![](/screenshots/d6abe34e-2352-4bf0-afa8-7b55b3ed5536.png)
www.mrcooper.com
Open in
urlscan Pro
104.16.157.114
Public Scan
Effective URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Submission: On May 01 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2024. Valid for: 3 months.
This is the only time www.mrcooper.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14340 (SALESFORCE, US)
PTR: click.email.nationstarmail.com
click.email.nationstarmail.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net
static.hotjar.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com | |
c.bing.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
script.hotjar.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
oc-cdn-ocprod.azureedge.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-190-76.compute-1.amazonaws.com
geo.qualaroo.com |
ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
mrcooper.com
www.mrcooper.com — Cisco Umbrella Rank: 109127 |
2 MB |
7 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404 |
21 KB |
5 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 747 c.clarity.ms — Cisco Umbrella Rank: 1371 p.clarity.ms — Cisco Umbrella Rank: 576208 |
28 KB |
4 |
azureedge.net
oc-cdn-ocprod.azureedge.net — Cisco Umbrella Rank: 36661 |
45 KB |
4 |
bing.com
1 redirects
bat.bing.com — Cisco Umbrella Rank: 337 c.bing.com — Cisco Umbrella Rank: 228 |
16 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
298 KB |
2 |
qualaroo.com
geo.qualaroo.com — Cisco Umbrella Rank: 40401 dntcl.qualaroo.com — Cisco Umbrella Rank: 10670 |
381 B |
2 |
amazonaws.com
s3.amazonaws.com |
51 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
74 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 737 script.hotjar.com — Cisco Umbrella Rank: 933 |
59 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
27 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 242 |
599 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 594 |
18 KB |
1 |
omnichannelengagementhub.com
unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com — Cisco Umbrella Rank: 165043 |
670 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
274 B |
1 |
vimeocdn.com
extend.vimeocdn.com — Cisco Umbrella Rank: 10489 |
6 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
347 B |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817 |
7 KB |
1 |
vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2026 |
12 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
1 KB |
1 |
nationstarmail.com
1 redirects
click.email.nationstarmail.com — Cisco Umbrella Rank: 205780 |
280 B |
0 |
googleapis.com
Failed
storage.googleapis.com Failed |
|
69 | 22 |
Domain | Requested by | |
---|---|---|
27 | www.mrcooper.com |
www.mrcooper.com
static.cloudflareinsights.com |
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | oc-cdn-ocprod.azureedge.net |
www.mrcooper.com
oc-cdn-ocprod.azureedge.net |
3 | bat.bing.com |
www.mrcooper.com
bat.bing.com |
3 | www.googletagmanager.com |
www.mrcooper.com
www.googletagmanager.com |
2 | c.clarity.ms | 1 redirects |
2 | www.clarity.ms |
bat.bing.com
www.clarity.ms |
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | s3.amazonaws.com |
www.mrcooper.com
|
2 | connect.facebook.net |
www.mrcooper.com
connect.facebook.net |
2 | cdnjs.cloudflare.com |
www.mrcooper.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | p.clarity.ms |
www.clarity.ms
|
1 | c.bing.com | 1 redirects |
1 | js-agent.newrelic.com |
www.mrcooper.com
|
1 | dntcl.qualaroo.com |
s3.amazonaws.com
|
1 | geo.qualaroo.com |
s3.amazonaws.com
|
1 | unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com |
oc-cdn-ocprod.azureedge.net
|
1 | www.facebook.com |
www.mrcooper.com
|
1 | extend.vimeocdn.com |
www.googletagmanager.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
www.mrcooper.com
|
1 | static.cloudflareinsights.com |
