www.efsllc.com
Open in
urlscan Pro
45.223.19.127
Public Scan
Submission: On December 29 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on October 20th 2023. Valid for: 6 months.
This is the only time www.efsllc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-72.ams50.r.cloudfront.net
cdn-0.d41.co |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-2-122.compute-1.amazonaws.com
vid0410.d41.co |
ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net
10630639.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net
static.hotjar.com |
ASN13335 (CLOUDFLARENET, US)
widget.privy.com | |
api.privy.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.13.IPYX-141870-ZYO.zip.zayo.com
ciqtracking.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-42.ham50.r.cloudfront.net
script.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-181-161.eu-west-1.compute.amazonaws.com
content.hotjar.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-78-238.compute-1.amazonaws.com
ff.d41.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
efsllc.com
www.efsllc.com — Cisco Umbrella Rank: 569626 |
390 KB |
11 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 324 |
147 KB |
5 |
d41.co
cdn-0.d41.co — Cisco Umbrella Rank: 26254 vid0410.d41.co — Cisco Umbrella Rank: 211817 ff.d41.co — Cisco Umbrella Rank: 175048 |
86 KB |
4 |
doubleclick.net
3 redirects
10630639.fls.doubleclick.net — Cisco Umbrella Rank: 909995 ad.doubleclick.net — Cisco Umbrella Rank: 139 |
2 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
268 KB |
3 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1544 ka-p.fontawesome.com — Cisco Umbrella Rank: 3304 |
77 KB |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 93 |
613 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168 |
89 KB |
2 |
privy.com
widget.privy.com — Cisco Umbrella Rank: 16862 api.privy.com — Cisco Umbrella Rank: 16887 |
106 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933 |
59 KB |
2 |
wexdrive.com
www.wexdrive.com — Cisco Umbrella Rank: 152944 |
10 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189 |
244 B |
1 |
hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6459 |
161 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
185 B |
1 |
ciqtracking.com
1 redirects
ciqtracking.com — Cisco Umbrella Rank: 36811 |
434 B |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 548 |
317 B |
68 | 16 |
Domain | Requested by | |
---|---|---|
30 | www.efsllc.com |
www.efsllc.com
|
11 | cdn.cookielaw.org |
www.googletagmanager.com
cdn.cookielaw.org www.efsllc.com |
3 | www.googletagmanager.com |
www.efsllc.com
www.googletagmanager.com |
2 | adservice.google.com |
www.efsllc.com
10630639.fls.doubleclick.net |
2 | ad.doubleclick.net | 2 redirects |
2 | connect.facebook.net |
www.efsllc.com
connect.facebook.net |
2 | 10630639.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | ka-p.fontawesome.com |
kit.fontawesome.com
www.efsllc.com |
2 | vid0410.d41.co |
www.googletagmanager.com
cdn-0.d41.co |
2 | cdn-0.d41.co |
www.efsllc.com
www.googletagmanager.com |
2 | www.wexdrive.com |
www.efsllc.com
|
1 | ff.d41.co |
cdn-0.d41.co
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | content.hotjar.io |
script.hotjar.com
|
1 | api.privy.com |
widget.privy.com
|
1 | www.facebook.com |
www.efsllc.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | ciqtracking.com | 1 redirects |
1 | widget.privy.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | kit.fontawesome.com |
www.efsllc.com
|
68 | 22 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-10-20 - 2024-04-17 |
6 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
*.d41.co DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2023-04-01 - 2024-03-31 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2023-11-13 - 2024-11-12 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-17 - 2024-04-16 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-10-07 - 2024-01-05 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.hotjar.io Amazon ECDSA 256 M02 |
2023-03-02 - 2024-03-30 |
a year | crt.sh |
ff.d41.co DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-03 - 2024-02-21 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.efsllc.com/
Frame ID: 6C632AA877D894FE79BA8412D9CE9B4C
Requests: 66 HTTP requests in this frame
Frame:
