www.mefa.org
Open in
urlscan Pro
192.124.249.155
Public Scan
Effective URL: https://www.mefa.org/
Submission Tags: tranco_l324
Submission: On November 28 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Starfield Secure Certificate Authorit... on June 30th 2021. Valid for: a year.
This is the only time www.mefa.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10155.sucuri.net
mefa.org | |
www.mefa.org |
ASN23535 (HOSTROCKET, US)
PTR: server.epicwebstudios.com
js.ewsapi.com | |
css.ewsapi.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
4041606.fls.doubleclick.net | |
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
secure.quantserve.com | |
pixel.quantserve.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-174-134.us-west-2.compute.amazonaws.com
www.storygize.net |
ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-242-97.eu-central-1.compute.amazonaws.com
pixel.mediaiqdigital.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net
script.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net
vars.hotjar.com |
ASN13335 (CLOUDFLARENET, US)
action.dstillery.com | |
action.media6degrees.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-84-221.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net
vc.hotjar.io |
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com |
Domain | Requested by | |
---|---|---|
17 | www.mefa.org |
www.mefa.org
|
4 | secure.adnxs.com |
3 redirects
4041606.fls.doubleclick.net
|
4 | js.ewsapi.com |
www.mefa.org
|
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com www.mefa.org |
3 | 4041606.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
www.mefa.org |
3 | www.googletagmanager.com |
www.mefa.org
www.googletagmanager.com |
2 | pixel.quantserve.com |
www.mefa.org
4041606.fls.doubleclick.net |
2 | adservice.google.com |
4041606.fls.doubleclick.net
|
2 | ad.doubleclick.net | 2 redirects |
2 | s.amazon-adsystem.com |
1 redirects
4041606.fls.doubleclick.net
|
2 | www.google.de |
www.mefa.org
|
2 | www.google.com |
www.mefa.org
|
2 | rules.quantcount.com |
secure.quantserve.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | secure.quantserve.com |
www.mefa.org
4041606.fls.doubleclick.net |
2 | connect.facebook.net |
www.mefa.org
connect.facebook.net |
2 | css.ewsapi.com |
www.mefa.org
|
1 | sp.analytics.yahoo.com |
4041606.fls.doubleclick.net
|
1 | vc.hotjar.io |
script.hotjar.com
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | action.media6degrees.com |
4041606.fls.doubleclick.net
|
1 | action.dstillery.com | 1 redirects |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | www.facebook.com |
www.mefa.org
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | pixel.mediaiqdigital.com |
www.mefa.org
|
1 | www.storygize.net |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.mefa.org
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | ajax.googleapis.com |
www.mefa.org
|
1 | mefa.org | 1 redirects |
63 | 33 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.mefaloans.org |
www.aessuccess.org |
login.aessuccess.org |
www.nmlsconsumeraccess.org |
www.facebook.com |
twitter.com |
www.youtube.com |
www.linkedin.com |
www.instagram.com |
nmlsconsumeraccess.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mefa.org Starfield Secure Certificate Authority - G2 |
2021-06-30 - 2022-06-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
js.ewsapi.com cPanel, Inc. Certification Authority |
2021-09-22 - 2021-12-21 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
css.ewsapi.com cPanel, Inc. Certification Authority |
2021-09-22 - 2021-12-21 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-09-30 - 2022-03-30 |
6 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-09-06 - 2021-12-05 |
3 months | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
*.storygize.net Amazon |
2021-03-07 - 2022-04-05 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
*.hotjar.io Amazon |
2021-08-17 - 2022-09-15 |
a year | crt.sh |
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-10-19 - 2022-04-13 |
6 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.mefa.org/
Frame ID: 37DC1FF1709F9E9AF365BF331664A750
Requests: 52 HTTP requests in this frame
Frame:
https://4041606.fls.doubleclick.net/activityi;dc_pre=CIjJ6s6kuvQCFYzVEQgdh0sCZw;src=4041606;type=Homep0;cat=MEFAH0;ord=1;num=8787220858142;gtm=2wgba1;auiddc=1209035043.1638075996;ps=1;~oref=https%3A%2F%2Fwww.mefa.org%2F
Frame ID: 1F163DEF7B283DB8BEE28CAD78954AE9
Requests: 10 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: F0171DCBF1469DD4C94BDBB8C2717E62
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Student Loans and Guidance on Ways to Pay for College - MEFAPage URL History Show full URLs
