online1.elancard.com
Open in
urlscan Pro
170.135.184.54
Public Scan
Effective URL: https://online1.elancard.com/pdap/directMailApply
Submission: On June 22 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on March 22nd 2022. Valid for: a year.
This is the only time online1.elancard.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-154-153.us-west-2.compute.amazonaws.com
t12.creditcards.comerica.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com |
ASN19551 (INCAPSULA, US)
PTR: 107.154.251.104.ip.incapdns.net
globalsiteanalytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-67-138.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-144-250.eu-west-1.compute.amazonaws.com
usbank.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
smetrics.sdcvisit.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-16.deploy.static.akamaitechnologies.com
acxmetrics.usbank.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com |
ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
elancard.com
1 redirects
online1.elancard.com — Cisco Umbrella Rank: 287526 |
928 KB |
8 |
everesttech.net
8 redirects
cm.everesttech.net — Cisco Umbrella Rank: 850 sync-tm.everesttech.net — Cisco Umbrella Rank: 612 |
1 KB |
6 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 192 usbank.demdex.net — Cisco Umbrella Rank: 14519 |
9 KB |
4 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 836 |
183 KB |
3 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 205 |
899 B |
2 |
rkdms.com
1 redirects
mid.rkdms.com |
71 B |
2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com |
1 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 244 |
2 KB |
2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 |
2 KB |
2 |
sdcvisit.com
smetrics.sdcvisit.com — Cisco Umbrella Rank: 68885 |
4 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155 |
29 KB |
2 |
globalsiteanalytics.com
globalsiteanalytics.com — Cisco Umbrella Rank: 20816 |
3 KB |
2 |
googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 322 |
54 KB |
1 |
pubmatic.com
image2.pubmatic.com |
225 B |
1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 387 |
275 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336 |
239 B |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 182 |
539 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367 |
265 B |
1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 516 |
354 B |
1 |
usbank.com
acxmetrics.usbank.com — Cisco Umbrella Rank: 9458 |
199 B |
1 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 321 |
98 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 96 |
297 B |
1 |
quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2288 |
170 KB |
1 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3151 |
621 B |
1 |
newcardapply.com
www.newcardapply.com |
2 KB |
1 |
comerica.com
1 redirects
t12.creditcards.comerica.com |
356 B |
50 | 26 |
Domain | Requested by | |
---|---|---|
17 | online1.elancard.com |
1 redirects
www.newcardapply.com
online1.elancard.com |
7 | sync-tm.everesttech.net | 7 redirects |
5 | dpm.demdex.net |
1 redirects
online1.elancard.com
|
4 | tags.tiqcdn.com |
online1.elancard.com
tags.tiqcdn.com |
3 | cm.g.doubleclick.net | 2 redirects |
2 | mid.rkdms.com | 1 redirects |
2 | sync.search.spotxchange.com | 1 redirects |
2 | ib.adnxs.com | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | smetrics.sdcvisit.com |
tags.tiqcdn.com
|
2 | connect.facebook.net |
tags.tiqcdn.com
connect.facebook.net |
2 | globalsiteanalytics.com |
online1.elancard.com
|
2 | maps.googleapis.com |
online1.elancard.com
maps.googleapis.com |
1 | image2.pubmatic.com | |
1 | us-u.openx.net | |
1 | pixel.rubiconproject.com | |
1 | c.bing.com | 1 redirects |
1 | match.adsrvr.org | |
1 | analytics.twitter.com | |
1 | acxmetrics.usbank.com |
tags.tiqcdn.com
|
1 | idsync.rlcdn.com |
online1.elancard.com
|
1 | www.facebook.com |
online1.elancard.com
|
1 | cm.everesttech.net | 1 redirects |
1 | usbank.demdex.net |
tags.tiqcdn.com
|
1 | cdn.quantummetric.com |
tags.tiqcdn.com
|
1 | fast.fonts.net |
online1.elancard.com
|
1 | www.newcardapply.com | |
1 | t12.creditcards.comerica.com | 1 redirects |
50 | 28 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.comerica.com |
www.myaccountaccess.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
online1.elancard.com Entrust Certification Authority - L1K |
2022-03-22 - 2023-04-21 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2022-02-27 - 2023-02-28 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-05 - 2023-06-04 |
a year | crt.sh |
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-04-01 - 2022-09-30 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-03-31 - 2022-06-29 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
smetrics.sdcvisit.com Entrust Certification Authority - L1K |
2020-07-14 - 2022-08-03 |
2 years | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
acxmetrics.usbank.com Entrust Certification Authority - L1K |
2022-01-24 - 2023-02-23 |
a year | crt.sh |
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://online1.elancard.com/pdap/directMailApply
Frame ID: 7CCC7A602F2A7895B9368D9385C9174A
Requests: 36 HTTP requests in this frame
Frame:
https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 0878C02B5B84D16A0D0ACFE8C05A8368
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Card ApplicationPage URL History Show full URLs
-
https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9...
