![](/screenshots/b0aa32cd-e394-4059-bbcf-33bf4e980b92.png)
www.gr-foundation.org
Open in
urlscan Pro
2606:4700:4400::ac40:9988
Public Scan
Submission: On August 31 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 7th 2022. Valid for: a year.
This is the only time www.gr-foundation.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-171.ams50.r.cloudfront.net
dih4lvql8rjzt.cloudfront.net |
ASN16509 (AMAZON-02, US)
d2zf0x1vlux694.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-171-99.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-31.fra56.r.cloudfront.net
d2fcchof1bpxmv.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-41-236.eu-west-1.compute.amazonaws.com
rate.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-140-136.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-46-247.compute-1.amazonaws.com
px.adentifi.com |
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net
rate.sc.omtrdc.net |
ASN13335 (CLOUDFLARENET, US)
elastic-apm.platform.rate.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
cloudfront.net
dih4lvql8rjzt.cloudfront.net d2zf0x1vlux694.cloudfront.net d2fcchof1bpxmv.cloudfront.net |
3 MB |
8 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 83 |
998 KB |
6 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
68 KB |
5 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 454 |
128 KB |
5 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41 jnn-pa.googleapis.com — Cisco Umbrella Rank: 230 |
32 KB |
4 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 280 stats.g.doubleclick.net — Cisco Umbrella Rank: 87 |
2 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 |
289 KB |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223 rate.demdex.net — Cisco Umbrella Rank: 658387 |
5 KB |
3 |
gr-foundation.org
www.gr-foundation.org |
66 KB |
2 |
rate.com
elastic-apm.platform.rate.com — Cisco Umbrella Rank: 532823 Failed |
|
2 |
omtrdc.net
rate.sc.omtrdc.net |
463 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 109 |
239 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
21 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
15 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169 |
87 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
82 KB |
1 |
adentifi.com
px.adentifi.com — Cisco Umbrella Rank: 11298 |
35 B |
1 |
google.gr
www.google.gr — Cisco Umbrella Rank: 24686 |
408 B |
1 |
ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 233 |
2 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102 |
67 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1197 |
517 B |
1 |
evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 4108 |
45 KB |
73 | 22 |
Domain | Requested by | |
---|---|---|
8 | www.youtube.com |
www.gr-foundation.org
www.youtube.com |
7 | d2fcchof1bpxmv.cloudfront.net |
www.gr-foundation.org
|
5 | dih4lvql8rjzt.cloudfront.net |
www.gr-foundation.org
|
5 | assets.adobedtm.com |
www.gr-foundation.org
assets.adobedtm.com |
4 | www.gstatic.com |
www.youtube.com
www.gstatic.com www.gr-foundation.org |
4 | jnn-pa.googleapis.com |
www.youtube.com
|
4 | www.googletagmanager.com |
assets.adobedtm.com
www.googletagmanager.com |
3 | d2zf0x1vlux694.cloudfront.net |
www.gr-foundation.org
d2zf0x1vlux694.cloudfront.net |
3 | www.gr-foundation.org |
www.gr-foundation.org
|
2 | elastic-apm.platform.rate.com |
d2zf0x1vlux694.cloudfront.net
|
2 | rate.sc.omtrdc.net |
www.gr-foundation.org
|
2 | www.facebook.com |
www.gr-foundation.org
|
2 | www.google-analytics.com |
www.googletagmanager.com
d2zf0x1vlux694.cloudfront.net |
2 | www.google.com |
www.youtube.com
www.gr-foundation.org |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | fonts.gstatic.com |
www.youtube.com
|
2 | connect.facebook.net |
assets.adobedtm.com
connect.facebook.net |
2 | dpm.demdex.net |
assets.adobedtm.com
www.gr-foundation.org |
2 | cdnjs.cloudflare.com |
www.gr-foundation.org
cdnjs.cloudflare.com |
1 | px.adentifi.com |
www.gr-foundation.org
|
1 | www.google.gr |
www.gr-foundation.org
|
1 | stats.g.doubleclick.net |
d2zf0x1vlux694.cloudfront.net
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | cm.everesttech.net | 1 redirects |
1 | rate.demdex.net |
assets.adobedtm.com
|
1 | cdn.evgnet.com |
assets.adobedtm.com
|
1 | fonts.googleapis.com |
