forbearancereport.org
Open in
urlscan Pro
104.199.124.111
Public Scan
Submission: On September 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 13th 2022. Valid for: 3 months.
This is the only time forbearancereport.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 111.124.199.104.bc.googleusercontent.com
forbearancereport.org | |
forbearancereport.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
dlieyhrm30x3f.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com | |
beacon.aimtell.com | |
cdn.aimtell.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-84.fra60.r.cloudfront.net
analytics.aimtell.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
forbearancereport.org
1 redirects
forbearancereport.org |
977 KB |
9 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 102 |
793 KB |
5 |
aimtell.com
1 redirects
signals.aimtell.com — Cisco Umbrella Rank: 4584 beacon.aimtell.com — Cisco Umbrella Rank: 19794 cdn.aimtell.com — Cisco Umbrella Rank: 5570 analytics.aimtell.com — Cisco Umbrella Rank: 15437 |
4 KB |
5 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
79 KB |
5 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 jnn-pa.googleapis.com — Cisco Umbrella Rank: 280 |
31 KB |
4 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 351 |
2 KB |
2 |
aimtell.io
cdn.aimtell.io — Cisco Umbrella Rank: 7965 |
1 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
2 |
amazonaws.com
s3.amazonaws.com |
14 KB |
2 |
forbearancereport.com
2 redirects
forbearancereport.com |
252 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 154 |
34 KB |
2 |
clix.ly
embed.clix.ly |
426 B |
2 |
cloudfront.net
dlieyhrm30x3f.cloudfront.net |
66 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 125 |
22 KB |
1 |
ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 234 |
3 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
14 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 113 |
297 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66 |
41 KB |
1 |
dev2itclix.com
dev2itclix.com |
10 KB |
68 | 19 |
Domain | Requested by | |
---|---|---|
25 | forbearancereport.org |
1 redirects
forbearancereport.org
|
9 | www.youtube.com |
forbearancereport.org
www.youtube.com |
4 | jnn-pa.googleapis.com |
www.youtube.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
www.youtube.com |
2 | beacon.aimtell.com |
s3.amazonaws.com
|
2 | www.gstatic.com |
www.youtube.com
www.gstatic.com |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | cdn.aimtell.io |
s3.amazonaws.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | s3.amazonaws.com |
forbearancereport.org
|
2 | forbearancereport.com | 2 redirects |
2 | connect.facebook.net |
forbearancereport.org
connect.facebook.net |
2 | embed.clix.ly |
dev2itclix.com
|
2 | dlieyhrm30x3f.cloudfront.net |
forbearancereport.org
|
1 | analytics.aimtell.com | 1 redirects |
1 | cdn.aimtell.com |
s3.amazonaws.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | www.google.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | signals.aimtell.com |
s3.amazonaws.com
|
1 | www.facebook.com |
forbearancereport.org
|
1 | fonts.googleapis.com |
dlieyhrm30x3f.cloudfront.net
|
1 | www.googletagmanager.com |
forbearancereport.org
|
1 | dev2itclix.com |
forbearancereport.org
|
68 | 26 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
forbearancereport.org R3 |
2022-08-13 - 2022-11-11 |
3 months | crt.sh |
dev2itclix.com R3 |
2022-07-25 - 2022-10-23 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
embed.clix.ly R3 |
2022-07-05 - 2022-10-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-11 - 2022-09-09 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
s3.amazonaws.com Amazon |
2022-04-01 - 2023-03-30 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
aimtell.com Cloudflare Inc ECC CA-3 |
2022-05-09 - 2023-05-08 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-04 - 2023-06-03 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://forbearancereport.org/arvest-central-mortgage-company-coronavirus-forbearance-information/
Frame ID: F0971FC010CFBB9765F55B4BBF83C95D
Requests: 45 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/fFfbeI8moZY?feature=oembed&playlist=fFfbeI8moZY&start&end&wmode=opaque&loop=1&controls=1&mute=0&rel=0&modestbranding=0
Frame ID: 3E2D575F69A48299CB35C3CC5054601B
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Arvest Central Mortgage Company Coronavirus Forbearance Information | Forbearance ReportPage URL History Show full URLs
-
https://forbearancereport.org/arvest-central-mortgage-company-coronavirus-forbearance-information
HTTP 301
https://forbearancereport.org/arvest-central-mortgage-company-coronavirus-forbearance-information/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Aimtell (Marketing automation) Expand
Detected patterns
- cdn\.aimtell\.\w+/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Free Lifetime Membership to America's Homeowner Alliance - code: aha2020