HTTP 302
http://www.newcardapply.com/07988?ecid=EM_29288 Page URL
- https://online1.elancard.com/oad/begin?applicationType=mail-offer&locationCode=07988&ecid=EM_29288 Page URL
-
https://online1.elancard.com/pdap/begin
HTTP 302
https://online1.elancard.com/pdap/directMailApply Page URL
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
XRegExp (JavaScript Libraries) Expand
Detected patterns
- xregexp.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Security Standards
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9sT9eTYL3k7LNkXT4kerWUBbk6GGJ9Dk
HTTP 302
http://www.newcardapply.com/07988?ecid=EM_29288 Page URL
- https://online1.elancard.com/oad/begin?applicationType=mail-offer&locationCode=07988&ecid=EM_29288 Page URL
-
https://online1.elancard.com/pdap/begin
HTTP 302
https://online1.elancard.com/pdap/directMailApply Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9sT9eTYL3k7LNkXT4kerWUBbk6GGJ9Dk HTTP 302
- http://www.newcardapply.com/07988?ecid=EM_29288
- https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885
- https://cm.everesttech.net/cm/dd?d_uuid=56482452274690320480013160124316611326 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrMJswAAABesXANn
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTY0ODI0NTIyNzQ2OTAzMjA0ODAwMTMxNjAxMjQzMTY2MTEzMjY= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTY0ODI0NTIyNzQ2OTAzMjA0ODAwMTMxNjAxMjQzMTY2MTEzMjY=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAAVTYsna-w06lIf90RfLu0&google_cver=1?gdpr=0&gdpr_consent=
- https://c.bing.com/c.gif?uid=56482452274690320480013160124316611326&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=377803B9F4D7629935C61272F5056338
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXJNSnN3QUFBQmVzWEFObg==
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YrMJswAAABesXANn&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=YrMJswAAABesXANn HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYrMJswAAABesXANn
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrMJswAAABesXANn
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrMJswAAABesXANn
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1&__user_check__=1&sync_id=17e6f368-f226-11ec-853e-15758c630106
- https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=56482452274690320480013160124316611326&_ct=img HTTP 302
- https://mid.rkdms.com/restricted
50 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
07988
www.newcardapply.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
begin
online1.elancard.com/oad/ |
426 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
directMailApply
online1.elancard.com/pdap/ Redirect Chain
|
16 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
online1.elancard.com/pdap/static/css/ |
213 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shield.css
online1.elancard.com/pdap/static/css/ |
110 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
online1.elancard.com/pdap/static/js/ |
87 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
online1.elancard.com/pdap/static/js/ |
77 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xregexp-all.js
online1.elancard.com/pdap/static/js/ |
292 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
miscCleanup.js
online1.elancard.com/pdap/static/js/ |
21 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script2.js
online1.elancard.com/pdap/static/js/ |
782 B 779 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
online1.elancard.com/pdap/static/css/ |
2 KB 956 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
164 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/usbank/external/prod/ |
150 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainStyle.css
online1.elancard.com/pdap/static/css/ |
242 KB 62 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
