Submitted URL: https://nefcuseminars.cmail20.com/t/r-l-tycljkl-khhuthhlq-k/
Effective URL: https://www.directfinancial.com/
Submission: On June 01 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 59 HTTP transactions. The main IP is 52.170.194.123, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.directfinancial.com.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on August 4th 2021. Valid for: a year.
This is the only time www.directfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.158.72.22 16509 (AMAZON-02)
1 18 52.170.194.123 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.202.243.100 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 178.249.101.23 11054 (LIVEPERSON)
2 99.86.4.79 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.249.97.99 11054 (LIVEPERSON)
7 178.249.97.98 11054 (LIVEPERSON)
2 208.89.12.87 11054 (LIVEPERSON)
59 18
Apex Domain
Subdomains
Transfer
18 directfinancial.com
www.directfinancial.com
596 KB
14 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1549
ka-p.fontawesome.com — Cisco Umbrella Rank: 3844
241 KB
9 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 2980
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3025
405 KB
4 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3094
va.v.liveperson.net — Cisco Umbrella Rank: 3462
100 KB
2 reachlocalservices.com
capture-api.reachlocalservices.com — Cisco Umbrella Rank: 16010
556 B
2 gstatic.com
fonts.gstatic.com
75 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 14413
66154353-e7a8-4fb9-8b32-fd365967efe9.rlets.com
46 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
444 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 1967
16 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2164
900 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
39 KB
1 cmail20.com
nefcuseminars.cmail20.com
216 B
0 hs-analytics.net Failed
js.hs-analytics.net Failed
59 16
Domain Requested by
18 www.directfinancial.com 1 redirects www.directfinancial.com
13 ka-p.fontawesome.com kit.fontawesome.com
www.directfinancial.com
7 lpcdn.lpsnmedia.net lptag.liveperson.net
2 va.v.liveperson.net lptag.liveperson.net
2 accdn.lpsnmedia.net lptag.liveperson.net
2 capture-api.reachlocalservices.com cdn.rlets.com
2 lptag.liveperson.net www.directfinancial.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js.hs-banner.com js.hs-scripts.com
1 66154353-e7a8-4fb9-8b32-fd365967efe9.rlets.com cdn.rlets.com
1 js.hs-scripts.com www.directfinancial.com
1 fonts.googleapis.com www.directfinancial.com
1 kit.fontawesome.com www.directfinancial.com
1 cdnjs.cloudflare.com www.directfinancial.com
1 cdn.rlets.com www.directfinancial.com
1 www.googletagmanager.com www.directfinancial.com
1 nefcuseminars.cmail20.com 1 redirects
0 js.hs-analytics.net Failed js.hs-scripts.com
59 20
Subject Issuer Validity Valid
www.nefcu.com
GeoTrust EV RSA CA 2018
2021-08-04 -
2022-08-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.rlets.com
Amazon
2021-12-30 -
2023-01-28
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2021-12-01 -
2023-01-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA
2022-04-26 -
2023-04-26
a year crt.sh
*.reachlocalservices.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA
2022-02-07 -
2023-02-07
a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA
2022-03-22 -
2023-03-22
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.directfinancial.com/
Frame ID: 49D18272B55A2C288A98B4637D681A4E
Requests: 56 HTTP requests in this frame

Frame: https://66154353-e7a8-4fb9-8b32-fd365967efe9.rlets.com/static/storage.html
Frame ID: 520223923D5B4F624533EDDBB9D2771A
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.directfinancial.com&site=27724115&env=prod
Frame ID: 3600228072C5E7B3A82761DF9F953393
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Credit Union in Detroit - Direct Financial

Page URL History Show full URLs

  1. https://nefcuseminars.cmail20.com/t/r-l-tycljkl-khhuthhlq-k/ HTTP 302
    http://www.directfinancial.com/ HTTP 302
    https://www.directfinancial.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