www.mrcooper.com
|
1 | player.vimeo.com |
www.mrcooper.com
|
1 | cdn.jsdelivr.net |
www.mrcooper.com
|
1 | click.email.nationstarmail.com | 1 redirects |
0 | storage.googleapis.com Failed |
www.mrcooper.com
|
69 | 28 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mrcooper.com GTS CA 1P5 |
2024-04-02 - 2024-07-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
player.vimeo.com E1 |
2024-03-29 - 2024-06-27 |
3 months | crt.sh |
cloudflareinsights.com GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M03 |
2024-02-07 - 2025-03-08 |
a year | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 02 |
2024-05-01 - 2024-06-27 |
2 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-09 - 2024-05-08 |
3 months | crt.sh |
s3.amazonaws.com Amazon RSA 2048 M01 |
2024-02-08 - 2025-01-11 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-11-22 - 2024-12-23 |
a year | crt.sh |
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 04 |
2024-04-09 - 2025-04-04 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.omnichannelengagementhub.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-04-10 - 2025-04-05 |
a year | crt.sh |
*.qualaroo.com Amazon RSA 2048 M02 |
2024-04-01 - 2025-04-30 |
a year | crt.sh |
dntcl.qualaroo.com R3 |
2024-04-06 - 2024-07-05 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-03-21 - 2025-04-22 |
a year | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Frame ID: BDC124A318D61687F4A0D763A51FE53E
Requests: 67 HTTP requests in this frame
Frame:
https://dntcl.qualaroo.com/frame.html
Frame ID: 7FEEE52C25D006C4364C51ED405D67D0
Requests: 1 HTTP requests in this frame
Frame:
https://oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/htmls/chatv2.html?data-app-id=866e40c5-3b87-4d39-8309-af41bbcd3eef&data-org-id=4aee2179-7bd9-ed11-aece-000d3a323213&data-org-url=https://unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com&hostname=www.mrcooper.com&data-hide-chat-button=&data-suggested-action-layout=stacked&data-lcw-version=prod&data-render-mobile=false&data-color-override=%23009fc7
Frame ID: 87AFFE576692D6BB2B54BBE365E7FFD0
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/d6abe34e-2352-4bf0-afa8-7b55b3ed5536.png)
Page Title
Welcome! | Mr. Cooper Home Loans - Mortgage Transfer Support Q&APage URL History Show full URLs
-
https://click.email.nationstarmail.com/?qs=6de45ae641855fa822137100ba26be2f534c7f19ed966c80b328dcf7e2972b9cf38bec15...
HTTP 302
https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redca... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Hotjar.png)
Detected patterns
- //static\.hotjar\.com/
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: App Store
Search URL Search Domain Scan URL
Title: Google Play
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: Master Servicing
Search URL Search Domain Scan URL
Title: Customer Testimonials
Search URL Search Domain Scan URL
Title: 2023 Cyber Incident
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: twitter
Search URL Search Domain Scan URL
Title: linkedin
Search URL Search Domain Scan URL
Title: instagram
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: www.nmlsconsumeraccess.org
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.email.nationstarmail.com/?qs=6de45ae641855fa822137100ba26be2f534c7f19ed966c80b328dcf7e2972b9cf38bec156a4c85d8132eb840bb8465ea6194408500ead291
HTTP 302
https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 55- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&RedC=c.clarity.ms&MXFR=32F3A0EFC781650D3F33B49DC3816BDE HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&MUID=19A807216A3D6BC1262713536B916A7F
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
welcome
www.mrcooper.com/ Redirect Chain
|
61 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
www.mrcooper.com/assets/ |
2 MB 213 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
