localwindowsavings.com
Open in
urlscan Pro
35.212.127.214
Public Scan
Submission Tags: phishingrod
Submission: On May 22 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 21st 2024. Valid for: 3 months.
This is the only time localwindowsavings.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 214.127.212.35.bc.googleusercontent.com
localwindowsavings.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-77-56.compute-1.amazonaws.com
lowermyutilitybill.leadshook.io |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-93-215.compute-1.amazonaws.com
lowermyutilitybill.leadshook.io |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
localwindowsavings.com
localwindowsavings.com |
26 MB |
7 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 743 u.clarity.ms — Cisco Umbrella Rank: 423151 c.clarity.ms — Cisco Umbrella Rank: 1385 |
28 KB |
4 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230 |
199 KB |
3 |
wisepops.net
wisepops.net — Cisco Umbrella Rank: 13588 |
30 KB |
3 |
leadshook.io
lowermyutilitybill.leadshook.io |
9 KB |
2 |
wisepops.com
activity.wisepops.com — Cisco Umbrella Rank: 17926 |
|
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 |
1 KB |
2 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 |
88 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183 |
72 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 64 |
16 KB |
2 |
gstatic.com
fonts.gstatic.com |
66 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
3 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 231 |
766 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 7810 |
64 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
274 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
89 KB |
1 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2757 |
1 KB |
73 | 17 |
Domain | Requested by | |
---|---|---|
39 | localwindowsavings.com |
localwindowsavings.com
|
4 | use.fontawesome.com |
localwindowsavings.com
use.fontawesome.com |
3 | u.clarity.ms |
www.clarity.ms
|
3 | wisepops.net |
localwindowsavings.com
wisepops.net |
3 | lowermyutilitybill.leadshook.io |
localwindowsavings.com
lowermyutilitybill.leadshook.io |
2 | c.clarity.ms | 1 redirects |
2 | activity.wisepops.com |
wisepops.net
|
2 | googleads.g.doubleclick.net |
localwindowsavings.com
www.googletagmanager.com |
2 | www.google.com |
1 redirects
localwindowsavings.com
|
2 | connect.facebook.net |
localwindowsavings.com
connect.facebook.net |
2 | www.clarity.ms |
localwindowsavings.com
www.clarity.ms |
2 | www.youtube.com |
lowermyutilitybill.leadshook.io
www.youtube.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
localwindowsavings.com
|
1 | c.bing.com | 1 redirects |
1 | www.google.de |
localwindowsavings.com
|
1 | www.facebook.com |
localwindowsavings.com
|
1 | www.googletagmanager.com |
localwindowsavings.com
|
1 | dev.visualwebsiteoptimizer.com |
localwindowsavings.com
|
73 | 19 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.localwindowsavings.com R3 |
2024-05-21 - 2024-08-19 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
leadshook.io Amazon RSA 2048 M03 |
2023-10-08 - 2024-11-05 |
a year | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2023-07-06 - 2024-07-06 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
wisepops.net GTS CA 1P5 |
2024-03-24 - 2024-06-22 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-29 - 2024-05-29 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.google.de WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
wisepops.com E1 |
2024-04-25 - 2024-07-24 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://localwindowsavings.com/
Frame ID: C5B1C17637967AE58C000AE9CBC5EB44
Requests: 71 HTTP requests in this frame
Frame:
https://lowermyutilitybill.leadshook.io/survey/Co3PsHtnF5cIY1imml6N5PzL03WUFFuoutkJ2FA4?embed=true&index=0
Frame ID: 59E0C9402DCC93C4A6BA82DD0A83F7F8
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Local Window SavingsDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Swiper Slider (Miscellaneous) Expand
Detected patterns
- swiper(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 57- https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1125418091.1716360407&url=https%3A%2F%2Flocalwindowsavings.com%2F&dma_cps=sypham&dma=1&npa=0>m=45be45k0v9177429436za200&auid=2126251640.1716360407&frm=0 HTTP 302