-
http://mefa.org/
HTTP 301
https://www.mefa.org/ Page URL
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: Find My REFI Rate
Search URL Search Domain Scan URL
Title: Make a Payment
Search URL Search Domain Scan URL
Title: Make a Payment
Search URL Search Domain Scan URL
Title: NMLS Access
Search URL Search Domain Scan URL
Title: Mefa's Facebook
Search URL Search Domain Scan URL
Title: Mefa's Twitter
Search URL Search Domain Scan URL
Title: Mefa's Youtube
Search URL Search Domain Scan URL
Title: Mefa's Linkedin
Search URL Search Domain Scan URL
Title: Mefa's Instagram
Search URL Search Domain Scan URL
Title: NMLS Consumer Access
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mefa.org/
HTTP 301
https://www.mefa.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://4041606.fls.doubleclick.net/activityi;src=4041606;type=Homep0;cat=MEFAH0;ord=1;num=8787220858142;gtm=2wgba1;auiddc=1209035043.1638075996;ps=1;~oref=https%3A%2F%2Fwww.mefa.org%2F HTTP 302
- https://4041606.fls.doubleclick.net/activityi;dc_pre=CIjJ6s6kuvQCFYzVEQgdh0sCZw;src=4041606;type=Homep0;cat=MEFAH0;ord=1;num=8787220858142;gtm=2wgba1;auiddc=1209035043.1638075996;ps=1;~oref=https%3A%2F%2Fwww.mefa.org%2F
- https://secure.adnxs.com/px?id=933664&seg=10903708&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu3%3D%26u4%3D%26pixel_id%3D933664%26uid%3D%24UID&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D933664%26seg%3D10903708%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu3%253D%2526u4%253D%2526pixel_id%253D933664%2526uid%253D%2524UID%26t%3D2 HTTP 302
- https://secure.adnxs.com/getuid?https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=933664&uid=$UID HTTP 302
- https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=933664&uid=8964795732714401063
- https://action.dstillery.com/orbserv/nsjs?adv=cl1006890&ns=1610&nc=HP_&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
- https://action.media6degrees.com/orbserv/nsjs?adv=cl1006890&ns=1610&nc=HP_&ncv=24&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
- https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1dc415cb-3114-5cf5-4de5-d3218d923ce2%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mefa.org/pay/loanproducts/&ex-hargs=v%3D1.0%3Bc%3D1502706330201%3Bp%3D1DC415CB-3114-5CF5-4DE5-D3218D923CE2 HTTP 302
- https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1dc415cb-3114-5cf5-4de5-d3218d923ce2%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mefa.org/pay/loanproducts/&ex-hargs=v%3D1.0%3Bc%3D1502706330201%3Bp%3D1DC415CB-3114-5CF5-4DE5-D3218D923CE2&dcc=t
- https://ad.doubleclick.net/ddm/activity/src=6832501;type=invmedia;cat=wi9bzeyi;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=6832501;dc_pre=CNrL886kuvQCFUP_sgod7AcC3w;type=invmedia;cat=wi9bzeyi;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://adservice.google.com/ddm/fls/z/src=6832501;dc_pre=CNrL886kuvQCFUP_sgod7AcC3w;type=invmedia;cat=wi9bzeyi;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.mefa.org/ Redirect Chain
|
449 KB 77 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightbox.min.js
js.ewsapi.com/lightbox/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ie.mediaqueries.min.js
js.ewsapi.com/mediaqueries/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compiled.min.js
www.mefa.org/sources/js/ |
92 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mefa_logo.svg
www.mefa.org/uploads/layout/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1607039896_1586293384_Mefa%20Icons_HP-Guidance-2.png
www.mefa.org/uploads/layout/builder/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1607040004_1586293362_Mefa%20Icons_HP-Savings-2.png
www.mefa.org/uploads/layout/builder/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1586293374_Mefa%20Icons_HP-Plan-2.png
www.mefa.org/uploads/layout/builder/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1607040055_1586293367_Mefa%20Icons_HP-Loan-2.png
www.mefa.org/uploads/layout/builder/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1585138858_mefa-home-refinance-student-loans.jpg
www.mefa.org/uploads/layout/builder/ |
429 KB 430 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1586293424_Mefa%20Icons_HP-Refinance-2.png
www.mefa.org/uploads/layout/builder/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1586293440_Mefa%20Icons_HP-Tools-2.png
www.mefa.org/uploads/layout/builder/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1586293445_Mefa%20Icons_HP-Guidance-2.png
www.mefa.org/uploads/layout/builder/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
122990_istock-878934356.jpg
www.mefa.org/uploads/news/ |