www.gr-foundation.org
|
73 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
gr-foundation.smapply.io |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-10-07 - 2023-10-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-06-09 - 2023-09-07 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-06 - 2024-03-04 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.google.gr GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
adentifi.com Amazon RSA 2048 M01 |
2023-07-06 - 2024-08-03 |
a year | crt.sh |
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-03-08 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.gr-foundation.org/?utm_source=grMktg&utm_medium=email&utm_term=&utm_content=text&utm_campaign=sig
Frame ID: 141B15EFEB2ECC3B61775CDE99F1F264
Requests: 50 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/K--hpOrXL5M
Frame ID: CABA74B53BB55252B6B6DEE69E9A300D
Requests: 20 HTTP requests in this frame
Frame:
https://rate.demdex.net/dest5.html?d_nsid=0
Frame ID: 497C9FFC627386C67C62F6747AFDAA47
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/b0aa32cd-e394-4059-bbcf-33bf4e980b92.png)
Page Title
Guaranteed Rate Foundation | Guaranteed RateDetected technologies
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Request Assistance
Search URL Search Domain Scan URL
Title: Visit us on Facebook
Search URL Search Domain Scan URL
Title: Visit us on Twitter
Search URL Search Domain Scan URL
Title: Visit us on LinkedIn
Search URL Search Domain Scan URL
Title: Visit us on Instagram
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://cm.everesttech.net/cm/dd?d_uuid=63730710363736808061915008163403045382 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPCIDAAAAKtayQN6
- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.gr-foundation.org/ |
299 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
837 B 813 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-af36fc3ec290.min.js
assets.adobedtm.com/dc28b7578231/1ca2c647e075/ |
452 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grTheme.css
www.gr-foundation.org/assets/styles/ |
151 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
513e35a8-28ea-4d53-84dd-10fd957faf4c_GR_Foundation_Primary.svg
dih4lvql8rjzt.cloudfront.net/cms/ |
13 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
K--hpOrXL5M
www.youtube.com/embed/ Frame CABA |
81 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ehl-logo-dark.svg
www.gr-foundation.org/assets/images/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.1306b35f.js
d2zf0x1vlux694.cloudfront.net/releases/prod/gri/assets/ |
381 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
363 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
34 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
193 KB 52 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
298 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
evergage.min.js
cdn.evgnet.com/beacon/guaranteedrate/engage/scripts/ |
176 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-player.css
www.youtube.com/s/player/16f9263d/ Frame CABA |
383 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
www.youtube.com/s/player/16f9263d/player_ias.vflset/de_DE/ Frame CABA |
48 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-embed-player.js
www.youtube.com/s/player/16f9263d/www-embed-player.vflset/ Frame CABA |
318 KB 95 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
www.youtube.com/s/player/16f9263d/player_ias.vflset/de_DE/ Frame CABA |
2 MB 773 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CABA |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CABA |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
291170618061825
connect.facebook.net/signals/config/ |
137 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
167 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
198 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
173 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b2f15a06-1f55-46e4-885e-018b00c4cbfe_ME123.png
dih4lvql8rjzt.cloudfront.net/cms/ |
939 KB 941 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7687f9b2-4ca5-4e49-9099-367cc7750cbe_J1.jpg
dih4lvql8rjzt.cloudfront.net/cms/ |
466 KB 467 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6b7b5365-4121-473d-8cbb-f783e70a10da_MB1.jpg