98 %
HTTPS

56 %
IPv6

16
Domains

20
Subdomains

18
IPs

4
Countries

1545 kB
Transfer

3472 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nefcuseminars.cmail20.com/t/r-l-tycljkl-khhuthhlq-k/ HTTP 302
    http://www.directfinancial.com/ HTTP 302
    https://www.directfinancial.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.directfinancial.com/
Redirect Chain
  • https://nefcuseminars.cmail20.com/t/r-l-tycljkl-khhuthhlq-k/
  • http://www.directfinancial.com/
  • https://www.directfinancial.com/
53 KB
11 KB
Document
General
Full URL
https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9959354ad62b805fa00dca66aa4afd01d6149b4c5c5b24fa70917e140bfa7aa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
11282
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Jun 2022 14:13:12 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Jun 2022 14:13:11 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.directfinancial.com/
Server
Apache/2.4.41 (Ubuntu)
js
www.googletagmanager.com/gtag/
100 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-180634323-1
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02dbe0fd208c8194a48e7fa11f57bb6010db4a990c824b76fa25ec14f3a4e726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39625
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Jun 2022 14:13:12 GMT
7a84fb98b32fd365967efe9.js
cdn.rlets.com/capture_configs/661/543/53e/
198 KB
44 KB
Script
General
Full URL
https://cdn.rlets.com/capture_configs/661/543/53e/7a84fb98b32fd365967efe9.js
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:cc00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84aa63756eabddb272a3d1d83f18ff5732d974f4d873ceda0cd672e7fb5de273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:10:34 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 13:48:51 GMT
server
AmazonS3
age
159
etag
W/"010f55f02757c96c7f0e67ec1898c649"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
hzcw2zE469rnNZ8NSrjFOUy35QZ6ygHeOwQWKgus2jV3yn0QWHj02Q==
site.css
www.directfinancial.com/css/min/
127 KB
26 KB
Stylesheet
General
Full URL
https://www.directfinancial.com/css/min/site.css?ver=202205021234
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6fac75689d493d530936e9593272ee0e9164db142bff1712b99e4d54e5d6c3a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 May 2022 19:35:44 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1fd12-5de0c7f85c400-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26241
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
516602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StPxgxY7v5AeZZKsMKS60PYxOvN1vuJzwmDI%2F7MG8Zyeyg5d8tHumAkFz1D3dUFINFkP64UTbJRQMQFx9Z6KBFkXa6xPzehnCAXK0PvswCYVoO1rk9Ym43tMKDeZqHoHpmcjxxPUQsXmVJkiG0RzetsA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71488c6f3df79046-FRA
expires
Mon, 22 May 2023 14:13:12 GMT
jquery-3.5.1.min.js
www.directfinancial.com/jquery/jquery_custom/js/
87 KB
31 KB
Script
General
Full URL
https://www.directfinancial.com/jquery/jquery_custom/js/jquery-3.5.1.min.js
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 May 2020 23:02:39 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"15d84-5a4da870aa1c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30910
jquery.validate.min.js
www.directfinancial.com/jquery/jquery_plugins/
23 KB
8 KB
Script
General
Full URL
https://www.directfinancial.com/jquery/jquery_plugins/jquery.validate.min.js
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Mar 2018 16:44:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5add-56803045dccc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7502
site.js
www.directfinancial.com/scripts/min/
36 KB
10 KB
Script
General
Full URL
https://www.directfinancial.com/scripts/min/site.js?ver=202205021234
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
32f97e3176ee9bff6fa81fbf9d2a50ef53ef1992e35b966c67bb23daceb40296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Mar 2022 15:13:29 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"90dc-5dae42bfdb840-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9842