online1.elancard.com/pdap/static/js/ |
994 KB 382 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pdap-ui.js
online1.elancard.com/pdap/static/js/ |
648 KB 169 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ |
0 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ |
3 B 45 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/usbank/external/prod/ |
434 KB 126 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resource.png
globalsiteanalytics.com/resource/ |
67 B 645 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
hdim
globalsiteanalytics.com/service/ |
2 KB 2 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HelveticaNeueLTStd-Roman.otf
online1.elancard.com/pdap/static/css/fonts/ |
24 KB 25 KB |
Font
application/x-font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HelveticaNeueLTStd-Bd.otf
online1.elancard.com/pdap/static/css/fonts/ |
25 KB 26 KB |
Font
application/x-font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7987.png
online1.elancard.com/pdap/teamsite/decisioning/elan/images/partner-logos/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quantum-usbank.js
cdn.quantummetric.com/qscripts/ |
1 MB 170 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.64.js
tags.tiqcdn.com/utag/usbank/external/prod/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 202 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
59
connect.facebook.net/signals/config/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
usbank.demdex.net/ Frame 0878 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.sdcvisit.com/ |
48 B 511 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YrMJswAAABesXANn
dpm.demdex.net/ Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s41801555807043
smetrics.sdcvisit.com/b/ss/micrositeprod/10/JS-2.18.0/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
365868.gif
idsync.rlcdn.com/ Frame 0878 |
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc.dhj
acxmetrics.usbank.com/1/d/ |
0 199 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEAAVTYsna-w06lIf90RfLu0&google_cver=1
dpm.demdex.net/ Frame 0878 Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
c3270333-716f-4100-b2a2-c93a4b092dbe
https://online1.elancard.com/ |
17 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ Frame 0878 |
43 B 354 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 0878 |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1957&dpuuid=377803B9F4D7629935C61272F5056338
dpm.demdex.net/ Frame 0878 Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 0878 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 0878 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame 0878 Redirect Chain
|
43 B 783 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 0878 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 0878 Redirect Chain
|
43 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 0878 Redirect Chain
|
0 225 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 0878 Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
restricted
mid.rkdms.com/ Frame 0878 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Verdicts & Comments Add Verdict or Comment
91 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| bootstrap object| __core-js_shared__ function| XRegExp object| usb function| checkSpouseSectionRequired object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| jsonData function| e object| reportingData object| webpackJsonpreact-seed function| openWindow function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ boolean| statelessConnectionFlag string| ENV_TYPE function| endPDAPSession function| disablePDAPSession boolean| utag_condload object| Utagger object| utag_data object| trackObj string| icid string| ecid object| utag object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement