg.com Open in urlscan Pro
2600:9000:2315:3600:a:13d0:6480:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://apply.brokerscg.com/
Submission Tags: @phishunt_io
Submission: On April 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2600:9000:2315:3600:a:13d0:6480:93a1, located in United States and belongs to AMAZON-02, US. The main domain is apply.brokerscg.com.
TLS certificate: Issued by Amazon on April 5th 2022. Valid for: a year.
This is the only time apply.brokerscg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2600:9000:231... 16509 (AMAZON-02)
6 199.175.184.72 55155 (LPS-8)
3 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
3 2606:4700::68... 13335 (CLOUDFLAR...)
21 6
7    2600:9000:2315:3600:a:13d0:6480:93a1 (United States)

ASN16509 (AMAZON-02, US)
apply.brokerscg.com
6    199.175.184.72 (United States)

ASN55155 (LPS-8, US)
api.p1.loancatcher.bkicloud.com
3    2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a06:98c1:3123:8000::c (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a02:26f0:ef::5c7b:c209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
Apex Domain
Subdomains		 Transfer
7 brokerscg.com
apply.brokerscg.com
1 MB
6 bkicloud.com
api.p1.loancatcher.bkicloud.com
5 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1791
ka-p.fontawesome.com — Cisco Umbrella Rank: 4387
64 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 497
p.typekit.net — Cisco Umbrella Rank: 605
35 KB
21 4
Domain Requested by
7 apply.brokerscg.com apply.brokerscg.com
6 api.p1.loancatcher.bkicloud.com apply.brokerscg.com
3 ka-p.fontawesome.com apply.brokerscg.com
3 use.typekit.net apply.brokerscg.com
use.typekit.net
1 p.typekit.net use.typekit.net
1 kit.fontawesome.com apply.brokerscg.com
21 6

This site contains links to these domains. Also see Links.

Domain
nmlsconsumeraccess.org
Subject Issuer Validity Valid
*.brokeroriginationsolution.com
Amazon		 2022-04-05 -
2023-05-04		 a year crt.sh
*.p1.loancatcher.bkicloud.com
GlobalSign RSA OV SSL CA 2018		 2021-12-02 -
2023-01-03		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://apply.brokerscg.com/
Frame ID: 84D4CAF16FABAFB62BC4B185CEF876A7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mortgage Company | Mortgage Rates | Home Loan | USA

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

21
Requests

100 %
HTTPS

83 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

1242 kB
Transfer

5271 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
apply.brokerscg.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apply.brokerscg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3600:a:13d0:6480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1421e8a70fde77f666a483893103e5b4c5c629c0821ca6289f2e1ef2c1d1a000

