www.newamericanfunding.com
Open in
urlscan Pro
35.71.138.75
Public Scan
Effective URL: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=e...
Submission: On May 22 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 3rd 2022. Valid for: a year.
This is the only time www.newamericanfunding.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU)
PTR: users.tpgi.com.au
users.tpg.com.au |
ASN15169 (GOOGLE, US)
PTR: 143.111.95.34.bc.googleusercontent.com
www.br2ghatrk.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-19-145.compute-1.amazonaws.com
mrktrecord12.com | |
trktotal.com |
ASN16509 (AMAZON-02, US)
PTR: ab6bda7645e7272c3.awsglobalaccelerator.com
www.newamericanfunding.com |
ASN16509 (AMAZON-02, US)
assets.newamericanfunding.com |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io |
Domain | Requested by | |
---|---|---|
14 | www.newamericanfunding.com |
users.tpg.com.au
www.newamericanfunding.com |
9 | assets.newamericanfunding.com |
www.newamericanfunding.com
|
6 | dev.visualwebsiteoptimizer.com |
www.newamericanfunding.com
dev.visualwebsiteoptimizer.com |
4 | www.google.de |
www.newamericanfunding.com
|
4 | www.google.com |
www.newamericanfunding.com
|
3 | bat.bing.com |
users.tpg.com.au
bat.bing.com www.newamericanfunding.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.newamericanfunding.com |
3 | cdnjs.cloudflare.com |
www.newamericanfunding.com
|
2 | googleads.g.doubleclick.net |
www.googleadservices.com
|
2 | stats.g.doubleclick.net |
www.newamericanfunding.com
|
2 | gum.criteo.com |
1 redirects
static.criteo.net
|
2 | s.yimg.com |
users.tpg.com.au
www.newamericanfunding.com |
2 | connect.facebook.net |
users.tpg.com.au
connect.facebook.net |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | use.fortawesome.com |
www.newamericanfunding.com
use.fortawesome.com |
1 | www.facebook.com |
www.newamericanfunding.com
|
1 | sp.analytics.yahoo.com |
www.newamericanfunding.com
|
1 | mug.criteo.com |
www.newamericanfunding.com
|
1 | s3.amazonaws.com |
www.newamericanfunding.com
|
1 | ipinfo.io |
www.newamericanfunding.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | static.criteo.net |
dynamic.criteo.com
|
1 | www.googletagmanager.com |
www.newamericanfunding.com
|
1 | ajax.googleapis.com |
www.newamericanfunding.com
|
1 | dynamic.criteo.com |
www.newamericanfunding.com
|
1 | fonts.googleapis.com |
www.newamericanfunding.com
|
1 | trktotal.com | 1 redirects |
1 | mrktrecord12.com | 1 redirects |
1 | www.br2ghatrk.com | 1 redirects |
1 | users.tpg.com.au | |
0 | fbcapi.newamericanfunding.com Failed |
www.newamericanfunding.com
|
73 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.benefits.va.gov |
www.nmlsconsumeraccess.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.newamericanfunding.com Go Daddy Secure Certificate Authority - G2 |
2022-05-03 - 2023-05-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
assets.newamericanfunding.com Amazon |
2022-01-07 - 2023-02-05 |
a year | crt.sh |
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-11 - 2022-07-07 |
3 months | crt.sh |
use.fonticons.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2020-06-19 - 2022-07-06 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-11 - 2022-07-13 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-02-28 - 2022-05-29 |
3 months | crt.sh |
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-05-02 - 2022-06-22 |
2 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 01 |
2022-03-16 - 2022-09-16 |
6 months | crt.sh |
ipinfo.io GTS CA 1D4 |
2022-04-23 - 2022-07-22 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
s3.amazonaws.com Amazon |
2022-04-01 - 2023-03-30 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2022-03-15 - 2022-09-07 |
6 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
Frame ID: 0EC89C7467CBE3240D4C7684DA0FE698
Requests: 77 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=www.newamericanfunding.com&origin=onetag
Frame ID: 4B09C2E08921BAF44294934F43170567
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Lander Form JNew American Funding | Request Mortgage Quote | New American FundingPage URL History Show full URLs
- http://users.tpg.com.au/jefalast/prqt/naf Page URL
-
https://www.br2ghatrk.com/J84C5/76KDZW/
HTTP 302
https://mrktrecord12.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159... HTTP 302
