![](/screenshots/6440c082-0238-4afa-a0a2-b2057ea41db3.png)
foreignmortgage.info
Open in
urlscan Pro
66.96.161.134
Public Scan
Submission: On June 02 via api from US — Scanned from JP
Summary
This is the only time foreignmortgage.info was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN29873 (BIZLAND-SD, US)
PTR: 134.161.96.66.static.eigbox.net
foreignmortgage.info |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-15.nrt20.r.cloudfront.net
consent.trustarc.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-96.nrt20.r.cloudfront.net
widget.trustpilot.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-79.nrt20.r.cloudfront.net
platform-api.sharethis.com |
ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-143-32.us-west-1.compute.amazonaws.com
l.sharethis.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-55-53.deploy.static.akamaitechnologies.com
t.sharethis.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-152-58.us-west-2.compute.amazonaws.com
dx.mountain.com |
Domain | Requested by | |
---|---|---|
31 | www.firsttechfed.com |
foreignmortgage.info
www.firsttechfed.com |
4 | t.sharethis.com |
platform-api.sharethis.com
t.sharethis.com www.firsttechfed.com |
3 | l.sharethis.com |
1 redirects
www.firsttechfed.com
|
2 | s.pinimg.com |
www.googletagmanager.com
s.pinimg.com |
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | customer.cludo.com |
www.firsttechfed.com
|
2 | s1216207526.t.eloqua.com |
1 redirects
www.firsttechfed.com
|
2 | www.googletagmanager.com |
www.firsttechfed.com
www.googletagmanager.com |
2 | foreignmortgage.info |
foreignmortgage.info
|
1 | p.teads.tv |
www.googletagmanager.com
|
1 | static.ads-twitter.com |
foreignmortgage.info
|
1 | connect.facebook.net |
foreignmortgage.info
connect.facebook.net |
1 | bat.bing.com |
foreignmortgage.info
bat.bing.com |
1 | snap.licdn.com |
www.googletagmanager.com
|
1 | dx.mountain.com |
foreignmortgage.info
|
1 | data.adxcel-ec2.com |
www.firsttechfed.com
|
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | buttons-config.sharethis.com |
platform-api.sharethis.com
|
1 | s.go-mpulse.net |
www.firsttechfed.com
|
1 | platform-api.sharethis.com |
www.firsttechfed.com
|
1 | widget.trustpilot.com |
www.firsttechfed.com
|
1 | consent.trustarc.com |
www.firsttechfed.com
|
0 | ct.pinterest.com Failed |
s.pinimg.com
|
0 | px.ads.linkedin.com Failed | |
0 | cdn.linkedin.oribi.io Failed |
snap.licdn.com
|
0 | analytics.twitter.com Failed | |
0 | t.co Failed | |
0 | s.adroll.com Failed |
foreignmortgage.info
|
0 | ads.nextdoor.com Failed |
foreignmortgage.info
|
0 | www.mczbf.com Failed |
foreignmortgage.info
|
0 | js.alpixtrack.com Failed |
www.googletagmanager.com
|
0 | ww3.firsttechfed.com Failed |
foreignmortgage.info
|
0 | 35.160.46.251 Failed |
www.firsttechfed.com
|
0 | qvdt3feo.com Failed |
www.firsttechfed.com
|
0 | data.stbuttons.click Failed |
platform-api.sharethis.com
|
78 | 35 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.firsttechfed.com R3 |
2023-05-23 - 2023-08-21 |
3 months | crt.sh |
*.trustarc.com Amazon RSA 2048 M02 |
2023-04-17 - 2024-05-14 |
a year | crt.sh |
*.trustpilot.com Amazon RSA 2048 M02 |
2023-02-02 - 2024-03-02 |
a year | crt.sh |
sharethis.com Amazon RSA 2048 M02 |
2023-05-20 - 2024-06-17 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
cert1-prod.aut.a24365.net R3 |
2023-05-31 - 2023-08-29 |
3 months | crt.sh |
adxcel-ec2.com Amazon RSA 2048 M02 |
2023-02-24 - 2023-11-16 |
9 months | crt.sh |
*.mountain.com Go Daddy Secure Certificate Authority - G2 |
2022-05-21 - 2023-06-22 |
a year | crt.sh |
*.cludo.com AlphaSSL CA - SHA256 - G4 |
2023-06-01 - 2024-07-02 |
a year | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-08-08 |
a year | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2023-02-16 - 2023-08-16 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-03-11 - 2023-06-09 |
3 months | crt.sh |
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
teads.tv R3 |