- https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1125418091.1716360407&url=https%3A%2F%2Flocalwindowsavings.com%2F&dma_cps=sypham&dma=1&npa=0>m=45be45k0v9177429436za200&auid=2126251640.1716360407&frm=0
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C9A9C0A46820478F975177BDD418291A&RedC=c.clarity.ms&MXFR=3C8C3E2272ED61C332322AA576ED6FE7 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C9A9C0A46820478F975177BDD418291A&MUID=2F791C6247ED65F8242308E5466664BC
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
localwindowsavings.com/ |
124 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteground-optimizer-combined-css-94452e932813dedf8ae31b33d2120763.css
localwindowsavings.com/wp-content/uploads/siteground-optimizer-assets/ |
667 KB 129 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
32 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v6.4.2/css/ |
100 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v4-shims.css
use.fontawesome.com/releases/v6.4.2/css/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
46 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
localwindowsavings.com/wp-includes/js/jquery/ |
86 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
color-local-bathroom-installers-logo.png
localwindowsavings.com/wp-content/uploads/2024/02/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-color-local-bathroom-installers-logo-e1708572101984.png
localwindowsavings.com/wp-content/uploads/2024/02/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surveyclean-energy-Add-a-heading-1.png
localwindowsavings.com/wp-content/uploads/2023/12/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pngplatinum-approved-roofing-contra.png
localwindowsavings.com/wp-content/uploads/2024/01/ |
18 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1680966838337.png
localwindowsavings.com/wp-content/uploads/2024/01/ |
40 KB 41 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i-own-my-home-3-1585770438142.jpg
localwindowsavings.com/wp-content/uploads/2023/12/ |
19 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i-rent-my-home-3-1585770439182.jpg
localwindowsavings.com/wp-content/uploads/2023/12/ |
21 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wilberto-BSM-Reviews-Base-File-1-1024x1024.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
david-h-BSM-Reviews-Base-File-1-1024x1024.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
50 KB 50 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
delaney-BSM-Reviews-Base-File-1-1024x1024.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
67 KB 67 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
andrew-h-BSM-Reviews-Base-File-1-1024x1024.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patti-s-BSM-Reviews-Base-File-1-1024x1024.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
42 KB 43 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_embed
lowermyutilitybill.leadshook.io/s/ |
13 KB 5 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteground-optimizer-combined-js-391a8064e99f4b8d115527c31339f699.js
localwindowsavings.com/wp-content/uploads/siteground-optimizer-assets/ |
919 KB 233 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
2 KB 1 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdobeStock_228795662-scaled.jpeg
localwindowsavings.com/wp-content/uploads/2024/02/ |
192 KB 193 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v6.4.2/webfonts/ |
147 KB 147 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
use.fontawesome.com/releases/v6.4.2/webfonts/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-3.png
localwindowsavings.com/wp-content/uploads/2023/11/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1680966838337-1024x392.png
localwindowsavings.com/wp-content/uploads/2024/01/ |
41 KB 41 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php_.png
localwindowsavings.com/wp-content/uploads/2024/02/ |
26 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angi-1.png
localwindowsavings.com/wp-content/uploads/2024/01/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdobeStock_325746852-1024x683.jpeg
localwindowsavings.com/wp-content/uploads/2024/02/ |