shadydom.min.js
cdnjs.cloudflare.com/ajax/libs/shadydom/1.7.0/ |
44 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.js
cdn.jsdelivr.net/npm/object-assign-polyfill@0.1.0/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
interact_banner-2bb1b8b363a37376691e562d8565ec4e48e8b8052690100786542d0b4a1ebe3e.js
www.mrcooper.com/assets/ |
86 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min-a6ed45d15e46615f8c15931ca254e398a912e770b10122a4435529a1a523180d.js
www.mrcooper.com/assets/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DeviceDetector.min-c92d5c98448974e2ba50160478b9247c3900e42ef26d0f663666bf89c09f868c.js
www.mrcooper.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
application-5b16a2ae040c2503a1d0b78d91ec5924c12415447f4592214ca413440624393f.js
www.mrcooper.com/assets/ |
1 MB 367 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
velocity.min.js
cdnjs.cloudflare.com/ajax/libs/velocity/1.5.2/ |
44 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
animations-9f5fe33ba81608fd7f0af209db600e49b08cfbd89ff587fa707ef7d5edc60fe5.js
www.mrcooper.com/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ic-close-blue-f317a98031701d673d1fb9a012740836ef2795dd9c4161f73fccd74effec6188.svg
www.mrcooper.com/assets/ |
662 B 554 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-failure-round-1b29161ae415fd3f9a93bdaf2d740b758bd2f34f09edd54b6d1eeb3793fc81be.svg
www.mrcooper.com/assets/ |
532 B 543 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendor-79f2d8b32a58b790869aae0945fde5af979fcd08b7c4a9e8b622cb0bd5455291.js
www.mrcooper.com/assets/ |
1 MB 214 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
phones-e20bca6b515e1d751064224728754fce81be23d97ed3a121724f9f90c4f744d3.png
www.mrcooper.com/assets/ |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google-play-93269ae059a288ccc373235e2548ecbf7cf25f0753a99a7f0b74fcc1bb4b6718.png
www.mrcooper.com/assets/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
apple-store-7e8075d0a8254466b150ddc3ff522c12b8420c372c184eef6329bf5e4f0accd5.png
www.mrcooper.com/assets/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
player.js
player.vimeo.com/api/ |
37 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
find-your-loan-initializer-6b4c6318f5847ac5708659205157c7d5243ba2c2d8909707315717634d3a9c01.js
www.mrcooper.com/assets/ |
65 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
welcome-faq-initializer-67ccf15ec382e18296316e29a4dd7e995dffb10859e6092fa606d06ab3d59ca6.js
www.mrcooper.com/assets/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
play_vimeo-b6d9bc47c47f79eb78f9230afff0ac6124dfbe913df36fd563f7f1c256e4e852.js
www.mrcooper.com/assets/ |
262 B 399 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common-components-initializer-7144def2de90041d6ff47778c1c29ebd9a0a1c79fe6baa5bb04a0d0cea231b68.js
www.mrcooper.com/assets/ |
1 MB 454 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
468 KB 121 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chat
www.mrcooper.com/omnichannel/ |
93 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Black.woff2
www.mrcooper.com/fonts/ |
173 KB 173 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Regular.woff2
www.mrcooper.com/fonts/ |
178 KB 179 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Black-Italic.woff2
www.mrcooper.com/fonts/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ic-eye-260e5b01666721a7b552ec3ad94472dfcc865de4ddfdaca7e115dd7c08bc2ab0.svg
www.mrcooper.com/assets/ |
599 B 578 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Bold.woff2
www.mrcooper.com/fonts/ |
181 KB 181 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icomoon_shared-7717ccb61085f7671513b4d34111c94e3d34d3ed7751ab4657fc1cc42afc96f6.ttf
www.mrcooper.com/assets/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
