ms.liftforward-staging.com
Open in
urlscan Pro
2606:4700:3031::6818:63ad
Public Scan
Submission Tags: @phishunt_io
Submission: On September 20 via api from ES
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2020. Valid for: a year.
This is the only time ms.liftforward-staging.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2606:4700:303... 2606:4700:3031::6818:63ad | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.35.254.124 13.35.254.124 | 16509 (AMAZON-02) (AMAZON-02) | |
59 | 2a04:4e42:1b:... 2a04:4e42:1b::393 | 54113 (FASTLY) (FASTLY) | |
1 | 99.86.0.85 99.86.0.85 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.70.109.173 54.70.109.173 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 151.101.14.110 151.101.14.110 | 54113 (FASTLY) (FASTLY) | |
1 | 2600:1901:0:b... 2600:1901:0:bc29:: | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 13.35.254.31 13.35.254.31 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 13.35.254.92 13.35.254.92 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 143.204.201.22 143.204.201.22 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 35.190.25.25 35.190.25.25 | 15169 (GOOGLE) (GOOGLE) | |
1 | 3.229.228.113 3.229.228.113 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 75.2.88.188 75.2.88.188 | 16509 (AMAZON-02) (AMAZON-02) | |
82 | 13 |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-124.fra6.r.cloudfront.net
dl.airtable.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-85.fra6.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-109-173.us-west-2.compute.amazonaws.com
api.segment.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-31.fra6.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-92.fra6.r.cloudfront.net
js.intercomcdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-22.fra53.r.cloudfront.net
cdn.heapanalytics.com |
ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
api-js.mixpanel.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-228-113.compute-1.amazonaws.com
heapanalytics.com |
ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
59 |
cloudinary.com
res.cloudinary.com |
1 MB |
9 |
liftforward-staging.com
ms.liftforward-staging.com |
1 MB |
3 |
intercomcdn.com
js.intercomcdn.com |
119 KB |
2 |
mixpanel.com
api-js.mixpanel.com |
467 B |
2 |
heapanalytics.com
cdn.heapanalytics.com heapanalytics.com |
38 KB |
2 |
intercom.io
1 redirects
widget.intercom.io api-iam.intercom.io |
2 KB |
1 |
mxpnl.com
cdn.mxpnl.com |
27 KB |
1 |
newrelic.com
js-agent.newrelic.com |
11 KB |
1 |
segment.io
api.segment.io |
148 B |
1 |
segment.com
cdn.segment.com |
71 KB |
1 |
airtable.com
dl.airtable.com |
4 KB |
0 |
nr-data.net
Failed
bam.nr-data.net Failed |
|
82 | 12 |
Domain | Requested by | |
---|---|---|
59 | res.cloudinary.com |
ms.liftforward-staging.com
|
9 | ms.liftforward-staging.com |
ms.liftforward-staging.com
|
3 | js.intercomcdn.com |
widget.intercom.io
|
2 | api-js.mixpanel.com |
cdn.mxpnl.com
|
1 | api-iam.intercom.io |
js.intercomcdn.com
|
1 | heapanalytics.com | |
1 | cdn.heapanalytics.com |
cdn.segment.com
|
1 | widget.intercom.io | 1 redirects |
1 | cdn.mxpnl.com |
cdn.segment.com
|
1 | js-agent.newrelic.com |
ms.liftforward-staging.com
|
1 | api.segment.io |
cdn.segment.com
|
1 | cdn.segment.com |
ms.liftforward-staging.com
|
1 | dl.airtable.com |
ms.liftforward-staging.com
|
0 | bam.nr-data.net Failed |
js-agent.newrelic.com
|
82 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
www.liftforward.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-11 - 2021-08-11 |
a year | crt.sh |
dl.airtable.com Amazon |
2020-06-18 - 2021-07-18 |
a year | crt.sh |
*.cloudinary.com Go Daddy Secure Certificate Authority - G2 |
2020-05-27 - 2022-06-22 |
2 years | crt.sh |
*.segment.com DigiCert SHA2 Secure Server CA |
2020-06-12 - 2021-07-27 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-09-09 - 2021-05-07 |
8 months | crt.sh |
*.mxpnl.com RapidSSL RSA CA 2018 |
2019-07-29 - 2021-07-28 |
2 years | crt.sh |
*.intercomcdn.com Amazon |
2020-03-29 - 2021-04-29 |
a year | crt.sh |
cdn.heapanalytics.com Amazon |
2019-10-22 - 2020-11-22 |
a year | crt.sh |
*.mixpanel.com GeoTrust RSA CA 2018 |
2020-04-20 - 2022-04-21 |
2 years | crt.sh |
heapanalytics.com Amazon |
2020-01-21 - 2021-02-21 |
a year | crt.sh |
*.intercom.com Amazon |
2020-05-13 - 2021-06-13 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ms.liftforward-staging.com/en-ca/cpa
Frame ID: 70D8328C8450C0F57A06567D9E2D2101
Requests: 79 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.054efc0f.js
Frame ID: DD321E2937B96D1053CD4CA0B0DC3720
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Heap (Analytics) Expand
Detected patterns
- script /heap-\d+\.js/i