2023-05-11 - 2023-08-09 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
http://foreignmortgage.info/
Frame ID: 97211C0430DAA6A46E943794D1E9CFEF
Requests: 1 HTTP requests in this frame
Frame:
https://www.firsttechfed.com/mortgage-loan-officers/neil-vandehey
Frame ID: 68F867FDD47D806A95A33A3BDD7976C0
Requests: 76 HTTP requests in this frame
Frame:
http://foreignmortgage.info/blank.html
Frame ID: 7AB1797FE8B0108279758E8ED5AF02F8
Requests: 1 HTTP requests in this frame
Frame:
https://t.sharethis.com/a/t_.htm?ver=1.1180.23360&cid=c010&cls=B
Frame ID: CBDF9114BF0DBB885CEB9AE22457E68A
Requests: 1 HTTP requests in this frame
Frame:
https://t.sharethis.com/1.1180.23360/a/JP/t_.js?cid=c010&cls=B
Frame ID: DCAC33E619A72991AE8235CD40BC0F4A
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/6440c082-0238-4afa-a0a2-b2057ea41db3.png)
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
Detected patterns
- consent\.trustarc\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://l.sharethis.com/pview?event=pview&hostname=www.firsttechfed.com&location=%2Fmortgage-loan-officers%2Fneil-vandehey&product=unknown&url=https%3A%2F%2Fwww.firsttechfed.com%2Fmortgage-loan-officers%2Fneil-vandehey&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Neil%20Vandehey%20First%20Tech%20Mortgage%20Loan%20Officer%20%7C%20Beaverton%2C%20OR&refDomain=foreignmortgage.info&cms=unknown&publisher=606cc0efaeae6d0018ab9330&sop=true&version=st_sop.js&lang=en&description=First%20Tech%20is%20here%20to%20help%20with%20all%20your%20home%20mortgage%20needs.%20Call%20Neil%20Vandehey%2C%20First%20Tech%20Mortgage%20Loan%20Officer%20in%20Beaverton%2C%20OR%20to%20get%20started.%20 HTTP 301
- https://l.sharethis.com/sc?event=pview&hostname=www.firsttechfed.com&location=%2Fmortgage-loan-officers%2Fneil-vandehey&product=unknown&url=https%3A%2F%2Fwww.firsttechfed.com%2Fmortgage-loan-officers%2Fneil-vandehey&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Neil%20Vandehey%20First%20Tech%20Mortgage%20Loan%20Officer%20%7C%20Beaverton%2C%20OR&refDomain=foreignmortgage.info&cms=unknown&publisher=606cc0efaeae6d0018ab9330&sop=true&version=st_sop.js&lang=en&description=First%20Tech%20is%20here%20to%20help%20with%20all%20your%20home%20mortgage%20needs.%20Call%20Neil%20Vandehey%2C%20First%20Tech%20Mortgage%20Loan%20Officer%20in%20Beaverton%2C%20OR%20to%20get%20started.%20
- https://tags.srv.stackadapt.com/events.js HTTP 0
- https://qvdt3feo.com/events.js
- https://s1216207526.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1216207526&ref=https%3A%2F%2Fwww.firsttechfed.com%2Fmortgage-loan-officers%2Fneil-vandehey&cb=5667256303378558 HTTP 302
- https://s1216207526.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1216207526&ref=https%3A%2F%2Fwww.firsttechfed.com%2Fmortgage-loan-officers%2Fneil-vandehey&cb=5667256303378558&elqCookie=1
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
foreignmortgage.info/ |
177 B 492 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
neil-vandehey
www.firsttechfed.com/mortgage-loan-officers/ Frame 68F8 |
111 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blank.html
foreignmortgage.info/ Frame 7AB1 |
0 312 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-0523.css
www.firsttechfed.com/assets/ftf-web/ Frame 68F8 |
253 KB 62 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
head-0523.js
www.firsttechfed.com/assets/ftf-web/ Frame 68F8 |
362 KB 151 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notice
consent.trustarc.com/ Frame 68F8 |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ Frame 68F8 |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VisitorIdentification.js
www.firsttechfed.com/layouts/system/ Frame 68F8 |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
79b3caed
www.firsttechfed.com/akam/13/ Frame 68F8 |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ft_logo_rebrand_1c_black_small.svg
www.firsttechfed.com/-/media/firsttech-web/mega-menu/ Frame 68F8 |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-apps-img-75x75.jpg
