moneymentors.ca
Open in
urlscan Pro
72.10.51.91
Public Scan
Effective URL: https://moneymentors.ca/
Submission: On January 26 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by R3 on January 26th 2022. Valid for: 3 months.
This is the only time moneymentors.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN398110 (GO-DADDY-COM-LLC, US)
PTR: new-moneymentors.ca
www.moneymentors.ca | |
moneymentors.ca |
ASN16625 (AKAMAI-AS, US)
PTR: a104-97-108-150.deploy.static.akamaitechnologies.com
origin.acuityplatform.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-59.deploy.static.akamaitechnologies.com
cdn.livechatinc.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-14.deploy.static.akamaitechnologies.com
api.livechatinc.com | |
secure.livechatinc.com | |
accounts.livechatinc.com |
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com
jadserve.postrelease.com |
ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-101-77.compute-1.amazonaws.com
pixel.advertising.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-200-46.compute-1.amazonaws.com
crb.kargo.com |
ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
cm.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
moneymentors.ca
1 redirects
www.moneymentors.ca moneymentors.ca |
753 KB |
9 |
livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 6508 api.livechatinc.com — Cisco Umbrella Rank: 5512 secure.livechatinc.com — Cisco Umbrella Rank: 6785 accounts.livechatinc.com — Cisco Umbrella Rank: 7887 |
268 KB |
7 |
typekit.net
p.typekit.net — Cisco Umbrella Rank: 656 use.typekit.net — Cisco Umbrella Rank: 509 |
106 KB |
6 |
tapad.com
6 redirects
pixel.tapad.com — Cisco Umbrella Rank: 419 |
2 KB |
6 |
acuityplatform.com
origin.acuityplatform.com — Cisco Umbrella Rank: 16615 e.acuityplatform.com — Cisco Umbrella Rank: 21867 acuityplatform.com — Cisco Umbrella Rank: 1090 ums.acuityplatform.com — Cisco Umbrella Rank: 1208 |
7 KB |
4 |
yahoo.com
2 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 |
1 KB |
4 |
advertising.com
4 redirects
pixel.advertising.com — Cisco Umbrella Rank: 327 |
1 KB |
4 |
adsrvr.org
4 redirects
match.adsrvr.org — Cisco Umbrella Rank: 329 |
2 KB |
4 |
bidswitch.net
4 redirects
x.bidswitch.net — Cisco Umbrella Rank: 287 |
3 KB |
3 |
doubleclick.net
1 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 197 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 |
1 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 385 |
11 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
20 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
2 |
google.ca
ampcid.google.ca — Cisco Umbrella Rank: 75023 www.google.ca — Cisco Umbrella Rank: 7861 |
962 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
425 B |
2 |
google.com
ampcid.google.com — Cisco Umbrella Rank: 1722 www.google.com — Cisco Umbrella Rank: 13 |
1 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146 |
113 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
110 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
1 KB |
1 |
kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1519 |
504 B |
1 |
postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117 |
539 B |
57 | 21 |
Domain | Requested by | |
---|---|---|
10 | moneymentors.ca |
moneymentors.ca
|
6 | pixel.tapad.com | 6 redirects |
6 | use.typekit.net |
moneymentors.ca
|
4 | ups.analytics.yahoo.com |
2 redirects
moneymentors.ca
|
4 | pixel.advertising.com | 4 redirects |
4 | match.adsrvr.org | 4 redirects |
4 | x.bidswitch.net | 4 redirects |
4 | cdn.livechatinc.com |
moneymentors.ca
secure.livechatinc.com |
3 | api.livechatinc.com |
cdn.livechatinc.com
|
3 | bat.bing.com |
moneymentors.ca
bat.bing.com |
3 | www.google-analytics.com |
www.googletagmanager.com
moneymentors.ca |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.facebook.com |
moneymentors.ca
|
2 | cm.g.doubleclick.net |
1 redirects
moneymentors.ca
|
2 | ums.acuityplatform.com |
moneymentors.ca
|
2 | acuityplatform.com |
www.googletagmanager.com
|
2 | connect.facebook.net |
moneymentors.ca
connect.facebook.net |
2 | www.googletagmanager.com |
moneymentors.ca
www.googletagmanager.com |
1 | accounts.livechatinc.com |
cdn.livechatinc.com
|
1 | fonts.googleapis.com |
secure.livechatinc.com
|
1 | www.google.ca |
moneymentors.ca
|
1 | www.google.com |
moneymentors.ca
|
1 | secure.livechatinc.com |
