mnpdebt.ca
Open in
urlscan Pro
2606:4700:20::ac43:6049
Public Scan
Effective URL: https://mnpdebt.ca/en
Submission: On April 12 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time mnpdebt.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
4653320.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net
js.adsrvr.org |
ASN16509 (AMAZON-02, US)
secure.quantserve.com | |
pixel.quantserve.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com
insight.adsrvr.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-171.dus51.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
Domain | Requested by | |
---|---|---|
19 | mnpdebt.ca |
1 redirects
mnpdebt.ca
code.jquery.com |
6 | www.facebook.com |
mnpdebt.ca
4653320.fls.doubleclick.net |
5 | connect.facebook.net |
mnpdebt.ca
connect.facebook.net 4653320.fls.doubleclick.net |
5 | www.google.com |
mnpdebt.ca
4653320.fls.doubleclick.net www.gstatic.com www.google.com |
4 | insight.adsrvr.org |
1 redirects
mnpdebt.ca
d1eoo1tco6rr5e.cloudfront.net js.adsrvr.org |
3 | www.gstatic.com |
www.google.com
|
3 | static.olark.com |
mnpdebt.ca
static.olark.com |
3 | secure.quantserve.com |
mnpdebt.ca
4653320.fls.doubleclick.net |
3 | 4653320.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
adservice.google.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com mnpdebt.ca |
2 | analytics.twitter.com |
platform.twitter.com
|
2 | t.co |
mnpdebt.ca
4653320.fls.doubleclick.net |
2 | pixel.quantserve.com |
mnpdebt.ca
4653320.fls.doubleclick.net |
2 | rules.quantcount.com |
secure.quantserve.com
|
2 | static.ads-twitter.com |
mnpdebt.ca
4653320.fls.doubleclick.net |
2 | platform.twitter.com | 2 redirects |
1 | www.google.de |
4653320.fls.doubleclick.net
|
1 | d1eoo1tco6rr5e.cloudfront.net |
4653320.fls.doubleclick.net
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
4653320.fls.doubleclick.net
|
1 | sp.analytics.yahoo.com |
4653320.fls.doubleclick.net
|
1 | s.yimg.com |
4653320.fls.doubleclick.net
|
1 | adservice.google.de | 1 redirects |
1 | adservice.google.com |
4653320.fls.doubleclick.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | js.adsrvr.org |
www.googletagmanager.com
|
1 | code.jquery.com |
mnpdebt.ca
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googletagmanager.com |
mnpdebt.ca
|
1 | fonts.googleapis.com |
mnpdebt.ca
|
1 | bankruptcysaskatchewan.ca | 1 redirects |
75 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
mnpdettes.ca |
lp.mnp.ca |
dot.vu |
www.youtube.com |
www.facebook.com |
www.instagram.com |
www.linkedin.com |
twitter.com |
mnp.us1.list-manage.com |
bankruptcy.mnpdebt.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-04 - 2021-08-04 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2020-10-02 - 2021-10-07 |
a year | crt.sh |
s2.wac.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-17 - 2021-11-23 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
t.co DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-03-24 - 2021-05-12 |
2 months | crt.sh |
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-12-29 - 2021-06-22 |
6 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
https://mnpdebt.ca/en
Frame ID: 93936E292AE885374741CFCD4C7DF859
Requests: 41 HTTP requests in this frame
Frame:
https://4653320.fls.doubleclick.net/activityi;dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Frame ID: 1E5A1FD99AC23BBAB34DCB4AD1F80799
Requests: 1 HTTP requests in this frame
Frame:
https://static.olark.com/jsclient/app.js
Frame ID: 64E1A398A9063D83523E2A772390BF36
Requests: 2 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Frame ID: 34CB19A5562AF5AD3C3026477204D23A
Requests: 1 HTTP requests in this frame
Frame:
https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
Frame ID: 88EA6DE0A69CCEA02D96CA12C1659532
Requests: 21 HTTP requests in this frame
Frame:
https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe
Frame ID: 11359068D1C7FF765054E1B7315B3D20
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=3ijo97gwxgi0
Frame ID: 988A591427AC8000CC7D9721B95CEE84
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=3hlfje9bln6s
Frame ID: 9531E289DCF11C8091D7FE5B1D5E7F1B
Requests: 5 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=i4v66ce&ref=https%3A%2F%2Fmnpdebt.ca%2Fen&upid=nfk090t&upv=1.1.0
Frame ID: 1A8FEAF1702349B4D7B68EAEDE57CCD0
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bankruptcysaskatchewan.ca/
HTTP 301
https://mnpdebt.ca/ HTTP 301
https://mnpdebt.ca/en Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Français
Search URL Search Domain Scan URL
Title: ä¸æ–‡
Search URL Search Domain Scan URL
Title: MNP Debt Scale
Search URL Search Domain Scan URL
Title: MNP Debt Calculator
Search URL Search Domain Scan URL
Title: YouTube Video Library
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Newsletter
Search URL Search Domain Scan URL
Title: Local Bankruptcy LITs
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bankruptcysaskatchewan.ca/
HTTP 301
https://mnpdebt.ca/ HTTP 301
https://mnpdebt.ca/en Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://4653320.fls.doubleclick.net/activityi;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen HTTP 302
- https://4653320.fls.doubleclick.net/activityi;dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
