nationalresearchrewards.com Open in urlscan Pro
172.245.10.99  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request landing Show response nationalresearchrewards.com/	12 KB 4 KB	856ms 319ms	Document text/html	172.245.10.99 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.245.10.99 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-10-99-host.colocrossing.com Software nginx/1.10.3 / Resource Hash 0ec0d4c786ba47a2febf83c1abf678b6453683a82d91ad3ac6b523892c7f39b7 Request headers Host nationalresearchrewards.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx/1.10.3 Date Fri, 08 Jan 2021 21:05:18 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive set-cookie _gsr=_cid:13374; Max-Age=3628800; Expires=Fri, 19-Feb-2021 21:05:18 GMT; Domain=nationalresearchrewards.com SESSION=N2YzNDY5ZGQtYjhmNi00ODdkLWJhMDAtNDQ2NzllZWQ2Mzc0; Path=/; Secure; HttpOnly; SameSite=Lax p3p CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" content-language en-US Content-Encoding gzip
GET H2	200	form-validation.css cdn1.nationalresearchrewards.com/static/css/	151 B 495 B	92ms 31ms	Stylesheet text/css	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn1.nationalresearchrewards.com/static/css/form-validation.css Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 4f6a28873e9313840852338f6e1344900ae597665934b4171f63743733082146 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 25 Dec 2020 23:02:20 GMT content-encoding gzip last-modified Sat, 20 Jan 2018 22:37:36 GMT server nginx/1.13.7 age 1202578 etag W/"5a63c4b0-97" x-cache Hit from cloudfront content-type text/css via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 x-amz-cf-id GCo2HIpw4iQRKthgP_tPatV4YN5bv5YXjNVNBdKW2IuUR_G48hraYg== expires Sun, 24 Jan 2021 23:02:20 GMT
GET H2	200	bundle.min.js Show response browser.sentry-cdn.com/5.15.5/	55 KB 17 KB	44ms 12ms	Script application/javascript	2a04:4e42::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://browser.sentry-cdn.com/5.15.5/bundle.min.js Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 1ee94537308b969ae3e3fe075f960e89e5817fc57f9464fd66b65a124448c66a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Origin https://nationalresearchrewards.com Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 21:05:18 GMT content-encoding gzip last-modified Wed, 22 Apr 2020 08:16:03 GMT server Fastly age 22570615 etag "8c32735049305a5594a56ef0e4519e8e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-length 17451 expires Thu, 22 Apr 2021 15:28:23 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 09:55:14 GMT content-encoding gzip x-content-type-options nosniff age 40204 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 08 Jan 2022 09:55:14 GMT
GET H2	200	jquery.autotab.js Show response cdn1.nationalresearchrewards.com/static/js/	3 KB 1 KB	90ms 30ms	Script application/javascript	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn1.nationalresearchrewards.com/static/js/jquery.autotab.js Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 32ce8d05c7e5356de3cb47ee0b3438a539dc62a7a05c66adde8e2668008adc0c Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 06:42:05 GMT content-encoding gzip last-modified Wed, 05 Sep 2018 19:28:49 GMT server nginx/1.13.7 age 1866193 etag W/"5b902e71-ae7" x-cache Hit from cloudfront content-type application/javascript via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 x-amz-cf-id yb4C_T5MPCkOoLb3S9WMTFPhSehEhqVoAdnqHmhSQR2ynJmrku2QgA== expires Sun, 17 Jan 2021 06:42:05 GMT