cdn.livechatinc.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | ampcid.google.ca |
www.google-analytics.com
|
1 | crb.kargo.com |
moneymentors.ca
|
1 | jadserve.postrelease.com |
moneymentors.ca
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | e.acuityplatform.com |
origin.acuityplatform.com
|
1 | origin.acuityplatform.com |
moneymentors.ca
|
1 | p.typekit.net |
moneymentors.ca
|
1 | www.moneymentors.ca | 1 redirects |
57 | 32 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.moneymentors.ca |
www.ccaward.com |
www.facebook.com |
twitter.com |
www.instagram.com |
www.linkedin.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
moneymentors.ca R3 |
2022-01-26 - 2022-04-26 |
3 months | crt.sh |
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-05 - 2022-12-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.acuityplatform.com DigiCert SHA2 Secure Server CA |
2021-05-17 - 2022-05-25 |
a year | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-08-16 - 2022-08-16 |
a year | crt.sh |
livechat.com DigiCert SHA2 Secure Server CA |
2021-04-20 - 2022-04-25 |
a year | crt.sh |
www.bing.com Microsoft RSA TLS CA 01 |
2021-12-22 - 2022-06-22 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-11-05 - 2022-02-03 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://moneymentors.ca/
Frame ID: C011BB534ABB1BA68FC341D08919BE61
Requests: 48 HTTP requests in this frame
Frame:
https://secure.livechatinc.com/customer/action/open_chat?license_id=4200481&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 00AD0DB29FB209FA1D7624B4B0F146ED
Requests: 8 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: B8E7F0D01088C462C2FB21F652F42F59
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Money Mentors Alberta | Non-profit Debt Relief & Financial EducationPage URL History Show full URLs
-
https://www.moneymentors.ca/
HTTP 301
https://moneymentors.ca/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
LiveChat (Live Chat) Expand
Detected patterns
- cdn\.livechatinc\.com/.*tracking\.js
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: LOGIN
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: >
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.moneymentors.ca/
HTTP 301
https://moneymentors.ca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://x.bidswitch.net/sync?dsp_id=236&user_id=642759867894&expires=30&user_group=1 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=642759867894&expires=30&user_group=1 HTTP 302
- https://jadserve.postrelease.com/suid/1011?vk=50237fea-748c-4203-99a5-50da6d2bea3d
- https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=642759867894&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=642759867894&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3d385a75-a433-4c68-a60b-2b9922b8e2ef%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253D3d385a75-a433-4c68-a60b-2b9922b8e2ef&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3d385a75-a433-4c68-a60b-2b9922b8e2ef%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253D3d385a75-a433-4c68-a60b-2b9922b8e2ef&gdpr=0&gdpr_consent= HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d8d56d0b-572e-46e8-8525-2f79b6823851&ttd_puid=3d385a75-a433-4c68-a60b-2b9922b8e2ef%2Chttps%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D3d385a75-a433-4c68-a60b-2b9922b8e2ef HTTP 302
- https://ums.acuityplatform.com/sum?umid=64&uid=3d385a75-a433-4c68-a60b-2b9922b8e2ef
- https://pixel.advertising.com/ups/55950/sync?uid=642759867894&_origin=1 HTTP 302
- https://pixel.advertising.com/ups/55950/sync?uid=642759867894&_origin=1&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=642759867894&_origin=1&apid=UPe572c02e-7ed1-11ec-9f27-0a3e110bef1d HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=642759867894&_origin=1&apid=UPe572c02e-7ed1-11ec-9f27-0a3e110bef1d&verify=true
- https://x.bidswitch.net/sync?dsp_id=236&user_id=642759908073&expires=30&user_group=1 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=642759908073&expires=30&user_group=1 HTTP 302
- https://crb.kargo.com/api/v1/bswsync?bsw_uuid=50237fea-748c-4203-99a5-50da6d2bea3d&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
- https://pixel.advertising.com/ups/55950/sync?uid=642759908073&_origin=1 HTTP 302