Search URL Search Domain Scan URL
Title: 995Hope - HUD Approved Housing Counseling
Search URL Search Domain Scan URL
Title: Fannie Mae Loan Lookup Tool
Search URL Search Domain Scan URL
Title: Freddie Mac Loan Lookup Tool
Search URL Search Domain Scan URL
Title: MERS ServicerID Lookup Tool
Search URL Search Domain Scan URL
Title: Request Assistance, Report Hardship, Follow up on Requests
Search URL Search Domain Scan URL
Title: ArvestCentralMortgage.com
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Arvest Central Mortgage Company
Search URL Search Domain Scan URL
Title: Income_Documentation.pdf
Search URL Search Domain Scan URL
Title: Apply Now
Search URL Search Domain Scan URL
Title: Check Status
Search URL Search Domain Scan URL
Title: arvest central mortgage company login - Credit One
Search URL Search Domain Scan URL
Title: Central Mortgage Company Login || Explore Detailed Information – News81
Search URL Search Domain Scan URL
Title: About Us | Advisory Board
Search URL Search Domain Scan URL
Title: FindMyWayHome.com
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Google's Vision AI
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://forbearancereport.org/arvest-central-mortgage-company-coronavirus-forbearance-information
HTTP 301
https://forbearancereport.org/arvest-central-mortgage-company-coronavirus-forbearance-information/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://forbearancereport.com/wp-content/uploads/2020/04/coronavirus-mortgage-forbearance-guides.jpg HTTP 301
- https://forbearancereport.org/wp-content/uploads/2020/04/coronavirus-mortgage-forbearance-guides.jpg
- https://forbearancereport.com/wp-content/uploads/2020/04/ForbearanceReport-Logo-04.png HTTP 301
- https://forbearancereport.org/wp-content/uploads/2020/04/ForbearanceReport-Logo-04.png
- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
- https://analytics.aimtell.com/prompt-view?id_site=20367&prompt_type=1&prompt_id=3807 HTTP 302
- https://s3.amazonaws.com/cdn.aimtell.com/prompt/pixel.jpg
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
forbearancereport.org/arvest-central-mortgage-company-coronavirus-forbearance-information/ Redirect Chain
|
54 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
forbearancereport.org/wp-includes/css/dist/block-library/ |
81 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
forbearancereport.org/wp-content/uploads/bb-plugin/icons/ultimate-icons/ |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9172ab734bd91baec28834ed4238f50a-layout-bundle.css
forbearancereport.org/wp-content/uploads/bb-plugin/cache/ |
101 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.magnificpopup.min.css
forbearancereport.org/wp-content/plugins/bb-plugin/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.min.css
forbearancereport.org/wp-content/themes/bb-theme/css/ |
47 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skin-6217c239da34d.css
forbearancereport.org/wp-content/uploads/bb-theme/ |
56 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
forbearancereport.org/wp-content/plugins/bbpowerpack/assets/css/ |
52 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otm-ac-plugin-public.js
forbearancereport.org/wp-content/plugins/otm-accessibly/public/js/ |
2 KB 1000 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
forbearancereport.org/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
forbearancereport.org/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imagesloaded.min.js
forbearancereport.org/wp-includes/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
815a2ad06a91b4fea96a460a.js
dev2itclix.com/ |
49 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ba-throttle-debounce.min.js
forbearancereport.org/wp-content/plugins/bb-plugin/js/ |
731 B 687 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fitvids.min.js
forbearancereport.org/wp-content/plugins/bb-plugin/js/ |
2 KB 953 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c25ac12fa07266c62447cee4525d91fa-layout-bundle.js
forbearancereport.org/wp-content/uploads/bb-plugin/cache/ |
62 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.magnificpopup.min.js
forbearancereport.org/wp-content/plugins/bb-plugin/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comment-reply.min.js
forbearancereport.org/wp-includes/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.js
forbearancereport.org/wp-content/themes/bb-theme/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
forbearancereport.org/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accessibility-widget.min.css
dlieyhrm30x3f.cloudfront.net/ |
45 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accessibility-widget.umd.js
dlieyhrm30x3f.cloudfront.net/ |
198 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 909 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
stickyDataSource.php
embed.clix.ly/blydog/ |
76 B 426 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
stickyDataSource.php