287 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
223 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1444525.js
static.hotjar.com/c/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f86.js
s3.amazonaws.com/ki.js/65142/ |
303 B 698 B |
Script
application/ecmascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
config
www.mrcooper.com/omnichannel/ |
5 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f89.js
s3.amazonaws.com/ki.js/65142/ |
164 KB 51 KB |
Script
application/ecmascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.6d59a1e4d239d258535b.js
script.hotjar.com/ |
221 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72899161.js
extend.vimeocdn.com/ga/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5065759.js
bat.bing.com/p/action/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 286 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1498188900425660
connect.facebook.net/signals/config/ |
67 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LiveChatBootstrapper.js
oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/ |
123 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
chime.mp3
storage.googleapis.com/apolloimage/images/omnichannel/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5065759
www.clarity.ms/tag/uet/ |
855 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4aee2179-7bd9-ed11-aece-000d3a323213
unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com/livechatconnector/v2/lcwfcsdetails/ |
240 B 670 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.32/ |
61 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
geo.qualaroo.com/json/ |
194 B 381 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.html
dntcl.qualaroo.com/ Frame 7FEE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-rum-1.258.0.min.js
js-agent.newrelic.com/ |
50 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 441 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
www.mrcooper.com/cdn-cgi/ |
0 142 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
p.clarity.ms/ |
0 296 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
6b2288c4ec
bam.nr-data.net/1/ |
150 B 599 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.mrcooper.com/ |
2 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LiveChatBootstrapper.js
oc-cdn-ocprod.azureedge.net/livechatwidget/v2scripts/ |
56 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LiveChatWidgetFrame.css
oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/styles/ |
1 KB 870 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatv2.html
oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/htmls/ Frame 87AF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
trackInteraction
www.mrcooper.com/omnichannel/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- storage.googleapis.com
- URL
- https://storage.googleapis.com/apolloimage/images/omnichannel/chime.mp3
- Domain
- www.mrcooper.com
- URL
- https://www.mrcooper.com/omnichannel/trackInteraction
Verdicts & Comments Add Verdict or Comment
93 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| setImmediate function| clearImmediate function| P object| mrc object| NREUM object| webpackChunk:NRBA-1.258.0.PROD object| newrelic object| dataLayer function| $ function| jQuery object| DeviceDetector function| _createClass function| _classCallCheck object| Foundation object| jQuery112406656784549336832 object| I18n object| ApolloAssets string| userAgent boolean| isIE undefined| modal undefined| button function| showLoadingAnimation function| hideLoadingAnimation object| __core-js_shared__ object| core object| regeneratorRuntime boolean| _babelPolyfill function| _ object| humps object| Redux object| ReactRedux object| ReduxThunk object| ReactDOM object| React function| moment function| momentTimezone function| Lodash object| Validator