pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
Open in
urlscan Pro
2606:4700::6812:323
Malicious Activity!
Public Scan
Effective URL: https://pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home.html
Submission: On April 15 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.
This is the only time pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DCU (Banking)Domain & IP information
ASN13335 (CLOUDFLARENET, US)
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-11-24.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-140-246.eu-west-1.compute.amazonaws.com
dcu.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-26-1.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-178-183.compute-1.amazonaws.com
content-cdn.com |
ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com | |
zn55evi07xtyfax2u-dcu.siteintercept.qualtrics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
82 |
r2.dev
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev |
6 MB |
6 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 436 |
25 KB |
3 |
qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 915 zn55evi07xtyfax2u-dcu.siteintercept.qualtrics.com — Cisco Umbrella Rank: 390634 |
5 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
247 KB |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 240 dcu.demdex.net — Cisco Umbrella Rank: 237867 |
2 KB |
2 |
google.com.ng
www.google.com.ng — Cisco Umbrella Rank: 37553 |
563 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
128 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183 |
74 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 376 fonts.googleapis.com — Cisco Umbrella Rank: 35 |
31 KB |
1 |
dcu.org
www.dcu.org — Cisco Umbrella Rank: 221863 |
6 KB |
1 |
content-cdn.com
content-cdn.com — Cisco Umbrella Rank: 343557 |
183 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1309 |
517 B |
1 |
gstatic.com
fonts.gstatic.com |
31 KB |
108 | 13 |
Domain | Requested by | |
---|---|---|
82 | pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
6 | assets.adobedtm.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
3 | www.googletagmanager.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
2 | www.google.com.ng |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
2 | www.google.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
2 | siteintercept.qualtrics.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
2 | connect.facebook.net |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
connect.facebook.net |
2 | dpm.demdex.net |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
1 | www.dcu.org | |
1 | zn55evi07xtyfax2u-dcu.siteintercept.qualtrics.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
1 | content-cdn.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
1 | cm.everesttech.net | 1 redirects |
1 | dcu.demdex.net |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
1 | ajax.googleapis.com |
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
|
108 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dcu.org |
dcuinsurance.com |
www.digitalinvestmentservices.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.r2.dev E1 |
2024-04-05 - 2024-07-04 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-23 - 2024-04-22 |
3 months | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
content-cdn.com R3 |
2024-03-18 - 2024-06-16 |
3 months | crt.sh |
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-27 - 2025-02-19 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google.com.ng GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
www.dcu.org Go Daddy Secure Certificate Authority - G2 |
2024-03-15 - 2025-04-16 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home.html
Frame ID: FDBD0837E33D06252881D31D6792A548
Requests: 106 HTTP requests in this frame
Frame:
https://dcu.demdex.net/dest5.html?d_nsid=0
Frame ID: 8C4F050EFE04106ED579E1259501C999
Requests: 1 HTTP requests in this frame
Frame:
https://pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/dest5.htm
Frame ID: DFADA5CF8632F39AA5ABE26C324A858A
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
DCU | Personal & Business Banking | Digital Federal Credit UnionPage URL History Show full URLs
-
http://pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home.html
HTTP 307
https://pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home.html Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- /etc\.clientlibs/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OneTrust (Cookie compliance) Expand
Detected patterns
- otSDKStub\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
100 Outgoing links
These are links going to different origins than the main page.