Segment (Analytics) Expand
Detected patterns
- script /cdn\.segment\.com\/analytics\.js/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: PRIVACY
Search URL Search Domain Scan URL
Title: TERMS
Search URL Search Domain Scan URL
Title: SURFACE ALL ACCESS FOR BUSINESS TERMS
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 72- https://widget.intercom.io/widget/enl5ff6l HTTP 302
- https://js.intercomcdn.com/shim.latest.js
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
cpa
ms.liftforward-staging.com/en-ca/ |
205 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-578e7e2d69857caaad76.js
ms.liftforward-staging.com/packs/js/ |
1 MB 492 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-d696f8ea.css
ms.liftforward-staging.com/packs/css/ |
200 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all-01c4fc4b9028ef56df3b3dd2bd03768e60e707b133912007a619a926732292dd.css
ms.liftforward-staging.com/assets/microsoft/stylesheets/ |
63 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all-99787d8410e6657b109460ad1b1b7640167c1b17f08b13174aa87da1ce7191c3.js
ms.liftforward-staging.com/assets/spree/frontend/ |
236 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft-header-logo-112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960.png
ms.liftforward-staging.com/assets/oem/microsoft/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_liftforward-81643f3752956ad438d4caeac388e728438326cdd5cfe7748edcd86160511e1d.png
ms.liftforward-staging.com/assets/logos/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unnamed.png
dl.airtable.com/.attachments/6296e4a493344af0f7d980f101ec441c/eee84a69/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Book_3_13_in.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/777/original/ |
89 KB 89 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Go_2.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/789/original/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_Laptop3_13_Feature_Platinum_FrontOn_RGB.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/595/original/ |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_ProX_Feature_TabletMode_RGB.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/649/original/ |
93 KB 93 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_Pro7_Feature_Plat_TabletMode_RGB.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/640/original/ |
130 KB 130 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface_book_2.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/273/original/ |
381 KB 381 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-pro_hixwra.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/299/original/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface_go_cmpn0d.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/19/original/ |
81 KB 82 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surfacelaptop2black.0_m2w0bw.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_680,w_680/v1/39/original/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9z8BXiPqTHOJyvn9hS1G_full_Surface_Microsoft-Complete_ContentPlacement4up_2_V1_ulwagh.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/186/original/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
laptop_kzjclr.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/713/original/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Microsoft-Complete_ContentPlacement4up_3_V1_o5rqjy.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/714/original/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9z8BXiPqTHOJyvn9hS1G_full_Surface_Microsoft-Complete_ContentPlacement4up_2_V1_ulwagh.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/715/original/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gXx0kQ8QQIa0Cd8FGijQ_full_RW7Lij_qyjmvq.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/164/original/ |
976 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Pen_Black_qkqixx.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/173/original/ |
825 B 889 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Pen_Cobalt_blue_irtosn.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/174/original/ |
800 B 864 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Pen_Burgundy_bk9jmf.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/175/original/ |
809 B 926 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_Pen_Feature_IceBlue_Front_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/658/original/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_Pen_Feature_PoppyRed_Front_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/659/original/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LGi9zJ9uQiyoXsiEoWYH_full_black_vf0ohj.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/179/original/ |