object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| google_tag_manager object| google_tag_data object| _kiq function| getJsonFromUrl object| paramJson function| hj object| _hjSettings function| delete_cookie boolean| onlyNull object| uetq function| fbq function| _fbq string| trackingId string| GoogleAnalyticsObject function| ga function| getAuthenticationToken object| m object| __cfBeacon object| el function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| gaplugins object| gaData object| prefill function| toNumber function| loanAmountFunc function| buyFunc function| sellFunc function| UET function| UET_init function| UET_push object| ueto_e580f69aba object| exitChatData string| loanNumber string| appName boolean| chatNudgeEnabled number| chatNudgeTimer function| __vimeoRefresh object| KI function| __awaiter function| __generator object| Microsoft function| clarity object| clarityuetq33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.mrcooper.com/ | Name: utm_source Value: exacttarget |
|
www.mrcooper.com/ | Name: utm_campaign Value: lmt_43_53_redcarpet |
|
www.mrcooper.com/ | Name: utm_medium Value: email |
|
www.mrcooper.com/ | Name: guid Value: 9573d158-d24b-4e00-bee8-abf000c23f8e |
|
www.mrcooper.com/ | Name: _apollo-web_session Value: 5b8e2e1b770d8607d893ff16071e89f7 |
|
.vimeo.com/ | Name: __cf_bm Value: ooMRoZj1enBrN.nk6pQ_DF8oYDGKe0ZsChtYmdxSBAk-1714576432-1.0.1.1-nGFyb.OVatBFZENZ..Bu8FXyVmD2FQgFlrAx0ViYpmk43439ziJJX.qMtBfs5OUlYnMr1YDcbfBINE0emxmbrw |
|
.vimeo.com/ | Name: _cfuvid Value: rwATwHzDYF7QFjVNSgqlK6FZQmxvFH059bU9U5Qbk7E-1714576432511-0.0.1.1-604800000 |
|
.mrcooper.com/ | Name: _gcl_au Value: 1.1.1563098980.1714576433 |
|
www.mrcooper.com/ | Name: utm_source_cookie Value: exacttarget |
|
www.mrcooper.com/ | Name: utms Value: exacttarget,email,lmt_43_53_redcarpet,undefined,undefined |
|
.mrcooper.com/ | Name: _ga_2HY4QRV7HT Value: GS1.1.1714576432.1.0.1714576433.0.0.0 |
|
.mrcooper.com/ | Name: _ga Value: GA1.2.1866876835.1714576433 |
|
.mrcooper.com/ | Name: _gid Value: GA1.2.1043611674.1714576433 |
|
.mrcooper.com/ | Name: _dc_gtm_UA-12910956-1 Value: 1 |
|
.mrcooper.com/ | Name: _uetsid Value: 6bd3cc6007cd11efb4802723b16279a9 |
|
.mrcooper.com/ | Name: _uetvid Value: 6bd4912007cd11ef9216ab775ccc57eb |
|
.bing.com/ | Name: MUID Value: 19A807216A3D6BC1262713536B916A7F |
|
.mrcooper.com/ | Name: _hjSessionUser_1444525 Value: eyJpZCI6IjE3NjU3MzM4LTY1N2EtNTUyNy1hNmNiLWRlYjNmZmQ1ODlmMCIsImNyZWF0ZWQiOjE3MTQ1NzY0MzMxODAsImV4aXN0aW5nIjpmYWxzZX0= |
|
.mrcooper.com/ | Name: _hjSession_1444525 Value: eyJpZCI6ImUyZmQ3MmMzLTk0MjYtNGYwMC05NWJkLTdiMTJhNjQxNWM3MyIsImMiOjE3MTQ1NzY0MzMxODcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0= |
|
.mrcooper.com/ | Name: _fbp Value: fb.1.1714576433249.245798172 |
|
www.clarity.ms/ | Name: CLID Value: f717d697c1234b2d8db5fcb1055fc4a3.20240501.20250501 |
|
.mrcooper.com/ | Name: _clck Value: 2ajxee%7C2%7Cfle%7C0%7C1582 |
|
www.mrcooper.com/ | Name: ki_t Value: 1714576433993%3B1714576433993%3B1714576433993%3B1%3B1 |
|
www.mrcooper.com/ | Name: ki_r Value: |
|
.mrcooper.com/ | Name: _gat_UA-12910956-1 Value: 1 |
|
www.mrcooper.com/ | Name: ga_client_id Value: 1866876835.1714576433 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 19A807216A3D6BC1262713536B916A7F |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 19A807216A3D6BC1262713536B916A7F |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
.mrcooper.com/ | Name: _clsk Value: 9ukeis%7C1714576434446%7C1%7C0%7Cp.clarity.ms%2Fcollect |
19 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
click.email.nationstarmail.com
connect.facebook.net
dntcl.qualaroo.com
extend.vimeocdn.com
geo.qualaroo.com
js-agent.newrelic.com
oc-cdn-ocprod.azureedge.net
p.clarity.ms
player.vimeo.com
region1.google-analytics.com
s3.amazonaws.com
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.mrcooper.com