Title: WATCH NOW
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Investments
Search URL Search Domain Scan URL
Title: Branches & ATMs
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Learn
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: PAY MY LOAN
Search URL Search Domain Scan URL
Title: Checking Accounts
Search URL Search Domain Scan URL
Title: Free Checking
Search URL Search Domain Scan URL
Title: HSA Checking
Search URL Search Domain Scan URL
Title: Business Services
Search URL Search Domain Scan URL
Title: Free Business Checking
Search URL Search Domain Scan URL
Title: Business Savings
Search URL Search Domain Scan URL
Title: Savings Accounts
Search URL Search Domain Scan URL
Title: Primary Savings
Search URL Search Domain Scan URL
Title: Advantage Savings
Search URL Search Domain Scan URL
Title: Smart Savings
Search URL Search Domain Scan URL
Title: Money Market Savings
Search URL Search Domain Scan URL
Title: Member Described Savings
Search URL Search Domain Scan URL
Title: Certificate Accounts
Search URL Search Domain Scan URL
Title: Regular Certificates
Search URL Search Domain Scan URL
Title: Jumbo Certificates
Search URL Search Domain Scan URL
Title: Jump-Up Certificates
Search URL Search Domain Scan URL
Title: QuickStart Certificates
Search URL Search Domain Scan URL
Title: Retirement Accounts
Search URL Search Domain Scan URL
Title: Certificate IRA
Search URL Search Domain Scan URL
Title: Money Market IRA
Search URL Search Domain Scan URL
Title: Savings IRA
Search URL Search Domain Scan URL
Title: Specialty Accounts
Search URL Search Domain Scan URL
Title: Coverdell Education Savings
Search URL Search Domain Scan URL
Title: Fiduciary Accounts
Search URL Search Domain Scan URL
Title: Totten Accounts
Search URL Search Domain Scan URL
Title: Trust Accounts
Search URL Search Domain Scan URL
Title: UTMA Custodial Accounts
Search URL Search Domain Scan URL
Title: Vehicle Loans
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Auto Refinance Loans
Search URL Search Domain Scan URL
Title: Antique Auto Loans
Search URL Search Domain Scan URL
Title: Motorcycle Loans
Search URL Search Domain Scan URL
Title: Recreational Vehicle Loans
Search URL Search Domain Scan URL
Title: Boat Loans
Search URL Search Domain Scan URL
Title: Mobility Vehicle Loans
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Visa® Platinum
Search URL Search Domain Scan URL
Title: Visa® Platinum Rewards
Search URL Search Domain Scan URL
Title: Visa® Platinum Secured
Search URL Search Domain Scan URL
Title: Student Loans
Search URL Search Domain Scan URL
Title: Student Loans
Search URL Search Domain Scan URL
Title: Student Refinance Loans
Search URL Search Domain Scan URL
Title: Mortgages
Search URL Search Domain Scan URL
Title: Home Mortgage Loans
Search URL Search Domain Scan URL
Title: Refinance Your Mortgage
Search URL Search Domain Scan URL
Title: Home Equity Loans
Search URL Search Domain Scan URL
Title: Personal Loans
Search URL Search Domain Scan URL
Title: Personal Loans
Search URL Search Domain Scan URL
Title: Credit Builder Loans
Search URL Search Domain Scan URL
Title: Saving Secured Loans
Search URL Search Domain Scan URL
Title: Quick Loans
Search URL Search Domain Scan URL
Title: Energy Efficiency Loans
Search URL Search Domain Scan URL
Title: Access Loans
Search URL Search Domain Scan URL
Title: Commercial Lending
Search URL Search Domain Scan URL
Title: Small Business
Search URL Search Domain Scan URL
Title: Commercial Real Estate
Search URL Search Domain Scan URL
Title: Commercial & Industrial Loans
Search URL Search Domain Scan URL
Title: How much will my payment be?
Search URL Search Domain Scan URL
Title: How much auto loan can I afford?
Search URL Search Domain Scan URL
Title: Should I refinance my auto loan?
Search URL Search Domain Scan URL
Title: 0% Financing or Cash Incentive?
Search URL Search Domain Scan URL
Title: Should I pay extra on my auto loan?
Search URL Search Domain Scan URL
Title: How can I save a million dollars?
Search URL Search Domain Scan URL
Title: How much should I save for college?
Search URL Search Domain Scan URL
Title: How to reach my savings goal?
Search URL Search Domain Scan URL
Title: How much can I save over time?
Search URL Search Domain Scan URL
Title: How much will my certificate be worth at maturity?
Search URL Search Domain Scan URL
Title: How long until my loan is paid off?
Search URL Search Domain Scan URL
Title: How much can I afford to borrow?
Search URL Search Domain Scan URL
Title: What is my loan rate?
Search URL Search Domain Scan URL
Title: How much will my loan payments be?