349990034d.js
kit.fontawesome.com/
11 KB
4 KB
Script
General
Full URL
https://kit.fontawesome.com/349990034d.js
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceda677deb0431764e384caaac8a3a6eb47e0f7b16c4a26afaa3cea02ab3c843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
71488c6f2b6f6928-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FvRvL2TsY4b0OcF5bTxC
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,600,700|Open+Sans:400,600,700&display=swap
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9069cf74be297856606a04aad6db05013f6fb850b939e710efbaed3237158eee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 14:13:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 14:13:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 14:13:12 GMT
directfinancial-logo-light.png
www.directfinancial.com/img/
12 KB
13 KB
Image
General
Full URL
https://www.directfinancial.com/img/directfinancial-logo-light.png
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9082d8ae3709fe11669a0da00a80e10507d946b036f4b6bd75da0cb44bcd570f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Tue, 20 Oct 2020 19:12:47 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"311b-5b21f0427c9c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12571
directfinancial-logo-dark.png
www.directfinancial.com/img/
13 KB
14 KB
Image
General
Full URL
https://www.directfinancial.com/img/directfinancial-logo-dark.png
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5f9856d8c0db655d2c122ba01ef891f69c374018937a86b13b8490f268a955f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Tue, 20 Oct 2020 19:12:46 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"355a-5b21f04188780"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13658
chat-single.png
www.directfinancial.com/content/images/original/
1 KB
1 KB
Image
General
Full URL
https://www.directfinancial.com/content/images/original/chat-single.png
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b15f0abbb89fac6bffc1ad2954457022becb0590231bcd0273b7109e047d914b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Fri, 25 Mar 2022 20:09:35 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"456-5db108a9f1b97"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1110
print.css
www.directfinancial.com/css/
373 B
602 B
Stylesheet
General
Full URL
https://www.directfinancial.com/css/print.css?ver=202205021234
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7aaec10ae26011a0ead3abef59f216e4658dd30a5af748471f5a55770a15506f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Sep 2020 16:12:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"175-5afd51da80a00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
267
foot-logo-ncua-tnspt.png
www.directfinancial.com/img/
3 KB
4 KB
Image
General
Full URL
https://www.directfinancial.com/img/foot-logo-ncua-tnspt.png
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
66382bff5497c95f48a881293497d94a60deac7ec9943c37d0d565c945b9dd1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Thu, 21 May 2020 15:45:47 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d40-5a62a67fca0c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3392
foot-logo-ehl-tnspt.png
www.directfinancial.com/img/
2 KB
2 KB
Image
General
Full URL
https://www.directfinancial.com/img/foot-logo-ehl-tnspt.png
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3f01f9a8d6ea5412b906a141f8736531fc44c9d6e68f2e7383ae4d93684f578b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Thu, 21 May 2020 15:45:46 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"819-5a62a67ed5e80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2073
5531533.js
js.hs-scripts.com/
964 B
900 B
Script
General
Full URL
https://js.hs-scripts.com/5531533.js
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a2b33c1dc9839667cfb8801adbc223f65934ec17fb80ba84364943826e0647

