www.mrwfinancial.com
Open in
urlscan Pro
146.148.37.240
Public Scan
Submitted URL: https://koi-3qncighhng.marketingautomation.services/net/m?md=sxXZyUBo6D3m%2Bz%2By3XhozQNNkWb5yDXo&utm_medium=email&utm_source=sharpspring
Effective URL: https://www.mrwfinancial.com/business-portal/
Submission: On June 23 via api from CH — Scanned from ES
Effective URL: https://www.mrwfinancial.com/business-portal/
Submission: On June 23 via api from CH — Scanned from ES
Summary
This website contacted 14 IPs
in 4 countries
across 15 domains to perform 59 HTTP transactions.
The main IP is 146.148.37.240, located in
Council Bluffs, United States and
belongs to GOOGLE-CLOUD-PLATFORM, US.
The main domain is www.mrwfinancial.com.
TLS certificate: Issued by R3 on June 18th 2022. Valid for: 3 months.
This is the only time www.mrwfinancial.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 18th 2022. Valid for: 3 months.
This is the only time www.mrwfinancial.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
3
107.178.240.224
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com
| koi-3qncighhng.marketingautomation.services |
35
146.148.37.240
(Council Bluffs, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.37.148.146.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.37.148.146.bc.googleusercontent.com
| www.mrwfinancial.com |
1
2a00:1450:4001:830::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a00:1450:4001:831::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
2a03:2880:f02d:100:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
2
2a03:2880:f12d:181:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
10
34.254.114.188
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-114-188.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-114-188.eu-west-1.compute.amazonaws.com
| pixel-geo.prfct.co |
6
185.33.221.13
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| secure.adnxs.com |
2
3.126.56.137
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
| ups.analytics.yahoo.com |
1
34.98.64.218
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
1
69.173.144.138
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
2
142.250.186.34
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
| cm.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 35 |
mrwfinancial.com
www.mrwfinancial.com |
419 KB |
| 10 |
prfct.co
6 redirects
pixel-geo.prfct.co — Cisco Umbrella Rank: 14208 |
4 KB |
| 6 |
adnxs.com
4 redirects
secure.adnxs.com — Cisco Umbrella Rank: 408 |
6 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
164 KB |
| 3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
129 KB |
| 3 |
marketingautomation.services
1 redirects
koi-3qncighhng.marketingautomation.services |
6 KB |
| 2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 205 |
670 B |
| 2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 299 |
489 B |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 96 |
429 B |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49 |
20 KB |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336 |
239 B |
| 1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 387 |
275 B |
| 1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 516 |
356 B |
| 1 |
perfectaudience.com
tag.perfectaudience.com — Cisco Umbrella Rank: 16844 |
4 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89 |
39 KB |
| 59 | 15 |
| Domain | Requested by | |
|---|---|---|
| 35 | www.mrwfinancial.com |
www.mrwfinancial.com
|
| 10 | pixel-geo.prfct.co |
6 redirects
www.mrwfinancial.com
|
| 6 | secure.adnxs.com |
4 redirects
www.mrwfinancial.com
|
| 3 | fonts.gstatic.com |
www.mrwfinancial.com
|
| 3 | connect.facebook.net |
www.mrwfinancial.com
connect.facebook.net |
| 3 | koi-3qncighhng.marketingautomation.services |
1 redirects
www.mrwfinancial.com
koi-3qncighhng.marketingautomation.services |
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | ups.analytics.yahoo.com |
1 redirects
www.mrwfinancial.com
|
| 2 | www.facebook.com |
www.mrwfinancial.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 1 | pixel.rubiconproject.com |
www.mrwfinancial.com
|
| 1 | us-u.openx.net |
www.mrwfinancial.com
|
| 1 | analytics.twitter.com |
www.mrwfinancial.com
|
| 1 | tag.perfectaudience.com |
koi-3qncighhng.marketingautomation.services
|
| 1 | www.googletagmanager.com |
www.mrwfinancial.com
|
| 59 | 15 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| koi-3qncighhng.marketingautomation.services |
| agent.mrwfinancial.com.pages.services |
| foreignnationals.mrwfinancial.com.pages.services |
| pages.services |
| finsecurity.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.mrwfinancial.com R3 |
2022-06-18 - 2022-09-16 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.marketingautomation.services GlobalSign RSA OV SSL CA 2018 |
2022-06-03 - 2023-07-05 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-04-01 - 2022-06-30 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.perfectaudience.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2022-01-05 - 2023-02-06 |
a year | crt.sh |
| *.prfct.co Sectigo RSA Domain Validation Secure Server CA |
2021-11-02 - 2022-11-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.mrwfinancial.com/business-portal/
Frame ID: 6EAE48CA60C07C75C21523744992591F
Requests: 58 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 9ABBCC7F7D85AAA624D036D6A4E964AE
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Business Portal - MRW FinancialPage URL History Show full URLs
-
https://koi-3qncighhng.marketingautomation.services/net/m?md=sxXZyUBo6D3m%2Bz%2By3XhozQNNkWb5yDXo&utm_medium=email&utm_source=sh...