29 KB 29 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php-1.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
18 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php-2.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php-3.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php-4.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php-5.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
20 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php-6.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php-7.jpg
localwindowsavings.com/wp-content/uploads/2024/02/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdobeStock_166964090.gif
localwindowsavings.com/wp-content/uploads/2023/11/ |
2 MB 2 MB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_embed
lowermyutilitybill.leadshook.io/s/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Co3PsHtnF5cIY1imml6N5PzL03WUFFuoutkJ2FA4
lowermyutilitybill.leadshook.io/survey/ Frame 59E0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php
localwindowsavings.com/wp-admin/ |
99 B 441 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k0eet3j5xc
www.clarity.ms/tag/ |
637 B 1000 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
wisepops.net/ |
85 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
64595962-b9ea-45b2-900c-21b03a2a6e2c
https://localwindowsavings.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-ajax.php
localwindowsavings.com/wp-admin/ |
99 B 445 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
255 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
progress.ca55d33bb06cee4e6f02.bundle.min.js
localwindowsavings.com/wp-content/plugins/elementor/assets/js/ |
655 B 592 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-carousel.4455c6362492d9067512.bundle.min.js
localwindowsavings.com/wp-content/plugins/elementor/assets/js/ |
432 B 496 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
text-editor.2c35aafbe5bf0e127950.bundle.min.js
localwindowsavings.com/wp-content/plugins/elementor/assets/js/ |
1 KB 849 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdobeStock_158483468.mov
localwindowsavings.com/wp-content/uploads/2024/02/ |
24 MB 24 MB |
Media
video/quicktime |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
localwindowsavings.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/018e9916/www-widgetapi.vflset/ |
42 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper.min.js
localwindowsavings.com/wp-content/plugins/elementor/assets/lib/swiper/v8/ |
140 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
291960441450096
connect.facebook.net/signals/config/ |
65 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
landing
googleads.g.doubleclick.net/pagead/ Redirect Chain
|
42 B 65 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16457770168/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.32/ |
61 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/16457770168/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-user-list/16457770168/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
u.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
id
wisepops.net/ |
146 B 621 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
my-wisepop
wisepops.net/ |
215 B 556 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
u.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
activity.wisepops.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
activity.wisepops.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-color-local-bathroom-ins.png
localwindowsavings.com/wp-content/uploads/2024/02/ |
3 KB 3 KB |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
u.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
