www.trueamericanloan.com
Open in
urlscan Pro
52.10.97.21
Public Scan
Submitted URL: https://tracking.donegoodness.com/index.php/campaigns/vy562md8e497d/track-url/tz432ff3pw8d1/299be56f9a9a6152880d53586633d43bab8152b1
Effective URL: https://www.trueamericanloan.com/?rtrcid=500281~15c7496fe~1365265&rtrtid=11:DG1TCS28&rtrsid=1&xi_rtrtsrc=1&x_offerid=329&x_clicki...
Submission: On January 24 via manual from US — Scanned from CA
Effective URL: https://www.trueamericanloan.com/?rtrcid=500281~15c7496fe~1365265&rtrtid=11:DG1TCS28&rtrsid=1&xi_rtrtsrc=1&x_offerid=329&x_clicki...
Submission: On January 24 via manual from US — Scanned from CA
Summary
This website contacted 10 IPs
in 2 countries
across 9 domains to perform 47 HTTP transactions.
The main IP is 52.10.97.21, located in
Boardman, United States and
belongs to AMAZON-02, US.
The main domain is www.trueamericanloan.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 5th 2023. Valid for: a year.
This is the only time www.trueamericanloan.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon RSA 2048 M01 on May 5th 2023. Valid for: a year.
This is the only time www.trueamericanloan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 51.222.184.9 51.222.184.9 | 16276 (OVH) (OVH) | |
| 1 1 | 52.5.112.55 52.5.112.55 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 | 52.25.60.233 52.25.60.233 | 16509 (AMAZON-02) (AMAZON-02) | |
| 22 | 52.10.97.21 52.10.97.21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 52.92.239.82 52.92.239.82 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 13.225.195.113 13.225.195.113 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 3.161.213.98 3.161.213.98 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 2607:f8b0:400... 2607:f8b0:4004:c19::5e | 15169 (GOOGLE) (GOOGLE) | |
| 5 | 76.223.64.65 76.223.64.65 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 18.233.237.235 18.233.237.235 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 6 | 3.161.213.12 3.161.213.12 | 16509 (AMAZON-02) (AMAZON-02) | |
| 47 | 10 |
1
52.5.112.55
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-112-55.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-112-55.compute-1.amazonaws.com
| tracking.bluewatersredfish.com |
2
52.25.60.233
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-60-233.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-60-233.us-west-2.compute.amazonaws.com
| offer.trueamericanloan.com |
22
52.10.97.21
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-97-21.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-97-21.us-west-2.compute.amazonaws.com
| www.trueamericanloan.com |
2
52.92.239.82
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
| imgcmn.s3-us-west-2.amazonaws.com |
2
13.225.195.113
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-113.yul62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-113.yul62.r.cloudfront.net
| img.emlasts.com |
1
3.161.213.98
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-98.yul62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-98.yul62.r.cloudfront.net
| fw-cdn.com |
5
76.223.64.65
(United States)
ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com
| epcvip-928377c3bca26c417036805.freshchat.com |
2
18.233.237.235
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-237-235.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-237-235.compute-1.amazonaws.com
| src.fwusercontent.com |
6
3.161.213.12
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-12.yul62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-12.yul62.r.cloudfront.net
| assetscdn-wchat.freshchat.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
trueamericanloan.com
offer.trueamericanloan.com www.trueamericanloan.com |