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 06 Apr 2022 00:11:01 GMT
etag
W/"b2d6f380ca4c7b16e73b2fd3cf454a0b"
last-modified
Tue, 05 Apr 2022 20:08:29 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-id
YvCWnU-SA2yO7ZHKCWu4hGwt25XEP77dPkkvfFyK24Qr7Bx6InRm8w==
x-amz-cf-pop
DUS51-P2
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
runtime.26f1317e546975fdda67.js
apply.brokerscg.com/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apply.brokerscg.com/runtime.26f1317e546975fdda67.js
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3600:a:13d0:6480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ba6d5e6b4129d7d991ba8206440a6dab81acc4f8010da9cfe58a9b4ccb09f06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
etag
W/"2fa1b03bc5b2c69d1a9c26e0591f661f"
last-modified
Tue, 05 Apr 2022 20:08:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
clbq8zuou4Sw-_CoQMXM5qH91u_zVggZmWykXgCTRHyTlBuQeY5w7w==
polyfills.c2f8082a0e86385b0158.js
apply.brokerscg.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apply.brokerscg.com/polyfills.c2f8082a0e86385b0158.js
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3600:a:13d0:6480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
879f489edd0697f8231d52b8073c46356d0216b461b189d1b5e151db5c34661e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
etag
W/"3a3eb28ba9cda0a60e282581de04c008"
last-modified
Sat, 02 Apr 2022 06:56:47 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
vMfI2UUcku2hQcRq526AextW0oKvpLYEXbTgyIvE3bqAU0ds50rF_Q==
main.4be3dcb33afd4baa8168.js
apply.brokerscg.com/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://apply.brokerscg.com/main.4be3dcb33afd4baa8168.js
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3600:a:13d0:6480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8dc8d95bee1095cf2b854e960c4ec005f9f610364fea73b6f85a4b31b16db70f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
etag
W/"344a00b2ecdfee155b7d8ea3e493a87a"
last-modified
Tue, 05 Apr 2022 20:08:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
UGlUzpPPmmxkSB3IXVwpFvTz7LpWxQ5RxNYTDj-nVkfDdVwF-crtrQ==
styles.aefc6bd0f541a0445b10.css
apply.brokerscg.com/ 		251 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.brokerscg.com/styles.aefc6bd0f541a0445b10.css
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3600:a:13d0:6480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c33cccd326c0befcc939611a8e33a08070d71a76aedda1e47c4424db8599e44d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
etag
W/"f16021e0aafe9aa281ab8fc4b1666157"
last-modified
Sat, 02 Apr 2022 06:56:47 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
1vocMMfCJfoloHms8zLsHlwemb73laIIBP-qO6uE1wnZFe5lUeL6WQ==
legal-entity
api.p1.loancatcher.bkicloud.com/api/v1/query/drill-down-sources/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.p1.loancatcher.bkicloud.com/api/v1/query/drill-down-sources/legal-entity
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.175.184.72 , United States, ASN55155 (LPS-8, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token-type
Access-Control-Request-Method
POST
Origin
https://apply.brokerscg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers
x-requested-with, authorization, Content-Type, Content-Length, Authorization, credential, token-type, X-XSRF-TOKEN, x-origin, x-trace-uuid, x-cloud-mode, x-override-lock, x-access-keys, x-transaction-uuid, x-access-token, x-legal-entity, x-ls-company-uuid, x-ls-user-uuid
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
0
Date
Wed, 06 Apr 2022 00:11:02 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
legal-entity
api.p1.loancatcher.bkicloud.com/api/v1/query/drill-down-sources/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.p1.loancatcher.bkicloud.com/api/v1/query/drill-down-sources/legal-entity
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/polyfills.c2f8082a0e86385b0158.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.175.184.72 , United States, ASN55155 (LPS-8, US),
Reverse DNS
Software
/
Resource Hash
aeb8fe6fec84c5a767b693529b84b0fcf0706a48109fe6aeda07aa8cb7900d5d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json,*/*
Referer
https://apply.brokerscg.com/
Accept-Language
de-DE,de;q=0.9
token-type
Bearer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 06 Apr 2022 00:11:02 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Trace-Uuid
5a9e2554-7a8c-47ba-89ad-548abb8c4670
Connection
keep-alive
Vary
access-control-request-method
Content-Length
2829
X-XSS-Protection
1; mode=block
Pragma
no-cache
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, DELETE
Access-Control-Allow-Origin
https://apply.brokerscg.com
Cache-Control
private, no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
X-Content-Type-Options
nosniff
Expires
Wed, 31 Dec 1969 23:59:59 GMT
haa4xmt.css
use.typekit.net/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/haa4xmt.css
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/main.4be3dcb33afd4baa8168.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d1c0bfb185da228af82a0cae9a04d6e4234956b4006c824cf7423a7ab685b5c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 06 Apr 2022 00:11:01 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1084
fd8e7d93e3.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/fd8e7d93e3.js
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/main.4be3dcb33afd4baa8168.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3123:8000::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b047650c55a764a4bcdb7bda4160a7034be7fbd47b5f09b3a2c46369305edb75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://apply.brokerscg.com/
Origin
https://apply.brokerscg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6f764dc40a7683a6-MXP
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FuMmLIG9vIst1bISjCIB
9143.30abaae1107c5a0d5dcc.js
apply.brokerscg.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apply.brokerscg.com/9143.30abaae1107c5a0d5dcc.js
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/runtime.26f1317e546975fdda67.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3600:a:13d0:6480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
850067313fa1cee15c8967d35169f76ff1601291e61787876d1305f4099ba813