embed.clix.ly/blydog/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coronavirus-mortgage-forbearance-guides.jpg
forbearancereport.org/wp-content/uploads/2020/04/ Redirect Chain
|
690 KB 691 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ForbearanceReport-Logo-04-2048x254.png
forbearancereport.org/wp-content/uploads/2020/04/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fFfbeI8moZY
www.youtube.com/embed/ Frame 3E2D |
65 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
995HopeLogoRGB.png
forbearancereport.org/wp-content/uploads/2020/04/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ultimate-Icons.ttf
forbearancereport.org/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ |
91 KB 91 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ |
47 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ForbearanceReport-Logo-04.png
forbearancereport.org/wp-content/uploads/2020/04/ Redirect Chain
|
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
326949110790429
connect.facebook.net/signals/config/ |
24 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
www-player.css
www.youtube.com/s/player/5a3b6271/ Frame 3E2D |
353 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
www-embed-player.js
www.youtube.com/s/player/5a3b6271/www-embed-player.vflset/ Frame 3E2D |
308 KB 95 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
base.js
www.youtube.com/s/player/5a3b6271/player_ias.vflset/de_DE/ Frame 3E2D |
2 MB 575 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fetch-polyfill.js
www.youtube.com/s/player/5a3b6271/fetch-polyfill.vflset/ Frame 3E2D |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3E2D |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pageview
signals.aimtell.com/ |
43 B 362 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20367-ea1fd6f49199.json
cdn.aimtell.io/config/optin/ |
433 B 800 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 443 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
id
googleads.g.doubleclick.net/pagead/ Frame 3E2D Redirect Chain
|
100 B 146 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 3E2D |
29 B 588 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3E2D |
65 KB 30 KB |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remote.js
www.youtube.com/s/player/5a3b6271/player_ias.vflset/de_DE/ Frame 3E2D |
120 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zv6PJMU-0ukxHAKoJU32K0_TjePDWjguQMfttAD48sg.js
www.google.com/js/th/ Frame 3E2D |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
embed.js
www.youtube.com/s/player/5a3b6271/player_ias.vflset/de_DE/ Frame 3E2D |
28 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 3E2D |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AMLnZu8t8ixkRc_L9Z7H9RBIycWdLjnYo9AiiMhwAzK9=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3E2D |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sddefault.webp
i.ytimg.com/vi_webp/fFfbeI8moZY/ Frame 3E2D |
22 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3E2D |
4 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
www.youtube.com/ Frame 3E2D |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cast_sender.js
www.gstatic.com/eureka/clank/105/ Frame 3E2D |
52 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3E2D |
98 B 142 B |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suppression
beacon.aimtell.com/ |
1 B 100 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
suppression
beacon.aimtell.com/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20367-ea1fd6f49199.json
cdn.aimtell.io/config/ |
176 B 337 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3807.json
cdn.aimtell.com/prompts/ |
9 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.jpg
s3.amazonaws.com/cdn.aimtell.com/prompt/ Redirect Chain
|
269 B 626 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log_event
www.youtube.com/youtubei/v1/ Frame 3E2D |
28 B 54 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
177 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| gform object| _wpemojiSettings object| otmAcScriptData object| OTMAccessibilityWidget undefined| $ function| jQuery function| EvEmitter function| imagesLoaded object| bb_powerpack function| hexToRgbA function| setOpacityInRGBA function| stringToBooleanToggleValue function| rl_815a2ad06a91b4fea96a460a function| sb_815a2ad06a91b4fea96a460a string| baseUrl object| StickyData function| gtag object| dataLayer function| fbq function| _fbq string| wpAjaxUrl string| flBuilderUrl object| FLBuilderLayoutConfig object| bowser object| UABBTrigger object| FLBuilderLayout object| FLThemeBuilderHeaderLayout function| PPVideo object| addComment object| themeopts object| FLTheme object| _at object| regeneratorRuntime function| accessibilityWidget boolean| ipad object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData undefined| _aimtellPushToken boolean| _aimtellRanScript string| _aimtellSubscriberID undefined| _aimtellRefreshResult object| trackData object| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted string| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel string| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellSafariRun function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellSignal function| _aimtellInitWorker function| _aimtellForceRefreshSW7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.forbearancereport.org/ | Name: _fbp Value: fb.1.1662103818868.1753250948 |