- https://pixel.advertising.com/ups/55950/sync?uid=642759908073&_origin=1&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=642759908073&_origin=1&apid=UPe572c02e-7ed1-11ec-9f27-0a3e110bef1d HTTP 302
- https://ups.analytics.yahoo.com/ups/55950/sync?uid=642759908073&_origin=1&apid=UPe572c02e-7ed1-11ec-9f27-0a3e110bef1d&verify=true
- https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=642759908073 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=642759908073&google_tc=
- https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=642759908073&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=642759908073&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3d385a75-a433-4c68-a60b-2b9922b8e2ef%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253D3d385a75-a433-4c68-a60b-2b9922b8e2ef&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3d385a75-a433-4c68-a60b-2b9922b8e2ef%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526uid%253D3d385a75-a433-4c68-a60b-2b9922b8e2ef&gdpr=0&gdpr_consent= HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d8d56d0b-572e-46e8-8525-2f79b6823851&ttd_puid=3d385a75-a433-4c68-a60b-2b9922b8e2ef%2Chttps%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26uid%3D3d385a75-a433-4c68-a60b-2b9922b8e2ef HTTP 302
- https://ums.acuityplatform.com/sum?umid=64&uid=3d385a75-a433-4c68-a60b-2b9922b8e2ef
57 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
moneymentors.ca/ Redirect Chain
|
68 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
moneymentors.ca/wp-content/themes/money-mentors/dist/css/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home-16x9-lg.jpg
moneymentors.ca/wp-content/uploads/ |
364 KB 364 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mm-programs-scripts.js
moneymentors.ca/wp-content/plugins/mm-programs/src/assets/js/ |
260 KB 91 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
moneymentors.ca/wp-content/themes/money-mentors/dist/js/ |
16 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
moneymentors.ca/wp-includes/js/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
143 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.js
origin.acuityplatform.com/event/v2/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-leaves.png
moneymentors.ca/wp-content/themes/money-mentors/dist/images/ |
118 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-dandelion.png
moneymentors.ca/wp-content/themes/money-mentors/dist/images/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-testimonial.jpg
moneymentors.ca/wp-content/themes/money-mentors/dist/images/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/b230ac/00000000000000000000ec0f/27/ |
19 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9cf49e/00000000000000000000e807/27/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/53dec0/0000000000000000000100fe/27/ |
19 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/a28b50/00000000000000000000e803/27/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
cdn.livechatinc.com/ |
79 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
about-4x3-lg-800x600.jpg
moneymentors.ca/wp-content/uploads/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pj
e.acuityplatform.com/ |
0 187 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
165 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3459516955640786254
acuityplatform.com/Adserver/pxlj/ |
623 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6451680826074040320
acuityplatform.com/Adserver/pxlj/ |
614 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ |
265 B 473 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 532 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1438137709765487
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5203105.js
bat.bing.com/p/action/ |
0 94 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 152 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1011
jadserve.postrelease.com/suid/ Redirect Chain
|
43 B 539 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sum
ums.acuityplatform.com/ Redirect Chain
|
0 743 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/55950/ Redirect Chain
|
0 330 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bswsync
crb.kargo.com/api/v1/ Redirect Chain
|
43 B 504 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/55950/ Redirect Chain
|
0 20 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sum
ums.acuityplatform.com/ Redirect Chain
|