dih4lvql8rjzt.cloudfront.net/cms/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima_nova_bold.ttf
d2fcchof1bpxmv.cloudfront.net/cms/fonts/ |
290 KB 291 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima_nova_semibold.ttf
d2fcchof1bpxmv.cloudfront.net/cms/fonts/ |
291 KB 292 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-black.ttf
d2fcchof1bpxmv.cloudfront.net/cms/fonts/ |
298 KB 299 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima_nova_regular.ttf
d2fcchof1bpxmv.cloudfront.net/cms/fonts/ |
288 KB 288 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
rate.demdex.net/ Frame 497C |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=ZPCIDAAAAKtayQN6
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
googleads.g.doubleclick.net/pagead/ Frame CABA Redirect Chain
|
100 B 242 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame CABA |
29 B 494 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CABA |
67 KB 31 KB |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remote.js
www.youtube.com/s/player/16f9263d/player_ias.vflset/de_DE/ Frame CABA |
116 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rwg4UwpuBvlqb-xfb94XQEYvQv-cEpArHjSh9419ZcU.js
www.google.com/js/th/ Frame CABA |
37 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
i.ytimg.com/vi/K--hpOrXL5M/ Frame CABA |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame CABA |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_1xTyNqwPDKQkWyYZ9O_toqC7iDL3kWWsk-k8l5MA-3t6yEAbM3hwOcqUn1ssPLQexD6ZFvq=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame CABA |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-extrabold.woff2
d2fcchof1bpxmv.cloudfront.net/cms/fonts/ |
86 KB 87 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima_nova_regular.woff2
d2fcchof1bpxmv.cloudfront.net/cms/fonts/ |
84 KB 85 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima_nova_semibold.woff2
d2fcchof1bpxmv.cloudfront.net/cms/fonts/ |
84 KB 85 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CABA |
90 B 134 B |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6f4fd31c-484a-4572-9226-505d6784f185_BG_hero.jpg
dih4lvql8rjzt.cloudfront.net/cms/ |
455 KB 456 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 212 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC5cafb6c14688473d9dae77a1c28e6cf3-source.min.js
assets.adobedtm.com/dc28b7578231/1ca2c647e075/42ce65f68b71/ |
751 B 693 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
172.2ec0d535.chunk.js
d2zf0x1vlux694.cloudfront.net/releases/prod/gri/assets/chunks/hbs/ |
401 B 746 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
198.5680b9fa.chunk.js
d2zf0x1vlux694.cloudfront.net/releases/prod/gri/assets/chunks/hbs/ |
1023 B 1008 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CABA |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 354 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
www.youtube.com/ Frame CABA |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 293 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.gr/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame CABA |
51 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pixels
px.adentifi.com/ |
0 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s45139264068485
rate.sc.omtrdc.net/b/ss/grratemain/1/JS-2.23.0-LDQM/ |
43 B 344 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s44048264632405
rate.sc.omtrdc.net/b/ss/grratemain/1/JS-2.23.0-LDQM/ |
43 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCa66c69d1912e4af292ceec820cebb988-source.min.js
assets.adobedtm.com/dc28b7578231/1ca2c647e075/42ce65f68b71/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader.js
www.gstatic.com/wcm/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
call-tracking_7.js
www.gstatic.com/call-tracking/ |
54 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
elastic-apm.platform.rate.com/intake/v2/rum/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
events
elastic-apm.platform.rate.com/intake/v2/rum/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log_event
www.youtube.com/youtubei/v1/ Frame CABA |
28 B 54 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
events
elastic-apm.platform.rate.com/intake/v2/rum/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
