nrlmortgage.com
Open in
urlscan Pro
35.190.45.195
Public Scan
Effective URL: https://nrlmortgage.com/
Submission: On October 30 via manual from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 17th 2020. Valid for: a year.
This is the only time nrlmortgage.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 195.45.190.35.bc.googleusercontent.com
nrlmortgage.com |
ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com
form.jotform.com | |
cdn.jotfor.ms |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN13335 (CLOUDFLARENET, US)
js.jotform.com | |
events.jotform.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-211-3.eu-west-1.compute.amazonaws.com
in.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
spacecrafted.com
static.spacecrafted.com |
3 MB |
9 |
jotfor.ms
cdn.jotfor.ms |
189 KB |
9 |
typekit.net
use.typekit.net p.typekit.net |
305 KB |
9 |
nrlmortgage.com
1 redirects
nrlmortgage.com |
174 KB |
5 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com |
76 KB |
4 |
jotform.com
form.jotform.com js.jotform.com events.jotform.com |
24 KB |
3 |
mymortgage-online.com
nrlmortgage.mymortgage-online.com |
15 KB |
2 |
facebook.com
1 redirects
www.facebook.com |
659 B |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
facebook.net
connect.facebook.net |
92 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
7 KB |
1 |
hotjar.io
vc.hotjar.io |
255 B |
1 |
atdmt.com
cx.atdmt.com |
423 B |
1 |
gstatic.com
fonts.gstatic.com |
11 KB |
1 |
jotform.io
widgets.jotform.io |
1 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
|
1 |
listen360.com
app.listen360.com |
1 KB |
1 |
jquery.com
code.jquery.com |
33 KB |
76 | 19 |
Domain | Requested by | |
---|---|---|
23 | static.spacecrafted.com |
nrlmortgage.com
|
9 | cdn.jotfor.ms |
form.jotform.com
cdn.jotfor.ms |
9 | nrlmortgage.com |
1 redirects
nrlmortgage.com
|
7 | use.typekit.net |
nrlmortgage.com
use.typekit.net |
3 | nrlmortgage.mymortgage-online.com |
nrlmortgage.com
|
2 | script.hotjar.com |
static.hotjar.com
nrlmortgage.com |
2 | www.facebook.com |
1 redirects
nrlmortgage.com
|
2 | js.jotform.com |
form.jotform.com
|
2 | www.google-analytics.com |
nrlmortgage.com
www.google-analytics.com |
2 | connect.facebook.net |
nrlmortgage.com
connect.facebook.net |
2 | p.typekit.net |
use.typekit.net
nrlmortgage.com |
2 | cdnjs.cloudflare.com |
nrlmortgage.com
form.jotform.com |
1 | events.jotform.com | |
1 | vc.hotjar.io |
script.hotjar.com
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | cx.atdmt.com |
nrlmortgage.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | widgets.jotform.io |
form.jotform.com
|
1 | fonts.googleapis.com |
nrlmortgage.com
|
1 | static.hotjar.com |
nrlmortgage.com
|
1 | www.googletagmanager.com |
nrlmortgage.com
|
1 | app.listen360.com |
nrlmortgage.com
|
1 | code.jquery.com |
nrlmortgage.com
|
1 | form.jotform.com |
nrlmortgage.com
|
76 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
ww2.e-billexpress.com |
www.facebook.com |
www.instagram.com |
www.linkedin.com |
twitter.com |
www.nmlsconsumeraccess.org |
www.hotjarconsent.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nrlmortgage.com Go Daddy Secure Certificate Authority - G2 |
2020-05-17 - 2021-07-16 |
a year | crt.sh |
use.typekit.net DigiCert SHA2 Secure Server CA |
2020-01-28 - 2022-02-01 |
2 years | crt.sh |
q2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-08-26 - 2021-08-25 |
a year | crt.sh |
*.jotform.com Sectigo RSA Domain Validation Secure Server CA |
2019-07-17 - 2021-07-16 |
2 years | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.listen360.com Go Daddy Secure Certificate Authority - G2 |
2019-11-06 - 2021-12-01 |
2 years | crt.sh |
*.mymortgage-online.com Amazon |
2020-09-24 - 2021-10-24 |
a year | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
*.hotjar.com Amazon |
2020-01-22 - 2021-02-22 |
a year | crt.sh |
*.jotfor.ms Sectigo RSA Domain Validation Secure Server CA |
2020-07-06 - 2022-07-06 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2020-10-10 - 2021-01-08 |
3 months | crt.sh |
*.hotjar.io Amazon |
2020-09-15 - 2021-10-15 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://nrlmortgage.com/
Frame ID: 3D61894FAE8A94AEB5A6B8071ED42894
Requests: 60 HTTP requests in this frame
Frame:
https://cdn.jotfor.ms/static/formCss.css?3.3.19641
Frame ID: CFB2C734E7B6B7C65391A1667AD77697
Requests: 16 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: C5A500B49FA136BC8068E5AB73AA6DC0