HTTP 302
https://www.mrwfinancial.com/business-portal/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
OWL Carousel
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- owl\.carousel.*\.js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
Revslider
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /revslider/[/\w-]+/js
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://koi-3qncighhng.marketingautomation.services/net/m?md=OxqJU9zrL4wH678XHDA7C8JfaVZxXgC0
Title: Carriers Offered
Title: Carriers Offered
Search URL Search Domain Scan URL
URL: http://agent.mrwfinancial.com.pages.services/premium-finance-1
Title: Premium Financing
Title: Premium Financing
Search URL Search Domain Scan URL
URL: http://foreignnationals.mrwfinancial.com.pages.services/foreign-national-life-insurance/
Title: Foreign Nationals
Title: Foreign Nationals
Search URL Search Domain Scan URL
URL: https://pages.services/agent.mrwfinancial.com/current-myga-rates
Title: Current Annuity Rates
Title: Current Annuity Rates
Search URL Search Domain Scan URL
URL: https://pages.services/agent.mrwfinancial.com/mobile-app-instructions
Title: Mobile Quoting App
Title: Mobile Quoting App
Search URL Search Domain Scan URL
URL: https://finsecurity.com/mwichman/
Title: Virtual Sales Assistant
Title: Virtual Sales Assistant
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://koi-3qncighhng.marketingautomation.services/net/m?md=sxXZyUBo6D3m%2Bz%2By3XhozQNNkWb5yDXo&utm_medium=email&utm_source=sharpspring
HTTP 302
https://www.mrwfinancial.com/business-portal/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 44- https://pixel-geo.prfct.co/tagjs?a_id=127186&source=js_tag HTTP 302
- https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=127186&source=js_tag
- https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202206|62b46900432a955ce214bfed&pid=pa_BQzbhO0IXxePsqNP8 HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202206%7C62b46900432a955ce214bfed%26pid%3Dpa_BQzbhO0IXxePsqNP8 HTTP 302
- https://pixel-geo.prfct.co/usermap/?xid=7974230072917628800&sid=202206|62b46900432a955ce214bfed&pid=pa_BQzbhO0IXxePsqNP8
- https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
- https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_BQzbhO0IXxePsqNP8
- https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
- https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_BQzbhO0IXxePsqNP8&_origin=1 HTTP 302
- https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_BQzbhO0IXxePsqNP8&_origin=1&verify=true
- https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_BQzbhO0IXxePsqNP8
- https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_BQzbhO0IXxePsqNP8
- https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQlF6YmhPMElYeGVQc3FOUDg HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQlF6YmhPMElYeGVQc3FOUDg&google_tc= HTTP 302
- https://pixel-geo.prfct.co/cb?partnerId=goo
- https://secure.adnxs.com/seg?t=2&add=27610202 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D27610202
- https://secure.adnxs.com/seg?t=2&add=23615557 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23615557
59 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.mrwfinancial.com/business-portal/ Redirect Chain
|
147 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
101 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rs6.css
www.mrwfinancial.com/wp-content/plugins/revslider/public/assets/css/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic-rigid.min.css
www.mrwfinancial.com/wp-content/plugins/wp-members/assets/css/forms/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
et-divi-dynamic-1762-late.css
www.mrwfinancial.com/wp-content/et-cache/1762/ |
663 B 433 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
et-divi-dynamic-1762.css