events
elastic-apm.platform.rate.com/intake/v2/rum/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- elastic-apm.platform.rate.com
- URL
- https://elastic-apm.platform.rate.com/intake/v2/rum/events
- Domain
- elastic-apm.platform.rate.com
- URL
- https://elastic-apm.platform.rate.com/intake/v2/rum/events
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| dataLayer function| gtag function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| webpackJsonp object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| lazySizes object| app object| elasticApm object| gaplugins object| gaData object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr undefined| cookieDomain function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render number| evergagePageMatchTimeout number| a_id string| p_url number| uqNum string| px object| s_i_grratemain object| digitalData function| _googWcmImpl string| _googWcmAk function| _googWcmGet function| callback function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: 8pkjHMnePeI |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: XFz4k9Jlkso |
|
.demdex.net/ | Name: demdex Value: 63730710363736808061915008163403045382 |
|
.gr-foundation.org/ | Name: AMCVS_46B6704E60382AF50A495E12%40AdobeOrg Value: 1 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZPCIDAAAAKtayQN6 |
|
.gr-foundation.org/ | Name: _gcl_au Value: 1.1.940787303.1693485069 |
|
.dpm.demdex.net/ | Name: dpm Value: 63730710363736808061915008163403045382 |
|
.gr-foundation.org/ | Name: AMCV_46B6704E60382AF50A495E12%40AdobeOrg Value: 179643557%7CMCIDTS%7C19601%7CMCMID%7C59458506926794396681180273109980532116%7CMCAAMLH-1694089868%7C6%7CMCAAMB-1694089868%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1693492268s%7CNONE%7CMCSYNCSOP%7C411-19608%7CvVersion%7C5.5.0 |
|
.gr-foundation.org/ | Name: Value: GA1.2.901028690.1693485069 |
|
.gr-foundation.org/ | Name: _gid Value: GA1.2.583277221.1693485069 |
|
.gr-foundation.org/ | Name: _gat_gtag_UA_1757693_2 Value: 1 |
|
.www.gr-foundation.org/ | Name: _sfid_fcd6 Value: {%22anonymousId%22:%22370b463bcb5047cd%22} |
|
www.gr-foundation.org/ | Name: _evga_8df9 Value: {%22uuid%22:%22370b463bcb5047cd%22} |
|
.gr-foundation.org/ | Name: _fbp Value: fb.1.1693485069344.1961586896 |
|
.gr-foundation.org/ | Name: s_cc Value: true |
|
.gr-foundation.org/ | Name: AdTrk Value: |gnr|guaranteedrate||||||||direct||||| |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' http://localhost:3030 https://grate-cms.gr-dev.com https://grate-cms.dev.gri.rate.com https://grate-cms.prate-dev.com https://grate-cms.prate-stage.com https://grate-cms.gr-stage.com grate-cms-stage.dev.gri.rate.com https://grate-cms.gra-stage.com https://*.rate.com https://*.grarate.com https://*.properrate.com https://*.originpoint.com https://www.atproperties.com https://atproperties.com https://www.myatproperties.com https://myatproperties.com https://www.staging.atproperties.com https://staging.atproperties.com https://www.staging-website.myatproperties.com https://staging-website.myatproperties.com http://www.website.local http://website.local https://www.venturephilly.com https://venturephilly.com https://www.corcoranpacific.com https://corcoranpacific.com https://*.yextpages.net http://*.yextpages.net https://rcm.rockco.com https://www.yourhomehub.com/ https://yourhomehub.com https://kbhshomeloans.com https://www.kbhshomeloans.com https://citywidehomeloans.com https://www.citywidehomeloans.com https://certaintyhomeloans.com https://www.certaintyhomeloans.com https://premiarelocationmortgage.com https://www.premiarelocationmortgage.com https://equitymortgagegroup.com https://www.equitymortgagegroup.com https://ansleyre.com https://www.ansleyre.com https://owning.com https://www.owning.com https://advhypo.morningstar.com https://advhypo-uat.morningstar.com https://awsstghypo.morningstar.com https://awse2webqa.morningstar.com https://dev.certaintyhomelending.com https://staging.certaintyhomelending.com https://certaintyhomelending.com https://searchdfwareahomes.com https://www.searchdfwareahomes.com https://www.ericatexada.com https://www.sellatexashome.com https://ericatexada-brawnsterling.sites.erarealestate.com https://www.brawnsterling.com https://www.discoverrealestate.org https://www.corcoran.com |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cdn.evgnet.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