www.firsttechfed.com/-/media/firsttech-web/content-block/ Frame 68F8 |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-sitecore-retl-1461047-schedule-388x246-210409.jpg
www.firsttechfed.com/-/media/firsttech-web/images/ Frame 68F8 |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_depp_2138400_share-certificates_230130-01.png
www.firsttechfed.com/-/media/firsttech-web/images/ Frame 68F8 |
127 KB 128 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_mlo_neil-vandehey_201019-01.png
www.firsttechfed.com/-/media/firsttech-web/advisors/mlos/10-21-2020/ Frame 68F8 |
163 KB 164 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.png
www.firsttechfed.com/-/media/firsttech-web/social-network/ Frame 68F8 |
662 B 982 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter-2.png
www.firsttechfed.com/-/media/firsttech-web/social-network/ Frame 68F8 |
778 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin2.png
www.firsttechfed.com/-/media/firsttech-web/social-network/ Frame 68F8 |
810 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram.png
www.firsttechfed.com/-/media/firsttech-web/social-network/ Frame 68F8 |
914 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-icons.png
www.firsttechfed.com/-/media/firsttech-web/footer/ Frame 68F8 |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharethis.js
platform-api.sharethis.com/js/ Frame 68F8 |
201 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trustarc.js
www.firsttechfed.com/assets/ftf-web/ Frame 68F8 |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
body-0523.js
www.firsttechfed.com/assets/ftf-web/ Frame 68F8 |
335 KB 112 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
H4PYUY
www.firsttechfed.com/n540nTTmM/63-y/dZAgg/GYDacQQXrDLuSi/RVhAAg/SFFPb/ Frame 68F8 |
196 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sec-3-10.css
www.firsttechfed.com/_sec/cp_challenge/ Frame 68F8 |
2 KB 967 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sec-cpt-3-10.js
www.firsttechfed.com/_sec/cp_challenge/ Frame 68F8 |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame 68F8 |
408 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VJGHS-UGD53-JNKFZ-8TYTU-3KM2D
s.go-mpulse.net/boomerang/ Frame 68F8 |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utility-nav-lines.svg
www.firsttechfed.com/Assets/ftf-web/images/ Frame 68F8 |
388 B 575 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
divider.svg
www.firsttechfed.com/Assets/ftf-web/images/ Frame 68F8 |
388 B 567 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-mobile.svg
www.firsttechfed.com/Assets/ftf-web/images/ Frame 68F8 |
814 B 773 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova-Bold.woff2
www.firsttechfed.com/Assets/common/fonts/ProximaNova/ Frame 68F8 |
33 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova-Semibold.woff2
www.firsttechfed.com/Assets/common/fonts/ProximaNova/ Frame 68F8 |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 68F8 |
5 KB 5 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova-Light.woff2
www.firsttechfed.com/Assets/common/fonts/ProximaNova/ Frame 68F8 |
33 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova-Regular.woff2
www.firsttechfed.com/Assets/common/fonts/ProximaNova/ Frame 68F8 |
33 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
606cc0efaeae6d0018ab9330.js
buttons-config.sharethis.com/js/ Frame 68F8 |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
log
l.sharethis.com/ Frame 68F8 |
0 567 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
data
data.stbuttons.click/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sc
l.sharethis.com/ Frame 68F8 Redirect Chain
|
176 B 824 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
c.go-mpulse.net/api/ Frame 68F8 |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
events.js
qvdt3feo.com/ Frame 68F8 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.dhj