Search URL Search Domain Scan URL
Title: Should I consolidate my loans?
Search URL Search Domain Scan URL
Title: Mortgage Payment Calculator
Search URL Search Domain Scan URL
Title: Which mortgage is better for me?
Search URL Search Domain Scan URL
Title: How much home can I afford?
Search URL Search Domain Scan URL
Title: Should I refinance my home?
Search URL Search Domain Scan URL
Title: How much can I save with my 401(k)?
Search URL Search Domain Scan URL
Title: How much Social Security will I get?
Search URL Search Domain Scan URL
Title: Will retirement impact my expenses?
Search URL Search Domain Scan URL
Title: How much retirement income may an IRA provide?
Search URL Search Domain Scan URL
Title: Monthly FICO® Score
Search URL Search Domain Scan URL
Title: Text Alerts & Notification
Search URL Search Domain Scan URL
Title: eStatements
Search URL Search Domain Scan URL
Title: Notary Service
Search URL Search Domain Scan URL
Title: Signature Guarantee
Search URL Search Domain Scan URL
Title: Deposit Verification
Search URL Search Domain Scan URL
Title: Visa® Checkout
Search URL Search Domain Scan URL
Title: ClickSWITCH
Search URL Search Domain Scan URL
Title: Visa® Gift Cards
Search URL Search Domain Scan URL
Title: Skip-A-Payment Program
Search URL Search Domain Scan URL
Title: GAP Advantage Insurance
Search URL Search Domain Scan URL
Title: Mechanical Breakdown Insurance
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home.html
HTTP 307
https://pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 87- https://cm.everesttech.net/cm/dd?d_uuid=73310985512154731311578149830732180314 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh0qEQAAALpXIAN6
108 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
home.html
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/ Redirect Chain
|
319 KB 319 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s05857197392040.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-dependencies.min.css
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
60 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-site-layout.min.css
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
101 KB 101 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-site.min.css
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
588 KB 588 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
52 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_004
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
261 KB 261 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_002
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
197 KB 197 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
213 KB 213 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_005
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
247 KB 247 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
248 KB 249 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otSDKStub.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
21 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-EN271d4b2692764b999a2e6682e60f4596.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
350 KB 350 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
629895564074653.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
74 KB 74 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbevents.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
219 KB 219 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
34 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement_Module_ActivityMap.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement_Module_AudienceManagement.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
25 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_003
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
194 KB 194 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RCf7fcd89d8991451b8863814935e70d0d-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
386 B 701 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RC5eb41e0290124fe59845d03b303da898-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
457 B 772 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RC62a2ef1e23d34429ad32513353526ffa-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
362 B 677 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RCffe97af2da7f4c7a87dc33b3ff5e048d-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
5 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otBannerSdk.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
338 KB 338 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RCa3832c4be6ba43cdb80651215a15edcb-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