www.mrwfinancial.com/wp-content/et-cache/1762/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
upw-theme-standard.min.css
www.mrwfinancial.com/wp-content/plugins/ultimate-posts-widget/css/ |
1018 B 537 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
www.mrwfinancial.com/wp-content/themes/Divi-child/ |
516 B 551 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frontend-gtag.min.js
www.mrwfinancial.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.mrwfinancial.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
www.mrwfinancial.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rbtools.min.js
www.mrwfinancial.com/wp-content/plugins/revslider/public/assets/js/ |
117 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rs6.min.js
www.mrwfinancial.com/wp-content/plugins/revslider/public/assets/js/ |
315 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
et-core-unified-deferred-1762.min.css
www.mrwfinancial.com/wp-content/et-cache/1762/ |
2 KB 808 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-MRW.png
www.mrwfinancial.com/wp-content/uploads/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owl.carousel.css
www.mrwfinancial.com/wp-content/plugins/slide-anything/owl-carousel/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sa-owl-theme.css
www.mrwfinancial.com/wp-content/plugins/slide-anything/owl-carousel/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animate.min.css
www.mrwfinancial.com/wp-content/plugins/slide-anything/owl-carousel/ |
55 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripts.min.js
www.mrwfinancial.com/wp-content/themes/Divi/js/ |
267 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
smoothscroll.js
www.mrwfinancial.com/wp-content/themes/Divi/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.fitvids.js
www.mrwfinancial.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
new-tab.js
www.mrwfinancial.com/wp-content/plugins/page-links-to/dist/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.js
www.mrwfinancial.com/wp-content/themes/Divi/core/admin/js/ |
1 KB 797 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owl.carousel.min.js
www.mrwfinancial.com/wp-content/plugins/slide-anything/owl-carousel/ |
43 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mousewheel.min.js
www.mrwfinancial.com/wp-content/plugins/slide-anything/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.min.js
www.mrwfinancial.com/wp-content/plugins/icegram/lite/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ss.js
koi-3qncighhng.marketingautomation.services/client/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2
fonts.gstatic.com/s/opensans/v29/ |
55 KB 55 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4i.woff2
fonts.gstatic.com/s/opensans/v29/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.ttf
www.mrwfinancial.com/wp-content/themes/Divi/core/admin/fonts/modules/social/ |
10 KB 10 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
et-divi-dynamic-1762-late.css
www.mrwfinancial.com/wp-content/et-cache/1762/ |
663 B 433 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2
fonts.gstatic.com/s/opensans/v29/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
www.mrwfinancial.com/wp-includes/css/dist/block-library/ |
87 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
identity.js
connect.facebook.net/signals/plugins/ |
63 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
649279985645247
connect.facebook.net/signals/config/ |
287 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
koi
koi-3qncighhng.marketingautomation.services/ |
148 B 176 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frontend.min.css
www.mrwfinancial.com/wp-content/plugins/icegram/lite/assets/css/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
toast.min.css