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://nrlmortgage.com/
HTTP 301
https://nrlmortgage.com/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Online Payment
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: NMLS Consumer Access
Search URL Search Domain Scan URL
Title: consent
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://nrlmortgage.com/
HTTP 301
https://nrlmortgage.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 68- https://www.facebook.com/tr/?id=378242436252251&ev=Microdata&dl=https%3A%2F%2Fnrlmortgage.com%2F&rl=&if=false&ts=1604087738283&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NRL%20Mortgage%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnrlmortgage.com%2F%22%2C%22og%3Atitle%22%3A%22NRL%20Mortgage%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%22name%22%3A%22NRL%20Mortgage%22%2C%22url%22%3A%22%2F%22%2C%22logo%22%3A%22https%3A%2F%2Fstatic.spacecrafted.com%2Fd8e0ea1975ee4445808af4d0c10f8932%2Fi%2Fd601c13f3d034a3f95fbca27ba092f61%2F1%2F5feFb8zhrk%2FlogoHortizontal.png%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A66%2C%22w%22%3A1184%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2Faccount%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fwww.schema.org%2FSiteNavigationElement%22%7D%2C%7B%22dimensions%22%3A%7B%22h%22%3A177%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FImageGallery%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1604087737778.2142995610&it=1604087737681&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
- https://cx.atdmt.com/?c=2193711435105304176&f=AYwxjL-dwK60FRvzZ6qqkq6JY_dLkYG5rAfztju31aWwZjH-TAVVyz4EiTBJADkj6ZF8v76AM1THEVo2_bRaLU4M&id=378242436252251&l=3&v=0
76 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nrlmortgage.com/ Redirect Chain
|
72 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
nrlmortgage.com/ |
461 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iab2ivu.css
use.typekit.net/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom
nrlmortgage.com/css/ |
56 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.respond.min.js
nrlmortgage.com/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
head
nrlmortgage.com/js/ |
1 KB 991 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoHortizontal.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/d601c13f3d034a3f95fbca27ba092f61/1/5feFb8zhrk/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hero-image---day-view.jpg
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/d3d8794c341e4765b2646104dc1bd834/1/GCuCv726gZycFxatknDdac/ |
92 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Homepage-icons---Fast.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/e915a5f6fb374521b2610b14443a6d4d/1/nGa1B4aos8qcQp1h7pY/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Homepage-icons--Options.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/c1a5527b5f9f4d1ca200c3b98c53e610/1/nGa1B4aos8qcQp1h7pY/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Homepage-icons-Service.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/d1508cacba0c43bd87ed39396b5aa625/1/nGa1B4aos8qcQp1h7pY/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
White%20500.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/d2b8ed413d224c70afe82a7b309a06c7/1/4SoifmQp45JMgBnHdkQcU/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
White%20chronicle.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/eadb242039774691a1762285b766487e/1/4SoifmQp45JMgBnHdkQcU/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
White%20Zillow.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/b6b4602becf3475ca6029c1b07ebec93/1/4SoifmQp45JMgBnHdkQcU/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
White%20BBB.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/aaf43fd8659341159d805bbe18776efd/1/4SoifmQp45JMgBnHdkQcU/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
White%20-%20TML.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/c0413f07cb024ba993cd6cdbd7410d15/1/4SoifmQp45JMgBnHdkQcU/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
White%20nmp.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/bee95eeba94e4dbe83526a803e27ee52/1/4SoifmQp45JMgBnHdkQcU/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
test.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/f65c530ba00b4b479aa2c5b21e7fca9f/1/GCuCv727RiYFXYTGtneQTe/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