87 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| code object| _vwo_code number| _vwo_settings_timer undefined| $ function| jQuery object| pysOptions undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm function| attrUnescape function| parseAttributes function| getViewport function| addEvent number| mobileBreakpoint function| resize object| CSSModal object| LH object| quizzes object| oceanwpLocalize object| elementorFrontendConfig object| _wpUtilSettings object| wpformsElementorVars number| _vwo_clicks boolean| disabled_GDRP_plugin undefined| cli_cookie function| getUrlParameter function| pys_generate_token function| getBundlePriceOnSingleProduct function| getPixelBySlag function| getCookieYes function| myFunction function| myFunctionOwn function| myFunctionRent function| oss_onClick object| WPFormsElementorFrontend object| _wpemojiSettings function| Cookies boolean| firstVisit object| pys function| clarity function| wisepops object| vttjs function| WebVTT function| videojs function| EvEmitter function| imagesLoaded object| oceanwp function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger object| webpackChunkelementor object| elementorModules function| Waypoint object| elementorFrontend function| _ object| wp function| fbq function| _fbq object| dataLayer function| gtag object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| waypointContextKey object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| wisp boolean| wisepops_started string| WisePopsObject string| wisepops_key function| Swiper object| twemoji object| wiseStorage function| WisepopsAddToCookiePage31 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
localwindowsavings.com/ | Name: pys_session_limit Value: true |
|
localwindowsavings.com/ | Name: pys_start_session Value: true |
|
localwindowsavings.com/ | Name: pys_first_visit Value: true |
|
localwindowsavings.com/ | Name: pysTrafficSource Value: direct |
|
localwindowsavings.com/ | Name: pys_landing_page Value: https://localwindowsavings.com/ |
|
localwindowsavings.com/ | Name: last_pysTrafficSource Value: direct |
|
localwindowsavings.com/ | Name: last_pys_landing_page Value: https://localwindowsavings.com/ |
|
.youtube.com/ | Name: YSC Value: MsE8rRiHWCg |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: GgDf-K68F4A |
|
.youtube.com/ | Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgKg%3D%3D |
|
.localwindowsavings.com/ | Name: _gcl_au Value: 1.1.2126251640.1716360407 |
|
www.clarity.ms/ | Name: CLID Value: 0ac01b8273de4400a9b4baca0ee2a2d0.20240522.20250522 |
|
.localwindowsavings.com/ | Name: _clck Value: 16wcb36%7C2%7Cflz%7C0%7C1603 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.localwindowsavings.com/ | Name: _fbp Value: fb.1.1716360407500.222587116 |
|
lowermyutilitybill.leadshook.io/ | Name: AWSALBTGCORS Value: YK8yj8XeOxu3JHDiwFXDReBgl3Ix1aOxUBX7uFBCoP4XrsYs4vv1yanbnEPB75bRJwC0tPq01k4i8IzNpV2CxxgJWGae/fWuff1NeDtiLwhKuTar2jJdTj+tWkenhWIpUsEQlOl2Q08NhPOLXU3NFql3cc0A+YXffnMy/1HS+WnRXLbmB3f070hLvI7jqlSTTKADFT4Poy2R5Zkz0gvPqP2NC0CJubZUWH8SfGDX7Yb5DHQWDZUgw5LXnzR0lz7uao6bUBA= |
|
lowermyutilitybill.leadshook.io/ | Name: AWSALBCORS Value: 2mgrIzceDBfGOGQ7VBRgW203qLteiXroU6FOegfpgXAAWMLoOF2itn4Zmxk/QzZnB1Xw1BKYIjPXd6K1YxLbN2wfkfnS34bNLgdD4d1xwz+xGDd5PHe/qS8HbHhN |
|
lowermyutilitybill.leadshook.io/ | Name: Co3PsHtnF5cIY1imml6N5PzL03WUFFuoutkJ2FA4.leadData Value: j%3A%7B%22leadId%22%3A502212581%2C%22leadToken%22%3A%22Co3PsHtnF5cIY1imml6N5PzL03WUFFuoutkJ2FA4dpEp6Ee37rOkc9wlRZLw%22%2C%22quizId%22%3A69617%7D |
|
.localwindowsavings.com/ | Name: wisepops Value: %7B%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A14%2C%22cid%22%3A%2285014%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D |
|
.localwindowsavings.com/ | Name: wisepops_visitor Value: %7B%22sJD2Qs722R%22%3A%22b0d89063-ce1a-4071-b609-3e118a949e9c%22%7D |
|
.localwindowsavings.com/ | Name: wisepops_visits Value: %5B%222024-05-22T06%3A46%3A46.956Z%22%5D |
|
.localwindowsavings.com/ | Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222024-05-22T06%3A46%3A46.956Z%22%2C%22mtime%22%3A1716360407895%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D |
|
.localwindowsavings.com/ | Name: _clsk Value: 1kzl8xa%7C1716360408065%7C1%7C1%7Cu.clarity.ms%2Fcollect |
|
localwindowsavings.com/ | Name: pbid Value: 3d7e6b60da72de8f0358fc7e396568956705076a9c8816d8af8cfa1d448e3ff4 |
|
.bing.com/ | Name: MUID Value: 2F791C6247ED65F8242308E5466664BC |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 2F791C6247ED65F8242308E5466664BC |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 2F791C6247ED65F8242308E5466664BC |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
40 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
activity.wisepops.com
c.bing.com
c.clarity.ms
connect.facebook.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