GET H2	200	jquery.validate.min.js Show response ajax.aspnetcdn.com/ajax/jquery.validate/1.19.1/	24 KB 10 KB	83ms 20ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jquery.validate/1.19.1/jquery.validate.min.js Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B45) / Resource Hash b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 21:05:18 GMT content-encoding gzip x-content-type-options nosniff age 12939792 x-cache HIT content-length 9837 x-xss-protection 1; mode=block last-modified Fri, 28 Jun 2019 17:47:03 GMT server ECAcc (ama/8B45) etag "5da2ef7ed92dd51:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	en_US.js Show response cdn1.nationalresearchrewards.com/static/js/	14 KB 5 KB	105ms 45ms	Script application/javascript	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn1.nationalresearchrewards.com/static/js/en_US.js Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash ebc9a4ac844d217003ff162246dfcce81e6c4d4559785ec7dabb657eb693ce90 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 25 Dec 2020 23:02:20 GMT content-encoding gzip last-modified Wed, 20 May 2020 17:42:59 GMT server nginx/1.13.7 age 1202578 etag W/"5ec56c23-39ef" x-cache Hit from cloudfront content-type application/javascript via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 x-amz-cf-id rL6GPNaxNEw8dzQfaRh6OJckYAsCT7DTq6-_9FmgiorKIPciXMtJaQ== expires Sun, 24 Jan 2021 23:02:20 GMT
GET H2	200	template.js Show response cdn1.nationalresearchrewards.com/static/js/	5 KB 2 KB	110ms 51ms	Script application/javascript	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn1.nationalresearchrewards.com/static/js/template.js Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 0ccb8847b87beedf15e5c4b09a1e3cd0a2b5f09ec9e94560153e0b9902c4c6d9 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 06:42:05 GMT content-encoding gzip last-modified Wed, 20 May 2020 19:47:07 GMT server nginx/1.13.7 age 1866193 etag W/"5ec5893b-1425" x-cache Hit from cloudfront content-type application/javascript via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 x-amz-cf-id JiIxZgSxVTZn9MMLs0dUpbCnh9cZ9QupaiNVimBp-A_5lqqOiOgreQ== expires Sun, 17 Jan 2021 06:42:05 GMT
GET H2	200	template.css cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/css/	3 KB 1 KB	92ms 33ms	Stylesheet text/css	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/css/template.css Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 94c936de38fce664cfa9b25a8ec2063122f1ac3f0f43e0ea2af5a3f2c65b0ddd Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 16 Dec 2020 17:55:04 GMT content-encoding gzip last-modified Wed, 09 Oct 2019 07:32:21 GMT server nginx/1.13.7 age 1998614 etag W/"5d9d8d05-d91" x-cache Hit from cloudfront content-type text/css via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 x-amz-cf-id P8Gd2Ati5A25CfXSbLBkVrwSD1cAQGX2h6qOTy6gpaAJYAbBhxXB_A== expires Fri, 15 Jan 2021 17:55:04 GMT
GET H2	200	LANDING_01_02.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	46 KB 47 KB	35ms 35ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_02.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash fc455fe664401d1e6c4c311ba65e7f7c6950774d0662ccbe6bc151aa94c9bf45 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Dec 2020 11:38:17 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 1675621 etag "5d9d8d06-b9a8" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 47528 x-amz-cf-id FMQrt81ZxN5VUPyFE6xXGj1RnTmY2dlqFAhjO42oh2ftBbozpq2vWA== expires Tue, 19 Jan 2021 11:38:17 GMT
GET H2	200	LANDING_01_03.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	27 KB 27 KB	81ms 81ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_03.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash f7ec1105d4f9bb9515558e76f42ad67c7bcab1b7320cbdac9a2a74d13f711aee Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:13 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:21 GMT server nginx/1.13.7 age 2824 etag "5d9d8d05-6a62" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 27234 x-amz-cf-id SoWoVJyYObilWyKsOrY3oe2lLQdrFFpQeOJSvJ45rR66052KBMjhRA== expires Sun, 07 Feb 2021 20:18:13 GMT
GET H2	200	btn_yes.png cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	2 KB 2 KB	59ms 54ms	Image image/png	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/btn_yes.png Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 1697488ebbfe6aa5169953a9bfeda0627b05674ae081676646327a65c63c9e84 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 02 Jan 2021 19:16:37 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 524921 etag "5d9d8d06-7d9" x-cache Hit from cloudfront content-type image/png cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2009 x-amz-cf-id CYYAWqi6_3azwOnwl0hCfv-2Q3sb6WeM15VXiL_TU8KjRu5js-ASBw== expires Mon, 01 Feb 2021 19:16:37 GMT