www.mrwfinancial.com/wp-content/plugins/icegram/lite/message-types/toast/themes/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
night-glow.css
www.mrwfinancial.com/wp-content/plugins/icegram/lite/message-types/toast/themes/ |
1 KB 633 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icegram.min.js
www.mrwfinancial.com/wp-content/plugins/icegram/lite/assets/js/ |
46 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 411 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5f527d8acf514297be0002bc.js
tag.perfectaudience.com/serve/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tagjs
pixel-geo.prfct.co/ Redirect Chain
|
125 B 454 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
phone-1.png
www.mrwfinancial.com/wp-content/uploads/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
toast-glow.png
www.mrwfinancial.com/wp-content/plugins/icegram/lite/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
/
www.facebook.com/tr/ Frame 9ABB |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
pixel-geo.prfct.co/usermap/ Redirect Chain
|
43 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ Redirect Chain
|
43 B 356 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
ups.analytics.yahoo.com/ups/58288/ Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cb
pixel-geo.prfct.co/ Redirect Chain
|
43 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
pixel-geo.prfct.co/seg/ |
43 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-MRW.png
www.mrwfinancial.com/wp-content/uploads/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
135 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| jQuery function| $ string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID object| _ss function| fbq function| _fbq function| setREVStartSize object| tribe_l10n_datatables boolean| sharpspring_tracking_installed object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements object| gaplugins object| gaGlobal object| gaData function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| ET_SmoothScroll object| icegram_pre_data object| icegram_data function| load_scripts_and_css object| icegram_timing boolean| documentIsReady string| et_location_hash function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| _pa boolean| loadedBool function| facebookEventsHelper function| googleAdsEventsHelper object| _pq function| Icegram function| Icegram_Message_Type function| es_responseHandler function| Icegram_Message_Type_Action_Bar function| Icegram_Message_Type_Messenger function| Icegram_Message_Type_Popup function| Icegram_Message_Type_Toast object| icegram function| et_pb_init_woo_custom_button_icon string| waypointContextKey21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .marketingautomation.services/ | Name: koitk Value: 202206%7C62b46900432a955ce214bfed |
|
| www.mrwfinancial.com/ | Name: __ss Value: 1655990530598 |
|
| www.mrwfinancial.com/ | Name: __ss_referrer Value: https%3A//www.mrwfinancial.com/business-portal/ |
|
| .mrwfinancial.com/ | Name: _ga Value: GA1.2.616094316.1655990531 |
|
| .mrwfinancial.com/ | Name: _gid Value: GA1.2.313041953.1655990531 |
|
| .mrwfinancial.com/ | Name: _gat_gtag_UA_73079261_1 Value: 1 |
|
| .mrwfinancial.com/ | Name: _fbp Value: fb.1.1655990530887.636098920 |
|
| www.mrwfinancial.com/ | Name: __ss_tk Value: 202206%7C62b46900432a955ce214bfed |
|
| .facebook.com/ | Name: fr Value: 0wXvhdCwOxbVRF4IV..BitGkD...1.0.BitGkD. |
|
| .prfct.co/ | Name: pa_uid Value: pa_BQzbhO0IXxePsqNP8 |
|
| .prfct.co/ | Name: pa_twitter_ts Value: 1655990531444 |
|
| .prfct.co/ | Name: pa_yahoo_ts Value: 1655990531507 |
|
| .prfct.co/ | Name: pa_openx_ts Value: 1655990531566 |
|
| .prfct.co/ | Name: pa_rubicon_ts Value: 1655990531568 |
|
| .prfct.co/ | Name: pa_google_ts Value: 1655990531570 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hb=EJ]GY!@wnf-Te9(>wL5L!!%yc$Mof9 |
|