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
c09c4370-7f73-400d-8ffd-016c8ada2710
last-modified
Wed, 01 Jun 2022 12:46:27 GMT
server
cloudflare
x-trace
2B96DB7CBDCEEA40C73048B325876ACDF9FE7C87A4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.directfinancial.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
71488c71ad2b9097-FRA
expires
Wed, 01 Jun 2022 14:14:12 GMT
storage.html
66154353-e7a8-4fb9-8b32-fd365967efe9.rlets.com/static/ Frame 5202
2 KB
2 KB
Document
General
Full URL
https://66154353-e7a8-4fb9-8b32-fd365967efe9.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/661/543/53e/7a84fb98b32fd365967efe9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.243.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-243-100.compute-1.amazonaws.com
Software
/
Resource Hash
f4a9e44108a6f4fc9f4913d61136eb30f556f4feb17c6dc6ea16195a3755707d

Request headers

Referer
https://www.directfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2076
content-type
text/html
date
Wed, 01 Jun 2022 14:13:12 GMT
last-modified
Wed, 25 May 2022 20:46:03 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180634323-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6844
date
Wed, 01 Jun 2022 12:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Jun 2022 14:19:08 GMT
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/
315 KB
53 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=349990034d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/349990034d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
250448
etag
"610ae215-d3b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c717fd26928-FRA
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/
26 KB
4 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=349990034d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/349990034d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
23579
etag
"610ae215-1062"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c717fcf6928-FRA
content-length
4194
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/
27 KB
3 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=349990034d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/349990034d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
250448
etag
"610ae215-a2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c717fcc6928-FRA
content-length
2603
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,700|Open+Sans:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 23:32:09 GMT
x-content-type-options
nosniff
age
139263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 23:32:09 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,700|Open+Sans:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 17:07:05 GMT
x-content-type-options
nosniff
age
75967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 17:07:05 GMT
DF-Spring.jpg
www.directfinancial.com/content/images/original/
121 KB
121 KB
Image
General
Full URL
https://www.directfinancial.com/content/images/original/DF-Spring.jpg
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0a0f59a4b1f15a9441783a752b3a78f1046b3afbb27d1586ce29c161dc3c7b8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Sun, 06 Mar 2022 20:30:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1e298-5d9929fbadce1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
123544
closing-cost-bar-chart.png
www.directfinancial.com/content/images/480/
37 KB
38 KB
Image
General
Full URL
https://www.directfinancial.com/content/images/480/closing-cost-bar-chart.png
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
25ee65fb091a62352f7fa47a398b77c0b909fd5d4c9c109027b00a2973368de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Tue, 06 Apr 2021 13:42:55 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"95ea-5bf4dfdd070fd"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
38378
iStock-965207732.jpg
www.directfinancial.com/content/images/480/
70 KB
70 KB
Image
General
Full URL
https://www.directfinancial.com/content/images/480/iStock-965207732.jpg
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1e3b50f23357dea60809d9d6d58f046386d6981d33a94d93dd8893075e2b3651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Mon, 05 Oct 2020 16:19:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11640-5b0eed8597680"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
71232
MLO-DF-Amanda-Bokor-500px.jpg
www.directfinancial.com/content/images/original/
50 KB
50 KB
Image
General
Full URL
https://www.directfinancial.com/content/images/original/MLO-DF-Amanda-Bokor-500px.jpg
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eea1f3a4c934ddfe016fa925fd25630e566c8bb55b0ce51f6e47906ddbb2f9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Tue, 29 Jun 2021 15:24:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"c84e-5c5e93367eb77"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
51278
MLO-DF-Christin-Canter.jpg
www.directfinancial.com/content/images/original/
93 KB
93 KB
Image
General
Full URL
https://www.directfinancial.com/content/images/original/MLO-DF-Christin-Canter.jpg
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4a0a9808cde13bf4a1832c18da73bb9613d149301fb553f9d4f7c5795c221633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Wed, 07 Oct 2020 14:59:56 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"174b6-5b115f7f4d300"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
95414
MLO-DF-Julie-Jorgensen.jpg
www.directfinancial.com/content/images/original/
103 KB
104 KB
Image
General
Full URL
https://www.directfinancial.com/content/images/original/MLO-DF-Julie-Jorgensen.jpg
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.170.194.123 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8b09876c7bee05df378288b0ab862d93084b35d67361870ddefcee9c1d4403eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 14:13:12 GMT
Last-Modified
Wed, 07 Oct 2020 14:59:56 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"19d33-5b115f7f4d300"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
105779
tag.js
lptag.liveperson.net/tag/
21 KB
8 KB
Script
General
Full URL
https://lptag.liveperson.net/tag/tag.js?site=27724115
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 08:27:49 GMT
server
ws
etag
"5f50a905-1d8f"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7567
pro-fa-duotone-900-5.14.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
15 KB
15 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-duotone-900-5.14.0.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3ceee1d2225fe330dbc03b96a1cbbef56efb2b8a4a791d52995910788290c8

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:29 GMT
server
cloudflare
age
20861
etag
"610ae355-3c30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c729a0c6928-FRA
content-length
15408
pro-fa-light-300-5.14.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
17 KB
17 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-light-300-5.14.0.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e04446423f9d55f1f8796ef599723170533a18315d5ff08e023f5cda41930c