localwindowsavings.com
lowermyutilitybill.leadshook.io
u.clarity.ms
use.fontawesome.com
wisepops.net
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
142.250.185.66
142.250.186.164
216.58.206.67
2606:4700:20::681a:a13
2606:4700:20::681a:e61
2606:4700:3037::ac43:8ef5
2620:1ec:48:1::45
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:813::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.96.102.137
35.212.127.214
4.227.249.197
52.3.77.56
54.196.93.215
68.219.88.97
001aaf34b03ab43c7b699d6c96757ef73222cef1ec70c94b6f9538a02b0ac972
02436592436bc4e8585deebdd34bf012533f482698d6acd678196058f13d0b8c
0375c0a64e8b74e564bd117a22022fbdccbdb1261aac473284d190eba9c9ae80
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef
0e772eab851552b4b56ebe271a0554aa74342b7bff5f38f41427f38c260c917e
15433a6b4c98591f54c2952a21c8dc7ac05f8ad7ae3c215e5bfe749c11348896
15e64d9ab34c31475a45007761489e3263e4175582c81f661b9bf5531b3b7e76
25591323d2914fadb6a6d13e0e340b8324a85320b08a16f4c87c6bcbfb590bfe
28adce18ec3b0510421f2143de31d3130cf90be085bca00be12cfd707dacb08c
28f2b3834a8eb5da856dc5cff6b1b89f1449683c9de986108fdc4fcbf3f6804f
2ac3af00c283c0b2ae6108fa83a2053e51274a2a812fb063916cbe19bc4f96b5
321381207b2c84a5faec9fb5ee0dba688e67897abf9bcdcfb311090d5236c0ef
34f31c56412b0539d66d0a2b4a2997d0985e211e38b0ff5439f8f440601ec216
3a39f175e5f9b6fde3d5cf5f213e156219a919423853ec372c0d462c5c869011
4ca9cff4c3e7fefab522786421cf297a56db58f69a66b067eeda886528a2f7eb
4d37fc1d7daf46d3b248a02be3f6d44cf5099ee74d68a1776ca7d2387ef60b67
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f1dff96a71d7455eaee184cea7895429fb72a13d9afc1c96738e7db1ba93ebe
513dfc05fc5869baf8a52add75f43f983b16156219d031a6b90193b4e7ced3b4
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
5290341ebf383192c9adc271440b18e08b99779b6e2d96f4290247b0db17a801
58807b005d187cf35acfd0a44e51ff0100ef7cf64e7691438885b2dd83fccf9d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
727c77ec19d827a0c2e8e6f289b8031b6d753ff14b219a0e8f15d0a71e6c8bd2
77d7ea7375500a91d312429e5496142520c1b91a52efe879d0ca65b2bb53140e
819df6949fb9798d091d5278230917dc854e90bfe73b4adc458fde1ed827aa6b
87e7bcc67c50467bcf7f3f34f8d11a53aec428f8af1bbc7330b363400d2e5d14
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8b99e4ca22025b41a1f902b98b952ef724b0e09590b0c89d0d7bcdefcff1e52c
8ea537aa5c4bb1914f7847956f1a68e76ea54104ae399c379378343c9ab1caca
8f2302fc2bf774ecead778b385d571b3c851ad94131aec9b4172c09c3bdd01f2
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
945610c7f0dce4c394073c00a37b907e860832069b2a5bef1bc9d5b1143685b6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ef18faa1a13ce0ee17c1fdd41b16614e388f00c275ddad89c07b7d6ca51ae35
a0fb4f5eca44c5965c8a086a2ba7e16858b5f960f95170dad617059e5911c655
a61e08e8ac317dfe5b432de35bb886472c8e6476aa73c8f5965f4c55e2363643
b884ff411da53ae2320f24f962e867ebd31c331b29428adf4fb78ccd346ef429
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcfa67acece9d79362deef4fedad06b84a3073b331b8cb05cab059db889ddd0b
be7a937347feaa49d27ac0b7800abc0f3febc0ed7a32e1e89a901b907f05a48a
c0889b2f70155ad741bc1aac0d734215661c1a1005d22d24c5a89f4b15b399b6
c0fa7854e5dfd2ebb2f6128313f33ed51494aa5d52380aa00091f5d6159516e9
c48211ce3bddee50e299148b8746639bd0c054a24b652b1e84923fa63df4c70d
c813d4d655d91cb544b06b77452f06591d3feee22493d3ed15bed5a34e181194
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cde9add1e9ad3e1f2646354db14b222a7303c393128490f0cd9984b02d4d015b
cff2964db43b6a7611f9b4a85168b081faaff1c5ccc256fc89dda03024a986f7
dcc71cd6dbcdcb13f0b40f369aee6a6cddd6309d88d7f7313cbdbdf540fb1b4d
dfd7138257e9be56124bf042f619f336e61d59d868fe8acf74142559c220c8aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4feea8b2b54ce67b98b3de2d5b99d67a9e7366a288d9dd5b4efe46866e4ce4f
e6ef90d2e308ed2c96e61a6c9317404d323d0b4c8dc902cf1a7b63a4c5cf4663
e8cc80be6c43744ad0fa84933313cc74406e594583a351ed53963e6dbc72fcf1
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa2816057c8b260211a1a2cba25f9967a9773afe9b50b51f3540ad9a6956340
fa2a6d17340a909684fa0fd5bc6005cb405dd2af1af6a3e94e7c8980fa1735cc
fdb079ba2a6c7c6f8e45ad4bb3763d05c73cbcd0419fe44a26dded7038e684db
fe610e821674921d7503b6728ea2ef39b670354506c48766a73cb4e61c89d311
fef6062a75531e0708a45d5e245ac6be15ca26417d6b15f3ed47bc80179a2177