0 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LGi9zJ9uQiyoXsiEoWYH_full_black_vf0ohj.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/701/original/ |
0 457 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aLMEbYICQJu0oea0STYz_full_Surface_Pro_Type_Cover_Platinum_fd2a1q.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/463/original/ |
0 338 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NiniIcs9T2mtcNCUk3t2_full_Surface_Pro_Type_Cover_Cobalt_Blue_nzvadb.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/464/original/ |
0 499 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JrLLpg62StmmRHuik0g3_full_Surface_Pro_Type_Cover_Burgundy_gfubb4.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/465/original/ |
0 292 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aLMEbYICQJu0oea0STYz_full_Surface_Pro_Type_Cover_Platinum_fd2a1q.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/702/original/ |
0 290 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NiniIcs9T2mtcNCUk3t2_full_Surface_Pro_Type_Cover_Cobalt_Blue_nzvadb.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/703/original/ |
0 294 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JrLLpg62StmmRHuik0g3_full_Surface_Pro_Type_Cover_Burgundy_gfubb4.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/704/original/ |
0 291 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_Pro7_Feature_PoppyRed_SignatureTypecover_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/655/original/ |
0 315 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_Pro7_Feature_IceBlue_SignatureTypecover_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/656/original/ |
0 472 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_Pro7_Feature_Platinum_SignatureTypecover_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/657/original/ |
0 268 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aLMEbYICQJu0oea0STYz_full_Surface_Pro_Type_Cover_Platinum_fd2a1q.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/33/original/ |
0 502 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-cover_bjcbag.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/386/original/ |
0 228 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-cover_bjcbag.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/706/original/ |
0 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-cover_bjcbag.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/22/original/ |
0 271 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-signature-cover-blue.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/387/original/ |
0 237 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-signature-cover_platinum.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/388/original/ |
0 243 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-signature-cover-burgandy.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/389/original/ |
0 244 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-signature-cover-blue.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/707/original/ |
0 284 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-signature-cover_platinum.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/708/original/ |
0 243 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-signature-cover-burgandy.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/709/original/ |
0 333 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surface-go-signature-cover_platinum.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/24/original/ |
0 241 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Go_Signature_Type_Cover_-_Platinum.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/773/original/ |
0 302 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Go_Signature_Type_Cover_-_Platinum.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/774/original/ |
0 346 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RW6KQV_ppoybl.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/506/original/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RW70sc_ddi0ss.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/507/original/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft-surface-precision-mouse-bluetooth.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/710/original/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_ProX_Feature_SignatureKeyboard_US_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/653/original/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_ProX_Feature_SignatureKeyboard_US_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/705/original/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_ProX_Feature_SlimPen_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/662/original/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yu2BkyRjSRSvIn2lPmqQ_full_Surface_Mini_DisplayPort_to_VGA_Adapter_feijyh.