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:33 GMT
server
cloudflare
age
20861
etag
"610ae359-43f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c729a0d6928-FRA
content-length
17392
pro-fa-regular-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
23 KB
23 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:36 GMT
server
cloudflare
age
250448
etag
"610ae35c-5b14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c729a0e6928-FRA
content-length
23316
pro-fa-light-300-5.10.2.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
17 KB
17 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-light-300-5.10.2.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:32 GMT
server
cloudflare
age
250448
etag
"610ae358-4310"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c72aa156928-FRA
content-length
17168
pro-fa-light-300-5.7.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
12 KB
12 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-light-300-5.7.0.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9b88da6d6c32d8f376e3b03f31af197cc9d36b7c0d03bad68694b60fc799a9

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:35 GMT
server
cloudflare
age
20861
etag
"610ae35b-2e9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c72aa1c6928-FRA
content-length
11932
pro-fa-light-300-5.11.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
15 KB
15 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-light-300-5.11.0.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:32 GMT
server
cloudflare
age
20861
etag
"610ae358-3d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c72aa206928-FRA
content-length
15748
pro-fa-solid-900-5.10.2.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
13 KB
13 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.10.2.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46fa33cc9340603e767415c1829c08b91f3a3680b9800047dbc1bda91b8eb0ac

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:41 GMT
server
cloudflare
age
20861
etag
"610ae361-33d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c72aa2c6928-FRA
content-length
13268
pro-fa-brands-400-5.8.2.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
2 KB
2 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.8.2.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:27 GMT
server
cloudflare
age
250448
etag
"610ae353-96c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c72ba326928-FRA
content-length
2412
pro-fa-brands-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
37 KB
37 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:25 GMT
server
cloudflare
age
250448
etag
"610ae351-93a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c72ba336928-FRA
content-length
37796
pro-fa-light-300-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/
24 KB
24 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-light-300-5.0.0.woff2
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea

Request headers

Referer
https://www.directfinancial.com/
Origin
https://www.directfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:31 GMT
server
cloudflare
age
250448
etag
"610ae357-60e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
71488c72ba476928-FRA
content-length
24800
collect
www.google-analytics.com/j/
2 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1477372039&t=pageview&_s=1&dl=https%3A%2F%2Fwww.directfinancial.com%2F&ul=en-us&de=UTF-8&dt=Credit%20Union%20in%20Detroit%20-%20Direct%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1093064640&gjid=427488256&cid=1650766202.1654092793&tid=UA-180634323-1&_gid=2046156534.1654092793&_r=1&gtm=2ou5p1&z=551989139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 14:13:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.directfinancial.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
.jsonp
lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/
250 KB
90 KB
Script
General
Full URL
https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: www.directfinancial.com
URL: https://www.directfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
7c9707e7616e92491cdb1cc6e44b08aacd8d9620e99243bdfea838156870dfc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
originCountry
capture-api.reachlocalservices.com/
35 B
556 B
XHR
General
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/661/543/53e/7a84fb98b32fd365967efe9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
/
Resource Hash
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745

Request headers

Referer
https://www.directfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 01 Jun 2022 14:13:14 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
2969e25d-b93e-4e5b-a021-a42dfee0671b
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-629773fa-132463d57b5d94da4a7f6c48;Sampled=0
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
TC8PIEjjPHcFTuA=
content-length
35
x-amz-cf-id
IB03pHXH8R1NsEogEE0RaQD_EHFrP2uIpiZI3dWsIaG2JRVM4idEbA==
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
5531533.js
js.hs-analytics.net/analytics/1654092600000/
0
0