- https://platform.twitter.com/oct.js HTTP 301
- https://static.ads-twitter.com/oct.js
- https://adservice.google.de/ddm/fls/i/dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen HTTP 302
- https://4653320.fls.doubleclick.net/ddm/fls/r/dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
- https://platform.twitter.com/oct.js HTTP 301
- https://static.ads-twitter.com/oct.js
- https://insight.adsrvr.org/tags/v0a83xf/br3816j9/iframe HTTP 303
- https://d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/iframe
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
en
mnpdebt.ca/ Redirect Chain
|
64 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VisitorIdentification.js
mnpdebt.ca/layouts/system/ |
2 KB 975 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
568 B 474 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
website.min.css
mnpdebt.ca/Assets/ |
537 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mnp-310_logo_343-png.png
mnpdebt.ca/-/media/images/mnpdebt/branding/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consumer-mobile-logo.png
mnpdebt.ca/-/media/images/mnpdebt/branding/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-image_0013_10---asian-woman---shutterstock_104037125-png.png
mnpdebt.ca/-/media/images/mnpdebt/hero-banner-backgrounds/consumer/home-page/persona/ |
209 KB 210 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
personal-bankruptcy-overview_video-thumbnail.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/video-thumbnails/landing-pages/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consumer-proposal-overview_video-thumbnail.jpg
mnpdebt.ca/-/media/images/mnpdebt/consumer/video-thumbnails/landing-pages/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
192 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v84/ |
100 KB 100 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mnp-businessexcellence-2021-540x271.png
mnpdebt.ca/-/media/images/mnpdebt/datasourceimages/consumer/ |
65 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
mnpdebt.ca/Assets/Project/ |
57 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
website.min.js
mnpdebt.ca/Assets/ |
23 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
mnpdebt.ca/Assets/Project/ |
42 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
mnpdebt.ca/Assets/ |
27 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
4653320.fls.doubleclick.net/ Frame 1E5A Redirect Chain
|
484 B 989 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oct.js
static.ads-twitter.com/ Redirect Chain
|
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/evnt/ |
70 B 261 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
static.olark.com/jsclient/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ |
332 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regionsoffices
mnpdebt.ca/api/feature/forms/ |
11 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regionsoffices
mnpdebt.ca/api/feature/forms/ |
11 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
testimonialratings
mnpdebt.ca/api/feature/forms/ |
331 B 453 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-ZvkjxaQPZCZrY.js
rules.quantcount.com/ |
737 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 81 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 122 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=349278457;labels=_fp.event.PageView;rf=0;a=p-ZvkjxaQPZCZrY;url=https%3A%2F%2Fmnpdebt.ca%2Fen;uht=2;fpan=1;fpa=P0-1097680599-1618264252539;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr...
pixel.quantserve.com/ |
35 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
713135758770782
connect.facebook.net/signals/config/ |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
static.olark.com/jsclient/ Frame 64E1 |
54 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3801-404-10-5377.js
static.olark.com/a/assets/v0/site/ Frame 64E1 |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
adservice.google.com/ddm/fls/i/ Frame 34CB |
483 B 618 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
dc_pre=CM3Fs4_Y-e8CFfGAgwcd4RYIIg;src=4653320;type=41285553;cat=mnp-r0;ord=1;num=4592797237517;gtm=2wg3v0;auiddc=972808823.1618264252;~oref=https%3A%2F%2Fmnpdebt.ca%2Fen
4653320.fls.doubleclick.net/ddm/fls/r/ Frame 88EA Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oct.js
static.ads-twitter.com/ Frame 88EA Redirect Chain
|
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ Frame 88EA |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spp.pl
sp.analytics.yahoo.com/ Frame 88EA |
43 B 964 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ Frame 88EA |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ Frame 88EA |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ Frame 88EA |
91 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aquant.js
secure.quantserve.com/ Frame 88EA |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-fh1NJZWEagV-u.js
rules.quantcount.com/ Frame 88EA |
1 KB 1014 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=1554045782;labels=_fp.event.Default;rf=0;a=p-fh1NJZWEagV-u;url=https%3A%2F%2F4653320.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCM3Fs4_Y-e8CFfGAgwcd4RYIIg%3Bsrc%3D4653320%3Btype%3D41285...