GET H2	200	btn_no.png cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	2 KB 2 KB	43ms 39ms	Image image/png	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/btn_no.png Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 912a0e9b48c7833000cec35598d1199e6af7ad503474c845b7f9724f56677131 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:13 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 2824 etag "5d9d8d06-6f3" x-cache Hit from cloudfront content-type image/png cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 1779 x-amz-cf-id BIcfhbYVN_ooRG3lJQ9GLXLKfMqSEm8O7AHVpj7bdxDrvoykDshzKg== expires Sun, 07 Feb 2021 20:18:13 GMT
GET H2	200	loading.gif cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	4 KB 4 KB	69ms 65ms	Image image/gif	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/loading.gif Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash b84750cc5a395288fcfd0cf42e3a60d6135e2f14db83fce05e97e5abacc2f9b4 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:14 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 2824 etag "5d9d8d06-f39" x-cache Hit from cloudfront content-type image/gif cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 3897 x-amz-cf-id aEpM2T2bXX-dEXNn06a-rJBJJoLC3uRt8f-rVl1_PNjqale9dWT3MA== expires Sun, 07 Feb 2021 20:18:14 GMT
GET H2	200	claimBtn.png cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	3 KB 4 KB	28ms 25ms	Image image/png	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/claimBtn.png Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 5a4cf5ee0bc47f6a3c22ad4fa708f7dc99207076af48a7f29ffaaee877966c38 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:32 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:21 GMT server nginx/1.13.7 age 2806 etag "5d9d8d05-df9" x-cache Hit from cloudfront content-type image/png cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 3577 x-amz-cf-id lq5HHiRQ3qjetNex9cQiC_F81ykqoxcxLVJyyEaErEIxZyHTpQgHXA== expires Sun, 07 Feb 2021 20:18:32 GMT
GET H2	200	LANDING_01_07.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	45 KB 46 KB	45ms 41ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_07.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 6c0772238355262a6d452693e701cf455241ae928dc4d7d9ae314ac96674b97a Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 25 Dec 2020 15:16:14 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 1230544 etag "5d9d8d06-b46e" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 46190 x-amz-cf-id 1vJ2DbleLq2iKSh09NUpStIXIA86l69-No4qhY4tNxSHVOwWz6JBUQ== expires Sun, 24 Jan 2021 15:16:14 GMT
GET H2	200	LANDING_01_12.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	24 KB 25 KB	41ms 38ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_12.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash c8872240c537942b816781b3a7a5c4d9fbcb3330efe6218065f819b8bbfa2049 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 25 Dec 2020 15:16:14 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 1230544 etag "5d9d8d06-60f4" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 24820 x-amz-cf-id 5uZBA71wczig1J6lpPseGhrEKiMdBlEFjGGSVWdD5LTHG7NJEeXowg== expires Sun, 24 Jan 2021 15:16:14 GMT
GET H2	200	LANDING_01_14.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	15 KB 15 KB	55ms 52ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_14.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 0770007796042895d76f7b841b63e82ea904abcc868d99ea67c8e8db0feea89d Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 25 Dec 2020 15:16:14 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 1230543 etag "5d9d8d06-3b66" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 15206 x-amz-cf-id Kdn1S1Yea0XmU_EidqfjTbE4v-qkge-dwgQ3RnIhcK1_jdwBNx7EdQ== expires Sun, 24 Jan 2021 15:16:14 GMT