269 KB |
| 11 |
freshchat.com
epcvip-928377c3bca26c417036805.freshchat.com assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 19032 |
445 KB |
| 4 |
gstatic.com
fonts.gstatic.com |
32 KB |
| 2 |
fwusercontent.com
src.fwusercontent.com — Cisco Umbrella Rank: 71612 |
294 B |
| 2 |
emlasts.com
img.emlasts.com — Cisco Umbrella Rank: 303622 |
144 KB |
| 2 |
amazonaws.com
imgcmn.s3-us-west-2.amazonaws.com |
19 KB |
| 1 |
fw-cdn.com
fw-cdn.com — Cisco Umbrella Rank: 44714 |
86 KB |
| 1 |
bluewatersredfish.com
1 redirects
tracking.bluewatersredfish.com |
2 KB |
| 1 |
donegoodness.com
1 redirects
tracking.donegoodness.com |
427 B |
| 47 | 9 |
| Domain | Requested by | |
|---|---|---|
| 22 | www.trueamericanloan.com |
offer.trueamericanloan.com
www.trueamericanloan.com |
| 6 | assetscdn-wchat.freshchat.com |
epcvip-928377c3bca26c417036805.freshchat.com
|
| 5 | epcvip-928377c3bca26c417036805.freshchat.com |
fw-cdn.com
epcvip-928377c3bca26c417036805.freshchat.com |
| 4 | fonts.gstatic.com |
www.trueamericanloan.com
|
| 2 | src.fwusercontent.com |
fw-cdn.com
|
| 2 | img.emlasts.com |
www.trueamericanloan.com
|
| 2 | imgcmn.s3-us-west-2.amazonaws.com |
www.trueamericanloan.com
|
| 2 | offer.trueamericanloan.com |
www.trueamericanloan.com
|
| 1 | fw-cdn.com |
www.trueamericanloan.com
|
| 1 | tracking.bluewatersredfish.com | 1 redirects |
| 1 | tracking.donegoodness.com | 1 redirects |
| 47 | 11 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| trueamericanloan.com Amazon RSA 2048 M01 |
2023-05-05 - 2024-06-02 |
a year | crt.sh |
| *.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-08-03 |
10 months | crt.sh |
| emlasts.com Amazon RSA 2048 M01 |
2023-08-22 - 2024-09-18 |
a year | crt.sh |
| fw-cdn.com Amazon RSA 2048 M02 |
2023-12-23 - 2025-01-19 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| *.freshchat.com Amazon RSA 2048 M02 |
2024-01-22 - 2025-02-18 |
a year | crt.sh |
| *.freshmarketer.com Amazon RSA 2048 M02 |
2023-06-27 - 2024-07-26 |
a year | crt.sh |
| freshchat.com Amazon RSA 2048 M02 |
2023-07-05 - 2024-08-01 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.trueamericanloan.com/?rtrcid=500281~15c7496fe~1365265&rtrtid=11:DG1TCS28&rtrsid=1&xi_rtrtsrc=1&x_offerid=329&x_clickid=1029f9cecd89b1c76d8e49831c5b0b&email=kari.eisenbraun@ochsner.org&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2297&x_psac=2297&xi_oss=on&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_minprice=0.05&xi_tft={%22rtrcid%22:%22500281~15c7496fe~1365265%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22500281%22,%22acid%22:%2256%22,%22subid%22:%2211:DG1TCS28%22,%22x_offerid%22:%22329%22,%22x_clickid%22:%221029f9cecd89b1c76d8e49831c5b0b%22,%22email%22:%22kari.eisenbraun@ochsner.org%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222297%22}
Frame ID: F680048F4F9F86B83EC5A37B0FD6D544
Requests: 36 HTTP requests in this frame
Frame:
https://epcvip-928377c3bca26c417036805.freshchat.com/widget/config_iframe.html?host=https://epcvip-928377c3bca26c417036805.freshchat.com&token=f68aa535-3054-4eef-96cd-1034efda7312&origin=https://www.trueamericanloan.com
Frame ID: 9BE5BBAC8597E4317CC217A698BF8056
Requests: 2 HTTP requests in this frame
Frame:
https://epcvip-928377c3bca26c417036805.freshchat.com/widget/?token=f68aa535-3054-4eef-96cd-1034efda7312&referrer=aHR0cHM6Ly93d3cudHJ1ZWFtZXJpY2FubG9hbi5jb20=&eagerLoad=true
Frame ID: F82DBE906155BCCD31C229D6F74A46A4
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
TrueAmericanLoan | Get a secure loan as soon as the next business dayPage URL History Show full URLs
-
https://tracking.donegoodness.com/index.php/campaigns/vy562md8e497d/track-url/tz432ff3pw8d1/299be56f9a9a615288...