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/378/original/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Microsoft-1911780406-USB_Ethernet-zoom_s4ukmo.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/469/original/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rLEkysUMRvmLmpdbXXIp_full_Surface_USB-C_to_HDMI_Adapter_v0mjig.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/491/original/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WL3WTRpwSBacugFpoLGv_full_Surface_USB-C_to_VGA_Adapter_lj3ga8.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/492/original/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A3008fGKRI2qOgfBH52J_full_Surface_Mini_DisplayPort_to_HDMI_2.0_Adapter_gm3msw.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/711/original/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6273102_sd_ltiavq.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/712/original/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_ArcMouse_Feature_PoppyRed_Hero_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/660/original/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SUR20_ArcMouse_Feature_IceBlue_Hero_RGB.jpg
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/661/original/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_USBC_Travel_Hub.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/776/original/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Surface_Dock_Refresh.png
res.cloudinary.com/liftforward/image/upload/c_fit,h_200,w_200/v1/799/original/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/Bgwc71273d2zAcobIuikif6OaUEJvvM5/ |
373 KB 71 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gldn-Surf-Hero-SP7-SPX-Upgrade-WFH-1-b287144fe22a1fad8f0c076f643530d737a8b4c1d033220cdbaac0a7903ca7c9.jpg
ms.liftforward-staging.com/assets/ |
513 KB 514 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
ms.liftforward-staging.com/assets/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 148 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1177.min.js
js-agent.newrelic.com/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
79 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shim.latest.js
js.intercomcdn.com/ Redirect Chain
|
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-3936224455.js
cdn.heapanalytics.com/js/ |
94 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api-js.mixpanel.com/decide/ |
65 B 140 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 327 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3b101623cd
bam.nr-data.net/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 212 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.054efc0f.js
js.intercomcdn.com/ Frame DD32 |
226 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.f0ac42db.js
js.intercomcdn.com/ Frame DD32 |
173 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame DD32 |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/1/3b101623cd?a=236672143&v=1177.96a4d39&to=dQoLEkpeXl9VQBsVEUQAAElQXl9WH1taAgRO&rst=2391&ck=1&ref=https://ms.liftforward-staging.com/en-ca/cpa&qt=8&ap=277&be=487&fe=2314&dc=1464&perf=%7B%22timing%22:%7B%22of%22:1600607213750,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:22,%22ce%22:33,%22rq%22:33,%22rp%22:463,%22rpe%22:489,%22dl%22:470,%22di%22:1463,%22ds%22:1463,%22de%22:1478,%22dc%22:2313,%22l%22:2313,%22le%22:2315%7D,%22navigation%22:%7B%7D%7D&fp=1469&fcp=1469&jsonp=NREUM.setToken
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| NREUM object| newrelic function| __nr_require function| setImmediate function| clearImmediate object| regeneratorRuntime object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| currency object| analytics function| Query function| Uri function| jsUri function| $ function| jQuery object| Rails boolean| _rails_loaded object| Spree object| ClientSideValidations object| SolidusPaypalBraintree object| BraintreeError function| show_flash object| basicLightbox object| jQuery112405087492728002252 object| mixpanel function| Intercom object| heap object| optimizely function| normalize function| __intercomAssignLocation5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ms.liftforward-staging.com/ | Name: _shop_session Value: yaWNgmpwepPUbXyIOT8%2FIjxjHTr0Jiwcbkbqj%2FDp7EtKfus7oqmXp3vZH6fOZ7HgbTr5c20bzkUzy9pRrhB15ZM3CUk5%2Fk%2BBMLt4eFV4juxrl00sWtHAQ%2FO12CkH32pF9cIR%2BfPtjur769rKBgEIY0LGwUVGC8hxGOdfPs6VINQCSCnDrNRpI3xBhFtiMrHn9KBXIQyRN8TEZ4IAbeTPa%2BG0ZZ2wM4K81S4%3D--aU588Mg9HFlOZsPx--Rg8NxDylLhUyEDu2Ff8uDQ%3D%3D |