https://trktotal.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159... HTTP 302
https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Criteo (Advertising Networks) Expand
Detected patterns
- //static\.criteo\.net/js/ld/ld\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
VWO (Analytics) Expand
Detected patterns
- dev\.visualwebsiteoptimizer\.com/?([\d.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: http://www.benefits.va.gov/homeloans/index.asp
Search URL Search Domain Scan URL
Title: NMLS ID#6606
Search URL Search Domain Scan URL
Title: NMLS Consumer Access
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://users.tpg.com.au/jefalast/prqt/naf Page URL
-
https://www.br2ghatrk.com/J84C5/76KDZW/
HTTP 302
https://mrktrecord12.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159647d8988d76d9d6b44bcb&s3=__ HTTP 302
https://trktotal.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159647d8988d76d9d6b44bcb&s3=__&ckmguid=ebef74ae-ba70-4bc6-a0a0-a618cf38bf53 HTTP 302
https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 58- https://gum.criteo.com/sid/json?origin=onetag&domain=newamericanfunding.com&sn=ChromeSyncframe&so=0&topUrl=www.newamericanfunding.com&cw=1&lsw=1&topicsavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=TlSi3nxpM2kvTmFLZm01eDllVjY1M0N3bTJQZXkxSU9iRFlNWm0zeUJoeXBYU0JsQ2V6R2tJUGxNT2NWbzVPMnozZzlkRndsL0FCdFBEWk9MWkxNKzg4TEtEYlEyYi9IRDBOWmU3TStxK3BVTFVqbnc2dDdXQng3eWl3eEE4MzdQcko3QTQwVklWY29rdnFzREtpeDJRaEFFYllzU3Zha2d0cW5MbWt2c1Q0ak9CNTNmMThiaEswQkZPeGg2QkFiVGZCMkdKNzIzSnF2ZnFjTE5LMG01blJCWUZsR25lNFhQQVRzYStoSVhoa2xkUFVsaDZCN3dVd0dZWC95cXNRN1hTSE44TTRENVAwUnM3TVRBQ2NOL3JWWTdISHd2SzNvd0xsL2luWGVuZUJkVWhIND18&cppv=2
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
naf
users.tpg.com.au/jefalast/prqt/ |
215 B 559 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.newamericanfunding.com/lfj/dagnts/ Redirect Chain
|
96 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js
www.newamericanfunding.com/ |
337 KB 123 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.7.1/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.newamericanfunding.com/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dynamiclongform-b.min.css
www.newamericanfunding.com/css/ |
30 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-new-american-white.png
assets.newamericanfunding.com/images/logos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gradient.jpg
assets.newamericanfunding.com/images/bg/ |
359 B 1000 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
purchase-white.png
assets.newamericanfunding.com/images/icons/ |
671 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
purchase-dark.png
assets.newamericanfunding.com/images/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
refinance-white.png
assets.newamericanfunding.com/images/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
refinance-dark.png
assets.newamericanfunding.com/images/icons/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accolade-reviews-experience-white.png
assets.newamericanfunding.com/images/home/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
accolade-inc-5000-white.png
assets.newamericanfunding.com/images/home/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
dynamic.criteo.com/js/ld/ |
523 B 642 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
criteo-events.js
www.newamericanfunding.com/scripts/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countdown.js
www.newamericanfunding.com/scripts/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
url-param-helper.min.js
www.newamericanfunding.com/scripts/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crystal.min.js
www.newamericanfunding.com/scripts/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick1.7.1-nick-modified.min.js
www.newamericanfunding.com/scripts/ |
42 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dynamiclongform-2.min.js
www.newamericanfunding.com/scripts/ |
48 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.13/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
progressbar.min.js
www.newamericanfunding.com/scripts-compiled/dist/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parsley.min.js
www.newamericanfunding.com/scripts/ |
42 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d622b6b8.js
use.fortawesome.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