HTTP 301
https://tracking.bluewatersredfish.com/aff_c?offer_id=329&aff_id=11&aff_sub=DG1TCS28&aff_sub2=kari.eisenbraun@ochsn... HTTP 302
https://offer.trueamericanloan.com/?aid=500281&acid=56&subid=11:DG1TCS28&x_offerid=329&x_clickid=1029f9cecd89b1... Page URL
- https://www.trueamericanloan.com/?rtrcid=500281~15c7496fe~1365265&rtrtid=11:DG1TCS28&rtrsid=1&xi_rtrtsrc=1&x_... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tracking.donegoodness.com/index.php/campaigns/vy562md8e497d/track-url/tz432ff3pw8d1/299be56f9a9a6152880d53586633d43bab8152b1
HTTP 301
https://tracking.bluewatersredfish.com/aff_c?offer_id=329&aff_id=11&aff_sub=DG1TCS28&aff_sub2=kari.eisenbraun@ochsner.org&aff_sub3=77&email=kari.eisenbraun@ochsner.org&aff_sub4=2024-01-24%2013:00:06&aff_sub5= HTTP 302
https://offer.trueamericanloan.com/?aid=500281&acid=56&subid=11:DG1TCS28&x_offerid=329&x_clickid=1029f9cecd89b1c76d8e49831c5b0b&email=kari.eisenbraun@ochsner.org&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid} Page URL
- https://www.trueamericanloan.com/?rtrcid=500281~15c7496fe~1365265&rtrtid=11:DG1TCS28&rtrsid=1&xi_rtrtsrc=1&x_offerid=329&x_clickid=1029f9cecd89b1c76d8e49831c5b0b&email=kari.eisenbraun@ochsner.org&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2297&x_psac=2297&xi_oss=on&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_minprice=0.05&xi_tft={%22rtrcid%22:%22500281~15c7496fe~1365265%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22500281%22,%22acid%22:%2256%22,%22subid%22:%2211:DG1TCS28%22,%22x_offerid%22:%22329%22,%22x_clickid%22:%221029f9cecd89b1c76d8e49831c5b0b%22,%22email%22:%22kari.eisenbraun@ochsner.org%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222297%22} Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://tracking.donegoodness.com/index.php/campaigns/vy562md8e497d/track-url/tz432ff3pw8d1/299be56f9a9a6152880d53586633d43bab8152b1 HTTP 301
- https://tracking.bluewatersredfish.com/aff_c?offer_id=329&aff_id=11&aff_sub=DG1TCS28&aff_sub2=kari.eisenbraun@ochsner.org&aff_sub3=77&email=kari.eisenbraun@ochsner.org&aff_sub4=2024-01-24%2013:00:06&aff_sub5= HTTP 302
- https://offer.trueamericanloan.com/?aid=500281&acid=56&subid=11:DG1TCS28&x_offerid=329&x_clickid=1029f9cecd89b1c76d8e49831c5b0b&email=kari.eisenbraun@ochsner.org&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
47 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
offer.trueamericanloan.com/ Redirect Chain
|
742 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
www.trueamericanloan.com/ |
107 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap_337.css
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/css/ |
118 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google_fonts.css
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
theme_excite_bike_jquery_ui_112.css
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/css/ |
31 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
theme_excite_bike.css
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lookup-secure-v2-checkmark.css
www.trueamericanloan.com/common/assets/css/funnel/pvexl42step/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery_360.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
87 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery_ui_112.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
247 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery_cookie_141.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