https://10630639.fls.doubleclick.net/activityi;dc_pre=CKGKvdfdtIMDFQnIOwIdVKYODA;src=10630639;type=websi0;cat=websi0;ord=6124153551345;auiddc=401408940.1703855854;gtm=45He3bt0v9104870401;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.efsllc.com%2F
Frame ID: C93783516E38950A319A146BD6D207C3
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CKGKvdfdtIMDFQnIOwIdVKYODA;src=10630639;type=websi0;cat=websi0;ord=6124153551345;auiddc=401408940.1703855854;gtm=45He3bt0v9104870401;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.efsllc.com%2F
Frame ID: E27C043CB171D54D26CAFF46AB4D291B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
EFS and Fleet One | Fleet Payment Solutions | WEX Inc.Back ButtonSearch IconFilter IconDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Imperva (Security) Expand
Detected patterns
- /_Incapsula_Resource
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: Authorize Checks
Search URL Search Domain Scan URL
Title: EFS eManager
Search URL Search Domain Scan URL
Title: Fleet One eManager
Search URL Search Domain Scan URL
Title: Carrier TrendSource
Search URL Search Domain Scan URL
Title: Fuel Manager
Search URL Search Domain Scan URL
Title: Fuel Tax
Search URL Search Domain Scan URL
Title: T-Chek Card Management
Search URL Search Domain Scan URL
Title: EFS Merchant Manager
Search URL Search Domain Scan URL
Title: EFS Merchant TrendSource
Search URL Search Domain Scan URL
Title: Transnet
Search URL Search Domain Scan URL
Title: Expense Reporting
Search URL Search Domain Scan URL
Title: EFS PayControl
Search URL Search Domain Scan URL
Title: Factoring Reports
Search URL Search Domain Scan URL
Title: FleetDocs
Search URL Search Domain Scan URL
Title: Apply Now
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 45- https://10630639.fls.doubleclick.net/activityi;src=10630639;type=websi0;cat=websi0;ord=6124153551345;auiddc=401408940.1703855854;gtm=45He3bt0v9104870401;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.efsllc.com%2F HTTP 302
- https://10630639.fls.doubleclick.net/activityi;dc_pre=CKGKvdfdtIMDFQnIOwIdVKYODA;src=10630639;type=websi0;cat=websi0;ord=6124153551345;auiddc=401408940.1703855854;gtm=45He3bt0v9104870401;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.efsllc.com%2F
- https://ciqtracking.com/p/v/1/624c8bd2f8708104e67e2b6e/format/img HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=11519151;type=invmedia;cat=wex_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=11519151;dc_pre=CMaK89fdtIMDFbFhkQUdfH8LAw;type=invmedia;cat=wex_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
- https://adservice.google.com/ddm/fls/z/src=11519151;dc_pre=CMaK89fdtIMDFbFhkQUdfH8LAw;type=invmedia;cat=wex_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.efsllc.com/ |
61 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-regular.woff2
www.efsllc.com/wp-content/themes/wex-2020-child/library/webfonts/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-500.woff2
www.efsllc.com/wp-content/themes/wex-2020-child/library/webfonts/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-700.woff2
www.efsllc.com/wp-content/themes/wex-2020-child/library/webfonts/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-condensed-regular.woff2
www.efsllc.com/wp-content/themes/wex-2020-child/library/webfonts/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-condensed-700.woff2
www.efsllc.com/wp-content/themes/wex-2020-child/library/webfonts/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.efsllc.com/wp-content/themes/wex-2020-child/library/css/ |
51 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
www.efsllc.com/wp-content/themes/wex-2020/library/css/libs/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.efsllc.com/wp-content/themes/wex-2020/library/css/ |
83 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.efsllc.com/wp-includes/js/jquery/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
www.efsllc.com/wp-content/themes/wex-2020/library/css/libs/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.efsllc.com/wp-content/themes/wex-2020/ |
293 B 409 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
525bcac057.js
kit.fontawesome.com/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wex_coupon_code_defaults.js
www.wexdrive.com/assets/js/ |
25 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wex_coupon_code.js
www.wexdrive.com/assets/js/ |
33 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.efsllc.com/wp-includes/js/jquery/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