balancetext.min.js
cdnjs.cloudflare.com/ajax/libs/balance-text/3.2.0/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_D_10239220408103229.js
www.newamericanfunding.com/ |
41 KB 16 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
293 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-hud-white.png
assets.newamericanfunding.com/images/icons/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
static.criteo.net/js/ld/ |
41 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
PostPageVisit
www.newamericanfunding.com/umbraco/Surface/Lead/ |
455 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geo
ipinfo.io/ |
226 B 507 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame 4B09 |
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
27998.json
s.yimg.com/wi/config/ |
2 B 485 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 450 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
getreviewsgrandtotal
www.newamericanfunding.com/umbraco/surface/socialreview/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dontcall-min.png
s3.amazonaws.com/naf.com/images/icons/ |
301 B 657 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
220 B 220 B |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woff2.css
use.fortawesome.com/kits/d622b6b8/publications/116527/ |
467 KB 350 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
324428834398241
connect.facebook.net/signals/config/ |
221 KB 67 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
stats.g.doubleclick.net/j/ |
4 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848925655/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848925655/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13003688.js
bat.bing.com/p/action/ |
0 137 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 176 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame 4B09 Redirect Chain
|
452 B 652 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ |
222 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ |
104 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
43 B 633 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 KB 35 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
49 KB 49 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
51 KB 51 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
51 KB 51 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/848925655/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-user-list/848925655/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/848925655/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-user-list/848925655/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
fbcapi.newamericanfunding.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ |
47 KB 13 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.newamericanfunding.com
- URL
- https://www.newamericanfunding.com/umbraco/surface/socialreview/getreviewsgrandtotal
- Domain
- fbcapi.newamericanfunding.com
- URL
- https://fbcapi.newamericanfunding.com/events
Verdicts & Comments Add Verdict or Comment
165 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dT_ object| dtrum string| GA_Directory string| GA_Title object| startTime object| _vwo_code number| settings_timer number| _vwo_settings_timer object| VWO object| _vwo_evq object| dataLayer number| currentPageNodeId object| timeinterval function| getTimeRemaining function| initializeClock function| clearExpireVerificationCodeTimer object| Criteo object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| dotq object| uetq function| extractURLParams function| touchAndLocalStorage function| initializePhoneDisplay function| initializegclid function| verifyHaveURLParams function| notifyPageLoad string| defaultPhone string| SEOPhone object| SEO_Pages object| urlParamLookup string| touchy boolean| agentStickyHeaderExperience function| readCookie object| jsError string| phoneDisplay object| gclid object| title string| theOGTitle function| $ object| criteo_q function| ipinfoSuccess object| crystal object| criteo object| YAHOO object| gaplugins object| gaGlobal object| gaData function| criteoDeviceType function| triggerCriteoTags function| fireCriteoLanding function| fireCriteoPurchaseLanding function| fireCriteoRefiLanding function| getFirstTouchLastTouch function| headerFixed function| initializeSlick function| addEventListeners