storage.googleapis.com
www.mrcooper.com
104.16.157.114
104.16.87.20
104.17.24.14
128.17.96.3
13.32.27.107
146.75.122.109
162.159.138.60
162.247.243.29
172.217.18.14
18.66.102.53
20.122.63.128
20.232.115.241
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2602:816:5001::39
2606:4700::6810:5049
2620:1ec:46::64
2620:1ec:bdf::64
2620:1ec:c11::237
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:400c:c02::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.211.190.76
52.217.227.0
68.219.88.97
12c0d4bf891eda253a66a3dd282d1704271d39cf9a8efaa321fdafcb230cbc2c
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f
1b29161ae415fd3f9a93bdaf2d740b758bd2f34f09edd54b6d1eeb3793fc81be
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
260e5b01666721a7b552ec3ad94472dfcc865de4ddfdaca7e115dd7c08bc2ab0
29f0d60cfaa05f3764e61320cf7bbd934c053b6bb0c41ad61b4e682b0c1d6fae
2b70558ce0e8be8904a217a830a0e869cb18cf92ac2f2df556aa3352872548cf
2b82608378c4dfff8c4ab567157c4e2cf58cd923cec441aa784a6beb97c8ede0
2bb1b8b363a37376691e562d8565ec4e48e8b8052690100786542d0b4a1ebe3e
34455358cf170b5f063d6b219a563a0fface0b1ba1b469d9991f40d86b349be7
34bb46634d07ac579411823eb39fac1376b012257460066a98b95075d086ccdd
38ab9974fe0410abd8e112c27a262ad5fae17d29f303ba8c648e2b43376725cb
3e2460dc56871a6d49ccd59a2c104a3255be6f928b3a0a629bbe1056632a7814
47309252c09e4ca1d797dc8ad1bea7e7d881a47b2b8f40adf63c19cf9cb93559
4d95576681bebaba6008bbd7aeec298ee3896c50fcec5bf50f1cae97197fa022
5b16a2ae040c2503a1d0b78d91ec5924c12415447f4592214ca413440624393f
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5e41de6c12e79b0ec21a94168c561223c967126ac8e0e4c7831258d3c932dcc7
67ccf15ec382e18296316e29a4dd7e995dffb10859e6092fa606d06ab3d59ca6
6b32a4d0f8c36ae19b79885fb628cf3866347908800d6123ce55fc7ca7168d25
6b4c6318f5847ac5708659205157c7d5243ba2c2d8909707315717634d3a9c01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
7144def2de90041d6ff47778c1c29ebd9a0a1c79fe6baa5bb04a0d0cea231b68
7717ccb61085f7671513b4d34111c94e3d34d3ed7751ab4657fc1cc42afc96f6
79f2d8b32a58b790869aae0945fde5af979fcd08b7c4a9e8b622cb0bd5455291
7bc3e2f9e466e352e764e5176f029c940d72cbdecfcd026fe059c747a5993e03
7e8075d0a8254466b150ddc3ff522c12b8420c372c184eef6329bf5e4f0accd5
7ff05b8c94bc44852eea050f2b8ca46bb62459511fc55992e8814bc8bca62f89
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855f4d2aaeb2f05fa0feb2deb6b4b41861fc09fb5843e0b105e11ecb92b08393
8d596223f97146bbdb0e84198efa1088c808b039e06e92fde90b75af323a4483
93269ae059a288ccc373235e2548ecbf7cf25f0753a99a7f0b74fcc1bb4b6718
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f5fe33ba81608fd7f0af209db600e49b08cfbd89ff587fa707ef7d5edc60fe5
a6ed45d15e46615f8c15931ca254e398a912e770b10122a4435529a1a523180d
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
b1a829826f8a436f1bc4a66240e6515c320a7a64ab9dd2fa59e69c50e97ce7d8
b6d9bc47c47f79eb78f9230afff0ac6124dfbe913df36fd563f7f1c256e4e852
b9c1d3a48b8bfee61330befb454c4744ea53af548de15e945c91bc6ceb17c388
bb80b123cb9b0572074cf071acb996c072f3d1ca415802c66474e28a80bd708c
bcaabc40fc0fdbf7da1081a4b4fa2a929ca7a24bdc53cb014e57b7d4ec76eabc
bfbbd46b7e6278f631dabd89da3b811bda57956ee640f27dfb36bd0aca792179
c92d5c98448974e2ba50160478b9247c3900e42ef26d0f663666bf89c09f868c
d47aa823be8918a035ecad02d2cf4af0bfe2cbc3c00b8dca54bb758510ff3a37
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e187c7427df92694a0cf142551d06627d7592f6837368437693836f78c3d25e4
e20bca6b515e1d751064224728754fce81be23d97ed3a121724f9f90c4f744d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bcdbcf03a9bc54c4f7bfcc95263dee65326a8470cd3bd015233c853227bee0
f0b2f9661df75bb09901523b6a36ef1d55046d49f3ee513f41507dfe1ea88add
f317a98031701d673d1fb9a012740836ef2795dd9c4161f73fccd74effec6188
f78ed3c20d53def60cdfe0f2acb6379f508e6b0669edfa6f1feb63fe3445802e
fbdd63549192246d89ba652782f8d91fca0bca3169adfe4753d4694d241e85e8