![](/screenshots/70bbeeff-7209-42cb-95ad-e2d839b29a25.png)
safesend.com
Open in
urlscan Pro
137.184.157.230
Public Scan
Effective URL: https://safesend.com/solutions/safesend-returns/
Submission Tags: falconsandbox
Submission: On September 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 3rd 2023. Valid for: 3 months.
This is the only time safesend.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
safesendreturns.com |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net | |
p.typekit.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-66-3.compute-1.amazonaws.com
scout.salesloft.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-210-91.compute-1.amazonaws.com
www.vbt.io |
ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net | |
forms.hscollectedforms.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-21.vie50.r.cloudfront.net
js.zi-scripts.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
pi.pardot.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com
go.safesend.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
safesend.com
1 redirects
safesend.com — Cisco Umbrella Rank: 291506 go.safesend.com |
556 KB |
7 |
zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2067 ekr.zdassets.com — Cisco Umbrella Rank: 2365 |
349 KB |
6 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 477 p.typekit.net — Cisco Umbrella Rank: 588 |
90 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 |
298 KB |
3 |
zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 9640 |
3 KB |
3 |
salesloft.com
scout-cdn.salesloft.com — Cisco Umbrella Rank: 9137 scout.salesloft.com — Cisco Umbrella Rank: 11198 |
4 KB |
2 |
zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4243 |
2 KB |
2 |
pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4503 |
4 KB |
2 |
zendesk.com
cpaperless.zendesk.com |
2 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6457 |
563 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
563 B |
2 |
hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4723 forms.hscollectedforms.net — Cisco Umbrella Rank: 4839 |
26 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 |
3 KB |
1 |
hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2299 |
1 KB |
1 |
hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4292 |
1016 B |
1 |
hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3439 |
1 KB |
1 |
hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3144 |
3 KB |
1 |
hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2155 |
21 KB |
1 |
hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2156 |
20 KB |
1 |
vbt.io
www.vbt.io — Cisco Umbrella Rank: 91184 |
206 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2547 |
242 B |
1 |
hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2386 |
1 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41 |
2 KB |
1 |
safesendreturns.com
1 redirects
safesendreturns.com — Cisco Umbrella Rank: 130582 |
308 B |
73 | 24 |
Domain | Requested by | |
---|---|---|
25 | safesend.com |
1 redirects
safesend.com
|
6 | static.zdassets.com |
safesend.com
static.zdassets.com |
5 | use.typekit.net |
safesend.com
use.typekit.net |
4 | www.googletagmanager.com |
safesend.com
www.googletagmanager.com |
3 | js.zi-scripts.com |
safesend.com
js.zi-scripts.com |
2 | ws.zoominfo.com |
js.zi-scripts.com
|
2 | pi.pardot.com |
safesend.com
pi.pardot.com |
2 | cpaperless.zendesk.com |
static.zdassets.com
|
2 | www.google.de |
safesend.com
|
2 | www.google.com |
safesend.com
|
2 | scout.salesloft.com |
scout-cdn.salesloft.com
|
2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | go.safesend.com |
pi.pardot.com
|
1 | track.hubspot.com | |
1 | forms.hsforms.com |
safesend.com
|
1 | api.hubapi.com |
js.hsadspixel.net
|
1 | forms.hscollectedforms.net |
js.hscollectedforms.net
|
1 | js.hsadspixel.net |
js.hs-scripts.com
|
1 | js.hscollectedforms.net |
js.hs-scripts.com
|
1 | js.hs-analytics.net |
js.hs-scripts.com
|
1 | js.hs-banner.com |
js.hs-scripts.com
|
1 | www.vbt.io |
safesend.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | ekr.zdassets.com |
static.zdassets.com
|
1 | scout-cdn.salesloft.com |
safesend.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | js.hs-scripts.com |
safesend.com
|
1 | fonts.googleapis.com |
safesend.com
|