|
.liftforward-staging.com/ | Name: ajs_anonymous_id Value: %220713dd3c-4f47-4383-ae10-a6d62d035fc0%22 |
|
ms.liftforward-staging.com/ | Name: guest_token Value: InFseFJfYVU4U1J0SlJtdS1mMmZlM2ci--470bb3c6250df57a9575199bd677b87e7996aa24 |
|
.liftforward-staging.com/ | Name: mp_3afd3da13a2e70d500953e179eef0a70_mixpanel Value: %7B%22distinct_id%22%3A%20%22174ab9fe1e29f1-0806d70dc9bade-1b396256-1d4c00-174ab9fe1e3a75%22%2C%22%24device_id%22%3A%20%22174ab9fe1e29f1-0806d70dc9bade-1b396256-1d4c00-174ab9fe1e3a75%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%7D |
|
.liftforward-staging.com/ | Name: __cfduid Value: d0823a421e62b9687fa3ce9eaf23176c01600607213 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
api-js.mixpanel.com
api.segment.io
bam.nr-data.net
cdn.heapanalytics.com
cdn.mxpnl.com
cdn.segment.com
dl.airtable.com
heapanalytics.com
js-agent.newrelic.com
js.intercomcdn.com
ms.liftforward-staging.com
res.cloudinary.com
widget.intercom.io
bam.nr-data.net
13.35.254.124
13.35.254.31
13.35.254.92
143.204.201.22
151.101.14.110
2600:1901:0:bc29::
2606:4700:3031::6818:63ad
2a04:4e42:1b::393
3.229.228.113
35.190.25.25
54.70.109.173
75.2.88.188
99.86.0.85
01c4fc4b9028ef56df3b3dd2bd03768e60e707b133912007a619a926732292dd
0762ebda844cd2e27d75fe27d587f736690c17a289aaa57d98c663df6d7febd2
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1d5674ba347b41a6bd44ba991c100a910f11548e2b7ae2d1a1b9f0a719048418
1d7f14f10ddda91faab21f179c39ca27964669ad9f4e4c5e69def3bd83a938ac
25aff4f36c2cd91ac4d587f1edba374e7bff781af73902456485ce7eb1eed1ee
2677d6eaa31c5a6074f7c8af22700fe18cb8add88aa18dbb08bb159d01289dbf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3211af4d9fb957c880f2f888e5e4167d85866e559843d3c0edbefe766e45e92c
3e831a794ea8f9e44ff85a7f9f740426c83b3f519ede332680477dd43598f31e
3f6e7629d78914d612773b2f70419de6099a9bc82d88ff75957f30ad1140d3f9
40f9c5e89ff483ff40c936984879adc1c348faf0125550dabba2a6c44b67f5e1
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f
45ac44af135734c890d0a9ffab038f0c1d8c56b8f23efa6b565d3826be7c747c
4b4d370d440b2e23f4e43a40228637cc3ce350e5a6bf51f235383f54f8e1755e
4d5dc258dd260d4c2df07b5cb2273e8dfa53678ddb9da65b590ae816089279d0
4e8cc50ff247365a1de4b00926218d102b7367b8177fe62998e6d0219a0b3068
4fd3cdc935aeb0484eb57791fa83640bb1617704da803a6d76aea7f1c54eea35
537f07603f5cd0d7984932263219406caba1fe8086f2a5366ef554624e658e4f
5691850bd2d84e0bac9ea87e36b869f8d0a076a5a12f408d798a1843b6b27a91
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
620ca24cff64cb9e402f3d5e7c78bccdbba54d74bb75acfb612579a06635ca3e
65f80d1c0593f3aa0411db59b7b5bfe616fe4b32d57f260583a262b0734a9d71
67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7213ebe1bad90f515781514b2c1392a15fcc9b7738d90fd0fbed13440e01caf1
7715841b39980d9824a7947f4f129b82e3b783dd146aac2d959bd5797404c07b
81643f3752956ad438d4caeac388e728438326cdd5cfe7748edcd86160511e1d
8b6460bc7fffdf50ada67e3a2f6f06167bc2f8f3d019303fa04acd029dde497e
902f4d68bfd2dfd021cd52e5472c4bcc59ce1bc3c292712c8c4a826fffdfcd90
99787d8410e6657b109460ad1b1b7640167c1b17f08b13174aa87da1ce7191c3
9cedb9cbea8190cb856435900b46825bd1227e1fe5e5d3998ad83ccf01bd6412
9f5b153c13120017202bd20a81de1d40c67d3f04073b3aa8c36d7bc754944a74
9fbe6d5e42e26aee412bdfa7edca637940ae3e43f6a8c84960f6a9056af8eb79
a2e7f7eca1b0788853e8efcee912a7c0bea90bec75c3e70c36f8361c7f47a09b
b287144fe22a1fad8f0c076f643530d737a8b4c1d033220cdbaac0a7903ca7c9
b51ed453762c324820888012f815557fe791aefa7bc113cc0894cec2bda2bf37
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1137c6e0571ee9a10cf61ef94b175e14837f02793e381c022b6c0a6dfe35389
c229725ef0b4a498414c538c2b64ca34a22cb9d8d315c9ee65f07589b800c229
c4ac288233a90ce3b58ebfb69553d1bfd6c4be9aa5c00d9421a92e86edb761af
c6b36a480a76fdb93d226ca1d982ad594252fb5f560d57eddfc73c64e127dc87
cb2470cb84786c8d02c8da27b7d061ea5edce8e56ec056d6e6fa85dbf21cd092
cd00f582347ec44d68ccad9b50357745fcb3be08664bba569ea8dc881f8b7e3a
cd3936b85047b63504ab12fec530ff57b07e6d7815a4c675507468b483c00ff6
d2f9f4c005798f8b1dcbc15bd12367906955b34b1376d8f2135d5da61cfd1f58
d8958e173df8fd1fb037757316937d65ecef4c586f9dff42303b89708a2f5a5e
ded46eaf324f2e1e946966600ef551832cc1d95863f5efbef0be443d42ba1739
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66cb94e0ed8beffb7eaa8952c8556d4393577fcd0ade8cb7fa7990495729b21
ea062379b13870f40ef7ad2ab8133f32b5cb40b5f25d6d624ae918693a870ada
ebddaed5b249c416753b2d5b9d526efe694d5ecdd120cc074acfce63c1223a45
ecca96a4844758a10cfc7d4d08bf28fdcf2569bcd9f180acdf6678b17cbaa42e
f4da591b3f609ef11a49f178a5b5cac1613ee5c093f7cd5feae65cd82c54ca6d
fcd43c39df1e00b649ac781179b6cfc7b613c96475462ab9052fc7921390f3fa