function| addRangeSyncListeners function| updateStateDropdown function| setupPageChanging function| initParsleyValidationSubmission function| fireCriteoSubmit function| focusNextElement function| detectIfSessionStorageSupported function| setupSessionStorageValue function| getMedianHomeValue object| slick object| q1product object| purchBtn object| refiBtn object| purchHashOrder object| refiHashOrder function| initProgressbar undefined| readcookie undefined| loanType undefined| refinanceReason undefined| creditRating undefined| timeFrame undefined| cashOutQuestion function| noRushInitialize number| indexOfLastPurchQuestion function| send_GA_Core object| additionalQuestions undefined| dob undefined| ssn number| lastwhiteboxwidth boolean| hasVerificationCodeExpired object| slickChildren function| addCustomValidators object| jQuery112409718283171805739 function| goBack object| $jscomp object| ProgressBar function| _toConsumableArray function| _slice function| _slicedToArray function| _extends object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley function| balanceText string| monthlySavingDisclosure object| today number| year number| tms object| DaylightStart object| DaylightEnd object| todayCali number| CurrentHour boolean| duringBusinessHours object| HousePriceSlider object| dpSlider function| updateDownPayment object| footerEle function| updatePurchasePriceSlider object| HousePriceField function| updateCashOut object| AmountOwedSlider object| AmountOwedField object| FortAwesomeConfig string| woffCSSFilename string| cssFilename string| cssUrl function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_5d76d8ef94 number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa object| VWOOmni string| _vwo_opa_cb string| _vwo_worker_cb24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.newamericanfunding.com/lfj/dagnts | Name: localStorageLogger Value: alreadyLogged |
|
www.br2ghatrk.com/ | Name: uniqueClick_76KDZW Value: fb243894-3d90-4f9e-a7f3-50fab5eb254f:1653205533 |
|
www.br2ghatrk.com/ | Name: transaction_id Value: 161f17a2159647d8988d76d9d6b44bcb |
|
.trktotal.com/ | Name: st Value: J2DNqS/pFNFf2V9vbHzcrQeJgv/DzMHrTaqSMoxNXTSspZlBZXDxxg== |
|
.trktotal.com/ | Name: tib Value: faVroZp0t6VJCfLQvVVmAweJgv/DzMHrTaqSMoxNXTSspZlBZXDxxg== |
|
.trktotal.com/ | Name: c31595 Value: J2DNqS/pFNHrq9VqzQaeET8vuOxEBPkafIpxb+BLypTXdjOXgGxjSA== |
|
www.newamericanfunding.com/ | Name: ASP.NET_SessionId Value: v2vy3zvp25yh4rpi2n00jh0e |
|
www.newamericanfunding.com/ | Name: SessionId Value: 52149da5-eb63-43a4-9450-bc57cc9842ae |
|
.newamericanfunding.com/ | Name: dtCookie Value: v_4_srv_6_sn_15AE79570CB792480B7A075B01BA0582_perc_100000_ol_0_mul_1_app-3Ab532b35028ac74a8_1_rcs-3Acss_0 |
|
.newamericanfunding.com/ | Name: rxVisitor Value: 1653205536472L7EUVHETSB6S7QS7G4REG2LPI7120F7S |
|
.newamericanfunding.com/ | Name: dtLatC Value: 963 |
|
.newamericanfunding.com/ | Name: dtSa Value: - |
|
.newamericanfunding.com/ | Name: _gcl_au Value: 1.1.847981033.1653205537 |
|
.newamericanfunding.com/ | Name: _ga Value: GA1.2.1696780638.1653205537 |
|
.newamericanfunding.com/ | Name: _gid Value: GA1.2.654172020.1653205537 |
|
.newamericanfunding.com/ | Name: _dc_gtm_UA-17024218-1 Value: 1 |
|
.bing.com/ | Name: MUID Value: 0177621BD44D69F5312A73B7D5C668BE |
|
.criteo.com/ | Name: uid Value: c70cdc81-2412-47b5-9ffc-0bc75b81a47d |
|
.newamericanfunding.com/ | Name: _gat_UA-17024218-1 Value: 1 |
|
.newamericanfunding.com/ | Name: rxvt Value: 1653207337179|1653205536474 |
|
.newamericanfunding.com/ | Name: dtPC Value: 6$205536468_344h11vTCRPJIVUNHVNUPWRNPVDCPJMCMALCNAW-0e0 |
|
.newamericanfunding.com/ | Name: _uetsid Value: 2b5b0950d9a311ec88de5db874360f40 |
|
.newamericanfunding.com/ | Name: _uetvid Value: 2b5b2030d9a311ec9205a5a5f2036a03 |
|
.newamericanfunding.com/ | Name: _vwo_uuid_v2 Value: DD4BD194B96701498B0B5EA76D1FB771F|0c8ef78eea83289967d2dc004fa311b2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
assets.newamericanfunding.com
bat.bing.com
cdnjs.cloudflare.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
dynamic.criteo.com
fbcapi.newamericanfunding.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ipinfo.io
mrktrecord12.com
mug.criteo.com
s.yimg.com
s3.amazonaws.com
sp.analytics.yahoo.com
static.criteo.net
stats.g.doubleclick.net
trktotal.com
use.fortawesome.com
users.tpg.com.au