www.efsllc.com/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.magnific-popup.min.js
www.efsllc.com/wp-content/themes/wex-2020/library/js/libs/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.efsllc.com/wp-content/themes/wex-2020/library/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ff-3.min.js
cdn-0.d41.co/tags/ |
271 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WEX_OTR_LOGOS.svg
www.efsllc.com/wp-content/uploads/2022/02/ |
18 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-hero-background.jpg.webp
www.efsllc.com/wp-content/uploads/2021/03/ |
77 KB 77 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fleet-one-edge-card-1-230x145.png.webp
www.efsllc.com/wp-content/uploads/2020/11/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
efs-fleet-card-3-230x145.png.webp
www.efsllc.com/wp-content/uploads/2020/11/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
efs-corporate-mastercard-230x145.png.webp
www.efsllc.com/wp-content/uploads/2020/11/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnific-popup.css
www.efsllc.com/wp-content/themes/wex-2020/library/css/libs/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coupon_code_phone_numbers.js
www.efsllc.com/wp-content/themes/wex-2020/library/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.efsllc.com/ |
151 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
453 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
204 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
e9f1bb02-8be3-4dc9-98a3-a784baabdb5c
https://www.efsllc.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero-foreground-2022.png.webp
www.efsllc.com/wp-content/uploads/2022/03/ |
18 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fleet-one-solutions.jpg.webp
www.efsllc.com/wp-content/uploads/2020/11/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
efs-fleet-solutions.jpg.webp
www.efsllc.com/wp-content/uploads/2020/11/ |
11 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fleet-one-factoring-1.jpg.webp
www.efsllc.com/wp-content/uploads/2020/11/ |
18 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.efsllc.com/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
275 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
vid0410.d41.co/sync/ |
0 669 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ |
315 KB 53 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
www.efsllc.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d5b9ca66-1d2c-425c-81db-c008762441ab.json
cdn.cookielaw.org/consent/d5b9ca66-1d2c-425c-81db-c008762441ab/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
66 B 317 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202304.1.0/ |
401 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/d5b9ca66-1d2c-425c-81db-c008762441ab/d9e31cbd-03f9-4e99-aa5b-0c81938fa679/ |
57 KB 14 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CKGKvdfdtIMDFQnIOwIdVKYODA;src=10630639;type=websi0;cat=websi0;ord=6124153551345;auiddc=401408940.1703855854;gtm=45He3bt0v9104870401;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;u...
10630639.fls.doubleclick.net/ Frame C937 Redirect Chain
|
582 B 504 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2315094.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
widget.privy.com/assets/ |
345 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFloatingRounded.json
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ |
10 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/ |
61 KB 12 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=11519151;dc_pre=CMaK89fdtIMDFbFhkQUdfH8LAw;type=invmedia;cat=wex_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 173 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_close.svg
cdn.cookielaw.org/logos/static/ |
651 B 618 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ |
497 B 489 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_company_logo.png
cdn.cookielaw.org/logos/static/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2497498140423537
connect.facebook.net/signals/config/ |
135 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.618aa075c4d9b6424e07.js
script.hotjar.com/ |
220 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CKGKvdfdtIMDFQnIOwIdVKYODA;src=10630639;type=websi0;cat=websi0;ord=6124153551345;auiddc=401408940.1703855854;gtm=45He3bt0v9104870401;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb...