d2fcchof1bpxmv.cloudfront.net
d2zf0x1vlux694.cloudfront.net
dih4lvql8rjzt.cloudfront.net
dpm.demdex.net
elastic-apm.platform.rate.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
px.adentifi.com
rate.demdex.net
rate.sc.omtrdc.net
static.doubleclick.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.gr
www.googletagmanager.com
www.gr-foundation.org
www.gstatic.com
www.youtube.com
yt3.ggpht.com
elastic-apm.platform.rate.com
151.101.0.114
18.66.107.31
2600:9000:2104:d600:1d:f687:fa00:21
2606:4700:4400::ac40:9988
2606:4700:4400::ac40:9bb5
2606:4700::6811:190e
2a00:1450:4001:803::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2016
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9b
2a02:26f0:480:99e::1e80
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.95.46.247
34.240.140.136
34.255.171.99
52.17.41.236
52.222.137.171
63.140.62.135
13b1947da3cec38da3f773e8d30b77b6b2cac9b64cc7eabf4ae1b20cd250793b
14612935e3319c20afa2f43f33cb1d42cccf2f78a4c1e243867fbf983f00822e
15a341ce4bc2dec85ea156a2d098eda9213909d24acb46a8cc309617bca6a973
1858ee93688c49769995e06e7c1b23233f064e4f9932f95fc65996908b37fc9e
2615bd8326745bcdb5548dc9dc89d11fb8f8f3eed82a58629ba94c8e07fee42e
264d4084755d05cbd3b7a47e3f79b8b6dba608d7822b5710ccf86224536564cb
3079dcd703297b793b34d11c0fcf10c12989fb4429025eb10f09dd82c15eb4d0
32dfb22a2319d361cc1bb082744105cbe2bdaee833e0e9a23d739c66843ee3c4
3384907d50b7c3ac1ce8b6c54b78aa5a3e50a69202fcd61f44ccab586b708cdd
33c12f2e7fef681807d5908805c364503776ed783d6e788b98b2f290ea501276
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fb8179a3c441e0b016f7bbb61f1d183aaaeb06e0640297d553f892fd1a9209e
4166db6f4f3c9187df1e748acafb73998d4f61cc6ca41a46bbb9e264a2869878
4321db767e4ff2d6f86057d05efe71a9f7287c5ad9519f66b0b20f1eb596f07a
470838530a6e06f96a6fec5f6fde1740462f42ff9c12902b1e34a1f78d7d65c5
4c78dc71fc0b6ce48e0d2e58ae40e0cdfa5ffe10b960c135bbbb6ab7abc7f895
51b8ad429abff0d9ec14cf9d193ebff4bf9dd82e9ceabd9d6360edb03ea6fe57
577d99732dac7c4141ab031333600f136ef445e494d56b58eded02ca0f47ee9a
57e1a11bbbf309d5c4ebac06ba9f26224d32f9253f5a7aab19b93280b1de4ab1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61caa8217ed7d19d00445dda1f0a77544badd14af13e13c829f8c9516cd038d7
64dd26cc0a69783d4dab6681c91a0660862f427288bbfd50320b0b16ddf1015c
64e0fabeb725ecc17867b312eef686cd6930a0726543bfbccc58a5f544a270df
65933b088b396b3a54d67ff4273e6d6d2b852351585a7e1970da98e0050ac5e9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cda1d51e986c67243e5ea5b823d1acc1d511ff6dca1f4f006aa3679d6555c03
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
799fac66d6cc0c4f7e8d826857a0841288412fcfe37de705db4b085db01d615a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8cbba6c10baa9d1ad1e20a5cc1fc04b271b1b2df0cb6494482b7cedf106f0126
9026a217f20f231f97456131ae5f7e0c2d532cb7f88c904abbbf33be4d39424e
90e057bf04c049d94cc29c4b5712bd67980d628c910d2d43e987eb1641602f18
945d0b3d84470b3f44236018f989ef8c7e916b4c7eaf96246a21414387faaa4f
9687c17018668c8ce86ad4254b0f3eaee6320b53c81fec3f79d168b01cdd3f69
9b6334043b628d7ee5b74b3b3f8e25d4bb0a484177f4bb53f19e8e729458917d
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a28993ac9f610077a4183e4a40d20b42cc2e46ef9de49dac84c8cc6a554a41ac
a2a48cc27405a52cbbc2c6f1efbd3c407fa49ab0824ed5ebbe672845e73e541e
aa3b2be9406fe2e16965b9dbcbd5cb7e43598ed92c239189f8a149103769f082
aceb906b19be5a14a045dc9d5c9b04b948ef85f4aff28394e7453bea3c3d9422
ad1ec48712c4548d3d638f4e80759b78f9d3c335625ec777e1edd19532997cc0
bb6bb5699bad8fd9533fec4cc5c4985a5c701ec8526659abf36018c5f23a97e3
d3c8de26ca50c4d790b794843fa952680e7bdfca7b140e92b1b573f89b035de3
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a47f59e6f6c0ba191288c2498fffa3029f333e1a3254a2b0801aa12628e16
e7e5d49f61a004a9a6f65a71ebf49a31426757dbc4cc2ab8a686428da3d6313e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2c3de9e6e8f8ad04ea57c8124217ddf5a167dd450d29c5e5c709a32f319d9a
ef8917b25fc94291c9fa14f08ffde1887d2fa82ccf253aaf5273daff71c3f6e7
f2a1c8b860dd500d5c3f5eff8d08132bcdd9f03db9791bdbfd148c1cf8a1e1c1
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df