215 KB 216 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
122411_istock-1225522857.jpg
www.mefa.org/uploads/news/ |
161 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
056056_gettyimages-918576790.jpg
www.mefa.org/uploads/news/ |
257 KB 258 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mefa_footer_logo.svg
www.mefa.org/uploads/layout/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
266 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
effra_std_rg-webfont.woff2
www.mefa.org/effra/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
css.ewsapi.com/icons/fa5/webfonts/ |
135 KB 135 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1587061568_mefa-covid-19-header.jpg
www.mefa.org/uploads/layout/builder/ |
170 KB 170 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
css.ewsapi.com/icons/fa5/webfonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close-white.png
js.ewsapi.com/lightbox/img/ |
478 B 582 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
js.ewsapi.com/lightbox/img/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activityi;dc_pre=CIjJ6s6kuvQCFYzVEQgdh0sCZw;src=4041606;type=Homep0;cat=MEFAH0;ord=1;num=8787220858142;gtm=2wgba1;auiddc=1209035043.1638075996;ps=1;~oref=https%3A%2F%2Fwww.mefa.org%2F
4041606.fls.doubleclick.net/ Frame 1F16 Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
37 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aquant.js
secure.quantserve.com/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
90 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
87 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1357390.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abdo.js
www.storygize.net/a/ea537b20-5c04-4fec-8062-44f9972c908c/ |
0 389 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;register_conversion=1;src=4041606;type=Homep0;cat=MEFAH0;ord=1;num=8787220858142;gtm=2wgba1;auiddc=1209035043.1638075996;ps=1;~oref=https%3A%2F%2Fwww.mefa.org%2F
4041606.fls.doubleclick.net/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
pixel.mediaiqdigital.com/ Redirect Chain
|
2 B 500 B |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
452836998189214
connect.facebook.net/signals/config/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-f1rcsnDf8SdYs.js
rules.quantcount.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/933338297/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.376dac12c7cbd03331c3.js
script.hotjar.com/ |
226 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16000387.js
bat.bing.com/p/action/ |
0 111 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 150 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-ad575b5823df97fc9725e14a57070642.html
vars.hotjar.com/ Frame F017 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 440 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/933338297/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/933338297/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nsjs
action.media6degrees.com/orbserv/ Frame 1F16 Redirect Chain
|
5 B 231 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iui3
s.amazon-adsystem.com/ Frame 1F16 Redirect Chain
|
43 B 932 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
src=6832501;dc_pre=CNrL886kuvQCFUP_sgod7AcC3w;type=invmedia;cat=wi9bzeyi;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame 1F16 Redirect Chain
|
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seg
secure.adnxs.com/ Frame 1F16 |
234 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CIjJ6s6kuvQCFYzVEQgdh0sCZw;src=4041606;type=Homep0;cat=MEFAH0;ord=1;num=8787220858142;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.mefa.org%2F
adservice.google.com/ddm/fls/z/ Frame 1F16 |
42 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/1357390/ |
146 B 323 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1357390
vc.hotjar.io/sessions/ |
0 257 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=1095236295;labels=_fp.event.MEFA%20Homepage;rf=0;a=p-f1rcsnDf8SdYs;url=https%3A%2F%2Fwww.mefa.org%2F;uht=2;fpan=1;fpa=P0-559179224-1638075996386;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211...
pixel.quantserve.com/ |
35 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spp.pl
sp.analytics.yahoo.com/ Frame 1F16 |
43 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ Frame 1F16 |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-f1rcsnDf8SdYs.js
rules.quantcount.com/ Frame 1F16 |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=1661798836;labels=_fp.event.MEFA%20Homepage%2C_fp.event.MEFA%20Homepage;rf=0;a=p-f1rcsnDf8SdYs;url=https%3A%2F%2F4041606.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIjJ6s6kuvQCFYzVEQgdh0sCZ...