411 B 726 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RC4d4b9c7368a5405ab102b49b4eef4f68-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
6 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f_002.txt
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f.txt
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RC8a0b5db257b8486ba509924115edeba1-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
669 B 984 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RCeeeaf98ef50c45a599943bf7cf516dcc-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
621 B 936 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RC71e1b62d943445889049326e6fc7d164-source.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
487 B 802 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
12.00593e070a6f1562a8b4.chunk.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
73 KB 74 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCUGreen.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.css
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
308 B 616 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_IMG_LOC_PDP_Ltd-Savings_C10_1280_920_Mobile_PageHero_01.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
165 KB 166 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_IMG_LOC_HomePage_C03_292_440_Desktop_MegaNavLearn_01.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
container.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
posh-x-preview.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
posh-chat-icon.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
1023 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
q1-primary-savings-carousel-desktop.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
124 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home-equity-desktop.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
136 KB 137 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
q1-digital-banking-carousel-desktop.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
131 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
q1-mortgage-carousel-desktop.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
133 KB 134 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-support-center.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-app-status.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
10 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-make-payment.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-appointment.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1712005953635.png
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-cares-comm-carousel-desktop.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
job-fair-community-carousel-desktop.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cu-shield-2.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_ILLUS_LOC_HomePage_C08_ForWholeFamily_01.svg.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_ILLUS_LOC_HomePage_C08_Balance_01.svg.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
people-come-first.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_ILLUS_LOC_HomePage_C08_YourOpinion_01.svg.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_ILLUS_LOC_HomePage_C08_DCUKids_01.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
7 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CoOpSharedBranches_Homepage_Desktop_IMG_DCU_785x480.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
94 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SurchargeFreeATMs_Homepage_Desktop_IMG_DCU_785x480.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCUBranches_Homepage_Desktop_IMG_DCU_785x480.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_LOG_GLO_HomePage_C02_DCULogo-white_01.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_LOG_GLO_HomePage_C02_AppleStore_01.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
16 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_LOG_GLO_HomePage_C02_GooglePlaystore_01.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
23 KB 24 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_LOG_GLO_HomePage_C02_NCUA_01.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
58 KB 58 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DCU_LOG_GLO_HomePage_C02_EqualHousing_02.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-base.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
341 KB 342 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-dependencies.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
255 KB 255 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-site.min.js
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