pixel.quantserve.com/ Frame 88EA |
35 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ Frame 88EA |
43 B 170 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1649024585402369
connect.facebook.net/signals/config/ Frame 88EA |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regionsoffices
mnpdebt.ca/api/feature/forms/ |
11 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/942746011/ Frame 88EA |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe
d1eoo1tco6rr5e.cloudfront.net/v0a83xf/br3816j9/ Frame 1135 Redirect Chain
|
134 B 584 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ Frame 88EA |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/942746011/ Frame 88EA |
42 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/942746011/ Frame 88EA |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
713135758770782
connect.facebook.net/signals/config/ Frame 88EA |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 88EA |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 88EA |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/evnt/ Frame 1135 |
70 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anchor
www.google.com/recaptcha/api2/ Frame 988A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 9531 |
19 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame 1A8F |
0 181 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 237 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regionsoffices
mnpdebt.ca/api/feature/forms/ |
11 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 9531 |
50 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 9531 |
332 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js
www.google.com/js/bg/ Frame 9531 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
webworker.js
www.google.com/recaptcha/api2/ Frame 9531 |
102 B 234 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 88EA |
44 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 88EA |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.google.com
- URL
- https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchOswZAAAAAExqv__mYOvUeAutmKH1O2lM_u57&co=aHR0cHM6Ly9tbnBkZWJ0LmNhOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&badge=inline&cb=3ijo97gwxgi0
Verdicts & Comments Add Verdict or Comment
63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _qevents function| $ function| jQuery object| bootstrap object| Search function| SendDataConsultationForm function| ResetConsultationForm function| GetOffices function| SendDataOfficeContactForm function| SendDataPersonnelContactForm function| SendDataBlogContactForm function| SendDataTestimonialForm function| GetTestimonialOffices object| mnp function| olark object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onYouTubeIframeAPIReady object| $tabs object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| recaptcha function| ttd_dom_ready function| TTDUniversalPixelApi object| twttr object| closure_lm_118452 number| consultationFormWidget0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4653320.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
bankruptcysaskatchewan.ca
code.jquery.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
mnpdebt.ca
pixel.quantserve.com
platform.twitter.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.olark.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.google.com
104.244.42.131
104.244.42.69
13.226.146.155
13.226.154.171
142.250.74.198
172.217.16.130
199.232.136.157
2001:4de0:ac18::1:a:3b
212.82.100.181
2600:9000:2182:f000:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:6049
2606:4700:3033::6815:2997
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7000
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c1b::9a
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
52.30.2.3
93.184.220.42
067cc995531f1cb16875cc806d500fe69d91e059b67ce468aa8a5c3280bcafa1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13a9819211c3b9d53bbc070799f1e189a2e81f38476d0490b51a53031c902b53
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1cf458acc26fd5be1cc1ad94b164e5a05f97af3ea6b2686c154fadd61a1219cf
224487affd00bb07834524a7a37bd38f57d6353025e8df36428ff7a5a1a9f22c
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
27e9001a7511027e8f8fd223f360f1a694367cf4eb6c213cc171c0a88497944e
2ac1a4801e272ff65af96fd5d0be301dc4e26efb877a9777950dd42811f5ea45
2c5cf5dfba474b889dea054856b3bd4a57f4b2870eac93a759158760076d6dd7
2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc
3a27f7f9b8e439e14b04e3346419308a0c2bb01fbd668e4a0f04027446511a45
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
570ff0550f9c0a2c1a05c087ba47d3a9d7ff7de281367b28b811945396f2ed6c
5e65bdc84055873eda29e2b5fd2e564fe07a75d425a95c163fa7da9f736b0b0c
62038998c1ec09d4cc2e746d08d3e16a417bb5697b90fa918ce56a820514c700
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
758e5d50f0350d3e66f69a704f01357d673f9c6892b7011910f03d60ebcbfaca
75a25aa822f4dbf0021bd3ca3b6f5a0f4f78f6d9ceffe56c73313d908a6434c2
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d12b55467e8510c7e91b0c10109decd5bdd14881381252dbe13485e78d77cc
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
8c7f96ede157fa378f00cc1c6bf9f2ac8a7bbbd96c3d3a3a285c50b6711f9f9c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
925c82198edb5ac67c27430505b1610d8ff39c4e2dc660ad811ca2678ec0de99
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
959f9c62df6e4ae8db22a8626300f1bc679f29b3b486e7465859fe0fab1660e0
9735a5d3f4128ed051cdec18354519961f2d53d75931d88cd1018ec2ca2f9f1e
976f29c8a8ee58439d74e1f1bb53120ad3092de25cc8cc1c5283f012dc906464
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7f9e7a2d341405aee543386774260e2907c72c25c2c6d32da5c248ea88dc3ba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2993c26dee73b35f7a11de5aa4c3252752ab0e002084cf85c351994fec4c9d4
b5993bb8048ad7d2a9a51c09d35c583787aabacc798e5b88d72c9540e2330003
b641501a113990314b6d9bc19914d1f3d3e4b55922b3de82faf0e5251dab1c30
bb9185b7c83f7eaa5e493441f9acb59dea62954cee04030563f4c8bb7dff4518
c12a1af7f1e9da6e33672c5aff3e74f631c174033fc65f5a50a04278fc57e880
ddb7aa10eb158d87b05d5c3ad89d6dd5dc12fc61732277e22c9a8929b85bb96d
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1874082bd99e6767417fe084a4f62d0069239ef923dfbaed3becdf8ac60fa5e
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f8e03ff588e0a7e35bb5fb0f0916145174f696aa35d4d3b86001fca66b77d7a0
fcd9c866bfe575533162c0ef31f4d5477778165dc6489291f29319be5538aa57