1 KB 929 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery_validate_119.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery_validation_methods_119.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery_mask_114.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap_341.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
39 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
noSleep.min.js
www.trueamericanloan.com/common/assets/js/global/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lazysizes.min.js
www.trueamericanloan.com/common/assets/js/global/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
local-storage-wrapper.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/ |
2 KB 680 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common-final.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common-lookup-final.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery_steps_110.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/lib/js/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common-step-final.js
www.trueamericanloan.com/common/assets/js/funnel/pvexl42step/final6/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
secure-ssl3.png
imgcmn.s3-us-west-2.amazonaws.com/epcvip/ac-icons/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spinner.gif
img.emlasts.com/epcvip/ac-icons/ |
72 KB 72 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxl.php
offer.trueamericanloan.com/ |
43 B 406 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.trueamericanloan.com/ |
43 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3904714.js
fw-cdn.com/11188729/ |
343 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.trueamericanloan.com/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spinner.gif
img.emlasts.com/epcvip/ac-icons/ |
72 KB 72 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget.js
epcvip-928377c3bca26c417036805.freshchat.com/js/ |
66 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_success.png
imgcmn.s3-us-west-2.amazonaws.com/epcvip/ac-icons/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
mas
src.fwusercontent.com/ |
15 B 294 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
mas
src.fwusercontent.com/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config_iframe.html
epcvip-928377c3bca26c417036805.freshchat.com/widget/ Frame 9BE5 |
701 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config
epcvip-928377c3bca26c417036805.freshchat.com/app/services/app/webchat/f68aa535-3054-4eef-96cd-1034efda7312/ Frame 9BE5 |
3 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
epcvip-928377c3bca26c417036805.freshchat.com/widget/ Frame F82D |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget.css
epcvip-928377c3bca26c417036805.freshchat.com/widget/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame F82D |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame F82D |
0 419 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor.862630a2b93632e0d7bbae6d63246102.js
assetscdn-wchat.freshchat.com/static/assets/ Frame F82D |
684 KB 180 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
211.js
assetscdn-wchat.freshchat.com/static/assets/ Frame F82D |
772 KB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chunk.80d153c7f3a22a61beee.css
assetscdn-wchat.freshchat.com/static/assets/ Frame F82D |
243 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fd-messaging.b512064bbb091a79cc62.css