0 743 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 407 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.ca/v1/ |
3 B 461 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_configuration
api.livechatinc.com/v3.3/customer/action/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 442 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open_chat
secure.livechatinc.com/customer/action/ Frame 00AD |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_localization
api.livechatinc.com/v3.3/customer/action/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 00AD |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.6277fa2f.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 00AD |
208 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.48fa8972.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 00AD |
217 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.59f18a1b.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 00AD |
401 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 00AD |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 00AD |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame B8E7 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
token
accounts.livechatinc.com/customer/ Frame 00AD |
138 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| dataLayer string| acuityAdsPixelKey function| aap function| acuityPiggybackCallback object| acuityAdsEventQueue object| wpApiSettings object| wp object| __lc function| setImmediate function| clearImmediate function| flatpickr function| vueRecaptchaApiLoaded object| webpackChunkmoney_mentors function| objectFitPolyfill object| google_tag_manager function| acuityParseResponse object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| uetq function| fbq function| _fbq boolean| __lc_inited object| LC_API object| gaGlobal object| gaplugins function| UET function| UET_init function| UET_push object| ueto_e237a5b69e object| p object| gaData34 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.accounts.livechatinc.com/v2/customer/token | Name: __lc_cid Value: 5e17c24f-80fb-4444-79cf-3b47d464b455 |
|
.accounts.livechatinc.com/v2/customer/token | Name: __lc_cst Value: 8646d3ccfc62cd776b58a6e614fd879e9a43dc3628060b4c8aa4e16970fdc08d3785f7048e473e19549d416a96763c9a1ed50b6826bbfe52a6581234c80b |
|
.accounts.livechatinc.com/customer/token | Name: __lc_cid Value: 5e17c24f-80fb-4444-79cf-3b47d464b455 |
|
.accounts.livechatinc.com/customer/token | Name: __lc_cst Value: 8646d3ccfc62cd776b58a6e614fd879e9a43dc3628060b4c8aa4e16970fdc08d3785f7048e473e19549d416a96763c9a1ed50b6826bbfe52a6581234c80b |
|
.bing.com/ | Name: MUID Value: 2EFFE3998D7D621230CAF2A18C5763FD |
|
.bat.bing.com/ | Name: MR Value: 0 |
|
.moneymentors.ca/ | Name: _ga_69LY6K74HG Value: GS1.1.1643220050.1.0.1643220050.0 |
|
.moneymentors.ca/ | Name: _uetsid Value: e56145307ed111ec96d143778d6c0625 |
|
.moneymentors.ca/ | Name: _uetvid Value: e5615cd07ed111ec831f2734da718b85 |
|
.acuityplatform.com/ | Name: auid Value: 642759908073 |
|
.moneymentors.ca/ | Name: _fbp Value: fb.1.1643220050417.814140090 |
|
.advertising.com/ | Name: APID Value: UPe572c02e-7ed1-11ec-9f27-0a3e110bef1d |
|
.tapad.com/ | Name: TapAd_TS Value: 1643220050436 |
|
.tapad.com/ | Name: TapAd_DID Value: 3d385a75-a433-4c68-a60b-2b9922b8e2ef |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.facebook.com/ | Name: fr Value: 0j09PmEZFtI7q3veL..Bh8YxS...1.0.Bh8YxS. |
|
.bidswitch.net/ | Name: c Value: 1643220050 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1643220050 |
|
.bidswitch.net/ | Name: tuuid Value: 50237fea-748c-4203-99a5-50da6d2bea3d |
|
.moneymentors.ca/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
.moneymentors.ca/ | Name: _ga Value: GA1.2.1777743868.1643220050 |
|
.moneymentors.ca/ | Name: _gid Value: GA1.2.1426672346.1643220051 |
|
.moneymentors.ca/ | Name: _dc_gtm_UA-11862957-1 Value: 1 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBFKM8WECEA4XO_AHhOmAq1tfT14Av0sFEgEBAQHd8mH7YQAAAAAA_eMAAA&S=AQAAAtZw35A0BxdIz9iiJyNSWkY |
|
.adsrvr.org/ | Name: TDID Value: d8d56d0b-572e-46e8-8525-2f79b6823851 |
|
.adsrvr.org/ | Name: TDCPM Value: CAESFAoFdGFwYWQSCwiqq76g-r-wOhAFGAUgASgCMgsIkMSxzZDAsDoQBTgB |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 1766~22vt |
|
.yahoo.com/ | Name: APID Value: UPe572c02e-7ed1-11ec-9f27-0a3e110bef1d |