topRightNopx.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/b86bcf9df5be475d9b20ca6f4ec29695/1/GCuCv726gZycFxatknDdac/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loanTypes%402x.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/dea87564f49b4fa8aaba07e46946bbcf/1/4SoifmQp45JMgBnHm9g4L/ |
56 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Conventional.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/af5e51d1edba4eb7978d04827b8b0289/1/nGa1B4aos8qcQp1h7pY/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FHA.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/b856985dbab84799bff596145a9da539/1/nGa1B4aos8qcQp1h7pY/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VA3.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/dbe8253c8fcc462b927c8087e4d1f439/1/nGa1B4aos8qcQp1h7pY/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
USDA.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/ed1bf897942b494fb91ee631f3841ad2/1/nGa1B4aos8qcQp1h7pY/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Jumbo.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/be8f5ff83d184c3c85137306aad838f5/1/nGa1B4aos8qcQp1h7pY/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Other.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/e1520159e5fe46bf84628c5a10ffb669/1/nGa1B4aos8qcQp1h7pY/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Buying%20with%20certainty.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/d0b11b92acc94446a93ecc0fa4a01ceb/1/5feFb8zhrk/ |
393 KB 393 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
92105545658158
form.jotform.com/jsform/ |
53 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Equal_Housing_Opportunity%20%25282%2529%20%25282%2529-01.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/d6067a2d6b714c9987a12ad528c199fe/1/5feFb8zhrk/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteBundle.js
nrlmortgage.com/ |
101 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.public-reviews.js
app.listen360.com/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.min.js
nrlmortgage.mymortgage-online.com/runtime/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countyList.min.js
nrlmortgage.mymortgage-online.com/runtime/ |
34 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.js
nrlmortgage.mymortgage-online.com/runtime/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
body
nrlmortgage.com/js/ |
80 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collections.js
nrlmortgage.com/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 176 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
88 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1827590.js
static.hotjar.com/c/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-kY3Fchf3P3z2TQKWSjni8g7CYBxhap3sbX8byicp5qfeGSgfO_HJsJ1FQ93wRMhWhbtZQg8jQIoFDm8ZQbXF29tw2yyZRsqwewUwejt5QwkeKF0ScUlda4XZhB1ZPoRdhXCiaiaOcokdeuzS1s1jAi8OcFzdPJHZ1mXiW4yjcNCZfJHZ1mXiW4yjcNz-kG4fJBmI...
use.typekit.net/ik/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/602e61/00000000000000003b9ad063/27/ |
30 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/2d988a/00000000000000003b9b1338/27/ |
44 KB 45 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/5e9c68/00000000000000003b9ad05f/27/ |
30 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
formCss.css
cdn.jotfor.ms/static/ Frame CFB2 |
65 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nova.css
cdn.jotfor.ms/css/styles/ Frame CFB2 |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
printForm.css
cdn.jotfor.ms/css/ Frame CFB2 |
456 B 642 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
566a91c2977cdfcd478b4567.css
cdn.jotfor.ms/themes/CSS/ Frame CFB2 |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment_feature.css
cdn.jotfor.ms/css/styles/payment/ Frame CFB2 |
30 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame CFB2 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
punycode.min.js
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame CFB2 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prototype.forms.js
cdn.jotfor.ms/static/ Frame CFB2 |
126 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jotform.forms.js
cdn.jotfor.ms/static/ Frame CFB2 |
469 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postMessage.js
js.jotform.com/vendor/ Frame CFB2 |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidgetsServer.js
js.jotform.com/ Frame CFB2 |
30 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.min.js
widgets.jotform.io/getParentUrl/min/ Frame CFB2 |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/309dfe/000000000000000000010091/27/ |