264 KB 264 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Untitled
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ |
10 KB 10 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c0559bcc-8507-4dc8-b64d-5f9540de4716.json
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/otSDKStub.js/consent/c0559bcc-8507-4dc8-b64d-5f9540de4716/ |
27 KB 27 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
34 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
196 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-iconset.woff2
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v2/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
250 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-merch-advantage-savings-desktop-LIFCYL-4360.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/content/dam/dcu/global/merchbox/ |
27 KB 27 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-merch-insurance-desktop.jpg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/content/dam/dcu/global/merchbox/ |
27 KB 27 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-merch-auto-loans-desktop-LIFCYL-4360.svg
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/content/dam/dcu/global/merchbox/ |
27 KB 27 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-iconset.woff2
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v5/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
streamline.ttf
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/streamline-icons/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-iconset.woff
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v2/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
dcu.demdex.net/ Frame 8C4F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=411&dpuuid=Zh0qEQAAALpXIAN6
dpm.demdex.net/ Redirect Chain
|
42 B 715 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
629895564074653
connect.facebook.net/signals/config/ |
74 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-iconset.woff
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v5/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
streamline.woff
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/streamline-icons/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dWdnY2Y6Ly9jaG8tMnMxbzluNTA2MnMwNDI4cW9uczRxcDQxb3AwcjFvNzMuZTIucXJpL3VienIudWd6eQ==.gif
content-cdn.com/404/ |
42 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
127 B 671 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.htm
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/home_files/ Frame DFAD |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-iconset.ttf
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v2/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCf7fcd89d8991451b8863814935e70d0d-source.min.js
assets.adobedtm.com/c710ed4af822/9928f11b8b77/6c874cf354bc/ |
386 B 527 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcu-iconset.ttf
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/fonts/icons-v5/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC5eb41e0290124fe59845d03b303da898-source.min.js
assets.adobedtm.com/c710ed4af822/9928f11b8b77/6c874cf354bc/ |
457 B 570 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC62a2ef1e23d34429ad32513353526ffa-source.min.js
assets.adobedtm.com/c710ed4af822/9928f11b8b77/6c874cf354bc/ |
362 B 507 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
264 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/876747458/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com.ng/pagead/1p-user-list/876747458/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/941930269/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com.ng/pagead/1p-user-list/941930269/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zn55evi07xtyfax2u-dcu.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
www.dcu.org/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/favicons/ |
2 KB 6 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
127 B 193 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DCU (Banking)87 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| OneTrustStub function| OptanonWrapper object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| dataLayer function| gtag object| QuantumMetricOnload object| WAFQualtricsWebpackJsonP-cloud-2.4.0 object| CQ function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| $ function| jQuery function| Popper object| bootstrap function| Cookies object| Typeahead function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| getVisitDuration function| getTimeParting function| getNewRepeat function| getVisitNum function| endOfDatePeriod string| hrefSelector object| google_tag_manager