adservice.google.com/ddm/fls/i/ Frame E27C |
194 B 440 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnb_coretag_v5.min.js
cdn-0.d41.co/tags/ |
74 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
campaigns.json
api.privy.com/businesses/8A95C28985C13B54F4717896/ |
797 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api
vid0410.d41.co/ |
55 B 768 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
content.hotjar.io/ |
56 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 244 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
ff.d41.co/v1/ |
46 B 477 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| documentPictureInPicture string| WEX_CC_DOMAIN_KEY object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| regeneratorRuntime object| Fill object| dpa object| WEX_PHONE_NUMBERS_BY_COUPON_CODE object| google_tag_manager object| google_tag_data object| WexCouponCodeToPhoneNumber function| postscribe object| google_tag_manager_external object| links object| linkElem function| takeUserToBOCA function| getCookie function| createExternalConsent object| FontAwesomeKitConfig number| COUPON_CODE_SESSION_IN_MINUTES number| COUPON_CODE_PERSISTENT_IN_DAYS number| LOCATION_CODE_SESSION_IN_MINUTES number| LOCATION_CODE_PERSISTENT_IN_DAYS object| SEARCH_ENGINES object| DEFAULT_COUPON_CODES object| PARTNER_SITES string| thisSiteDomain string| DEFAULT_CC_SITE string| DEFAULT_CC_PARTNER string| DEFAULT_CC_GOOGLE string| DEFAULT_CC_OTHERSEARCH string| DEFAULT_CC_SEM string| DEFAULT_CC_DIRECTMAIL string| DEFAULT_CC_EMAIL string| DEFAULT_CC_SOCIAL string| DEFAULT_CC_REP object| defaults object| WexHelper object| WexLocationCode object| WexCouponCode object| WexEFID object| WexParentLeadID object| WexDuns object| WexBocaLink string| coupon_code string| coupon_code_2 string| coupon_code_3 string| coupon_code_4 string| coupon_code_5 string| creative_version string| location_code string| lp_type string| val function| updateViewportDimensions object| viewport function| waitForFinalEvent number| timeToWaitForLast function| loadGravatars object| OneTrustStub function| OptanonWrapper function| onYouTubeIframeAPIReady object| gaGlobal object| twemoji object| wp string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust function| hj object| _hjSettings string| _d_site function| fbq function| _fbq object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackChunkprivy object| SENTRY_RELEASE object| SENTRY_RELEASES object| PrivyWidget object| dnbvid18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.efsllc.com/ | Name: visid_incap_2270134 Value: 8L9GikqASJmgXwlnAbz2cezGjmUAAAAAQUIPAAAAAAAgywE14ppkdIiE/pzPkK/x |
|
.efsllc.com/ | Name: nlbi_2270134 Value: Tjd6AOtELh5j3BVp95dGLQAAAABlbsu3gDu24BKtNP35kCk0 |
|
.efsllc.com/ | Name: incap_ses_876_2270134 Value: PFvOeLWj4A7Ezx2rbi4oDOzGjmUAAAAAkSnG4u5mn9AvOPRxyrcz5A== |
|
www.efsllc.com/ | Name: wex_referrer_domain Value: |
|
www.efsllc.com/ | Name: wex_cc_session Value: M90907 |
|
.efsllc.com/ | Name: _gcl_au Value: 1.1.401408940.1703855854 |
|
.www.efsllc.com/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Dec+29+2023+14%3A17%3A34+GMT%2B0100+(Central+European+Standard+Time)&version=202304.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=b7da42ab-eea6-4fe6-bfb1-e3966298b6f7&interactionCount=0&landingPath=https%3A%2F%2Fwww.efsllc.com%2F&groups=C0001%3A1%2CC0002%3A1%2CBG112%3A1%2CC0003%3A1%2CC0004%3A1 |
|
.efsllc.com/ | Name: _fbp Value: fb.1.1703855854182.147421759 |
|
.efsllc.com/ | Name: _hjFirstSeen Value: 1 |
|
.efsllc.com/ | Name: _hjIncludedInSessionSample_2315094 Value: 1 |
|
.efsllc.com/ | Name: _hjSessionUser_2315094 Value: eyJpZCI6IjM4MjdkNTgxLWMwYjYtNTk4NC1iZGEwLTdkZDM0ZjQ0YzUzYyIsImNyZWF0ZWQiOjE3MDM4NTU4NTQ0MzYsImV4aXN0aW5nIjp0cnVlfQ== |
|
.efsllc.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.efsllc.com/ | Name: _hjSession_2315094 Value: eyJpZCI6ImE1YTY4N2M5LTFiY2YtNDdlMi1iMDAxLTQ4OTQxZjJhNDNkMiIsImMiOjE3MDM4NTU4NTQ0MzcsInMiOjEsInIiOjEsInNiIjoxfQ== |
|
.efsllc.com/ | Name: _ga_6W2E9PJY88 Value: GS1.1.1703855854.1.0.1703855854.0.0.0 |
|
.efsllc.com/ | Name: _ga Value: GA1.1.1863620478.1703855855 |
|
.efsllc.com/ | Name: _privy_8A95C28985C13B54F4717896 Value: %7B%22uuid%22%3A%22cbda783a-4762-46ad-bb5c-60b49080084c%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22DE%22%2C%22region_code%22%3A%22DE_HE%22%2C%22postal_code%22%3A%2260326%22%7D |