1 | safesendreturns.com | 1 redirects |
73 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
cpaperless.zendesk.com |
safesend.statuspage.io |
login.safesendreturns.com |
portal.safesend.com |
admin.tictiecalculate.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
safesend.com R3 |
2023-09-03 - 2023-12-02 |
3 months | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
zdassets.com Cloudflare Inc ECC CA-3 |
2022-11-10 - 2023-11-09 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-03 - 2024-05-02 |
a year | crt.sh |
salesloft.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-04-18 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
vbt.site Amazon RSA 2048 M02 |
2023-03-17 - 2024-04-14 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
cpaperless.zendesk.com Cloudflare Inc ECC CA-3 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
hubapi.com Cloudflare Inc ECC CA-3 |
2023-04-07 - 2024-04-06 |
a year | crt.sh |
js.zi-scripts.com Amazon RSA 2048 M02 |
2022-10-17 - 2023-11-15 |
a year | crt.sh |
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-07-25 - 2024-07-23 |
a year | crt.sh |
hubspot.com Cloudflare Inc ECC CA-3 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
go.safesend.com R3 |
2023-07-26 - 2023-10-24 |
3 months | crt.sh |
zoominfo.com Cloudflare Inc ECC CA-3 |
2023-04-04 - 2024-04-03 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://safesend.com/solutions/safesend-returns/
Frame ID: 1DD763C3C2F7B9A435DBC5E209E778A1
Requests: 64 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: CDDED65001B23B009414EFF0A343B361
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/70bbeeff-7209-42cb-95ad-e2d839b29a25.png)
Page Title
SafeSend Returns | Tax Return Assembly & Delivery | SafeSendPage URL History Show full URLs
-
http://safesendreturns.com/
HTTP 301
https://safesend.com/safesend-returns HTTP 301
https://safesend.com/solutions/safesend-returns/ Page URL
Detected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Yoast SEO.png)
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/HubSpot.png)
Detected patterns
- js\.hs-analytics\.net/analytics
![](/vendor/wappa/icons/Typekit.png)
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Help Center
Search URL Search Domain Scan URL
Title: Status
Search URL Search Domain Scan URL
Title: SafeSend Suite
Search URL Search Domain Scan URL
Title: SafeSend Exchange
Search URL Search Domain Scan URL
Title: TicTie Calculate
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://safesendreturns.com/
HTTP 301
https://safesend.com/safesend-returns HTTP 301
https://safesend.com/solutions/safesend-returns/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
safesend.com/solutions/safesend-returns/ Redirect Chain
|
41 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
peg5sgu.css
use.typekit.net/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
safesend.com/css/ |
205 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
238 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
186 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
22 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
safesend.com/wp-content/themes/safesend/ |
837 B 709 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
safesend.com/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
returns.png
safesend.com/img/logos/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dollars.png
safesend.com/img/icons/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clock-2.png
safesend.com/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
people.png
safesend.com/img/icons/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stars.png
safesend.com/img/icons/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
safesend.com/js/vendor/jquery/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.min.js
safesend.com/js/vendor/foundation/ |
479 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
safesend.com/js/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cleave.min.js
safesend.com/js/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
safesend.com/js/dist/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20493702.js
js.hs-scripts.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.min.css
safesend.com/css/vendor/foundation/ |