91 KB 91 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ |
100 KB 100 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
378242436252251
connect.facebook.net/signals/config/ |
234 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 182 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 332 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.8831d20acac5f9d5fa63.js
script.hotjar.com/ |
361 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appointmentSlots.css
cdn.jotfor.ms/css/styles/ Frame CFB2 |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
control_inline.css
cdn.jotfor.ms/css/styles/control_inline/ Frame CFB2 |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame CFB2 |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
43 B 423 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
White%20-%20Top%20100.png
static.spacecrafted.com/d8e0ea1975ee4445808af4d0c10f8932/i/d8dc4e34ff554dab8908bbe2162b3192/1/4SoifmQp45JMgBnHdkQcU/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame C5A5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/1827590/ |
178 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1827590
vc.hotjar.io/sessions/ |
0 255 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-hotjar_5.65042d.woff2
script.hotjar.com/ |
2 KB 3 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
events.jotform.com/jsform/92105545658158/ Frame CFB2 |
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
81 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| html5 object| Modernizr object| respond object| dataLayer function| fbq function| _fbq function| hj object| _hjSettings object| TypekitConfig string| GoogleAnalyticsObject function| ga object| qsProxy function| FrameBuilder object| i92105545658158 function| handleIFrameMessage function| isPermitted function| $ function| jQuery object| Typekit object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| jQuery11240026776082058986628 function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| getSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery object| scGeo function| scAdaptations function| scScrollToHash function| scSetupImageShapes function| postscribe object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| Elli object| CountyList function| toggleNavMenu function| skipNavigation function| isBrowserIE function| updateMenuLinksCount object| calcMenuBlocks object| workFlowIds function| buildApplicationModal function| renderLastLoanOfficerFooter function| recordLastLoanOfficerVisit function| buildTeamMemberCustomizations function| loadLoanOfficersAtLocation function| buildBranchCustomizations string| initialSrc string| scrollSrc function| buildTabset undefined| $loSearchResultsContainer object| RATES_FIELD_MAPPING function| toggleCalculatorDropdownOrRadio function| onInputKeyDown function| onInputKeyUp function| onCalculatorSubmit function| onMortgageCalculatorButtonClick function| downPaymentOnBlur object| RatesFieldMapping function| runtimeRelativeFileResolver object| MortgageCalculatorUtils object| MortgageCalculatorDebtUtils object| MortgageCalculatorTables object| MortgageCalculator object| RatesCalculator object| collections7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nrlmortgage.com/ | Name: _fbp Value: fb.1.1604087737778.2142995610 |
|
.nrlmortgage.com/ | Name: _gat Value: 1 |
|
nrlmortgage.com/ | Name: deviceType Value: desktop |
|
nrlmortgage.com/ | Name: devicePixelRatio Value: 1 |
|
.nrlmortgage.com/ | Name: _hjid Value: 0fc543fa-8e6f-48dc-af32-2a27f382b750 |
|
.nrlmortgage.com/ | Name: _gid Value: GA1.2.458770197.1604087738 |
|
.nrlmortgage.com/ | Name: _ga Value: GA1.2.599834668.1604087738 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.listen360.com
cdn.jotfor.ms
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cx.atdmt.com
events.jotform.com
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
in.hotjar.com
js.jotform.com
nrlmortgage.com
nrlmortgage.mymortgage-online.com
p.typekit.net
script.hotjar.com
static.hotjar.com
static.spacecrafted.com
use.typekit.net
vars.hotjar.com
vc.hotjar.io
widgets.jotform.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
199.232.198.49
2001:4de0:ac19::1:b:2b
2606:4700:10::6814:3040
2606:4700:11::6817:850b
2606:4700:11::6817:860b
2606:4700::6810:125e
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:818::2003
2a00:1450:4001:820::200a
2a02:26f0:10c:581::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