|
.yahoo.com/ | Name: APIDTS Value: 1643220050 |
|
.kargo.com/ | Name: ktcid Value: c9ae08d9-4906-0e7f-5929-017ca4a32204 |
|
.tapad.com/ | Name: TapAd_3WAY_SYNCS Value: 1!642 |
|
.postrelease.com/ | Name: visitor Value: 42d46008-c70b-47e7-bc1d-7fb8057f11ed |
|
.postrelease.com/ | Name: status Value: 0 |
|
.acuityplatform.com/ | Name: aum Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBNjT6jXVzZXJNYXRjaGluZ0lkJAKAkWxhc3REcm9wVGltZU1pbGxpcyUBPyVxQhm0mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT8lcUIZtI90aGlyZFBhcnR5VXNlcklkYzNkMzg1YTc1LWE0MzMtNGM2OC1hNjBiLTJiOTkyMmI4ZTJlZvuCMTI5+kIkBIJDJQE/JXFCDaREIUUh+4ExN/pCJKJDJQE/JXFCDaREIUUh+4A0+kLIQyUBPyVxQg2kRCFFIfuCMTM1+kIkBI5DJQE/JXFCDaREIUUh+/uGdmVyc2lvbsL7 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.livechatinc.com
acuityplatform.com
ampcid.google.ca
ampcid.google.com
api.livechatinc.com
bat.bing.com
cdn.livechatinc.com
cm.g.doubleclick.net
connect.facebook.net
crb.kargo.com
e.acuityplatform.com
fonts.googleapis.com
fonts.gstatic.com
jadserve.postrelease.com
match.adsrvr.org
moneymentors.ca
origin.acuityplatform.com
p.typekit.net
pixel.advertising.com
pixel.tapad.com
secure.livechatinc.com
stats.g.doubleclick.net
ums.acuityplatform.com
ups.analytics.yahoo.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.moneymentors.ca
x.bidswitch.net
104.97.108.150
107.178.246.49
142.250.80.66
18.209.200.15
23.34.59.14
23.34.59.59
2600:1400:d:59c::19fd
2600:141b:13::17d7:8278
2607:f8b0:4006:807::2004
2607:f8b0:4006:80b::200e
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::200e
2607:f8b0:4023:1402::9a
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.213.101.77
34.192.200.46
35.211.178.172
35.71.131.137
54.175.87.114
69.90.254.51
69.90.254.73
69.90.254.78
72.10.51.91
04daf2b832858bc240510a1b7cd6d9879a8daf3f59af7744bd8b06555f89c077
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16187aaf2eba153762177649655bc361e75be334fca847d6db7ed8b2ee54fab9
180574a7ec868976cb4fe34f0beb147d1529258f0ecef4b239e94de5d971b1d0
1823ed6d967b506b110a547735f2e4eae2279a4147925bab4da6e7d676175a5b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d4b1856bd22e399248ad1ff4b80c023eb50a1084524d5a92dd0c0a173553274
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
355cc5a6317fff6c6339d6883ab3fefce64ab406d418ce573ef6129bc7418c27
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
53514e9357a8c815a249a7fba55ac8e7c49ae95378697efe10c3e9b56e867133
581a656c67d4f9be6b9b7ad9d84bfcc78b311f365aae938e8972539d6e0dc200
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5fdc751224948a09028fcda1755a06290bed363acd065dab3ac3ee170006cbeb
6f0fbb60ab4741f3dedef7f1f7f688932a79db9a7d0bc86f85308780cd2292b8
7322204ba2dadb3da7b1c59c4fa4efb8f4c7cb85dd33954416aaf1f4598ba6e8
788b2492ecc7de4022b4431e83f7f39239f53e40327577956b150dd40ee6feb5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844e98d5b0f809123ee66643269a08ba5cdd1c5d0763d5ec1f1c22316324fbe1
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d1235a2580a1bb3a875102004297de749286bd4b79d64289413dabc71e8df33
928fd5a09b6d0e11b385637dc6f51090171e16e6ed0449a6e3970110007057f8
9b71dc2178c673d789d40334922291f8175498272b2e3c379b699675c0464455
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
b4eda59f5caa9ce8b58a99deb6e050d19c66d9e37e646b364cf047579b30ea14
bb51c61c9c9c91d1fab0dc040a914cd004694d88d6e00a6a5560a0a41f94c4b3
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
be72a1c3d0a6dd034f5021b4e1b5a04ea5a9b64ea06c7119df68dd0715eaf968
c06a54763bc2e976a309f33340b4ea811b69729dccfcce89ed07540c05cba232
c2f80293c952f7999f45b3af70fabe13a4a14e6a3faf859219ef419c18a8f2f0
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cfe14176e45e37e609690064dbc832d7b57de8b0b7cc6e42a3f42626f23d2a63
d862fb0757e8c533304aaecaee8dcf31a675c809e820670211ec43863fe88054
d92cbc88da6476d00c6a90a7462896d81762d750464833a93547c3f2bc490786
da0cad19eb82750f1f5d6a69aad4fe78291937c69f467129b8d13a1ec9cce357
ddddcb652e4326f9d9fa65ad3a0fd79af2eee4f6be749e17890b29b1b8ccbc98
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2b361f69e6655a2795c08d479fffbc62e728afa7baedacafc3fd9c96928d10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a58c4c4d575e0ba25a85c8af51ca648c812a80463b7e0e1884e1905acc5374
f96ad85639cb0035acb07d7c4e9ff71bacb8a201bc654fdee69a62ebeca4cf99
ffd7399ad14f19f3aca7c09b4865913f84334dc8821fafcb931054d0dfaef9a0