142 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
195 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sl.js
scout-cdn.salesloft.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e4a08ad3-109d-46df-bd26-4999d64bd479
ekr.zdassets.com/compose/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg24.jpg
safesend.com/img/ |
100 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shape.png
safesend.com/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
green-stripes2.png
safesend.com/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg31.jpg
safesend.com/img/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/7fe570/00000000000000007735a0ee/30/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
safesend.com/css/vendor/fontawesome/webfonts/ |
74 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/b0bf15/00000000000000007735a103/30/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/d22e78/00000000000000007735a109/30/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/21b2f2/00000000000000007735a100/30/ |
23 KB 23 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
safesend.com/css/vendor/fontawesome/webfonts/ |
74 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
13d87d0c-d90f-498e-9158-68d42cdfcbe6
https://safesend.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client-side.mp4
safesend.com/video/ |
8 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firm-side.mp4
safesend.com/video/ |
5 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
238 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/600168156/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 242 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r
scout.salesloft.com/ |
41 B 354 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
www.vbt.io/ |
0 206 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.js
js.hs-banner.com/v2/20493702/ |
65 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20493702.js
js.hs-analytics.net/analytics/1693947900000/ |
67 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collectedforms.js
js.hscollectedforms.net/ |
69 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.js
js.hsadspixel.net/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
safesend.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-main-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame CDDE |
921 KB 265 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/600168156/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/600168156/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us-json-4b22769.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame CDDE |
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
cpaperless.zendesk.com/embeddable/ Frame CDDE |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
scout.salesloft.com/ |
48 B 462 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-chat-sdk-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame CDDE |
202 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
cpaperless.zendesk.com/talk_embeddables_service/web/ Frame CDDE |
106 B 688 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
forms.hscollectedforms.net/collected-forms/v1/config/ |
116 B 430 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ |
115 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counters.gif
forms.hsforms.com/embed/v3/ |
35 B 1016 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/600168156/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/600168156/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/600168156/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-chat-incoming-message-notification-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame CDDE |
236 B 594 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zi-tag.js
js.zi-scripts.com/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pd.js
pi.pardot.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__ptq.gif
track.hubspot.com/ |
45 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame CDDE |
19 KB 20 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getSubscriptions
js.zi-scripts.com/unified/v1/master/ |
150 B 514 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics
pi.pardot.com/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics
go.safesend.com/ |
50 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
ws.zoominfo.com/pixel/64b56875e3e8c322844079be/ |
3 KB 2 KB |
Fetch
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
ws.zoominfo.com/pixel/64b56875e3e8c322844079be/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| documentPictureInPicture function| gtag object| dataLayer object| zi string| ZIProjectKey string| SLScoutObject function| slscout object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings function| saveScrollPositions object| _wpemojiSettings function| $ function| jQuery object| Foundation object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| gaGlobal function| Cleave function| startCounter function| labnolIframe function| initYouTubeVideos number| lFollowX number| lFollowY number| x number| y number| friction function| moveBackground function| init number| instanceCount function| Froogaloop boolean| countedNumber string| translate object| classie function| $f function| lozad boolean| zEACLoaded string| piAId string| piCId string| piHostname object| _vbset object| _hsp function| onYouTubeIframeAPIReady boolean| PIXELS_RAN object| enabledEventSettings object| _hsq function| $zopim object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| twemoji object| wp boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| zitag function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse object| ziws25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
safesend.com/ | Name: PHPSESSID Value: o3lgiao3j44mbt3moeqmnf8gpv |
|
.safesend.com/ | Name: _gcl_au Value: 1.1.1393742284.1693948119 |
|
.safesend.com/ | Name: _ga_N4ED345K9H Value: GS1.1.1693948118.1.0.1693948118.0.0.0 |
|
.safesend.com/ | Name: _ga Value: GA1.1.1383547455.1693948119 |
|
safesend.com/ | Name: slireg Value: https://scout.us4.salesloft.com |
|
safesend.com/ | Name: sliguid Value: 5b334f02-90f9-4f04-b943-46eb47dfc0bb |
|
safesend.com/ | Name: slirequested Value: true |
|
widget-mediator.zopim.com/ | Name: AWSALBCORS Value: 9eroHBb6uaiwJAsNbxdX6VE0HfrtYBLM4HiFbrAFofKvRCPX/V+/MVvcyGffWy/Z2NG5/J9x4JSbq/1r+3I5vpQTqr3n2mrJOkCpSh4JwlSOVlT38ojyIWANQk9t |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUn_w8DVPDcP8WfafP99IYyrcbppOzzcQX3edniuqu_9djD4Fn_ScjLb9itI |
|
.safesend.com/ | Name: __zlcmid Value: 1Hhm6I1I3F5MclN |
|
.safesend.com/ | Name: __hstc Value: 199304561.0a5f1e1b35e815f371640c9d4c5dde41.1693948119991.1693948119991.1693948119991.1 |
|
.safesend.com/ | Name: hubspotutk Value: 0a5f1e1b35e815f371640c9d4c5dde41 |
|
.safesend.com/ | Name: __hssrc Value: 1 |
|
.safesend.com/ | Name: __hssc Value: 199304561.1.1693948119991 |
|
.hubspot.com/ | Name: __cf_bm Value: uOQONMOdF5Fn5oHNVlQkPD46yrqXhvZCQVBBj322j2A-1693948120-0-AQHTE954VHkF8PLAQFpYlklXuysAv0LpmlBTR4lwgnjjg6pVgcftwpnyxL8eG1FLUuI1JGZWGwGEusfR0ZROVbg= |
|
.pardot.com/ | Name: visitor_id543992 Value: 978978075 |
|
.pardot.com/ | Name: visitor_id543992-hash Value: 2dcd3e09e2ad0361aba845d4a790154e4094b11c8da1e44d0db028e73052a3ec8191804b5af263fcaf06cca1a784035dc731c98c |
|
pi.pardot.com/ | Name: lpv543992 Value: aHR0cHM6Ly9zYWZlc2VuZC5jb20vc29sdXRpb25zL3NhZmVzZW5kLXJldHVybnMv |
|
safesend.com/ | Name: visitor_id543992 Value: 978978075 |
|
safesend.com/ | Name: visitor_id543992-hash Value: 2dcd3e09e2ad0361aba845d4a790154e4094b11c8da1e44d0db028e73052a3ec8191804b5af263fcaf06cca1a784035dc731c98c |
|
.safesend.com/ | Name: _zitok Value: 54c8979bf8621d7a0aee1693948121 |
|
.zoominfo.com/ | Name: __cf_bm Value: vsPu1o9JjqHHjkiR6BWEjC5GDcVAKdS_FzXCSDdR5iw-1693948121-0-Aez6LDNbpuj0gofqwkzhweVKO38DqUGYlF4nQ8TOt9MoPru8Xdtm0cjP3QNM6P0RZaSLvex0H9Yy32IEE/ZNMD8= |
|
.zoominfo.com/ | Name: _cfuvid Value: f8hQIJMSlbQceMRlpskfnz9u2WzsFcFPv8WstwaIW6Y-1693948121515-0-604800000 |
|
go.safesend.com/ | Name: visitor_id543992 Value: 978978075 |
|
go.safesend.com/ | Name: visitor_id543992-hash Value: 2dcd3e09e2ad0361aba845d4a790154e4094b11c8da1e44d0db028e73052a3ec8191804b5af263fcaf06cca1a784035dc731c98c |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.hubapi.com
cpaperless.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
forms.hscollectedforms.net
forms.hsforms.com
go.safesend.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.zi-scripts.com
p.typekit.net
pi.pardot.com