pixel.quantserve.com/ Frame 1F16 |
35 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
115 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer function| $ function| jQuery number| lb_view_w number| lb_view_h undefined| lb_frame_size number| lb_gallery_size undefined| lb_gallery_curr undefined| lb_gallery_next boolean| lb_state boolean| lb_gallery_state string| lb_loading_img object| lb_gallery_items function| lb_viewport function| lb_video_size function| lb_iframe_size function| lb_reset function| lb_loading function| lb_close function| lb_open function| lb_build_gallery function| lb_gallery_change object| jQuery112406790756209702984 object| respond function| size_footer function| toggle_mobile_menu number| scroll_pos number| shrinkHeader boolean| docked_header function| getCurrentScroll function| doc_menu function| mefaNumStrip function| mefaNegStrip function| mefaDecStrip function| mefaIncYear function| mefaDecNumber function| mefaSlashStrip function| mefaCommaNum function| mefaPctNum function| mefaMinPayment function| mefaFinAidCloner function| mefaFinAidColClass function| mefaFinAidCalc function| mefaFinAidGroupVal function| mefaFinAidTotalVal function| mefaCostYear function| estimatorLegendLoad function| estimatorCalcLoad function| mefaMultiplier function| mefaPMT function| mefaMonthFieldVals function| mefaMonthCalc function| mefaCalcOrigFee function| mefaCalcAccrFee function| mefaCalcDeffAccrFee function| mefaTotalPrincipal function| mefaRemainingPrincipal function| mefaImmMonthlyInSchoolPayAmt function| mefaImmMonthlyOutSchoolPayAmt function| mefaIntOnlyMonthlyInSchoolPayAmt function| mefaIntOnlyMonthlyOutSchoolPayAmt function| mefaDeffMonthlyOutSchoolPayAmt function| mefaDisplayCalcLoanValues function| mefaShowAllMonthlys function| mefaValuesReset function| mefaClearErrorFields function| mefaDisablePlaceholder function| mefaRefiFieldVals function| mefaRefiClearValues function| mefaRefiNewMonthlyPayment function| mefaRefiSavings function| mefaRefiBarChart object| mefaCalcLocal function| jQuery_defer function| createCookie function| readCookie boolean| isOpen number| nBase object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| ezt function| hj object| _hjSettings function| onYouTubeIframeAPIReady function| gtag string| GoogleAnalyticsObject function| ga function| quantserve function| __qc object| _qevents object| _qoptions function| qtrack function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| ueto_35cc428e3e object| uetq object| gaplugins object| gaGlobal object| gaData24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mefa.org/ | Name: _gcl_au Value: 1.1.1209035043.1638075996 |
|
.adnxs.com/ | Name: uuid2 Value: 8964795732714401063 |
|
.bing.com/ | Name: MUID Value: 1F921EF19F09656D0B730E0C9EDB647D |
|
.mefa.org/ | Name: _uetsid Value: f60afc10500811ec8999f3c3a66bed74 |
|
.mefa.org/ | Name: _uetvid Value: f60b1310500811ec8cae07ed794e748d |
|
.mefa.org/ | Name: _ga Value: GA1.2.813426291.1638075996 |
|
.mefa.org/ | Name: _gid Value: GA1.2.932758501.1638075996 |
|
.mefa.org/ | Name: _gat_gtag_UA_6738729_1 Value: 1 |
|
.mefa.org/ | Name: _fbp Value: fb.1.1638075995988.470579325 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnoIf0LrPC0ywIK2at9zmuCa-TcgwSVOdFY6H1KxNlxi53S6tLgR7j-f49sJgc |
|
.facebook.com/ | Name: fr Value: 0GqE9tMyrrqSPZxxr..Bhow5c...1.0.Bhow5c. |
|
.mefa.org/ | Name: _hjSessionUser_1357390 Value: eyJpZCI6ImI3ZTM5OGM4LTgwZGQtNWEyMy04YmY1LTM1ODk5MzI3Yjk0NSIsImNyZWF0ZWQiOjE2MzgwNzU5OTYwMTgsImV4aXN0aW5nIjpmYWxzZX0= |
|
.mefa.org/ | Name: _hjFirstSeen Value: 1 |
|
.mefa.org/ | Name: _hjSession_1357390 Value: eyJpZCI6ImRjNzEzMTZhLTI0NmQtNGZjNy1hNWMzLWQ5OWU0NTk2NmFmZCIsImNyZWF0ZWQiOjE2MzgwNzU5OTYwODd9 |
|
www.mefa.org/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.mefa.org/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
|
www.mefa.org/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/8D>6NRF']wIg2GU'pH[T.!bw_G#MOY-PlZ[C[-kX-`.z+* |