assetscdn-wchat.freshchat.com/static/ Frame F82D |
243 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fd-messaging.d9ce733667b0cf3b752d.js
assetscdn-wchat.freshchat.com/static/assets/ Frame F82D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- assetscdn-wchat.freshchat.com
- URL
- https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.d9ce733667b0cf3b752d.js
Verdicts & Comments Add Verdict or Comment
131 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery object| $jscomp function| NoSleep function| lsIsSupported function| ssIsSupported object| sessionStorageWrapper object| localStorageWrapper function| logException object| FORM_RULES function| getLoggingDate object| passthruData number| APPLICANT_STATUS_NONE number| APPLICANT_STATUS_PENDING number| APPLICANT_STATUS_INPROCESS number| APPLICANT_STATUS_APPROVED number| APPLICANT_STATUS_DECLINED number| APPLICANT_STATUS_APPLICATION_PENDING number| APPLICANT_STATUS_APPLICATION_PROCESSING number| APPLICANT_STATUS_APPLICATION_PROCESSED number| APPLICANT_STATUS_LOOKUP_PENDING number| APPLICANT_STATUS_LOOKUP_PROCESSING number| APPLICANT_STATUS_LOOKUP_FOUND number| APPLICANT_STATUS_LOOKUP_NOTFOUND number| APPLICANT_STATUS_FASTAPP_PENDING number| APPLICANT_STATUS_FASTAPP_PROCESSING number| APPLICANT_STATUS_FASTAPP_NOTFOUND number| APPLICANT_STATUS_EXCLUSION_PROCESSING number| APPLICANT_STATUS_EXCLUDED_BY_STATE number| APPLICANT_STATUS_PREREGISTERED number| APPLICANT_STATUS_INTERNAL_LOOKUP number| APPLICANT_STATUS_INTERNAL_LOOKUP_FOUND number| APPLICANT_STATUS_RESUMED number| APPLICANT_STATUS_INTERNAL_ZP_LOOKUP number| APPLICANT_STATUS_REMOTE_APPLY number| APPLICANT_STATUS_RESUMED_TRUSTED number| APPLICANT_STATUS_INPROCESS_ASYNC number| APPLICANT_STATUS_APPLICATION_PENDING_ASYNC number| APPLICANT_STATUS_APPLICATION_PROCESSING_ASYNC number| APPLICANT_STATUS_PENDING_ASYNC_RETURN number| APPLICANT_STATUS_RESET number| APPLICANT_STATUS_DELETED number| APPLICANT_PROCESS_STATE_PENDING number| APPLICANT_PROCESS_STATE_PENDING_APPLICATION_SUBMISSION number| APPLICANT_PROCESS_STATE_SUBMITTING_APPLICATION number| APPLICANT_PROCESS_STATE_APPLICATION_PROCESSING number| APPLICANT_PROCESS_STATE_APPLICATION_PROCESSED number| APPLICANT_PROCESS_STATE_LOOKUP_PENDING number| APPLICANT_PROCESS_STATE_LOOKUP_PROCESSING number| APPLICANT_PROCESS_STATE_LOOKUP_PROCESSED number| APPLICANT_PROCESS_STATE_FASTAPP_PENDING number| APPLICANT_PROCESS_STATE_FASTAPP_PROCESSING number| APPLICANT_PROCESS_STATE_FASTAPP_PROCESSED number| APPLICANT_PROCESS_STATE_TESTING_EXCLUSIONS number| APPLICANT_PROCESS_STATE_EXCLUDED number| APPLICANT_PROCESS_STATE_PREREGISTERED number| APPLICANT_PROCESS_STATE_PENDING_INTERNAL_LOOKUP_VALIDATION number| APPLICANT_PROCESS_STATE_INTERNAL_LOOKUP_VALIDATING number| APPLICANT_PROCESS_STATE_INTERNAL_LOOKUP_VALIDATED number| APPLICANT_PROCESS_STATE_INTERNAL_LOOKUP_INVALIDATED number| APPLICANT_PROCESS_STATE_RESUMED number| APPLICANT_PROCESS_STATE_REMOTE_APPLY number| APPLICANT_PROCESS_STATE_RESUMED_TRUSTED number| APPLICANT_PROCESS_STATE_SUBMITTING_APPLICATION_ASYNC number| APPLICANT_PROCESS_STATE_APPLICATION_PROCESSING_ASYNC number| APPLICANT_PROCESS_STATE_RESET number| APPLICANT_PROCESS_STATE_ERROR number| APPLICATION_PROCESS_STATE_PENDING number| APPLICATION_PROCESS_STATE_PROCESSING number| APPLICATION_PROCESS_STATE_PROCESSED number| APPLICATION_PROCESS_STATE_PENDING_ASYNC number| APPLICATION_PROCESS_STATE_PROCESSING_ASYNC