| .adnxs.com/ | Name: uuid2 Value: 7226224155602378329 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBANptGICEJ2RMYeAjW1g5v0op5RW9p8FEgEBAQG6tWK-YgAAAAAA_eMAAA&S=AQAAAqp_EYsR9K1Ri3wXN-bAj_s |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 18z4~25md |
|
| .twitter.com/ | Name: personalization_id Value: "v1_FP1pSIsU8pj/GBIBpzz6AA==" |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUn13Qhj-NybFgC_bSVDnIwhjVcEofabDpekpIz376W-u2KvUZChY7mFlB2d_Rg |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.twitter.com
cm.g.doubleclick.net
connect.facebook.net
fonts.gstatic.com
koi-3qncighhng.marketingautomation.services
pixel-geo.prfct.co
pixel.rubiconproject.com
secure.adnxs.com
tag.perfectaudience.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.mrwfinancial.com
104.244.42.3
107.178.240.224
142.250.186.34
146.148.37.240
151.101.66.217
185.33.221.13
2a00:1450:4001:803::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
34.254.114.188
34.98.64.218
69.173.144.138
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03e9d42d5183fe804b86c549f342db187bdb15305a43efbc0c6f1b234d9c5472
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17e0f523fa45a3e24fe76ad4261864de6ab6fec2eba032bd79c43dc4bdb6c12c
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1ed6f3ecac512540ab0b581537d358333f528adc6eadfe70afad795fc0bf715f
2972d4438a099fb1a95d6765f7e21474a60f54b8a38bb298fff11302d4952367
2f86a8bed9745f329972ae3ef7412c6bf4b36a303abbb30512f760c3002e3c0b
2fdaf491dd42c2047932754638c4dc41989ec54a2d4bd548ea62e6b85af6a842
31a1cb905e0998eacb8f41b1a21553975696db7daf916da1923178d7d865aaa6
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3f1207f867164d40787e1469202840e4c2b4d50d6d331e68897a45e3ba2d24b3
40bf5eee68ff718663f8ca3f590e5d5adb8e8f69e66e2cabf74343c9a9abdeeb
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
463eb453e9f79a5067b6c20548e09098e16adaaa2fac5fdc5cfcab24927c8584
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
563a9d518f7a22c6475737850707804a29b51cf390c7594ffa9a6ec9a9c90511
57b1f974576a3372b5ebee24172d169426c645118081aced33137320bc972567
641b4869b33bb1e2a8f76b4324a62a3c5ae76d546772df54731406dbad7edaf2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f17db45f5d54c7e6c0d633401462b836d285b1a1215a37ad78db8b0662acea3
75079f39fe739015589a0f995f41b4c1c29d4ebac85c93a792926af09f61cc83
7a1f11862e4e77a5c6489c6532155a70b9f2d7ee6b85f8a7dcb94dfaf7ed98a3
8215fb8f99029767d8081516dd5c245f65f3a5c3bd78fdec0d9889b0f549703f
82ba341c871b1919015fc3da98add4a77ba68ccd11e4f9bfe255d5481179a9db
898d6d14103d174d79e9d1b7b2022388e0c567a002b9996fb54f90bf0e1d9d54
926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0
92d8884bb3f73093e6d0d49afb2d4e3129c7f92f5f9b0b741d2dc61a75dff904
94e4763c9f533c1062edb50de26829b7b5e55c8f02332b7b064bd464ee800f34
9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19
9b74d52590fd7a084490b0661260e990af2a2164dd5e1f7e1b416d74c07a59ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5c01ed37bcc9042d489740e6ea718fd958bfb6a3cb3fc1252168c76e835e826
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfc97d750aafbee94249dbddfb031d57113a6e015bd6fdf6620a2cc2f72a9100
c5f2e3b43c40750bf18da86fd5112fc868d81690087ef58018121d3bfd50f01f
ca55f45ae5407af4f964a7d0cf6d0cb693952d11988bae47c9842cae0c205960
cf833e5c78cd390e236192f2fb887cd9608fb8700c2b3465c4d26a85491ba7bf
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
dc28359372cb125e2298744cdea94a86aca5e5cd4c74e2d95326a6c3db06f0e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e547fe50a764e43c4a31eee65d715869f35c7ad8d781584453561b87c4fcf7f3
f2ba2f60658dc00b9f157dd76c572cb680e67f580d678076f0877b29f7c7420d
f85b0a9f13257bddcf84ab7f091289e3a6b618fefbd2579be7ae27fcf85157ba
f9dc37796031c79a6219cc4b76c85359871b64efa58d92b7541ad4733a8d79cd
fca57127b0c9de6a4f3062e343ded8365c8aec2cf3893c419f68681f872fc355