region1.google-analytics.com
safesend.com
safesendreturns.com
scout-cdn.salesloft.com
scout.salesloft.com
static.zdassets.com
track.hubspot.com
use.typekit.net
ws.zoominfo.com
www.google.com
www.google.de
www.googletagmanager.com
www.vbt.io
104.16.53.111
104.18.70.113
104.18.72.113
137.184.157.230
18.66.26.21
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:50ba
2606:4700::6810:890f
2606:4700::6810:bb59
2606:4700::6811:4341
2606:4700::6811:579a
2606:4700::6811:cbcc
2606:4700::6811:e7a3
2606:4700::6812:c07d
2606:4700::6813:9b53
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2008
2a00:1450:4001:831::2002
2a02:26f0:3500:16::215:1495
3.215.172.219
3.33.152.147
34.196.210.91
52.54.96.194
54.152.66.3
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
028d226f2d1880c9460ae6575d8baa726e9fa28dfd434426deabbcff5b725ad3
05f2fbd5e3ceb9405b1dd1d282d384e53543454d0354f2e6f905c04c2efc2cba
0887bd3d99ac8c52fd966b31f24e3db6a3aebe41eeaa5b289023b3be1c7e4ef6
0fcf3e4106879a4b25973bee28a71a7418fc3255695cac13b5cf0309627f232c
13a212c6b892024aae8c2db3d8cf9a5ec7d7f0f86948669384001e375a55edb5
192a971cf1cba95a87e86d7593ed9086720175fe43f7f038043dd90f5f1832f5
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
1a1fd3be6d8270cea04d54b3e34b516954c21e9f7f0e13009734b5d1a5ccaeb8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22a650b564ad2e33b0094d69c18ff7789f109100b20ca869ea62d19c99801059
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
295343a2b5edc672616be4ec3ff084ce2ecfc4c8de9ddd67c3443ff87b767357
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2e1f2b0cfc55f99281f4b019a5e09594e53053f0dd36d137aed43bcf5946dc53
3395dab0f1bc72b607bba1ef110a10a0d66031c18875c4c0af72c2ee065b5fd8
34d4559f46dfa5f9a67243a7bbaf9d5d4bacfe7bd392fc16a6c4e0c6d95e1630
3648f198c449a24c62f1a53234edd563652ed6ba5e27ae3cdc699d947391da63
399c13fe7c0ed145edc5ec0c92ac7cb47492d936cf94610e1b80e2fece4912d9
3a3d6a92711f36aedba3d8a37cae4297ae9112edb320f935c296914b06caed70
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3def882cf0377243fc79620a58078e7348370b01335d1e9db1c42e0a387ad3bb
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
578a6477e6e293f52f78180cbe5228a5962db91af17393b1700c402c0e81a6f9
61ab47ec99817d2d8f6b0813de75c63a0e254644b71609de46884cddc04cfbcb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d40942bc86c56032e0b89ab69037c33fcfcbd89f9a922658c4755af6fea50bb
73d3ce1ecea3cb6b1069bb5d7724ce69b5419175d6a981834ac2e2fbef91538d
79d4ea180096539ea6d1b5502513bd55a764cd6d31a9bdca463258c6f30ae0bd
7dc900cab2495fc8aaf4816ccf5252366bf747cbcb97d84c8a588621770ac88f
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
89c1863512236f0aebb387604922980af491a232fe175a76d863bbae06ab9bcd
8a4e0287eb7edcc291250fd3f6ea293f25ccccfe3daa5fcd0c56e026592d5181
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99d8a905e797b801a94bfdffe15b6c951468ea2897e0208ea2cd37f1358ff36a
9ccb09063199907dad58bd428d1e50dccbdc710b13e7306a244a4ccd8a292035
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
af82395b5629863b6051ffb84271567ba848c4fe861bb424f242db15bcbc6b21
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
be80d5eb86cc5f5ec5ed97756954cbe7c2109e86eb924f5ff10250c08dab07ae
c28d25edc0302ed9989d357c0e29bd4214592ea8a3d7f120735add93da851e1e
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b
c6f0d9507b6b32bbc2b4e519145f512f174a208491c1864191417f4cfa41324e
cb045804ed4aa37365aae6de62907b93afffbed66fc5164fc883dbbacaecafdb
d1ee65f4db0cb8e820e9b4ea86af2f0034fc4a8f93bad73bc6f96fe633dc8a94
d2ae6a17951c333ad801a95a6a89284aab6b9fc26546d9944ac953a6e4df227f
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd4be9042a59092f846756f53e210e006fccb12797ece1f1e6fb8fa2e5c2e387
e3a4b3fc49c8963cb2a7d5ee2827a82d309456227174b517256b2a343116463d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71f8e840afb11d105bcd6a50d131b3651b350acf44b8edf40a8a5f1e59fac18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29692bed02af855a1b94e4b99ac94de8b6f4a41d86ac6ac2897e47d0a0d66b2
f42405ae266f4dc6cf461296e8e27e52c14d7bed49c84d575098a2d6c1dd4f22
f56ab1d176c52ea80b72ca80592468d93c91c6af82c805573dbf1415d876dd36
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
fe529a0c4b6a9ef7421fad70c10e9337402adcb8536e7f64c1bf4ae6fba11aae
ff845cb4242bfc02e5e69dd2040af1597671cb21a13044926c71da06d8c76d31