number| APPLICATION_PROCESS_STATE_PENDING_ASYNC_RETURN number| APPLICATION_PROCESS_STATE_ERROR number| APPLICATION_STATUS_PENDING number| APPLICATION_STATUS_APPROVED number| APPLICATION_STATUS_DECLINED number| APPLICATION_STATUS_EXCLUDED number| APPLICATION_STATUS_PENDING_ASYNC_RETURN number| APPLICATION_STATUS_DELETED function| submitForProcessing function| updateProcessingModal function| pushnami function| processing function| validatePhoneNumber function| phonevalidateLoad function| validateSelectOnChange object| holidays function| DisableSpecificDates number| LOOKUP_ONE_CLICK_SUBMIT number| LOOKUP_VALIDATION_ENDPOINT_INTERNAL number| LOOKUP_VALIDATION_ENDPOINT_EXTERNAL function| getLookupModal function| getValidationProcessInput function| getValidationRequireDob function| triggerLookup function| displayMissingFields function| validateLookup function| externalLookupValidation function| internalLookupValidation function| clearValidationFormOnError object| zESettings number| lookupProcess object| missingFields boolean| requireDob object| lazySizesConfig object| lazySizes object| freshsales boolean| hideChatWidget string| custWidgetId object| fwcrm object| ZargetUrlChangeTrigger function| beforeunload boolean| zg_is_new_visitor object| zargetCookie function| zg_selector function| integrations function| zg_projectProps function| runZGHeatmap function| runZGPausedExp object| expEvt function| zarget$ function| fm_$ object| zargetAPI object| FMApi object| triggerHeatmapExperiment object| bulkDetails object| FM object| session object| fcWidget5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| tracking.bluewatersredfish.com/ | Name: enc_aff_session_329 Value: ENC03297050ec8f0195d5eddd2a6d80691fe5ecc146acec2a77852b4b1f6cda0eb99d2b1ed1a1a89606f107dd4722be7ff737842c0216ad9eee3649856f355f0ce8941018c3a3b957996f1e8012ce78c948cffdfd7e523bdcbb5441ddde2966a2b0d5a11db5841985ce5e2ab9b9185e622d41b36b46ef6ff933790d9a66eb19a9f872806aca809ec2f890799f68f9fad54d54d3ea7f6b6f1461f94eded8193159c5c62fadc400 |
|
| tracking.bluewatersredfish.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1DQSxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ== |
|
| www.trueamericanloan.com/ | Name: SCSSESSIONID Value: rlsdapd3dpbc1vup8oh6t70doh |
|
| .trueamericanloan.com/ | Name: _fw_crm_v Value: b01f936c-7e31-48eb-b081-94229d6d1c3f |
|
| www.trueamericanloan.com/ | Name: first_session Value: %7B%22visits%22%3A1%2C%22start%22%3A1706104939660%2C%22last_visit%22%3A1706104939660%2C%22url%22%3A%22https%3A%2F%2Fwww.trueamericanloan.com%2F%3Frtrcid%3D500281~15c7496fe~1365265%26rtrtid%3D11%3ADG1TCS28%26rtrsid%3D1%26xi_rtrtsrc%3D1%26x_offerid%3D329%26x_clickid%3D1029f9cecd89b1c76d8e49831c5b0b%26email%3Dkari.eisenbraun%40ochsner.org%26fname%3D%257Bfname%257D%26lname%3D%257Blname%257D%26xi_tier%3D1%26xi_ac%3D2297%26x_psac%3D2297%26xi_oss%3Don%26xi_cfg%3D%7B%2522srtr%2522%3A1%2C%2522ertr%2522%3A1%2C%2522psrtr%2522%3A1%2C%2522bcktr%2522%3A1%2C%2522pv%2522%3A%5B11%2C13%5D%7D%26xi_minprice%3D0.05%26xi_tft%3D%7B%2522rtrcid%2522%3A%2522500281~15c7496fe~1365265%2522%2C%2522xi_tier%2522%3A%25221%2522%7D%26odata%3D%7B%2522aid%2522%3A%2522500281%2522%2C%2522acid%2522%3A%252256%2522%2C%2522subid%2522%3A%252211%3ADG1TCS28%2522%2C%2522x_offerid%2522%3A%2522329%2522%2C%2522x_clickid%2522%3A%25221029f9cecd89b1c76d8e49831c5b0b%2522%2C%2522email%2522%3A%2522kari.eisenbraun%40ochsner.org%2522%2C%2522fname%2522%3A%2522%7Bfname%7D%2522%