www.br2ghatrk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.newamericanfunding.com
fbcapi.newamericanfunding.com
www.newamericanfunding.com
142.250.184.226
151.139.128.8
178.250.0.157
178.250.2.140
203.26.24.80
212.82.100.181
2600:9000:214f:7e00:12:548e:a040:93a1
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2004
2a00:1450:4001:801::200a
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:2638::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.117.59.81
34.95.111.143
34.96.102.137
35.169.19.145
35.71.138.75
54.231.200.208
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
08cffab1dd52321cd190fa23e37cd1483e8a9e19b366fe0e9436a304ab476798
095ad0b0018dff572ef0295960325979dd2e86bbb8dbcd34a8c346b515ee7644
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0aaed71320dc122a42a59383acc7b8071ba4aa5c7c47d667773218b38c32b443
0c2519c21832d1db0606a6d8e55508547384c2d80e08b73c7fda09ef82ba4b3c
0d9dbc7fd94c88a27d847152aa1187146cb1a83fa4e97d2b920614770a3702cc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16c6f70d1cb810d6fa6bd07f4b2d551ea51bf42f0c1e299f3a17e6f0c5f896d3
1a5ab0903aa18f8a86d8a30aec33fbcc2ad017950beac1f5a0cf7bac2614617f
1d9519933c9bcca61b26125cc6acb022c41ef1a257b478d1392f8bae76fa3860
20eb3c2b4f04f00252962a713ebdc92057bc9b77e0da564001aae5af49347c07
2e03d3ac16dccd7ddeebbc28b02fd3585ac5f6f41f6eb48db03e6e0fc810c4ef
2f842a4aac122e4676ca976c46add9bdf5f1b634be9a013b121edccd16cc421d
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
31764e4ca364928c614c72e307104e8063e6dce150f99f4c2504a0fc925e6fff
32616067620334a7ffaf7499b6d123aa4dfe40521f1a690d589406a4676f0dee
3a9d536384efa6a5b27e81bf8b7d16e279d9d7da7025bedfdb432dde9fc33be1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a72f9ae943f368a67c4abee3476c1f228b2f50ee07a89e21137aa2f9292c69a
4d1afecef16c7ca73196667ff2be44e0c9b273cd1be6aed1af28bf7c34da0047
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5dc84f561da42bdda2d631a4e42d6cde8cb002ac1b42ebf01aa83a7906d9c7b7
6163d42cd4f6ee6b0ec2649ab91189654d07eef9dbd92e0ba768612f813a21ff
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a2a48868397d51dcb49fb332cc31708377657d01c9ea1918f6f8d16e5c9e6c0
6edffc356433a7d852141810018fe672e8492539f9d11c26986fbb1bc726b7d7
77fe5ff8fe0d5a18bca77be557dc3bd320ec4b4a66f6a4d3e667f040bd3c91e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850f365c97a72f65e02a6070187e1b181ad940a83d01305f8d6ef7995831c466
853132bb72144f1565e59d4b5e504e8a30d62d5bf6c4c448d389999476b77d87
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8b2993427231b689c36ca8ee8f0c0e97d08b3ca55b0e8dcd06d9b5d7a9441feb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9264e3ee3196db4257dff44aa744e2060acf7d963c2395146714604e28795cdc
94274e4fe6c686e5470c69bd3e2bb979fd00818dc046402b7f4e323866777466
9dd379e32b8ecaa0011f2d5e6c1a3303b50b1b046d692ded1192c6485cd82ec2
9f4d1ca812315c6cbda73d0f7eacd54451037bd2fb0a21b27e96c3e3e0c1ca0c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a77db4ac21841c3a09b7536f9e27776b0100ce38c8d689dd813a1cd1f3831138
aa14ba333c2a455f701745e5fb66363dbfa7314bd34ca0c3468e775d0336f625
ab9d330fef23c628addac5b9306b4d7a15bf84fd1db8588a91523b4547b475b2
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
ad1db1404602f099c298a2d903d4db91e16fa2ca295599533971383523c6acf9
b13ff2be03a87b20075888ba3181ba73dfe069bf30c27ed7053f69b06bb7f4b9
b270ff5dca8e4fa641b4fb1e08683bc5826351cc3f6a3165e2d6134216a20187
b341d6332ab166d26c01bb7cae8dc01ea2d4588940e1443ed10be6d48a199ceb
b77579a6afee59a8e83f0348ee8123691d314259829a16eea2f0943f6c01e514
d5eeae46c9661fea731fd997c6afffdb6866b54c04d3c0f468ac029a35fffcbe
d709f110bd9f41f30c9942e9d0f77e5b88f731665f1f1d9bcb04d206b5455ccf
dc4b69ba7c417a49b29c88eb4b8a3fbae8b158db1b6a2d29235194c9de1c5459
dc80b239609a20048dfffddbda84c2b7eb107c1d4b9c9245bf20226d2b95e0da
dcb31c4ac1ffbf43d3f036c39f64e614b9e623a205b40e7ddb3ec6b9cf663694
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ab0563bda79f27dd9e534a42684fe8cfc0fba8ee107cf7fb582e7ea93a9039
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea51c1db95d9a533fc4eea0588b21175d83d3867ee72a71402c9866905012036
eabdc61feb8193557f03ac137a8d39f71a55974d1e622f88bde68a715b2070ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c235d0dbd612ddf050450be7a4ed02353c3b043edb420abd679656ad49fd03
fb178d0a551b045b17f8876b0cedaa4cedfd253c4de00150469b776666226d45
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c