|
ciqtracking.com/ | Name: kwsu Value: 658ec6ee9b88046baeb9e4d8 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUk8kdwqQ8xFTBl3WKyahP9SUuvUSJkZELlKu36aNcpoNfTj7msfVOpCFtdIMXw |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10630639.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
api.privy.com
cdn-0.d41.co
cdn.cookielaw.org
ciqtracking.com
connect.facebook.net
content.hotjar.io
ff.d41.co
geolocation.onetrust.com
ka-p.fontawesome.com
kit.fontawesome.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vid0410.d41.co
widget.privy.com
www.efsllc.com
www.facebook.com
www.googletagmanager.com
www.wexdrive.com
142.250.186.102
18.155.153.42
2001:4860:4802:32::36
216.200.122.13
216.58.206.38
2606:4700:10::ac43:246a
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700:4400::ac40:9b77
2606:4700::6812:83ec
2a00:1450:4001:81c::2002
2a00:1450:4001:82b::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
45.223.19.127
45.60.156.173
50.19.78.238
52.222.139.19
52.222.139.72
54.160.2.122
54.194.181.161
044e1942f61558a6e585a27a8a2916dc1ee27f92b867045ebc90f96c996ab7e7
057693d53eb6632939ad52932467a0c1f6194e18198c6bfd43f6a81880998dec
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07b80f8b1054c1c13ef4fdac5605e378fbc8c45bced6ec265d000d7867758e55
1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
26a667b1e5c882975e874a75bdd81bbaade4846b85ebcc79a238a6f1ae89c0dc
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
38bc6119bf947af6bacbe33f7c8720363c007ebcf37264c8fa8ce7d9187cd745
3a3826a92058df00dd81a2a93821723a7ec7a45f0f3fce9fb4a4c0ac6b16aaeb
3d0c2c48342bde9083ff307eee57c2cd6b63aa3ac69918600e39a2c327c73ae7
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
422a042c2547b2afe87cc99b97e483da99135b4560161e0a05bc1c5f3d0533e6
43a016487b236c293abe978322b98a7cf1661308ebf9d1d4c4f1f8161638e9f8
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4774b15c7981043ed46491a00a62305fd552e178c86a4cb30a22a08193937785
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54e7c11edc7776c6c9a3c00306ba47b13e8adff388d20a652ef65acf6c4362ad
585a1d2c2e7e287d2402fe4ee156d0c69e406de17efedd696e162c8b699e6f5b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cfec3a24134e2e2819f1d3022bc2a165feb181e2769a5b371e971348c82ac70
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6141876b99e9a92bd5841b51532f6066ad23f8da7af293b56154d43c43967b58
61fe734d678bfc3982a8b911ebbd3a08a2106bdcf6926c0ad1236205e5fed3fa
6670c8c65fcac8a59d8dfe01dcf1aebcde9985b4966d84111cb5c5ef18197209
68ed9f9044311f45f06c1b6c935fb29bc9718c615a9d3b4387d48b03e55ec4e6
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6fbbaac6d76a3363cf3ba54c90eef6bf69a9edd496c89bd485af936d48a59a05
76c0d0bc836e22c4387b98f832810611b72832dd02955391fab48fb2ec25b221
7af2584f15004c762d9912ed9ae6a4b6e7d5a41f4a032fde69babe61e7a2875e
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92507afa506a462e60a0bd3ab0b7177b662d426ac33417718412b6e6e17fddf8
930b965bb272b82d6935bdfbe327cd2c9f0b6bebe3be7666665ecd6cdc8a2ea4
9cd173d2b12a4a3b2295ae2f67bca95a8916fcfbe8d528a85e8528d6baeca9b2
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a5dacba00495caf4c3b54253b52edd2e889c0a4abcfb89315a6968bccafafe85
a90b291355a35a186f57af0d105c7325cc93f4a949a4effa33aba71164f21811
a90e83aa7621bfa0e77de87f10e6cd2dc119c2d6894970b67a1b9bb4fab77012
a9de3a1ea6ef219e2f220f2ee36bce5040cb853c9a1117715f4de0703f349838
aba24746e57c4303c96f5b673bfa3482c60949684ab8ee856d3788cdff0ff137
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b487d9b3da6618e3fcef24cbfdf100560e1d6e502d27ed298d80f2ee181462c9
ba067229db056b4ecc00a7177caf579641d466c51720e6d01f9e725d35fd1eeb
bf5ec439b21bef6cc93fa2b71424f6f981a164832e89109eae7869946efcfb0e
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d8619f47189d63aa2a3173b60ebe8e2c7b38fed23979896a41557b4cac737ad2
dc61a61814ef86d8d93aebe2dfe1860cee232332e9fa15fef7324fc15a4b1b55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
edfb8517f8074787b704a69b6cb16126c4a94169fd2405b3804871936284ab3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1eed7ca7be2ee233f61c1b457c8245b5f3692ef9a66dcca96b55f12fa9d77e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f6e9ebb19bc4f60eed858085195a265272e7d131f0e80f58f85cdf5fdd83e3
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fd4a709120432489f49e929279e5ee653266b05d272c2fa3dc57b5426742ba67