2C%2522lname%2522%3A%2522%7Blname%7D%2522%2C%2522xi_resid%2522%3A%2522%7Bresid%7D%2522%2C%2522xi_oclkid%2522%3A%2522%7Bkid%7D%2522%2C%2522x_psac%2522%3A%25222297%2522%7D%22%2C%22path%22%3A%22%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Foffer.trueamericanloan.com%2F%22%2C%22referrer_info%22%3A%7B%22host%22%3A%22offer.trueamericanloan.com%22%2C%22path%22%3A%22%2F%22%2C%22protocol%22%3A%22https%3A%22%2C%22port%22%3A80%2C%22search%22%3A%22%22%2C%22query%22%3A%7B%7D%7D%2C%22search%22%3A%7B%22engine%22%3Anull%2C%22query%22%3Anull%7D%2C%22version%22%3A0.4%7D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assetscdn-wchat.freshchat.com
epcvip-928377c3bca26c417036805.freshchat.com
fonts.gstatic.com
fw-cdn.com
img.emlasts.com
imgcmn.s3-us-west-2.amazonaws.com
offer.trueamericanloan.com
src.fwusercontent.com
tracking.bluewatersredfish.com
tracking.donegoodness.com
www.trueamericanloan.com
assetscdn-wchat.freshchat.com
13.225.195.113
18.233.237.235
2607:f8b0:4004:c19::5e
3.161.213.12
3.161.213.98
51.222.184.9
52.10.97.21
52.25.60.233
52.5.112.55
52.92.239.82
76.223.64.65
092fbe07f11c121d38cb42886acc18e90f8f51408a33d1e01f0789b242315e42
1462903d8b2dd70426b11fd5da6e5b7c39572d8ffc488561fd96757e3d96db87
1746b268addac39a01bc462c8e85434841637a136be1c0234b2eae14988e3d3c
1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7
260beff2f010ff66019561a62dcaa2fc03ce83ded463bf06f588f7b432d04688
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44b43e6a160d9e4a8424a855d26945f50e43d2eb0231dbce17d45cdfb52f002e
4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0
538188d9f35b38df5bfcdb4137ab4f6e02f2fbcf60aece11534c3e2b5044d688
59fdfe64552f1f790abdeb64cd0f93c7fd29760afaca40df158e37cc8eaadd6d
5f13893ae4bc516fdf0c5d61964fbffc07d6d4c174c2522b6f531663cf5bf3b1
6433a43310293748cf1fddd99a260723f22d8202abe6c37e736716eb1f0a7c05
70b2bf6325b71f6134dd87cde2982bc5087f0124e377f78f4b3891046870055a
71ac21ea2d41201a207ffdee8b08864a0fc8f183e4665f0c0edf3fec0de974de
7bf6600fc5e0e9ba6e0816783e3346ca53d016c65feac96d24da10ea307e1b08
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
855b0a95aeeb8aa9486858e43e750dd74ca266ffd79078426ccd1b60f5e270f2
887b763e53ecaeba7bdddcacb29f7ffaf9da8a3576c2cca7ea4a1ecd14ff731c
8d6d10a9b061d5a78c791ae4ca856098dccc54d272869cdd17d55e8bfcd0ceb0
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a7fecbfe24b0884ff617e8bb7bd0871397a39e6de70a6d2ff276743988f532bd
abc6e191a9760bc822749b30de79dd94345300c479aea58573439b1340afb3ca
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
bae1f759fd4cd9055a14e9384f474c8e53358ea04bffda92bde1e11b0599c61c
bcba7e55c4cbbebd3ab071c189c875aebd5999ecd1c7ef835da7fed4e81bb692
ca076bc7be8d01f95ab7d918a235ea43be0aba63ae48f3c8496aa408590737c1
cfcb6599e1211f7e42214e11b8253af00ff98acdc95e7e5510c5a2351097b016
d016c7e7f8aa6f732af567cf595264bb66e044c8854f0c963c5b2e9201bf7a47
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d80f7d395cf93c58d93197e7ab338b45c4a88d853ce0917d54df119ecb80ab22
de3f78e46e28fb621b849789e2bae34b95a983e01daddf273c824425733df9ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43f57ae4416379b90bab47324bc35955c8ef09254f0d563e10125a3fe62fe0b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef4e5a104129d1660de8045971b6ab52c3c9c9ff9b244aaea6a09b551f4ff2e5
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f8cdcfd28d1976ea7322943a8d01b965e54f90fd02c02e10a66d19781ee38cdf
f8d3e2d9178ac88eb284d0a527bf094b36cc9a286aeca8e697ce0bc11eb7d613