t.sharethis.com/1/d/ Frame 68F8 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t_.htm
t.sharethis.com/a/ Frame CBDF |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t_.js
t.sharethis.com/1.1180.23360/a/JP/ Frame DCAC |
22 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.gif
t.sharethis.com/d/ Frame DCAC |
0 289 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
H4PYUY
www.firsttechfed.com/n540nTTmM/63-y/dZAgg/GYDacQQXrDLuSi/RVhAAg/SFFPb/ Frame 68F8 |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 68F8 |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 68F8 |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
data.adxcel-ec2.com/pixel/ Frame 68F8 |
43 B 131 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
svrGP.aspx
s1216207526.t.eloqua.com/visitor/v200/ Frame 68F8 Redirect Chain
|
49 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spx
dx.mountain.com/ Frame 68F8 |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-script.min.js
customer.cludo.com/scripts/bundles/ Frame 68F8 |
198 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cludo-search.min.css
customer.cludo.com/css/templates/v2.1/essentials/ Frame 68F8 |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
is
35.160.46.251/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
H4PYUY
www.firsttechfed.com/n540nTTmM/63-y/dZAgg/GYDacQQXrDLuSi/RVhAAg/SFFPb/ Frame 68F8 |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel_79b3caed
www.firsttechfed.com/akam/13/ Frame 68F8 |
0 772 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
H4PYUY
www.firsttechfed.com/n540nTTmM/63-y/dZAgg/GYDacQQXrDLuSi/RVhAAg/SFFPb/ Frame 68F8 |
18 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.google-analytics.com/gtm/ Frame 68F8 |
183 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 68F8 |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
s.pinimg.com/ct/ Frame 68F8 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ Frame 68F8 |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ Frame 68F8 |
106 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
login.js
ww3.firsttechfed.com/scriptdealer/script/v1/hh8il/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
alphpixel.js
js.alpixtrack.com/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ Frame 68F8 |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tag.js
www.mczbf.com/tags/12069/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ndp.js
ads.nextdoor.com/public/pixel/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teads-fellow.js
p.teads.tv/ Frame 68F8 |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roundtrip.js
s.adroll.com/j/7Y4RJUGJSBDBLGWZTSTK4I/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 68F8 |
203 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame 68F8 |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adsct
t.co/i/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adsct
analytics.twitter.com/i/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
316655176045935
connect.facebook.net/signals/config/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
token
cdn.linkedin.oribi.io/partner/1080444/domain/firsttechfed.com/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
collect
px.ads.linkedin.com/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
5175602.js
bat.bing.com/p/action/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0
bat.bing.com/action/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.b68cecd9.js
s.pinimg.com/ct/lib/ Frame 68F8 |
62 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
ct.pinterest.com/user/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
ct.pinterest.com/v3/ Frame 68F8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- data.stbuttons.click
- URL
- https://data.stbuttons.click/data
- Domain
- qvdt3feo.com
- URL
- https://qvdt3feo.com/events.js
- Domain
- 35.160.46.251
- URL
- https://35.160.46.251/is
- Domain
- ww3.firsttechfed.com
- URL