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 06 Apr 2022 00:11:02 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 20:08:26 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
W/"ff59c3b0a8740e2f20c35275f56b56e3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
8-t35BISvS7VvBSbsbNy4Y5Nifg3FKZmuuYThDRyuOlWyfkDMC_-CA==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=haa4xmt&ht=tk&f=137.139.140.173.175.176.5474.579.580.581.582&a=12529909&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/haa4xmt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=fd8e7d93e3
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/polyfills.c2f8082a0e86385b0158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
"610ae215-d3b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6f764dc4af5101eb-ZRH
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=fd8e7d93e3
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/polyfills.c2f8082a0e86385b0158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
"610ae215-1062"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6f764dc4af5201eb-ZRH
content-length
4194
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		27 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=fd8e7d93e3
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/polyfills.c2f8082a0e86385b0158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
"610ae215-a2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6f764dc4af5301eb-ZRH
content-length
2603
feature
api.p1.loancatcher.bkicloud.com/api/v1/legal-entity/3b4832ad-0b77-4980-a1ef-e1173374f354/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.p1.loancatcher.bkicloud.com/api/v1/legal-entity/3b4832ad-0b77-4980-a1ef-e1173374f354/feature
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.175.184.72 , United States, ASN55155 (LPS-8, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
token-type,x-legal-entity
Access-Control-Request-Method
GET
Origin
https://apply.brokerscg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers
x-requested-with, authorization, Content-Type, Content-Length, Authorization, credential, token-type, X-XSRF-TOKEN, x-origin, x-trace-uuid, x-cloud-mode, x-override-lock, x-access-keys, x-transaction-uuid, x-access-token, x-legal-entity, x-ls-company-uuid, x-ls-user-uuid
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
0
Date
Wed, 06 Apr 2022 00:11:02 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
feature
api.p1.loancatcher.bkicloud.com/api/v1/legal-entity/3b4832ad-0b77-4980-a1ef-e1173374f354/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.p1.loancatcher.bkicloud.com/api/v1/legal-entity/3b4832ad-0b77-4980-a1ef-e1173374f354/feature
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/polyfills.c2f8082a0e86385b0158.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.175.184.72 , United States, ASN55155 (LPS-8, US),
Reverse DNS
Software
/
Resource Hash
2aa82179aef77b798cbe362a79d86e37f29b81cf1ca53e13ed16df519ca5459b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json,*/*
Referer
https://apply.brokerscg.com/
X-Legal-Entity
3b4832ad-0b77-4980-a1ef-e1173374f354
Accept-Language
de-DE,de;q=0.9
token-type
Bearer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 00:11:03 GMT
Content-Encoding
gzip
X-Trace-Uuid
613cf6fe-f16b-4dfa-85c1-a7dd2cf17962
Transfer-Encoding
chunked
Access-Control-Max-Age
7200
Connection
keep-alive
Vary
access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Pragma
no-cache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://apply.brokerscg.com
Cache-Control
private, no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
X-Content-Type-Options
nosniff
Expires
Wed, 31 Dec 1969 23:59:59 GMT
global-notifications
api.p1.loancatcher.bkicloud.com/api/v1/ 		26 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.p1.loancatcher.bkicloud.com/api/v1/global-notifications
Requested by
Host: apply.brokerscg.com
URL: https://apply.brokerscg.com/polyfills.c2f8082a0e86385b0158.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.175.184.72 , United States, ASN55155 (LPS-8, US),
Reverse DNS
Software
/
Resource Hash
b2ac5698f5d93bdc7773ff628585de1b55062bcf9a23fba40a074b6f10b1c214
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json,*/*
Referer
https://apply.brokerscg.com/
X-Legal-Entity
3b4832ad-0b77-4980-a1ef-e1173374f354
Accept-Language
de-DE,de;q=0.9
token-type