5531533.js
js.hs-banner.com/
59 KB
16 KB
Script
General
Full URL
https://js.hs-banner.com/5531533.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5531533.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e695114c893259c3640e05d68f1a93c98e7078fda54f042d652d5c7f1b1032ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
V568B6HH2SNEZXW8
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
vKdWS4Ux6sW/UROE9vU0nZAWAkIKq8kXFPpegQzNApTGz6Gh16CGwxhwouklsdiDvmtrDtWbzUY=
timing-allow-origin
*
last-modified
Fri, 27 May 2022 16:12:05 GMT
server
cloudflare
etag
W/"db3b6338fa8a3cbbfe725bc7d0058f30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
XgcXDzeYC3jYmsdd7LIhiclg8ZUiLMoS
access-control-allow-origin
https://52.170.194.123
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
71488c773b499259-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 01 Jun 2022 14:18:13 GMT
originCountry
capture-api.reachlocalservices.com/ Frame
0
0
Preflight
General
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-79.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.directfinancial.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 01 Jun 2022 14:13:13 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-apigw-id
TC8PEExiPHcFmHA=
x-amz-cf-id
H1PQH9qGI3xIX_ApzRaKHlog2M944eawMxV83VxM9dajB5WjZ8teCA==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
4b53f6a0-9a7c-4f71-9783-03caf1e6d4d7
x-cache
Miss from cloudfront
collect
stats.g.doubleclick.net/j/
1 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-180634323-1&cid=1650766202.1654092793&jid=1093064640&gjid=427488256&_gid=2046156534.1654092793&_u=YEBAAUAAAAAAAC~&z=217025449
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Jun 2022 14:13:13 GMT
content-type
text/plain
access-control-allow-origin
https://www.directfinancial.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
accdn.lpsnmedia.net/api/account/27724115/configuration/setting/accountproperties/
6 KB
2 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/27724115/configuration/setting/accountproperties/?cb=lpCb76470x69410
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
79d8c3591adeb01675f3b09ea9d289beada42fca4de7b1d9afa10be29c30449a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ws
x-cache-status
EXPIRED
vary
Accept
content-type
application/javascript
x-envoy-upstream-service-time
25
expires
Wed, 01 Jun 2022 14:14:13 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/
39 KB
15 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/ui-framework.js?version=10.17.0.8-release_5442
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Apr 2022 04:25:44 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 01 Jun 2022 14:23:13 GMT
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/
88 KB
30 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/UMSClientAPI.min.js?version=10.17.0.8-release_5442
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
f527c8ecd718837424227d139302123bd59624543ecd82624bfcd3a36dbb8065
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Apr 2022 04:25:44 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 01 Jun 2022 14:23:13 GMT
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/
92 KB
31 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/lpChatV3.min.js?version=10.17.0.8-release_5442
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Apr 2022 04:25:44 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 01 Jun 2022 14:23:13 GMT
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/
8 KB
3 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/surveylogicinstance.min.js?version=10.17.0.8-release_5442
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Apr 2022 04:25:44 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 01 Jun 2022 14:23:13 GMT
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/
934 KB
292 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/desktopEmbedded.js?version=10.17.0.8-release_5442
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
1f29b7b017adc79c2a93681253f0a9fcfd27981df40eb78ef1b73c96aeb474f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 23 Apr 2022 04:25:44 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 01 Jun 2022 14:23:13 GMT
zones
accdn.lpsnmedia.net/api/account/27724115/configuration/le-campaigns/
4 KB
1 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/27724115/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
1d7c145346aec014c4379dbb94cf82ffe0f2b30c8ced3323295f5a40ad5e8cb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ws
x-cache-status
EXPIRED
vary
Accept
content-type
application/javascript
x-envoy-upstream-service-time
1
expires
Wed, 01 Jun 2022 14:14:13 GMT
27724115
va.v.liveperson.net/api/js/
246 B
1 KB
Script
General
Full URL
https://va.v.liveperson.net/api/js/27724115?&cb=lpCb33728x36869&t=sp&ts=1654092793491&pid=9215591001&tid=3129031061&pt=Credit%20Union%20in%20Detroit%20-%20Direct%20Financial&u=https%3A%2F%2Fwww.directfinancial.com%2F&df=0&os=0
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
8d9cf8bef59fd7f72c95956d5646e608749d85289e5fe82cda4a23b9997655a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ Frame 3600
39 KB
16 KB
Document
General
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.directfinancial.com&site=27724115&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.directfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=600
content-encoding
gzip
content-type
text/html
date
Wed, 01 Jun 2022 14:13:13 GMT
expires
Wed, 01 Jun 2022 14:23:13 GMT
last-modified
Fri, 05 Nov 2021 13:34:15 GMT
server
ws
vary
Origin
x-content-type-options
nosniff
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/
38 KB
15 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fwww.directfinancial.com&site=27724115&force=1&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Nov 2021 13:34:15 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 01 Jun 2022 14:23:13 GMT
27724115
va.v.liveperson.net/api/js/
111 B
854 B
Script
General
Full URL
https://va.v.liveperson.net/api/js/27724115?sid=GKAix8FqRCuIEEG5RJZ8rA&cb=lpCb55652x81800&t=pl&ts=1654092793493&pid=9215591001&tid=3129031061&vid=VlMTMyYzhhYjg5MTA3MzZj
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/27724115/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
8fce0d7f831913ce67562191d23c4fc7876a0913345b122d43300b5708672ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.directfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:13:14 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.hs-analytics.net
URL
https://js.hs-analytics.net/analytics/1654092600000/5531533.js