object| google_tag_data function| getPageTitle function| getPageUrl function| getPageDetail function| getBreadcrumb function| getPageURLQueryString function| getRandNumber function| getDateTime function| generateSessionId function| getSessionId function| getPageVanityURL function| getReferrer function| getReplicatedDate function| getPageLanguage function| getCategoryDetails function| getCategoryType function| getFormName function| getFormType function| getFormErrors function| getFormErrorsPercentage function| getCalculatorCategory function| getCalculatorTitles function| getCalculatorTypes object| dcu function| excecuteCorousel function| triggerBenefitsOffers function| triggerReviews function| removeErrorMessage function| negativeNumberError function| validateCalc function| loadCal function| loadIFrameMultiCal function| findInternalEls function| cycleFocus function| setAriaLabel function| _0x76f6 function| _0x53da object| QSI function| columnControllerCardsResize function| ga object| gaplugins object| digitalData object| pageInfo object| userInfo object| categoryInfo object| formInfo object| calculatorInfo string| jsonObject19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 73310985512154731311578149830732180314 |
|
.pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/ | Name: AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg Value: 1 |
|
.pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/ | Name: _gcl_au Value: 1.1.706739939.1713187346 |
|
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/ | Name: firstvisit Value: yes |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Zh0qEQAAALpXIAN6 |
|
.dpm.demdex.net/ | Name: dpm Value: 73310985512154731311578149830732180314 |
|
.pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev/ | Name: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19829%7CMCMID%7C72958410141351605071521078807576335370%7CMCAAMLH-1713792145%7C6%7CMCAAMB-1713792145%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1713194545s%7CNONE%7CMCSYNCSOP%7C411-19836%7CvVersion%7C5.5.0 |
|
.bing.com/ | Name: MUID Value: 0F2B8A0E40E6633F2A479E6C41206256 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.eyeota.net/ | Name: SERVERID Value: 17406~DM |
|
.sitescout.com/ | Name: ssi Value: 4a7199bb-d388-4212-a2fa-22cd8cbc6a10#1713187346612 |
|
.sitescout.com/ | Name: _ssuma Value: eyIyIjoxNzEzMTg3MzQ2NjY0fQ |
|
.demdex.net/ | Name: dextp Value: 60-1-1713187345894|477-1-1713187345995|992-1-1713187346095|1957-1-1713187346195|30064-1-1713187346296|575-1-1713187346397|82530-1-1713187346498|121998-1-1713187346598|129099-1-1713187346699|390122-1-1713187346799 |
|
sync.srv.stackadapt.com/ | Name: sa-user-id Value: s%3A0-48a82e78-a65e-564c-68a2-9691b09771cb.PfC9YVyZGeYX6%2FY8DfpOqKJwXub%2FL4ILH1%2BpFkcBMnc |
|
.srv.stackadapt.com/ | Name: sa-user-id Value: s%3A0-48a82e78-a65e-564c-68a2-9691b09771cb.PfC9YVyZGeYX6%2FY8DfpOqKJwXub%2FL4ILH1%2BpFkcBMnc |
|
sync.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3ASKgueKZeVkxoopaRsJdxy1D_B3U.tIugHibInKcVOFRPQWzBLyDdhLUUXP94jRs%2BXr6JGvk |
|
.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3ASKgueKZeVkxoopaRsJdxy1D_B3U.tIugHibInKcVOFRPQWzBLyDdhLUUXP94jRs%2BXr6JGvk |
|
sync.srv.stackadapt.com/ | Name: sa-user-id-v3 Value: s%3AAQAKINgzd57eKXMdhXN52yv8cfX4bpxnXfLZ1xf7rBQ90OkhEGcYBCCT1PSwBjABOgSw8hAxQgQKDgfb.F3YPR7OK%2FKa8TSfgUhcOpchxY9M1dCCzQC0wIcebZO8 |
|
.srv.stackadapt.com/ | Name: sa-user-id-v3 Value: s%3AAQAKINgzd57eKXMdhXN52yv8cfX4bpxnXfLZ1xf7rBQ90OkhEGcYBCCT1PSwBjABOgSw8hAxQgQKDgfb.F3YPR7OK%2FKa8TSfgUhcOpchxY9M1dCCzQC0wIcebZO8 |
113 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
content-cdn.com
dcu.demdex.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
pub-2f1b9a5062f0428dbaf4dc41bc0e1b73.r2.dev
siteintercept.qualtrics.com
www.dcu.org
www.google.com
www.google.com.ng
www.googletagmanager.com
zn55evi07xtyfax2u-dcu.siteintercept.qualtrics.com
104.17.208.240
142.250.186.36
176.34.140.246
2606:4700::6811:40d4
2606:4700::6812:323
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:828::200a
2a02:26f0:3500:c89::1e80
2a03:2880:f084:d:face:b00c:0:3
34.237.178.183
34.246.11.24
52.17.26.1
0031c990ce1037d8c6e5b1a21d7ca22118dddc7772669282484c9827766edb4a
0425a61674698dabd616971a8990cf6249c12192c33d4b974a8eb73f9ca2de99
08b9dc405e7b18649813a3da71bb620b3b53b8d67e1c8ac7bbc1cf14402f05c7
09e1529a30084296ba0c4643945b7ba83312bba15abed292562492a8e6a9b0cc
0eaf127d207a7642f4c3304653a79ce134d0289fd535b8da7a93535e0375fb41
117118cab1952e74559082f081c6a4266af78a8fbdf524c62b77d21ebdb03a38
124aa1facbd6692eb19c874d5215e3ae64261b2ae44e7de3bbcf20b6dd411295
1267f70aefc005aada40cb0e0c90c3c036df83f72a0cfb37b4dbacbe881e7f1d
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