GET H2	200	LANDING_01_16.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	48 KB 49 KB	56ms 54ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_16.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash b99266f9cf8a7678edcd8752a412973cdfa4f6ed7617176c6ccb6538ddc80074 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:15 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:21 GMT server nginx/1.13.7 age 2823 etag "5d9d8d05-c0f2" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 49394 x-amz-cf-id wC2k9r-XrGyDBR8U6vFGHdmewYc_fQZoJ9irCCW4wo5JfrkQl3ZKUg== expires Sun, 07 Feb 2021 20:18:15 GMT
GET H2	200	LANDING_01_17.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	24 KB 24 KB	73ms 71ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_17.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash e9c3f5d307aed05cfe0bc86893f328c76722b4985578a24951440bd37c22dd57 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:13 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 2825 etag "5d9d8d06-5fc3" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 24515 x-amz-cf-id 6uhDz__uwdNZJTd14Fq1OLJytWVX4ZVSKpvxZO8RvmVGDKq_qvyjLQ== expires Sun, 07 Feb 2021 20:18:13 GMT
GET H2	200	background.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	398 KB 399 KB	55ms 53ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/background.jpg Requested by Host: cdn1.nationalresearchrewards.com URL: https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/css/template.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 6acaf02f95abff17cdf2cd6a3dc529177dd70557e6d4666cb404fe85490281dd Request headers Referer https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/css/template.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:33 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 2805 etag "5d9d8d06-63864" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 407652 x-amz-cf-id 2z40c86-Oe04mGuQ5VoM3-sPvkCaWrEhIFX-vOWW8EnsHOaaA1QAAA== expires Sun, 07 Feb 2021 20:18:33 GMT
GET H2	200	LANDING_01_06.jpg cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/	9 KB 9 KB	78ms 76ms	Image image/jpeg	2600:9000:2190:ca00:15:64c0:d300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.nationalresearchrewards.com/static/1005/LANDING/11146/images/LANDING_01_06.jpg Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:15:64c0:d300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.13.7 / Resource Hash 76342de310e1fd3b32c923e44c23551d0ae38980c5899b87467eb00540505dc5 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 20:18:33 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) last-modified Wed, 09 Oct 2019 07:32:22 GMT server nginx/1.13.7 age 2805 etag "5d9d8d06-22e1" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2592000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 8929 x-amz-cf-id FDj7f865785xYLL_YfNqNBxSj2sJCZU0Epd7KDgkCkELXjvnA49p4w== expires Sun, 07 Feb 2021 20:18:33 GMT
GET H/1.1	200 OK	g_track.php scr.nationalresearchrewards.com/pixel/	0 324 B	761ms 225ms	Image image/gif	172.245.10.99 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://scr.nationalresearchrewards.com/pixel/g_track.php?a=13374&b=704761&c=10612&d=&e=154911129&f=7f3469dd-b8f6-487d-ba00-44679eed6374&g=6364&h=LANDING&i=&j=185.212.171.75&k=https%3A%2F%2Fnationalresearchrewards.com%2Flanding%3FcampaignId%3D13374%26subcid%3D704761%26email%3D%23cid%3D13374%23sid%3D229%23vid%3D6364&l=&m=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36 Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.245.10.99 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 172-245-10-99-host.colocrossing.com Software nginx/1.10.3 / PHP/7.1.27 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache Date Fri, 08 Jan 2021 21:05:19 GMT Server nginx/1.10.3 x-powered-by PHP/7.1.27 Content-Type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Length 0 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	26ms 7ms	Script text/javascript	2a00:1450:4001:819::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: nationalresearchrewards.com URL: https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://nationalresearchrewards.com/landing?campaignId=13374&subcid=704761&email= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 4998 date Fri, 08 Jan 2021 19:42:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Fri, 08 Jan 2021 21:42:00 GMT