Bearer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 00:11:02 GMT
Content-Encoding
gzip
X-Trace-Uuid
250b86dd-a892-4b39-878f-12d4a692a1bb
Transfer-Encoding
chunked
Access-Control-Max-Age
7200
Connection
keep-alive
Vary
access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Pragma
no-cache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://apply.brokerscg.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
X-Content-Type-Options
nosniff
Expires
0
global-notifications
api.p1.loancatcher.bkicloud.com/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.p1.loancatcher.bkicloud.com/api/v1/global-notifications
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.175.184.72 , United States, ASN55155 (LPS-8, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
token-type,x-legal-entity
Access-Control-Request-Method
GET
Origin
https://apply.brokerscg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers
x-requested-with, authorization, Content-Type, Content-Length, Authorization, credential, token-type, X-XSRF-TOKEN, x-origin, x-trace-uuid, x-cloud-mode, x-override-lock, x-access-keys, x-transaction-uuid, x-access-token, x-legal-entity, x-ls-company-uuid, x-ls-user-uuid
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
0
Date
Wed, 06 Apr 2022 00:11:02 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
equal-housing-opportunity.png
apply.brokerscg.com/assets/images/service-logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apply.brokerscg.com/assets/images/service-logos/equal-housing-opportunity.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3600:a:13d0:6480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
690c0bf50402beda8d4003850a9a5cae195a92a6dd57150bd036b0b742c10e16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apply.brokerscg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 06 Apr 2022 00:11:03 GMT
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
last-modified
Sat, 02 Apr 2022 06:56:46 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"067466dbc87fbf9f936ecfa053336c38"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
2189
x-amz-cf-id
p3Xi689FSxhF3gG4O9rzqE-AnNx2s7B2ncg1nTSF_107EgKjxvaWUQ==
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/haa4xmt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer
https://use.typekit.net/haa4xmt.css
Origin
https://apply.brokerscg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:02 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16560
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/haa4xmt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer
https://use.typekit.net/haa4xmt.css
Origin
https://apply.brokerscg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 00:11:02 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| global string| __theme object| webpackChunknexspring_ui function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __zone_symbol__beforeunloadfalse object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| FontAwesomeKitConfig object| __zone_symbol__focusfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.p1.loancatcher.bkicloud.com
apply.brokerscg.com
ka-p.fontawesome.com
kit.fontawesome.com
p.typekit.net
use.typekit.net
199.175.184.72
2600:9000:2315:3600:a:13d0:6480:93a1
2606:4700::6812:1634
2a02:26f0:ef::5c7b:c209
2a02:26f0:f7::5c7b:e031
2a06:98c1:3123:8000::c
1421e8a70fde77f666a483893103e5b4c5c629c0821ca6289f2e1ef2c1d1a000
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2aa82179aef77b798cbe362a79d86e37f29b81cf1ca53e13ed16df519ca5459b
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
690c0bf50402beda8d4003850a9a5cae195a92a6dd57150bd036b0b742c10e16
7ba6d5e6b4129d7d991ba8206440a6dab81acc4f8010da9cfe58a9b4ccb09f06
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
850067313fa1cee15c8967d35169f76ff1601291e61787876d1305f4099ba813
879f489edd0697f8231d52b8073c46356d0216b461b189d1b5e151db5c34661e
8dc8d95bee1095cf2b854e960c4ec005f9f610364fea73b6f85a4b31b16db70f
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
aeb8fe6fec84c5a767b693529b84b0fcf0706a48109fe6aeda07aa8cb7900d5d
b047650c55a764a4bcdb7bda4160a7034be7fbd47b5f09b3a2c46369305edb75
b2ac5698f5d93bdc7773ff628585de1b55062bcf9a23fba40a074b6f10b1c214
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
c33cccd326c0befcc939611a8e33a08070d71a76aedda1e47c4424db8599e44d
d1c0bfb185da228af82a0cae9a04d6e4234956b4006c824cf7423a7ab685b5c7