181f6ba84ec96d475388d9ec01aee17ff45a088441f642731fad54c48b268e9a
207eba270af490b20238c699e26c1abd1e1f923227d04bb442d4476d25df2dbd
25892ec69fd0e563d1ab0f1d893e6192b49ea105caa316d8cfe25afe35d1617b
25d8f88f86ff9a987a10d958e7fc68ade676fd926c772c65278e4ef1951e9806
267d00439f42b16a0aed6a0625a370dd543e39436f5a44787375ffa437cc02a1
36cfff2b26564a91c60f8466c0ad4a665515d811e89c38041623e6c80e2287ac
38434fce08830327aa146797a9a4c260a9740b869f9b8d31b8e6a10afceba1e8
3ae91ac3d0d46c31794c6018e15824e957cf9d183617947b3f8d6510b9cbb868
3c4f1b8b7ad95ea951bd1f4c515ac24b6239e8ae339700fb209a373586c2cab5
3d6f9ac62a66f5266e748f24d54dc0c397c85b88aacd4cadd9e86facb1a9e757
4322fd32372689b049fd62c51d2dcd257d01b324a5bb951e8292e5e3bdc23792
4b554bdb34270000687281d65fa8c615851457621b71707a9b6868b153045baa
4cc718b67b02b55bc2a3b7e583966bb2119559635d43256ff76327805aab8a39
4cf88297352c35d56c60b102a5aa0275f2d70b5d1e4422c9e9bde9b544a32302
4d1e205c81f050c8fb8e79b8a3ab336d3dcca333f40b3eff1e0c5c3b2e66145d
4f057ccf9a0f58fc02262f4f96fc247c570ef929786700f3aee9908d7738a941
50f43abadd35cc811c5c927fa149dd93e18707562d9961d82208b3261e2c1a34
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
5e31d479d04709db6e85c65180c77a4e98baa8b307f9cee749325ae1e2a719be
5e61d941b27f4b0e9f2ef1474667e45b1765574b2181aae72c8157d4fc96c6ac
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
666eb88f4286f2fbb71458dd90b5b5e37d4828a2917d1bbc6a928b9b8b9d360f
66c03a9263f23f487f434d7cfd4d7abfc0254c1c062f14342c8bbaee7a540ba1
69bf6079c5be622f8430ac2fd89573940ebd7fbce890a76e9ccae80383059ffa
6de74dde014153fbd2e2a36ab1829771fad4118e477813797eff47c9e149b67f
71703123c9ce9d2815e8cf7a3163029724bdc4d21bcd43d03555b69d3acfed77
741ba600bc79fae711a0fbee4a68113d3709a4bf12c999f6accec6074cd0ae17
743fa1e5864d114824d52b81fdfd0bfb26961414ce7b96a3aa18f54796ae0715
773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73
77b545a7e7cb83aba540b5daaee65ada506b28d611981ea9c39664af39b29799
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
79c85abe87b918f64a3a4b7c8286fb4ad3daf2fb72d2715568da60d646192381
7a2b451454387b37360a0273abc462557f6877ff439db2e0650b9924bb91910a
82f23e327636584ca3937ba05d0544444b3ac9a183275b990a54a2e0c87b9075
866990ab03c34efbb43b9f74a66bf015a7ff037224a44be4fbcd5e2cabf65bee
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88dbc378099f966ab479be1b5884168f843d0b749d7c3371197668a44814899c
8d29a702557a3164b8c44b0b0ce7c7e8b3c0e592bad2b6c1ea60ad88a1e66996
90a4cd56e4c6a52631967645c9c3a4dc5bf28b8cc773d7fab689a5b072448f6b
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
a373c7013ebde4fc6fe1d57199da161a061807cf9068f7f0091948e2008dd4c5
a3fcc13b7049795c8cb6e080e1b9848850178cbbce32b9771dd39868f8bd1774
a40f200be8ffe4ecfcdd66de7c37cb39e71fabf87399a3a969689da4fff4dde2
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
b48e8e89851cb0d93dbd4f0f4def705671415d1dd18b7c5c58b775aeb921778b
b5619bb90846a8aa8039d10c29bd14ca92d7b67d8b2f9c72c3be703792faeb84
b6e3cac598ee80d6cb0e409a43a0ddb9e8fe75ce4250f7f285e81f2c3b2fa0f1
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c14fc914e18121d57ef174ce9f1fe0d83cdadb25583faf308a68fd60451d38c4
c2105b9517d4e8e88b0ea1220bb9a97e9cecbd15accea9816f0439b3ff2c8b71
c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393
ca1f0f4f3a766ecba84a20de761a5f9b6dd69af3bd0a59b0d76d6fe360e9e284
cc6eacef2aa2b70cc39dd695302b16fc3ad995d28bd557329968263413d57362
cf6ecfd0981cc0a1c5206ad41982ba9e80968159727a77f3a61cca825ee2820b
d687c275d569e985c6e9a555bea147d19c7d0eddf9b476591d15a04422d24b8d
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
dcbda4595413585e20070fdac633025b126e2b061eff768770e630d2a2a4fe19
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e43d76a198070a2391068dc3ea7370839a51b57f67eda2655bfcef3cda952792
e5c351391bd830196022c5e12b73a5ce48c0795ef297714993a315f4acf95343
e79a4969bb2c719d6bba7011ba02891b679556b71302d9a81334585f9bd6b370
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
ebf190b4728a75dae50bc2b30ff10ff27155c50dcbc98e1a5afac17117e1d511
ec49b86b06d2f7c62d5f4c7ce1aff7e7158550db6c0048565345b67152bc7604
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08ad378538234bfbf1640a61f0bc30de6e05af8851234b6502ccd842188ff17
f1eab7719d01d9ee76d59654633c6b29b88b28dc678f0ac8c4a15fbc6bcb7669
f307c89bd6183958d24bbe9cd7622fa0019e2d6f1aefaf025e159fb9603cc35d
f3cdd5493d961f49fe4156ac46a6b7fcd6f7ffabacf5062b9465965b65c9c782
f502b6b4d40a020eb92a273ce981fe32c68393a4e5714f05406f808d9b3150d4
f5ab44a42bb3511def08dbe24e0755f71d2185fc3d20202e4ca2880c88cbfbd3
f9d960f8140d8ce7150a9a6df5028988ed92aa3b296aa6d3273a8d61af994633
fadcc79c94ba000d2524aab423fa54be141c96007638e92e5e4e15443ec49dce
fbe52f9fc969ebff9cb98bf1bc17c83ccd19cb1207ed29763ab37bf52c56e996