object| utag_cfg_ovrd object| publisherFW string| txt object| cookieArray boolean| isSetCampaign object| pagereload object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| __TEALIUM function| targetPageParamsAll function| targetPageParams number| s_objectID number| s_giq function| fbq function| _fbq function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmWaitForEventData boolean| qmStorageAvail function| createSample function| evalSelector function| qmSetCookie function| toLowerCase function| qmGetValFromDL function| qmFindObject function| consoleError function| QuantumMetricConfigureEncryptScrubList function| DIL string| mid string| apptype string| aid string| riblpid string| j string| f0 string| s_tnt object| s_i_micrositeprod object| usbData object| rTag function| qmGetActiveEncryptionRules function| qmflate function| _QuantumMetricSymbol29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
online1.elancard.com/pdap | Name: pageReload Value: true |
|
online1.elancard.com/pdap | Name: ecid Value: EM_29288 |
|
.comerica.com/ | Name: AMCV_675616D751E567410A490D4C%40AdobeOrg Value: MCMID%7C27873586644464394073363906342845677567 |
|
.comerica.com/ | Name: nlid Value: 13045667|93d1f2c |
|
online1.elancard.com/ | Name: SameSite Value: None |
|
online1.elancard.com/ | Name: JSESSIONID Value: 00002XMV0sGfKxmbSekp76G-Vy5:1amc9n87d |
|
online1.elancard.com/ | Name: ELANCARD Value: 2446230026.63785.0000 |
|
.fonts.net/ | Name: __cf_bm Value: V_hOIncp6CH7yH1KZ2ljeiebyEfhRTz10lCymDh64tg-1655900594-0-AVlWiiEIKnGTz374Qhi3AHIZtSTMdLIgeJNdjSnNfB1ey5GJHfoJmV+dsMPtntwi5ZBrBgy2oRdFazce3bYo1vM= |
|
.elancard.com/ | Name: utag_main Value: v_id:01818b5de2bb002b850a0ff0ce7403073003106b00b08$_sn:1$_se:1$_ss:1$_st:1655902394876$ses_id:1655900594876%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:elancard.com |
|
online1.elancard.com/ | Name: ADRUM_BTa Value: R:68|g:6fc74150-caff-41c8-80e3-813ab9b8d837|n:USBANK_351d091f-c3a8-4779-a0da-4a53785ebec3 |
|
.demdex.net/ | Name: demdex Value: 56482452274690320480013160124316611326 |
|
.elancard.com/ | Name: AMCVS_675616D751E567410A490D4C%40AdobeOrg Value: 1 |
|
.elancard.com/ | Name: lastField Value: no%20field%20clicked |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YrMJswAAABesXANn |
|
.elancard.com/ | Name: s_pers Value: %20s_ev36%3D%255B%255B%2527EM_29288%2527%252C%25271655900595264%2527%255D%255D%7C1813666995264%3B%20s_lv%3D1655900595265%7C1750508595265%3B%20s_lv_s%3DFirst%2520Visit%7C1655902395265%3B%20s_nr%3D1655900595268-New%7C1828700595268%3B%20s_vnum%3D1828700595291%2526vn%253D1%7C1828700595291%3B%20s_invisit%3Dtrue%7C1655902395291%3B%20sc_visit_start%3D1%7C1655902395300%3B%20s_visitStart%3D1%7C1655902395302%3B%20s_prevPage%3Dpdap%253Abusiness%253Amail%2520offer%7C1655902395303%3B |
|
.elancard.com/ | Name: s_sess Value: %20s_campaign%3DEM_29288%3B%20s_cpc%3D1%3B%20s_cc%3Dtrue%3B |
|
.dpm.demdex.net/ | Name: dpm Value: 56482452274690320480013160124316611326 |
|
.elancard.com/ | Name: AMCV_675616D751E567410A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19166%7CMCMID%7C56247371816910552720018943079979529254%7CMCAAMLH-1656505395%7C6%7CMCAAMB-1656505395%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1655907795s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19173%7CvVersion%7C4.4.0 |
|
.online1.elancard.com/ | Name: aam_uuid Value: 56482452274690320480013160124316611326 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUneaQWDeiNMZW8QtiyQjsa-19yOGHIpi5pJ8Y8JEfMgWm3V8KLiB7zc4Htz628 |
|
.twitter.com/ | Name: personalization_id Value: "v1_2haLcN+Scl55TBP06R5WcA==" |
|
.bing.com/ | Name: MUID Value: 377803B9F4D7629935C61272F5056338 |
|
.casalemedia.com/ | Name: CMID Value: YrMJtGhREs3qRJqckgLJywAA |
|
.casalemedia.com/ | Name: CMPS Value: 3277 |
|