|
.quantserve.com/ | Name: mc Value: 61a30e5c-60278-5d7ab-29aa9 |
|
.mefa.org/ | Name: __qca Value: P0-559179224-1638075996386 |
|
.amazon-adsystem.com/ | Name: ad-id Value: A5kryIIDiUmArsPUpU6Upps |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
|
.storygize.net/ | Name: U Value: f1536821-56ff-4947-94fa-a4775ee18b2a |
|
.yahoo.com/ | Name: A3 Value: d=AQABBFwOo2ECEDc6Jso5El5Jvq0dZ6SVvJ8FEgEBAQFfpGGsYQAAAAAA_eMAAA&S=AQAAAoyxqDbVf76hlYo96NZ5kE0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4041606.fls.doubleclick.net
action.dstillery.com
action.media6degrees.com
ad.doubleclick.net
adservice.google.com
ajax.googleapis.com
bat.bing.com
connect.facebook.net
css.ewsapi.com
googleads.g.doubleclick.net
in.hotjar.com
js.ewsapi.com
mefa.org
pixel.mediaiqdigital.com
pixel.quantserve.com
rules.quantcount.com
s.amazon-adsystem.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mefa.org
www.storygize.net
142.250.186.130
143.204.98.32
143.204.98.45
143.204.98.62
143.204.98.93
185.33.221.15
192.124.249.155
209.54.176.128
212.82.100.181
216.58.212.166
2600:9000:2156:8e00:6:44e3:f8c0:93a1
2606:4700::6812:b4f
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.216.174.134
52.210.84.221
52.28.242.97
66.147.239.128
0b2ead3c0e8298a3baeece0f0203fa83609bb45dfbde57e83751d4611f831515
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
23e2fb4f04a5895eaf9cb36f29b6404e252bb39fa138aa7c48fae73d9d8b3737
2db736502c1462093f37ba31c855b198c0d78aedb2f5ec4430d370716c6685bc
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
3a339e7502af4549cfbdda07b9e8335cf611dced130debdea7a4007f04f5873d
3d9bba30b4d1ebd39bb5eb9609004554a1e07a3e9b6f18e3841a9e58e55e897c
3eb0b0f4bffd096cb3edef3b97e6c761a3a812e923f359943d29d1ea724d3090
41fbb63f34cedcfa29473beaea59d6070181b6ab0d2f00481881fc5baa9a1fba
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
485c1be7e15a96ead774d14d30c9458a37db6dce5d1e827160df14c659159829
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4b6e8c0fc36481007ea12b4699d381a24c3315f7d3bd29d02bab45fe90333ba3
645341be282878b4375ae27833b90bf5fe2be85f1fd48baf2368359613adc21b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
669f82511e99ff71eb00da80f2e3c827867313c86b56e681e35479306ad160ec
675a91dd32b3a6f28c58657d80ccb09b2116b3843fce5d00d8834a94b0d209a0
6ee93f94015aaffde8febeb142ae1f2c2b5ba4e4ac31f349e0738c3cd5572156
70a61607793dc2255f82519bf88b4773782eea3fe3a7d405dd9e5777cdb11829
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
81636899123ac43cf021f9449ce2b880553ed14474948d79206752720b533eae
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8ca13cb2d78e11905ce679944394ae267b03fcdd8e382f77bbe183722534
8cfcfdfd3412c3416597426a918d1ac6814892a38d3e87aaa321874a3546cd91
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
93a27c278803c4d75063c143041060bff6db8709f61b34ded514f8580603125d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
adf43dc35048d611bc8e8d5117c208d34562af821d60e2ebbc216e8622ef2813
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bdb386937765043a915f22183738887ea19004a97f7dcfdded1af1a25267d8bd
bdbf2c4c93b28a8538f7a2ebb2308ce717032742bb5a3c697bd3e85858fb499b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2df8d777c4dbd3fea478b0612a41af6ed294128b32b5bf702117f3116703a09
c693febae54adaf83a254123f60304a5441753782cba9106cf2a9bbf86719dda
c8f7932217a70a360d6b40a128f6822553c178fef1d9c27419f5f5f252163fdc
d6eb5e8f928c7bc14d721479e3af4424a2012c4b3ca766b1a55270293c77f952
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c63e4b1f53687959dbed6e55c234cd4b620d38a182a56bd092453d6aaeb1c4
ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22f13c9dfbc87d683fa434139cc499f2f77543d0010c79c36610dfa272fec37
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f86e5ad96225380a20dab13ce2d3741a637d49e574d99fd5f8e605febec5b5af
fc2dce68943e6063636965626b56ccb835fbb0349cae92ea621ba70f6af7b583
fdf48de0cf80af056ab0c085d2ff04e56a8f44beb3657a459053a93b23b5f925