35.190.45.195
35.201.118.58
54.246.211.3
65.9.20.19
65.9.20.22
65.9.20.33
65.9.20.68
65.9.20.84
044c609dbb5a15d669dbabbd590c572401b960ec26f825723ffb73692ce8e23f
046fbec4d7e5634cf6fed28b266d3ffced465553eec5091535889726e432fdb2
0b670e015b81122035c5a7dfd0d01691a1dbad0a3bf19fd5cc0e9c5090b2030b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ee7c22488c98064197d838157e30b0d3c71b0afd5c9cccb6a8386e3c1cd858c
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124792b9cde1780baadb0bddc62b77f8534bbf9804306b243951b66ca2e3ab5f
1557ec68933a4324704a54d6bb3ecf94c62e237f145107178ad12ef93e33080a
19223c540417067727cadc32841083e77315b02b30d8f873bfe860e67858e23b
1b8837eb95ce997b695be0200cdbdc57a7fbfc67a7146798a7d4456071c3039d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22218c9fbc32aef6b2b3a8e1fc198a5528f289776b35b542bf0c8cb63e1449ac
2395ce599bba81b7b031207d511f3ccb41a68898bd02c41c0b352903f3013670
24f4017082465f7e92307e0ef8da7df7fa8ab1dd4ae3e18e091a38c01f018657
25d4ea541b3527327faf086aaef511a54ae1db3602a58bac02ff13e156fd27b1
265481ac5803ff2f5a0ac6b8d0caf2e63e8b921ca700bac1f4dd77150456e771
2e8ed849703a5855c4f20d917a88d280192958585108955df942d8f8ee762e55
3daada6c8ceb04bbe66c3ffb27e3a2dfe68ab333bb1cb5f990fd108a944e0b2f
3faa7d19f8debcf22e259edf367e354bed523fdd702fc00112c9f76d10dbc74b
4a7868c998b4e576ecc2649d71af5d0fd8e8d41a195b7a7f144d0613b15e23ce
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a1a32e8c7bb8e3cb1b65d0200e1ca70867205f4ff836bae85c8e7c72d8207dd
5abb5d871d74b2d16553ea6b4e4b8b2a1bcedff715d3477d9428cf73fec5b711
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62ec6d73cf1f336d508a9f5abd54014c8e56412ca57c442707c3c4d1545b2227
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66ea15675cda29186279e6cc52f287d1f313d65752dbd9280fc5b547f28af2d5
74cd1133047bd265a11994156041be71b863b22b514a72513538046b1c401852
7d47b5895d3211f50b70bde686b4b2f0b793e794d5662f2ad9a9f5bcd354f220
7e60f3b2aa6060a4ec31461d59144cd1cfed3ec7a66471867763023de83fc32c
81c9a35fd135f9fdc55851bf1703e398b2403b7d31fe6e790f8af459fa526ce1
81e80ee9f76c33a09fe3cfe56a41718290bd5abd3a41d9cd9805edb5e4a83602
8235f3f66ac26c61c85992211196dbb3d14f9634b067b6d13ed3a2ad9607ff12
83eb747d58ab1e91f560bc97a1cf368fda5f42c76c82ecbc35477cc22f73e2ae
84a3e3b73fddc0fcd0723fcff5e0d716863dfdc2f282cbc44e209db66648dd5c
8af0ff05fa8447dd898b65dbebba08997b09c04f147dc784fde587f455221e1d
8f24582b70a106b674fba0bc845933ea25001112265fe71db83bd65a77ff51d9
93ae3117e7199a27c770ee27e00cf9ea2694099ad73855b829cefd1be0e265a7
98d9411d9d8f93d98dababd34968104694e4607aa3e8617ab5b1b54ee7ffab49
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bbf2d61bb896d9c08bdd8e6abf59b6eb9ddeaae19dd0141310a65c9a3cb1e78
9bc7e9daf9699f256d27461ce8058976d327563136bdea1a670576df74f0b89c
9f5f2604ccd8f36f63a163e2148cff7fc3253b46fc9837e477316aaefb992dc2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
a8de9c26b557a6a325fbd704030cea30378f3d1dcefcc6477453a5648ef88028
a988622761dbbfafcec0e1d5393e0060159f338d9cb89cd44f068fbe878544d4
abd00c4f94b7781f03cddbd7a01d15675f9414536ca0128427aeba6bada91587
b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7
b4bd42c05256b61e0437fb6e9c7f2dd931d82c11fd5894c2524300cd3bf48c18
b5a84e67ac9d20c0065ddf8dc54f6c00503eed592248bb00ac321c134f0a053b
bc3218c5c141387ea4c890380de8b57912d11cf2ee589db82d9dffd2c1c73c74
bc4f4e6543f6c1ffb921dde82d2e8914eea2142b5553c05b80ce98aa9ad1727b
bddc3bc38c76152ce1b84e7251add4642efbc79968d96204c92837189c44e877
bf4aeffd4f501fa0ea7757226906396c8233418660d7319a041dd6ab43f78cf0
c4ab5dad08deb8861501560891d05fe25568ab5753d07bf514138b94246c7a55
c4da219c60e4e3ea3f66471b8a646cdbc984f93169718494bfd465d717a7022d
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c5b7d1ae78a8c9f837399d5ab184059f2e113da23641efb16b55a483783a57b4
caefbe21fe71d01d23fed884d7b6cfd5a95bdfb2cbb7d51d1e2ed0ee83157ac9
cd437b53a157b23a8684e626d38b33753c629265c8a7a38d31126989c2e60b92
d348c74923930a96e86fc67f9bbe6de102b37aad2f613c3477466ac024a9aa52
d6855d5d6b5c4e16300755cb6b8054d6ac8e8a754d74475345e6486702b868fb
d7f0cab968945448a8aa0285c396d0dbe076776ebcda95359413842e04a89065
e208307a77482d4dbe1f9cb902b4338e2c5c7df842d10b045c5dc7cff120f9e8
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebb36fc57c369a76b1b1cdea81300fceba444906250c9b010d048300ee15c5a0
ef00d3d290ed904ae7045b7898d41db384ed0b19a0b731d65c0bdccac2ba5c30
f0e9f241cec03c8ce0cfb4dd2e2c48f5cc89745261cf9f1c6ce61745cf00d21e
f71e7f086748ec0bcd7fefd95799c5eb435f2e775449d23c7bdf0718c09a9e07
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da