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Sentry object| __SENTRY__ string| _campaignId string| _subcid string| _layoutId string| _memberId string| _systemRequestId string| _sessionId string| _viewId string| _siteUrl string| _siteTag string| _siteLocale string| _pid string| _publisherType string| _question number| _offerset_page_count string| _templateClass object| _settings string| _flowExecutionKey string| _os_set number| _offerPage number| _os_page string| _goPopURL string| _gFlowURL object| UP object| LAYOUT function| $ function| jQuery function| beforeSubmit number| submitDelay number| disabledSubmitTimeoutSec object| _config function| postalCodeLookup function| updateValidPhone function| initValidPhone function| checkPhoneAreaCodeAndPrefix function| handleMobileValidation function| mobileValidation object| is object| Template string| gaJsHost object| _gat object| _gaq object| pageTracker object| jQuery112405518154186787851

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nationalresearchrewards.com/	1970-01-20 08:46:51	Name: __utma Value: 81113608.426654058.1610139918.1610139918.1610139918.1
			.nationalresearchrewards.com/	1969-12-31 23:59:59	Name: __utmc Value: 81113608
			.nationalresearchrewards.com/	1970-01-19 15:15:41	Name: __utmb Value: 81113608.0.10.1610139918
			.nationalresearchrewards.com/	1970-01-19 19:38:27	Name: __utmz Value: 81113608.1610139918.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			nationalresearchrewards.com/	1969-12-31 23:59:59	Name: SESSION Value: N2YzNDY5ZGQtYjhmNi00ODdkLWJhMDAtNDQ2NzllZWQ2Mzc0
			.nationalresearchrewards.com/	1970-01-19 16:16:08	Name: _gsr Value: _cid:13374

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
browser.sentry-cdn.com
cdn1.nationalresearchrewards.com
nationalresearchrewards.com
scr.nationalresearchrewards.com
ssl.google-analytics.com
152.199.19.160
172.245.10.99
2600:9000:2190:ca00:15:64c0:d300:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:819::2008
2a04:4e42::729
0770007796042895d76f7b841b63e82ea904abcc868d99ea67c8e8db0feea89d
0ccb8847b87beedf15e5c4b09a1e3cd0a2b5f09ec9e94560153e0b9902c4c6d9
0ec0d4c786ba47a2febf83c1abf678b6453683a82d91ad3ac6b523892c7f39b7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1697488ebbfe6aa5169953a9bfeda0627b05674ae081676646327a65c63c9e84
1ee94537308b969ae3e3fe075f960e89e5817fc57f9464fd66b65a124448c66a
32ce8d05c7e5356de3cb47ee0b3438a539dc62a7a05c66adde8e2668008adc0c
4f6a28873e9313840852338f6e1344900ae597665934b4171f63743733082146
5a4cf5ee0bc47f6a3c22ad4fa708f7dc99207076af48a7f29ffaaee877966c38
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6acaf02f95abff17cdf2cd6a3dc529177dd70557e6d4666cb404fe85490281dd
6c0772238355262a6d452693e701cf455241ae928dc4d7d9ae314ac96674b97a
76342de310e1fd3b32c923e44c23551d0ae38980c5899b87467eb00540505dc5
912a0e9b48c7833000cec35598d1199e6af7ad503474c845b7f9724f56677131
94c936de38fce664cfa9b25a8ec2063122f1ac3f0f43e0ea2af5a3f2c65b0ddd
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b84750cc5a395288fcfd0cf42e3a60d6135e2f14db83fce05e97e5abacc2f9b4
b99266f9cf8a7678edcd8752a412973cdfa4f6ed7617176c6ccb6538ddc80074
c8872240c537942b816781b3a7a5c4d9fbcb3330efe6218065f819b8bbfa2049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c3f5d307aed05cfe0bc86893f328c76722b4985578a24951440bd37c22dd57
ebc9a4ac844d217003ff162246dfcce81e6c4d4559785ec7dabb657eb693ce90
f7ec1105d4f9bb9515558e76f42ad67c7bcab1b7320cbdac9a2a74d13f711aee
fc455fe664401d1e6c4c311ba65e7f7c6950774d0662ccbe6bc151aa94c9bf45