- https://ww3.firsttechfed.com/scriptdealer/script/v1/hh8il/login.js?clientId=82dc1e2e-599f-4670-8b7a-6eb29e7a4a40&websiteId=1616
- Domain
- js.alpixtrack.com
- URL
- https://js.alpixtrack.com/alphpixel.js?cust=6417-862-KXTV
- Domain
- www.mczbf.com
- URL
- https://www.mczbf.com/tags/12069/tag.js
- Domain
- ads.nextdoor.com
- URL
- https://ads.nextdoor.com/public/pixel/ndp.js
- Domain
- s.adroll.com
- URL
- https://s.adroll.com/j/7Y4RJUGJSBDBLGWZTSTK4I/roundtrip.js
- Domain
- t.co
- URL
- https://t.co/i/adsct?bci=3&eci=2&event_id=57bae652-5043-481c-81d4-0dd061cb4b06&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=581bdb40-fac6-4942-bbec-71863b266f8f&tw_document_href=https%3A%2F%2Fwww.firsttechfed.com%2Fmortgage-loan-officers%2Fneil-vandehey&tw_document_referrer=http%3A%2F%2Fforeignmortgage.info%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6w68&type=javascript&version=2.3.29
- Domain
- analytics.twitter.com
- URL
- https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=57bae652-5043-481c-81d4-0dd061cb4b06&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=581bdb40-fac6-4942-bbec-71863b266f8f&tw_document_href=https%3A%2F%2Fwww.firsttechfed.com%2Fmortgage-loan-officers%2Fneil-vandehey&tw_document_referrer=http%3A%2F%2Fforeignmortgage.info%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6w68&type=javascript&version=2.3.29
- Domain
- connect.facebook.net
- URL
- https://connect.facebook.net/signals/config/316655176045935?v=2.9.104&r=stable
- Domain
- cdn.linkedin.oribi.io
- URL
- https://cdn.linkedin.oribi.io/partner/1080444/domain/firsttechfed.com/token
- Domain
- px.ads.linkedin.com
- URL
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1080444&time=1685708795700&url=http%3A%2F%2Fforeignmortgage.info%2F
- Domain
- bat.bing.com
- URL
- https://bat.bing.com/p/action/5175602.js
- Domain
- bat.bing.com
- URL
- https://bat.bing.com/action/0?ti=5175602&Ver=2&mid=31b3c6ee-e870-4da0-9838-c7d070f1b415&sid=b728df60014011ee83456fc883dffd04&vid=b728f650014011eea908e735a079a341&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Neil%20Vandehey%20First%20Tech%20Mortgage%20Loan%20Officer%20%7C%20Beaverton,%20OR&kw=Neil%20Vandehey%20Mortgage%20Loan%20Officer&p=http%3A%2F%2Fforeignmortgage.info%2F&r=<=4524&evt=pageLoad&ifm=1&sv=1&rn=619986
- Domain
- ct.pinterest.com
- URL
- https://ct.pinterest.com/user/?tid=2613510507702&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1685708795761&dep=2%2CPAGE_LOAD
- Domain
- ct.pinterest.com
- URL
- https://ct.pinterest.com/v3/?tid=2613510507702&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.firsttechfed.com%2Fmortgage-loan-officers%2Fneil-vandehey%22%2C%22ref%22%3A%22http%3A%2F%2Fforeignmortgage.info%2F%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b68cecd9%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1685708795762
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.firsttechfed.com/ | Name: ARRAffinitySameSite Value: 36c1f67f56e94520a7fc2a8c64c64d24f3d68a98940e7f63578774151d0c83a8 |
|
.www.firsttechfed.com/ | Name: ApplicationGatewayAffinityCORS Value: 0e47bb7cc561b0cbae5d2328d988af9dbe77e30b5d72311bdc16bce13455bf5f |
|
.firsttechfed.com/ | Name: notice_behavior Value: none |
|
.firsttechfed.com/ | Name: fpestid Value: u7aj6LrV33G2hLh9yyY8IInh4XaiOH1CIck7CrrOe9ecANxwjJ9_fY_XUxCI49w7W2zr9Q |
|
.sharethis.com/ | Name: pxcelAcc3PC Value: 1 |
|
.t.sharethis.com/ | Name: pxcelPage_default_c010_B Value: 1_0_1685708794326 |
|
.t.sharethis.com/ | Name: pxcelBcnLcy Value: 4 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
35.160.46.251
ads.nextdoor.com
analytics.twitter.com
bat.bing.com
buttons-config.sharethis.com
c.go-mpulse.net
cdn.linkedin.oribi.io
connect.facebook.net
consent.trustarc.com
ct.pinterest.com
customer.cludo.com
data.adxcel-ec2.com
data.stbuttons.click
dx.mountain.com
foreignmortgage.info
js.alpixtrack.com
l.sharethis.com
p.teads.tv
platform-api.sharethis.com
px.ads.linkedin.com
qvdt3feo.com
s.adroll.com
s.go-mpulse.net
s.pinimg.com