|
.youtube.com/ | Name: YSC Value: GwUohI8DE4Y |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: uvtnrxRIADs |
|
.forbearancereport.org/ | Name: _ga Value: GA1.2.808319802.1662103819 |
|
.forbearancereport.org/ | Name: _gid Value: GA1.2.1573607712.1662103819 |
|
.forbearancereport.org/ | Name: _gat_gtag_UA_162786220_1 Value: 1 |
|
forbearancereport.org/ | Name: _aimtellSubscriberID Value: a0bac513-5d51-effa-849b-ad9b80c5fb10 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.aimtell.com
beacon.aimtell.com
cdn.aimtell.com
cdn.aimtell.io
connect.facebook.net
dev2itclix.com
dlieyhrm30x3f.cloudfront.net
embed.clix.ly
fonts.googleapis.com
fonts.gstatic.com
forbearancereport.com
forbearancereport.org
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
s3.amazonaws.com
signals.aimtell.com
static.doubleclick.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.199.124.111
18.66.122.84
198.61.251.75
2600:9000:2491:400:4:1ea4:a2c0:93a1
2606:4700:10::ac43:1ee1
2606:4700::6812:1f97
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2016
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:831::2006
2a00:1450:400c:c03::9a
2a00:1450:400e:800::200a
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
52.216.185.125
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02cc6aebd4a3accd7a2e897ab805c0a9f86c9e6cf2e2e529a33e2fcf9ddc8746
033e16e437e1afa26493771a584a2ebc89e281fcdc887d04d0d1cface785981e
05a129fe6c558102e090f48f37b0a40ecc4c2ad341161ad8694f073acd9c0f92
093a0dd610c16a2b192e9ee3fd1a62f3df8e2a31c7d4092f91084b86fd6d946a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128aa72d2479526014276a8d1ffa399c1387440cd739e93ecc8a73e55c138e4f
12cded9f2de472ccaaa6c64b28cba8593b190a3d8d65f67bda60dae187651270
1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587
20b115c4619b119cf188a0d7d81a77f12dbc1d2da1affb09a63e292717203ebe
260d5e488933bc92652f4fdfb08b4b9cdfb22d4136d1ef8780eceb96e6d47c69
36ed093de197b03267e629ef237e5dc0c8a11a3a28859a5ca80166c2b893249f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4843fd6c64078ee9f8a49472cdf8889d5614f38d3e92d76e9c055f2ff062e8d3
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f171a00458c74d408ebcade8a6a2a4d335bcff8fa5d47b5f210c425c5b40e2b
5217a26d59795d1c102d622a67ffccb548fb55182737f77c41d64c5ea947900a
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
66d4137c17639d540df152f483672a7f24948b7abdee0545360741c93042c4e0
6795630d6e4952cd33b7f209838be794d3aa19ca417fc4c20360062e6622e381
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d51a112b5133fdc91ce2282187cd152f1e326d1b3956af803ea17b8f6c02f26
73e25181d4859d3f7d3f5755fb23edbfa9dc5e2a1ca669ff249ccf27ae60aae5
7a45b8766d855498d60f288238e213f35ca4257229d22cb3ca2f76e4e42f167e
84539a57764fd40a7604197b8a0efe82113dc5d755f147a8ab6bd769417ff2ae
8c130593fe5ba985005d316857a54398ce995c03ad89d0663844827ad4e8a6cc
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9b16a42d09026d04fa41ad1c408c9e20f24ef79fd52174ec3e8c80c3de65ce1a
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d
a33a9cdc0fec823f6c1f4799ae14050d40c2d25949ed6502a61a74231fe388e4
a4b6598efcf6d464c04c65df333f15d3cab065130711e2042f04c7b5accb5e8d
ac86f7490cb45ec0590817821c154ade9789d7f8f0dea72e1aaa3ddd373fd3bb
aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a
b48c3484dca153a689cdb6e4a1276dc85a5503092be036b8bdcbcd1506f45315
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
bad0b6ab5a04b6a331877467301e05e15008f1649ae0ccbdd9ceb98b19b36b67
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0469f320491776db04b7f760e333debe09d274e9d00981c40c1b520a2888c51
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c2d94ada005dda885bc5d40ae90b97ad7b6b4afe8e8e0de7ad1e0069fabc7d36
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4cd5b548622ad0511e074ae2c7518d1c22395722736dd58df7877cc5fd246b9
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cefe8f24c53ed2e9311c02a8254df62b4fd38de3c35a382e40c7edb400f8f2c8
d0ed556188a3f9106517894174ad3b64aed8ca22f5afd8f5ee1c93469724ddbd
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9be421c0bc1bd27d4278160220f582904ae4fd5abce7b5795741b233a82858b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea4205376b1d1711e3afaab89298b1b73b634d02913c677b3ea58af11b9b1e5
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed66f2b7eaad2d5d5970d0c8ab85a613bb3c65d7c4d6dbf24b3a23eb0007d69c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fb9c9d5f368ec09c184587fffbf5a3edfdd08b05aca019470b3b57383038a8dd
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869