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| gtag object| dataLayer object| rl_widget_cfg object| RLCAP object| captureStatus object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| WrapperVariablesObj function| $ function| jQuery boolean| errors_occured boolean| call_was_successful string| response_area string| encoded_params string| ajax_action boolean| JQajaxResult number| num_of_submits string| datechk_format function| formatValidatorDateChkMsg function| vTracker function| getTrackerName function| vtracklocal function| upscaleImages function| speedbumpGo function| speedbumpStay function| ui9modal function| expandAlert function| toggleAlert function| closeBanking function| closeSearch function| closeSearchAndBanking function| setInterstitialCookie function| setAlertCookie function| setLocationCookie function| setExpiration function| enableMe function| isCookieEnabled function| setCookie function| isDupSubmit function| setParamStatus function| JQtogglePers object| MRD object| vMenu object| MicroModal object| img_avail_widths object| img_cimg_scales object| img_cimg_scale_classes object| FontAwesomeKitConfig object| lpTag number| chosen_width object| FontAwesomeConfig string| notices object| $clicked_item string| alertid object| gaplugins object| gaGlobal object| gaData object| _hsp function| _typeof object| lpTaglogListeners object| proxyless object| lpMTagConfig function| createFrameworkGlobals object| liveperson function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals boolean| _hspb_loaded