s1216207526.t.eloqua.com
snap.licdn.com
static.ads-twitter.com
t.co
t.sharethis.com
widget.trustpilot.com
ww3.firsttechfed.com
www.firsttechfed.com
www.google-analytics.com
www.googletagmanager.com
www.mczbf.com
35.160.46.251
ads.nextdoor.com
analytics.twitter.com
bat.bing.com
cdn.linkedin.oribi.io
connect.facebook.net
ct.pinterest.com
data.stbuttons.click
js.alpixtrack.com
px.ads.linkedin.com
qvdt3feo.com
s.adroll.com
t.co
ww3.firsttechfed.com
www.mczbf.com
13.35.49.79
142.0.173.27
143.204.126.15
143.204.126.96
146.75.112.157
23.200.55.53
23.45.61.118
2404:6800:4004:801::2008
2404:6800:4004:825::200e
2600:140b:1a00:14::17dc:5494
2600:140b:1a00:381::1931
2600:140b:1a00:383::11a6
2600:140b:2:98d::11a6
2600:140b:5000::172b:f948
2600:9000:2197:400:c:abe:f440:93a1
2606:4700:10::ac43:1b98
2620:1ec:c11::200
2a03:2880:f00f:8:face:b00c:0:1
44.240.152.58
52.21.14.181
52.52.143.32
66.96.161.134
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0d929783666a1b41e1a62ee93fec1fd138755aa874c587d259c066fb8bb77861
2031566391878d85cb95cbc4baf41b2f0694498ff95f27a15ea06b83f7809675
24e28293743460078327249bb247c76f7f7913a2c22b45e76a4449b45a60520e
3aee5c516bff9f3b1cc1a50951630ad96cf7c2b78e62cc3ffef8672ba1dde24c
3e8cf87490fa602429b04e3be0c761d982623efdefc9b6fff86c696df6319c09
3f6397d1607fe5aa4f96d8f68ea7c62eee5a4cd33395430323e7ad7d8684a714
47d522563a9f514094ee94ebcee33b1ab88ba91d5639393beecd18be1fd27c15
4aeb394dadece9576e38a59d9475f8d182f994123410fdc93ed814ea20ea09d4
502b1ba4b51fcd1aff729bbd36c89c73fe73f5aa2586e480ad3e4ce7b92ff7ae
53b760f648ec27e48c64e08064415c635533d8fddbbdb242920bf36e5267e749
56084a0caeb4c6fbce4ca1bcce292dfa15aafa41f7e38940d7a2f599cc4547ab
5aae71838ba4983ac1f65ebdfd7ce440a13ca6721863a3b72104b8e5377117ee
5c12f12ce50cb4cb5bb7d82008d4a03e673c78ab876d063f0517389a3721a4ff
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6ab7c1d7908e9701d4bad5a6806e432aa4aba13a85a1b5bf4feea666ca992bcd
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7e4a0f06c3dfe2d5a1e2347f8f1abf2cbd55fdb49832b53bccc00158449c0c37
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81dc35c34f48a8bb053f4c9719532d9d1f829330e3c756895100d01d7af13a6c
8207300a6f21e4483b09c8b996b0e9b60f9f8cd09a11cae7beadd343da2c6dfb
8555775184bcafaae943e4926b024bca4a9754b7e1813d087d0e39ec1206547d
88dfec05fa269af1d896ae3933769ce5261c43696e332f97f672c2f6e3a5535c
9170012b9b3143a8551f65aae942a3a5dd6b4238f2ab51fcdfa54701beb3e552
96317291ef6917398ad7b6177b51a001bfeb30c0f5d71ac2205e6740109b2453
98a2c8d8fd76fdeb4eb85be1daf17aa282597bb74e9ea3c179a9168d5d6e5dd0
9b7d57aa6bc9c95ee620d068a517f2729b8c08a54542488246349fd1948a95cd
aa0484703e18e5b32b93d25c44323e962b333d17d749c575a71e4df074c667a1
b0cc9a2cf38a0cc4dca290f198ff87deeaa70dbb397165d15b5e7a69efc018c2
b0e993dfddd65deec9fd403282c5065047f33bef29be8e9eb1f705720ed81421
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
b7123efbab847067ff6e8c77753319ebb594a4a48ce9f14dbeffc0e87409c021
cbc3d0f7e4c9080803b72faffdf80d45513bbc1d4b919bf6976949f7b5503ede
cf7a50023bb5462d37f3cfd26d9ad276a9b6120bda7678e4d4c152d7d0a36b69
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d263c6abbab326a42e43849591f50f315200cb47f75d59bac06ac8f5ca5b900b
db7b64fb80467ec20d65ed2d27bf2cd2fcdb72295cb7e03c4eb54a252daad5f7
dba89debf99c43e9922e74ec59787a252b5382ef42b8e31c275aa7a9666837cf
ddba8d6cee5cf5ab783e2e42304db64bce1515f208d5aa608faec3779165e8cf
dececa373bd57aad2e540b84b20872ee529e29facd92da4251a945b87d57eec0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e84ca6fee1861ceb0b6b72866b815f5b552e0e7b9dff8da4cb13a156b6771057
e8bb034aae969d51e8330c20569601c6017d4679fa3f39f5fad6d258d3c49151
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ee9e65ae9217e203e29e78b735cce504d59f6ad8d930af882678a5bf6719beeb
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
fca39a4d01a21e6a87a75c43f19c79c939f32eb4b666cc45d19d9896926b76de
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
ffde94a57b1530027a3207f1321c08a807f3364ad4243cd51a2a58c9da5b5ece