.casalemedia.com/ | Name: CMPRO Value: 3277 |
|
.adnxs.com/ | Name: uuid2 Value: 2091950522494826596 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2Il_kt7LH!]tbPl1MwL(!R7qUY$+H^C/dWYWJWdG5su'Cd8)!fd1OZ<QG=%9sk?bIRwi:w9Ld1ijD:-TWBCu(lOfM!x%vb*ShBf |
|
.demdex.net/ | Name: dextp Value: 60-1-1655900595314|771-1-1655900595414|1123-1-1655900595515|903-1-1655900595616|1957-1-1655900595717|144230-1-1655900595818|144231-1-1655900595918|144232-1-1655900596019|144233-1-1655900596120|144234-1-1655900596222|144235-1-1655900596323|144236-1-1655900596423|129099-1-1655900596524 |
|
.spotxchange.com/ | Name: audience Value: 17e6f32b-f226-11ec-853e-15758c630106 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acxmetrics.usbank.com
analytics.twitter.com
c.bing.com
cdn.quantummetric.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
fast.fonts.net
globalsiteanalytics.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
maps.googleapis.com
match.adsrvr.org
mid.rkdms.com
online1.elancard.com
pixel.rubiconproject.com
smetrics.sdcvisit.com
sync-tm.everesttech.net
sync.search.spotxchange.com
t12.creditcards.comerica.com
tags.tiqcdn.com
us-u.openx.net
usbank.demdex.net
www.facebook.com
www.newcardapply.com
104.244.42.67
104.75.88.194
107.154.251.104
142.250.186.66
15.188.95.229
151.101.66.49
170.135.104.110
170.135.184.54
18.209.37.226
185.64.190.80
185.94.180.125
23.35.228.247
23.36.162.16
2606:4700:10::6816:35fc
2606:4700::6811:e14e
2620:1ec:c11::200
2a00:1450:4001:82f::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.246.144.250
34.248.32.199
34.251.67.138
34.98.64.218
35.244.174.68
35.71.131.137
37.252.172.250
54.212.154.153
69.173.144.165
0538da853b89e73f55dde9177ccf35fec4b65a7702498aed137a26b00d0202dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea207289222384879d6a432dbc7a16d78fb4f15f02ee8a95e80ca1ac6ea38bc
106a97e1bf48b29f54988ca07990afbc239863bb4d974328f9e6d5ad95e9c3a4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13abd354c91a4ba04353fd013388a71ea2c27a2f8fd9bedddb5f24d9a2e97d6b
195fe9824bc9410c28d2a08f18954e5370f5d8034fc8c3a013a0a5f4a3e21c9d
1be88d6c80cac5c7d7c44a6ce0a7d9b8316256f2087208ab0ceec0fe3a8f94fa
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52385f14fb39cc1d62181b18787657599fac8696a19e2d286f8784193bfece26
571824efc0b8850ba4e8c38124e192f292faf1598083489317f1a52d93190724
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8
6d02e9e357da063d8d547156fba0ede31134f4b9ed9564d0584d2796d1e9a220
76c708f3eb30b3aa47fe8715d0e7877181f173eb8fa7ebb737203e2bf50b6149
784991249e427928d899553b11c3bc2e1a451d9140d5b7fb5c66e2b3aa9361a2
799f813018e677cc2d55ad86ab17949d95633aef9ec6dd0d3074ec3c94344729
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f102490d25745c4f9a0fac01b4ddc8ed0308e32493a808971960da3353e7cd0
810fda6e40a374553e6f4754ff8f10da654ca5ae8a3b3bfa5a0ff0838d2dfe1c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed085681cd2144276d9c35fae517122fe69f9c164747dc5974a7fc467797e39
9392efe941ff55f5b8e57fc28fdc61073d97cf9743b0a5bf76212f30da0f906f
93b1868abe369ceb44c8a50eec608128f4c96de294460786dcbf0deb614edc04
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0a474253cc80db2e5b601ad756f8a972d59b1d0182a8fd47fe49329d3b4727
af26a37d2face01a4f3e4b3acd772a71220623189aebbbad20d5cbfea4bd42e2
b04d982cb68a62301df932c6ae6df80d7bf99d3a99daaa4af85a5cfc4ceeaf30
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf09f57ddaa72545022405d763c853d2d77c0eb4a352e79060f040751cc09f36
c294552118bf28eeb59c604fb77871b5691e9cecbbdd56afb94f711ed56b6f44
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb4cb7a2ffe25e7a612ce64e705b4680957ccc1f38dd31ab5bfd2db13f850437
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb0198b96a75cc5ee8d2b418181b49d5dbf002ee8fc5b7e9a0378d909a6f0068
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e