7 Cookies

Domain/Path Name / Value
www.directfinancial.com/ Name: MRD_UID
Value: MU0E629773f80d9b213
66154353-e7a8-4fb9-8b32-fd365967efe9.rlets.com/ Name: test
Value: test
.directfinancial.com/ Name: _ga
Value: GA1.2.1650766202.1654092793
.directfinancial.com/ Name: _gid
Value: GA1.2.2046156534.1654092793
.directfinancial.com/ Name: _gat_gtag_UA_180634323_1
Value: 1
.directfinancial.com/ Name: LPVID
Value: VlMTMyYzhhYjg5MTA3MzZj
.directfinancial.com/ Name: LPSID-27724115
Value: GKAix8FqRCuIEEG5RJZ8rA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66154353-e7a8-4fb9-8b32-fd365967efe9.rlets.com
accdn.lpsnmedia.net
capture-api.reachlocalservices.com
cdn.rlets.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
ka-p.fontawesome.com
kit.fontawesome.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
nefcuseminars.cmail20.com
stats.g.doubleclick.net
va.v.liveperson.net
www.directfinancial.com
www.google-analytics.com
www.googletagmanager.com
js.hs-analytics.net
178.249.101.23
178.249.97.98
178.249.97.99
208.89.12.87
2600:9000:206f:cc00:6:9a19:88c0:93a1
2606:4700:4400::6812:21ab
2606:4700::6811:180e
2606:4700::6811:d5cc
2606:4700::6812:1634
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9c
35.158.72.22
52.170.194.123
52.202.243.100
99.86.4.79
02dbe0fd208c8194a48e7fa11f57bb6010db4a990c824b76fa25ec14f3a4e726
0a0f59a4b1f15a9441783a752b3a78f1046b3afbb27d1586ce29c161dc3c7b8f
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
10a2b33c1dc9839667cfb8801adbc223f65934ec17fb80ba84364943826e0647
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1d7c145346aec014c4379dbb94cf82ffe0f2b30c8ced3323295f5a40ad5e8cb2
1e3b50f23357dea60809d9d6d58f046386d6981d33a94d93dd8893075e2b3651
1f29b7b017adc79c2a93681253f0a9fcfd27981df40eb78ef1b73c96aeb474f3
25ee65fb091a62352f7fa47a398b77c0b909fd5d4c9c109027b00a2973368de6
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601
32f97e3176ee9bff6fa81fbf9d2a50ef53ef1992e35b966c67bb23daceb40296
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3a3ceee1d2225fe330dbc03b96a1cbbef56efb2b8a4a791d52995910788290c8
3f01f9a8d6ea5412b906a141f8736531fc44c9d6e68f2e7383ae4d93684f578b
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
46fa33cc9340603e767415c1829c08b91f3a3680b9800047dbc1bda91b8eb0ac
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17
4a0a9808cde13bf4a1832c18da73bb9613d149301fb553f9d4f7c5795c221633
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5f9856d8c0db655d2c122ba01ef891f69c374018937a86b13b8490f268a955f4
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
66382bff5497c95f48a881293497d94a60deac7ec9943c37d0d565c945b9dd1f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9b88da6d6c32d8f376e3b03f31af197cc9d36b7c0d03bad68694b60fc799a9
6fac75689d493d530936e9593272ee0e9164db142bff1712b99e4d54e5d6c3a3
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0
79d8c3591adeb01675f3b09ea9d289beada42fca4de7b1d9afa10be29c30449a
7aaec10ae26011a0ead3abef59f216e4658dd30a5af748471f5a55770a15506f
7c9707e7616e92491cdb1cc6e44b08aacd8d9620e99243bdfea838156870dfc0
84aa63756eabddb272a3d1d83f18ff5732d974f4d873ceda0cd672e7fb5de273
8b09876c7bee05df378288b0ab862d93084b35d67361870ddefcee9c1d4403eb
8d9cf8bef59fd7f72c95956d5646e608749d85289e5fe82cda4a23b9997655a5
8fce0d7f831913ce67562191d23c4fc7876a0913345b122d43300b5708672ed6
9069cf74be297856606a04aad6db05013f6fb850b939e710efbaed3237158eee
9082d8ae3709fe11669a0da00a80e10507d946b036f4b6bd75da0cb44bcd570f
9959354ad62b805fa00dca66aa4afd01d6149b4c5c5b24fa70917e140bfa7aa7
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5e04446423f9d55f1f8796ef599723170533a18315d5ff08e023f5cda41930c
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
b15f0abbb89fac6bffc1ad2954457022becb0590231bcd0273b7109e047d914b
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ceda677deb0431764e384caaac8a3a6eb47e0f7b16c4a26afaa3cea02ab3c843
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e695114c893259c3640e05d68f1a93c98e7078fda54f042d652d5c7f1b1032ab
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77
eea1f3a4c934ddfe016fa925fd25630e566c8bb55b0ce51f6e47906ddbb2f9bc
f4a9e44108a6f4fc9f4913d61136eb30f556f4feb17c6dc6ea16195a3755707d
f527c8ecd718837424227d139302123bd59624543ecd82624bfcd3a36dbb8065
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73